Month: August 2008

Categories
Business security

Security Audits

Employees of large companies often whinge about the constraints placed upon them by their IT departments. These contraints normally centre around security best practice.

Small businesses do not typically have the same disciplines. Timico recently performed a security audit at the request of one of it’s customers. The results were very revealing.

  • Poor/outdated wireless security – use of WEP instead of WPA. It takes less than 5 minutes to crack a WEP key – a bit longer if the network uses MAC address security.
  • No hard disk encryption or password protection on BIOS of laptops –  the stolen laptop test.
  • Use of outdated VPN client allowed decryption of IPSEC tunnel passwords.
  • Multiple equipments with default username and passwords.

Timico identified over ten major security faults at the customer’s premises. In fact this business was wide open. A malicious person could have sat in a car outside the office building, hacked into the network, accessed their important server information and disabled their network before leaving. These people do exist.

The fixes were relatively quick to implement in most cases. It’s just a question of discipline, with a little help from Timico. . .

Categories
Business fun stuff

Diversity

I was taking a look at the Timico open order book and was staggered to see the diversity of types of company that we have as customers. I couldn’t identify what they all did from the name alone but those I could I wrote down.

Courier, damage management, domestic appliance distributor, baby goods shop, sporting goods manufacturer, printer, skip hire, transport company, optical goods company, nursing agency, drilling services, recruitment agency, dentist, property developer, golf club, martial arts company, travel agent, design company, estate agents, charity, solicitor, farm, training agency, personal friend of mine, petroleum company (big one J ), a domain name registrar, financial services company, tyre fitter, insurance broker, an university, sportswear marketing, graphic design, cooker manufacturer, Church of England diocese, flower seller, gas services, sprayer (?), blacksmith, bathroom vendor, wine reseller, entertainment agency, asylum seeker support company, bus company, computer services, enterprise agency, theatre, flooring, cladding, electrician, soft drink distributor, advertising agency, company from the Isle of Man (incidentally where I grew up), a cooperative society, aircraft company, conflict management, shipping agency.

The striking thing about all these companies is that whilst they operate in a very diverse set of markets they all need the same communications and IT products and services. The great thing from Timico’s perspective is not only that they want to buy services from us but that the diversity offers a degree of protection from any market fluctuations in a given sector.

My favourite was a school for cocktail bartenders. There’s always going to be a need for a good barman.

 

Categories
Engineer internet security

The buzz of the Network Operations Centre

It always gives me a great buzz to sit in our NOC. It’s because when we started Timico only 4 years ago there were only four of us sat in the room of Tim Radford’s parents’ stable block (it was cheap and there was no room at the inn anyway). Now on a normal working day there are more people sat in the NOC than there were in that original room. It is a world away.

Today sat in the NOC some of the engineers were setting up a MPLS PWAN for a customer. This particular PWAN had over 80 sites – a mixture of leased lines and ADSL. In itself it isn’t a big news item. It isn’t our biggest PWAN by a long chalk. However it is another new customer and an endorsment of what we set out to achieve four years ago sat in the stable block.

It is a good feeling to be at Timico.

Categories
Engineer internet

Data centre power consumption

Power consumption is, as I’m sure you are all aware, a huge issue when building data centres today. The data centre giants such as Google and Microsoft build their facilities close to sources of hydroelectric power in order to minimise their operating costs.

An ironic fact about data centres is that it takes almost as much power to cool the room as it does to create the heat in the first place. ie the cost of powering a server is as much as the cost of running the air conditioning unit to cool it down. This, compounded by the rising cost of electricity, is why people look to implementing “green” low power servers.

If someone could harness the excess heat of data centres and turn it into electricity to power the air conditioning then that would be a serious contribution to lowering power consumption and saving the planet. Credit goes to Chris Nicholls of the Timico Netops team for this idea.

Categories
Business internet olympics

ISPs heave a sigh of relief after end of Olympics

I wrote recently about the effect of the Olympics on internet usage. At the time we had seen a 10% or so increase in ADSL based internet usage as people went online to watch the opening ceremony.

Well the success (hooray) of Team GB prompted even more people to watch the Olympics online. Timico saw a staggering 24% increase in peak ADSL internet usage. Ordinarily this would have caused a problem to our customers because Timico has a policy of not thottling usage – the increase in usage would normally have slowed the performance of their web access.

However in this instance we had had the foresight to order additional capacity as part of our standard planning process and were able to bring it forward so that it timed nicely with the success of Team GB.

Interestingly our customers with homeworkers showed a much lower increase in usage than those with connections into their offices – presumably this was because homeworkers could have the TV on in the corner of the home office and didn’t need to watch online.

Now that the Olympic Games are over everything is back to normal.

Not sure about the name “Team GB” though. What’s wrong with “Great Britain” – would have been far more appropriate under the circumstances. My kids, suitably enthused, have already put their names down as volunteers to help in 2012. I’d do the same if I could be sure of getting in to watch the beach volleyball.

Categories
Business fun stuff

Just got away from the crowds for a few days – back to work tommorrow

No takers.

Nobody to save.

Still a few available.

Categories
Business scams

More phishing – lobster, crab, kipper, oysters, cod, haddock

 

Categories
End User ofcom security

Piracy

Oh oh here come the pirates!

What a rogue.

It’s a constant battle.

Everyone needs a little help.

Ofcom to the rescue.

 

Categories
End User scams

Phishing

Sorry – it’s not what you think. That should have read fishing. The quayside Whitby. I’ll talk about phishing another time.

Categories
End User internet

Wonderful domain name scam

I just had a great email from someone called Williams Huang based (allegedly) at a domain name registrant in China. In it he told me that he had had a request from some unknown organisation to register the Timico domain name with the .tw, .co.tw,hk .asia, .net.cn and .org.cn.

Fortunately for me he had “checked to see whether this organisation was a genuine applicant and had the right to register the domain”. Finding that Timico was actually based in the UK he got in touch to give us first refusal on the domains. Phew what good luck!

Does this provide me with a dilemma? Actually no. It just gave me some good material for the blog. It might, however, play on the concerns of some businesses. What would you do in this case?

Hope you are having a good Olympics and whatever you do don’t respond to cold calls from the internet.

Categories
End User travel

A4 Pacific

Leading edge technology of its time.

Sir Nigel Gresley was the designer of the A4 Pacific Class Locomotive.

The A4 Pacific Mallard still holds the world speed record of 125mph created on 3rd July 1938.

The A4 Pacifics cut the journey time between London and Newcastle down to 4 hours (from 5 days by horse and cart 🙂 . The coal tender had a walk through passage so that drivers could be changed without having to stop the train.

These pictures were taken at the North Yorkshire Moors Railway which still operates the Sir Nigel Gresley.

Categories
Business voip

Cisco/Linksys SPA9000 begins to roll out

We had a Linksys reseller on the phone needing help with setting up his SPA9000. This is a small PBX for the small business market. It sitts very nicely below the Nortel BCM50 in our portfolio of communications systems for business.

Timico recently launched the SPA9000 in a Webinar held jointly between Cisco/Linksys and KeConnect. Yours truly said a few words. It is very satisfying to see the outcome of such marketing activities resulting in channel partners generating sales.

This particular partner needed help with setting up his SIP trunk. He hadn’t read the manual – ah well. That’s what we are here for. It took a few seconds. The solution worked. He is happy and has other customers lined up for the product/service.

the SPA9000Picture of SPA9000

Categories
End User travel

The rain in Scarborough falls mainly on the Davies'

It also rains in Spain

but are they as well prepared for it?

You won’t find anything like this in Las Vegas.

Nor this.

 

Categories
End User travel

The rain in Scarborough falls mainly on the Davies’

It also rains in Spain

but are they as well prepared for it?

You won’t find anything like this in Las Vegas.

Nor this.

 

Categories
End User internet

Municipal WiFi Scarborough style

Categories
Business UC voip

Nortel SCS500 – Unified Communications for small and medium sized businesses

Nortel has launched the SCS500. This communications system effectively provides companies with a cross between the features offered by Timico on their Nortel AS5200 hosted VoIP platform and the Nortel BCM phone system.

Timico has found that many companies want to use Instant Messaging in their business but beyond insecure consumer products such as MSN and Skype don’t know how to do it.

Timico’s VoIP for Business service provides IM and is great for businesses where there are lots of distributed locations or many homeworkers. Our real world experience shows that as companies get bigger their needs change and we then sell them a Nortel BCM.

The SCS500 adds neatly to the portfolio with IM and other Unified Communications features. We can now cover pretty much every need of every sized company in our customer base and target market.

All credit to Nortel they have been making great strides to the extent that the Financial Times newspaper recently rated their stock as a “buy”. Their leading position in the Unified Communications market is a reflection of this.

screenshot of SCS500 soft clientThis a picture I pinched from the Nortel website. It shows the SCS500 soft client. I don’t know who Chris Leary is but a larger image would shou you that he needs a shave 🙂 .

Categories
Business security

Update to the open door policy

I recently wrote about access control and the different ways that we can open doors at Timico. Well this has gone one step further and certain individuals on the approved list can now send an Instant Message that will open the front door.

It is somewhat mind boggling where this is all going. It is quite possible to envisage a scenario where say the cleaner appears at your home front door whilst you are at work and needs to be let in. You have an application running on your PC that rings when the doorbell rings. Upon hearing this you look on your home website to verify that it is indeed he or she and open the door with a click, or sms or IM – whatever is easiest from where you are sitting.

Categories
broadband End User olympics

The Olympic Effect

Readers might be interested to know that the Olympic opening ceremony stimulated an increase of almost 10% in internet usage last Friday afternoon.

It will also be interesting to hear whether the consumer ADSL customer community will have seen any changes in the performance of their connection as their ISPs begin throttling to cope.

Categories
broadband End User internet mobile connectivity

A Teenager’s Homepage

Before we set off on our camping holiday (destination unknown) I sat down at my daughter’s pc to print out some campsite options in Yorkshire.

I was somewhat bemused to find that her homepage was set to BBC iplayer.

Look out ISPs everywhere. Your bandwidth forecasts are inadequate.

My trusty E71 got me to the first campsite on the list and that is where we stayed. I also used it to write this post.

Categories
broadband End User internet mobile connectivity

A Teenager’s Homepage

Before we set off on our camping holiday (destination unknown) I sat down at my daughter’s pc to print out some campsite options in Yorkshire.

I was somewhat bemused to find that her homepage was set to BBC iplayer.

Look out ISPs everywhere. Your bandwidth forecasts are inadequate.

My trusty E71 got me to the first campsite on the list and that is where we stayed. I also used it to write this post.

Categories
End User mobile connectivity

Nokia E71

Nokia E71

 

Nokia kindly sent me an E71 to review. I’m not a gadget man but I have now had a series of Nokia E Series’ which I hope qualifies me to comment on this latest one.

 

I some time ago decided that I would use Nokias for email rather than RIM. BlackBerry at the time did not support WiFi and offered no hope of a VoIP client. Windows mobile devices did not cut it. For me they did not seem to be very good phones to me; clunky with a poor user interface and not a very good battery life.

 

The E Series came along and with it the business mobile range for the future. I thought the E60 was good and was somewhat surprised when it was canned. I put it down to progress. It wasn’t perfect. Pages downloading from the internet frustratingly seemed to do so twice. I put it down to some strange caching process. Still the screen was very clear and I could lie in bed on a Saturday morning reading the paper over my home wireless network.

 

My replacement, taken in order to run mobile voip clients on the latest Nokia device, was the E65 which I thought was great and is what I have been using since it came out. It seemed to be a stabler device although it still locked up from time to time. I eventually worked out that if email was synching some of the other buttons wouldn’t respond – crucially the address book. It still seems to download web pages twice.

 

Cosmetically the paintwork on the E65 rubs off so it doesn’t necessarily stay looking good but this isn’t what turns me on. I would happily carry on using the E65.

 

Enter the E71.

 

What I like about the E71?

 

Old fashioned PDA footprint but is a lot slimmer and slips in the pocket very easily.

Good weight – the Blackberry’s are too light for my liking

Good screen

You can listen to your text messages

On board satnav

WiFi – you can also get software that turns it into a WiFi hoptspot.

Battery life seems reasonably good

 

What don’t I like about it? I need to get a Bluetooth car kit. It isn’t really fair on the device because most modern cars probably have Bluetooth built in but mine is a “Classic” and so I have to switch SIMs to my E65 which has a generic Nokia interface that fits into the car.

 

If that is all I can complain about I think the Nokia E71 does very well. In fact it looks to be a huge step forwards as devices go. Well done Nokia.

Categories
broadband Business

BT in the News for Throttling Broadband

BT has made the headlines again for throttling all peer to peer traffic. www.samknows.com has just produced a report on the subject.

People perhaps don’t realise that P2P isn’t just used for downloading (often illegal) media from the internet. P2P is often the most efficient way of moving large amounts of data from one location to another and as such is an essential business tool. Timico doesn’t throttle any of it’s traffic.

This suggests to me that the UK is moving more to a two tier ISP market. Tiers are usually based on the size of an ISP – the big ones are Tier 1, medium sized are Tier 2 etc.  I would suggest that in future the Tier  classification should be based on the quality of the customer experience. Tier 1 = good, Tier 2 = not so good.

I’ll leave you to decide which one BT fits into but I would have to say that Timico would certainly fit into the former.

Categories
End User mobile connectivity

This post was created using a Nokia E71

Chez Davies, around 7.45pm August 7th.

The photo is of the Davies’ back garden and was taken at around 7.45 PM on August 7th using the Nokia E71. I had to go to my PC to help upload the photo itself – it uploaded to the website ok but at a certain point of the proceedings I kept losing the link to the website. I’m not sure whether this is specific to the WiFi connection. I have found that the WiFi on the E Series isn’t as robust as it might be although I do like the phones in general.

Note the grass needs cutting!

Categories
End User internet security

Alphabet attacks

Following my last post which was on security I was sat in the Timico NOC today and interestingly watched a SPAM attack in progress.

It was an alphabet attack. This is one where someone’s email server is compromised and used to send out SPAM by rotating through the alphabet for email addresses (eg [email protected] – the SPAM algorithm works its way through every combination of alphabetical variants. In this case it was targetting Italian .it addresses.

Our network monitoring picked it up and we immediately blacklisted/shut down access to that Exchange mail server. We also contacted the customer to let him know and so that he could take remedial action and remove the offending SPAM.

Apart from being interesting to watch it in action, a bit like standing on the edge of a battlefield watching the fighting, it again highlighted the need to have secure passwords. In this case we tried accessing the offending server and were able to log on using a simple admin/password combination of credentials.

When I started this blog I didn’t think that security would become such a mainstream subject but I was wrong

Categories
Business datacentre security

It’s all about Security, Security, Security

I enjoy this business so much because of the wonderful diversity it provides me in terms of issues, problems and successes. The latest is the fact that the firewall at our corporate headquarters has been the subject of a number of attacks by some unfriendly person.

These attempts to break into corporate networks happen millions of times daily around the world, which is why businesses need to be on top of their security strategy. What interested me here was the fact that this was the same attack coming from a number of different places around the world.

The sources were in China, the USA, Poland, Australia and a couple of other countries whose names escape me. The same common username and password combinations were used each time from each different source (lesson here – never use “admin” and “password”) .

Of course the same individual or organisation is almost certainly involved in all of them. That person will have systematically hacked into a certain type of server whose operating system and security patches has not been kept up to date. It is likely a company server hosted at a datacentre somewhere.

Our course of action, if the attack persists, is to look up the owner of the IP address from which the attack is coming and ring the business up to let them know they have a problem. In the case of the Chinese source we send them an email – only because they will almost certainly be in bed. 🙂 Usually this sorts the problem out and indeed the recent spate of attempted break ins has abated. No doubt there will be more.

We know what to do in these cases but it is a lot to ask of a business that is not and ISP or doesn’t have a highly skilled IT department, which is why it very often makes sense to outsource your security management.

Categories
Business internet

Finding out more about social networking

The more I play with websites such as Facebook the more I find out. Initially I couldn’t see the sensible use of Twitter. The selling pitch to me was that it provided someone who was sat in a closed meeting with the ability to send messages that could be broacast to the outside world from their mobile phone. I didn’t really get this.

Now i have found out that I can use Twitter in conjunction with Facebook. When I send a SMS to Twitter it not only posts the message on Twitter but also as a status change on Facebook. For me it is easier to do it this way than to use the Facebook mobile upload.

I have used the Facebook means of uploading photos from my mobile – I just send an MMS message to a Facebook address and hey presto the photo appears in my profile.

This is all technology that now looks useful for business purposes. The Twitter SMS service, if embedded in my company intranet might be a secure way of me sending out messages whilst on the move (ok I can email it but Twitter can be programmed to send the same message as an SMS to other mobiles). I could say the same thing for the photo upload. This adds to the flexibility of business communications and who knows what it will evolve to.

I don’t know if businesses will use Facebook in anger or whether they will demand closed websites that are specific to their use. This is to some extent possible with Facebook already but would I trust my secure business data to Facebook? Probably not yet. Still the ride is exciting.

Categories
End User internet

"Stealing" domain names is just not cricket

Businesses need to be mindful of the need to manage their domain name strategy sensibly. There are any number of individuals and organisations out there ready to take advantage of the careless.

For example take a look at http://www.cricinfo.com/. Not a bad time to be visiting the site during an exciting match between England and South Africa (yes I did say exciting).

If you now visit http://www.crickinfo.com/ you will see a difference. The spelling mistake is an easy one to make for someone looking for the main cricket website in the world (wide web). A good domain name strategy would have seen cricinfo snaffle both domains.

Now visit http://www.cricinfo.co.uk/. This one you might think would certainly take you to cricinfo but it doesn’t. It is owned by someone else and until recently took people to a cricket shop completely unassociated with cricinfo.com.

This is quite a high profile example of someone not doing something right when the business was small and it didn’t matter but paying for it downstream.

There are other different examples – the famous myspace court case where the .co.uk domain name was owned by an ISP long before myspace.com existed.

It is quick and easy to check your own business’ domain name – click here if you need a domain name checker.

Good luck England.

Categories
Business internet security

“Stealing” domain names is just not cricket

Businesses need to be mindful of the need to manage their domain name strategy sensibly. There are any number of individuals and organisations out there ready to take advantage of the careless.

For example take a look at http://www.cricinfo.com/. Not a bad time to be visiting the site during an exciting match between England and South Africa (yes I did say exciting).

If you now visit http://www.crickinfo.com/ you will see a difference. The spelling mistake is an easy one to make for someone looking for the main cricket website in the world (wide web). A good domain name strategy would have seen cricinfo snaffle both domains.

Now visit http://www.cricinfo.co.uk/. This one you might think would certainly take you to cricinfo but it doesn’t. It is owned by someone else and until recently took people to a cricket shop completely unassociated with cricinfo.com.

This is quite a high profile example of someone not doing something right when the business was small and it didn’t matter but paying for it downstream.

There are other different examples – the famous myspace court case where the .co.uk domain name was owned by an ISP long before myspace.com existed.

It is quick and easy to check your own business’ domain name – click here if you need a domain name checker.

Good luck England.

Categories
Business video

And the winner is…

Scott Wroe shakes hands with Trefor Davies

After a fiercely fought video competition which brought in some imaginative entries I am pleased to announce that the winner is Scott Wroe from the Timico, Newark, marketing department. The winning video is well worth watching timicofinalscottwroe.

Congratulations also to Andy Twine of Twang.net who came a close second with commendations to James Vestbirk, Jo Barker, Adam Jackson, Harry Singh, Andrew Massing, Richard Wright, Jo Smith, Andrew North, Clare Morrell, Will Curtis, Dean Bruce and Katie Nicholas who all put in a good effort.

 

Categories
Business olympics

Nortel and the 2012 London Olympics

Nortel just announced that they have been chosen to provide the communications infrstructure for the London 2012 Olympics. This is quite an achievement because as well as voice it involves the provision of a wide area network that one might more normally associate with Cisco. I get the impression from Nortel that power consumption/Carbon footprint played a part here although I’m sure that in such a complex bid there were a great many decisive factors.

Their press release talks about having to support 205 sporting organisations, 20,000 media, nine million spectators and over 4 billion viewers worldwide. I’d like to have been the salesman getting commission from that lot. No doubt there will be a few tickets floating around for Nortel partners wanting to attend the track and field finals:-).