TechnologyAccountant.com

We are increasingly mobile. Data are stored on laptops, cellphones and portable USB drives. Do you ever think about what will happen if your device are lost or stolen?

As accountants, we owe a duty of care for our clients’ data. Can you imagine if your entire company financials were lost and fall into the wrong hands because your accountant lost his or her laptop? That would be very bad.

Lesson 1 – encrypt all sensitive data. Here’s how encryption works, in simple English.

Public Key Encryption

This is the encryption structure commonly being used by banks and large companies. It involve using ‘keys’, which are random combination of numbers and letters, usually at least 128 bits (16 characters) long. It is used to scramble messages so they cannot be decoded even if intercepted during transfer. The public key system is based on a set of 2 keys: the public key and private key.

The special public key can scramble a message but cannot decode them. The private key can decode the message. As the name implies, you keep the private key… um, private. Your computer browsers, for example, creates the key pair and gives the public key to the bank’s website, which in turns uses the key to encrypt your banking information. Your computer then use the private key to decode the message and display it to you.

Man-in-Middle and SSL certificates

This system has only 1 problem. What if there is a rogue employee at your Internet Service Provider (ISP, such as Telus or Shaw) who can intercept your initial public key, and replace it with his own when transmitting to the bank? The bank will unknowingly used his public key to send information to you, which he can read and re-encrypt it with your actual key before sending back to the unsuspecting you. All your information will be exposed. This is the typical ‘man-in-middle’ attack.

This is where the SSL certificate comes in. A SSL certificate is a digital certificate issued by a Certificate Authority (CA) that contains the public key and also information about the identity of you and the CA. Your browser can check with the CA to verify that the certificate is indeed from you and not altered. Your bank’s website can do the same. Therefore, man-in-middle attach cannot happen.

More Information

That’s it – encryption in a nutshell. There are obviously more details than this, but you can research it on your own if you have more time.

How Encryption Works by Howstuffworks.com

Are you sick of PC’s in your business? They break, they cause problems and are difficult to managed.

I get discouraged just thinking about keep Windows, Office and anti-virus programs updated on more than 3 computers. It’s the repetitive job that nobody likes to do. How do big companies manage 100′s of computers? Well – there is a better way (no, not hiring a few dozen IT people).

Instead of installing and updating software on individual computer, you can do that on one server and make them accessible to all computers on the network. This is done by using Microsoft’s Remote Desktop Connection (RDP) tool or free alternatives such as VLC. Essentially they allow users to connect to the server and use software just like they are sitting in front of it. A server operating system like Windows 2008 Server R2 is designed to handle multiple logins; how many users can share one server is only limited by hardware capability and licensing. It’s quite feasible to host 20 to 30 users with an entry level server around $1,200 and RDP licenses.

This is only the beginning. Once software are all on the server, the client computers become “thin clients” because all the “fat” are moved to the server. Thin clients do very little computing, most heavy lifting is done on the server. That’s when you can replace a desktop computer with a networked monitor as the thin client. A full desktop computer with monitor costs at least $700 and a network monitor is less than $300, and with no maintenance / low failure rate.

If your business has more than 3 computers, going to the thin client model will save you money, headache and boost your productivity.

Let me know if I can help out your transition to the thin client experience.

Regular email newsletter that provide relevant and timely information will help small business build a community of followers. However many businesses do not do it correctly. Here is a quick list of tips for building a successful one.

• Don’t frequently sell products and services. If you are always trying to sell, readers will unsubscribe. Offer truly valuable information then they’ll come back to check out your offers.
• Don’t add people to the list who have not asked to receive your newsletter.
• Make your special announcement upfront, right at the center.
• Include a “learn more” link to your website. Your sales pitch should be on your site, not in the email.
• Always include the option to unsubscribe. Don’t get marked as spam.
• Measure its performance with Google Analytics. This will help you improve your content.
• Ensure regular delivery, otherwise your readers will forget about you.

If this sounds like lots of work, check out the following providers that will make it easier. They handle the logistics of managing list and the actual delivery, you can worry about content.

1. MailChimp - my favorite, it’s free under 500 subscribers and integrates with twitter.
2. AWeber - I’ve heard many good things about them and it has great deliverability and works well with affiliate marketing.

With these tools, there is no excuse for any small business not to communicate to their loyal customers through contact emails. Doing it will help build community and your company.

If you are in business, chances are that you are wired to the Internet. And chances are that you have either ADSL or Cable. That’s fine with a single location, but what if you have multiple locations and need to exchange data among them? That’s when things get complicated.

In typical multi-site situation, you’ll need to setup VPN (Virtual Private Network) which encrypts data out of each location and decrypts it at the destination. To ensure all locations communicates fast and securely, you (or IT people you hired) need to setup VPN end points at each site. Let’s say you have 4 sites, you’ll need to setup 12 point-to-point connections (4×3). This is called a full mesh setup. Not only it’s complex, it adds up to 30% more load to your network and will slow down your network.

The better solution is to find an ISP (Internet Service Provider) that provides transparent vLAN solution. This can mean two things:

1. The ISP setup and manage the VPN for you.
2. The ISP routes all your traffic between site internally on its network and only allow connection to Internet when necessary.

Method 2 is a better because all internal traffic stays “on net” without going onto the Internet. The ISP manages firewall that separate your network to the outside world. It does not extra load to network traffic because no encryption is used.

In essence, vLAN allows each machine to communicate directly. This enables your business to share files, printers and software seamlessly across all locations.

Telus and Shaw provides this type of service under its enterprise business departments and you can expect to pay more than $500+ per site for this service. I’ve used two smaller ISP’s that would provide better service for under $200 a month:

• Skyway West - only charges $30 more on top of its $109 business 6Mbps ADSL. The support team is very responsive and knowledgeable. Highly recommended.
• Stargate Connections – charges $50 more for vLAN. It uses Cisco routers to establish the Corporate Private Network (CPN).

What’s more impressive is that both of these ISP can bond two Internet connections such as ADSL and Cable to deliver added bandwidth and loss-less fail-over. Finally, private network traffic from site to site are provided at no charge.

If you are a business that has internal software that must be shared to all branch offices. One of these two ISP’s will make your life a lot easier. A solid technology infrastructure is just a good foundation for any growing business!

Fax machines have been a part of business life since the 80′s. For a single function technology that sends documents via telephone line, it is very long-lived. It has survived emails and Internet in general. Now when social media trends to replace emails, fax is still going strong.

Yet, keeping a dedicated line and maintaining a machine with lots of paper can get fairly expensive and inefficient (think about all the fax spam). In recent years some innovative fax to email / email to fax solution has gained popularity. I call them Fax 2.0. Essentially these services will give you fax numbers – and convert faxes received to emails, and vice versa (take your emails and fax them out). Here are a few good choices:

1. Peopleline Fax i-Line (PC) – $6.95

At < $7, it’s the lowest cost provider I have seen. Peopleline is a local Vancouver company and its customer service is prompt and friendly. You’ll get unlimited local faxing with this plan, all you need is your PC, email and Internet connection.

2. Telus Internet Fax Pro – $14.95

Telus has kept this service fairly low profile to avoid fighting with its own dedicated fax line business (which costs $35+ per line, fax machine extra). However, at $14.95 this service is not only more cost effective, it also offer additional benefits. For example, you can choose between local or toll-free number. Includes 100 sent pages and 200 receiving pages. Possibly more saving by bundling with other Telus services.

3. MyFax.com – $10

MyFax.com is very similar to Telus. It offers toll-free number as well. For $10 per month you can 500 sent or received pages. It also offer free fax to 41 countries such as UK, Australia, China, Hong Kong and Taiwan. Works with iPhone. What a deal! It’s powered by Protus, an Ottawa company.

Any of these options gives you a great reason to ditch your old office fax machine and save $100′s every year. It’s also more private since faxes arrives in your private email box, not an open office table. You’ll save money, paper and the environment all at the same time!

If you need a good quality scanner for sending out hand-written or signed documents, I’ve heard very good things about the Fujitsu S1500 scanner.

First time I encountered the term “cloud” as it relates to the Internet was in 2001. ‘Cloud computing’ only emerges as popular in the past 2 years. It’s vague and

Internet as the Cloud

misunderstood, but simple: users subscribe to on-demand “in-the-cloud” computing services similar to subscribing utility; pay for usage instead of owing the infrastructure. Out of curiosity I have done some research to see if cloud computing is here to stay – or it is really a fad?

The concept is not new. Unix operating system was largely widespread by the 80′s, and it allows many users logging in from remote locations. Early electronic bulletin boards (BBS) built by university students use Unix to share news and discussions, many of which are still in operation today (such as PTT in Taiwan). These systems pioneered the ways of cloud computing by offering users on-demand services that exists on the Internet.

So what’s new with today’s cloud computing? Not much. The only truly new element is virtualization. Until approximately 5 years ago, online service must live off physical server at fixed location. You can determine the location of a server and attack it – online or offline – to shut it down. Also server utilization is not efficient. Sometimes the usage is low (such as at night) but servers are kept on 24/7 resulting in wasted energy. Then it came the technology that virtualize server which detaches the operation system from the physical hardware so the entire software can be moved around easily. This gave a whole new meaning to computing because it means that the software does not need to run from any fixed location, and servers can be easily scale up or down according to usage.

Amazon launched AWS (Amazon Web Services) in 2006 offering server rental by the hours. This essentially removed the barrier for tech start-ups to buy expensive servers upfront.  Now there is a low-cost test lab for incubating projects. In the same year, Google started offering Google Apps: a hosted email and office suite for organization and businesses. Add that to Salesforce, a company selling online based CRM software since 1999, then you have an era of cloud based software.

The most recent news has to be in March 2010 when Microsoft CEO Steve Ballmer announced that the company is “All in” the cloud. An industry heavyweight, slow to react but nonetheless influential, Microsoft’s determination marks the end to any doubt that cloud computing is a fad. By of end of 2011, you can get Microsoft Office entirely online along with email, IM and spam protection for less than $25 per month.

One of my business contact puts it this way: “If on-premise infrastructure is like owing your own house, than managed services is like condo apartments, and cloud would be hotels”. Nicely put. Think about what happens when going to hotels each day cost lower than owing your house?

The bottomline? Cloud computing is not for everyone, yet for many small to medium size businesses it means accessibility to technology on-par with the Fortune 500 and gaining the edge. It’s here to stay, and your strategy better include some consideration of cloud computing.

P.s. – this is the beginning of a series that discuss cloud computing. Please come back to read more about these topics:

• Cloud computing: the good, the bad, the ugly.
• Free cloud computing resources for small businesses
• Email in the cloud – why, how, and how much (hint: free included!)
• Office in the cloud – comparing Google App and Microsoft Office 365
• Accounting in the cloud – is it for my business?
• Disaster plan – do you have offsite backups? How to automate it.