Archive for the ‘Eirtight News’ Category

How to Prevent Excel from Destroying Your Business

Tuesday, September 17th, 2013

Excel is undoubtedly an essential business tool, and Microsoft now claims to have 1 billion users that rely on it to varying degrees. It enables people to do complex number crunching without having a degree in accountancy, and is often the default application we turn to when documenting ideas, plans and is the go to application for anything that requires rows of data.

However, a wide-ranging US study suggests that on average 1% of formula cells, and 88% of all spread sheet documents contain errors. Small errors can have a massive, real-world impact. Governments, financial institutions and large global organisations have all found this out the hard way, but what’s the real impact for the average business?

In Eirtight, we’ve repeatedly seen the chaos that can be caused by relying on spread sheets to store and manage important data. Typically, problems arise because spread sheets:

  1. Are not secure – they contain raw data that can be accessed easily. Password protection is easily bypassed.
  2. Have no centralised control or ability to give management automatic visibility over their content.
  3. Are easily lost, deleted or corrupted.
  4. Can be accidentally or otherwise distributed to/accessed by unintended parties.
  5. Contain errors ranging from the insignificant to the critical.
  6. Often have multiple versions in circulation, each containing slightly different variations of the data. No single source of data produces multiple problems.
  7. Have no tracking or logging which means the last person to edit data is not known and previous values are not stored.
  8. Are difficult to backup due to proliferation of versions.
  9. Are not SOX compliant.
One of our clients lost a mid-six-figure sum some years ago due solely to a financial modelling spread sheet containing an incorrect formula.

So what can you do to protect your organisation? We’ve drawn up the following guidelines to enable you to gauge how vulnerable your organisation may be:

  1. Understand where spread sheets are being used in your organisation, who is using them and what data is being managed in each one. Document all of this thoroughly. It’s worth noting that the irony of the probability of a spread sheet being used to capture this information hasn’t escaped the author of this post!
  2. Use a traffic-light system to assign a level of criticality to each spread sheet in use. Document the importance and sensitivity of the data as well as the potential risk if the data contained errors. For example, Mary in Marketing may have a list of all the staff who’ve signed up for the next football tournament. That’s green. However, Bill in Accounts may have a spread sheet showing the rebate payments due from affiliate partners. That’s red!
  3. Find out where and how each spread sheet is stored, managed, backed up and shared. Are staff emailing a highly sensitive spread sheet to each other regularly? This is a huge security threat and needs to be stopped.
Once this has been done you should have a picture of how open to risk your organisation is. The next stage is to put in place a system to store, manage and report on the information that is currently stored in spread sheets classified as ‘Red’, with the aim of eliminating this practice entirely.

It’s important to note that putting a system in place to centrally store, manage and control your critical data does not mean staff cannot export that data and manipulate it in Excel for convenience if that’s something that’s required. It means changes, formulas and data can be verified and logged which will go a long way towards preventing bad data from causing you to make bad decisions.

Wherever Excel fits in your organisation, please don’t pretend this is not a potential problem for your business – all the research suggests that it is. The good news is that it isn’t difficult to put a fix in place. Don’t wait until you have hindsight of a disaster before taking action. To read some horror stories on this topic visit http://www.eusprig.org/horror-stories.htm, or give us a call to discuss how we can help you mitigate the risk.

Slash your IT costs with Virtual Machines on Azure

Monday, July 15th, 2013

Microsoft recently made a big announcement regarding their Windows Azure cloud platform. We wanted to update you on what this really means for you and why it’s so exciting!

What is Windows Azure?

Windows Azure is a platform on which software and websites can be built and hosted in the cloud (in a secure data centre, on the internet), instead of on your premises. There are a number of general benefits to Azure such as:

• Infinitely scalability of your applications,
• Removes the requirement for capital expenditure on IT, and the associated management costs,
• Superior performance over on-premise solutions,
• More reliable than alternatives – a 99.95% Service Level Agreement (SLA) is industry leading,
• Lower risk due to your data being replicated in multiple Azure data centres,
• Flexible – scale your services up down in minutes,
• Secure – no need to worry about security – it’s all managed for you,
• Pay-as-you-go – only pay for what you need when you need it – Azure is the most competitive cloud offering available

On top of these benefits, there has recently been an exciting announcement that really makes Azure applicable to everyone: Virtual Machines.

What Are Virtual Machines and Why is This Exciting?

Virtual Machines are cloud-based servers (rather than traditional servers which you need to purchase physically) that can be created and deployed quickly and easily. With virtual machines you can build out a server farm to host your business applications very quickly without any up-front hardware investment. You can pay by the day, and only pay for the server resources you actually need and use. In short you can replicate your hardware infrastructure and be sure it will never become redundant, plus you can easily scale up or down as required.

Microsoft now has the most reliable and best priced VM’s on the market. You can create your own machine in seconds.

This is a very exciting development because Microsoft will provide Service Level Agreements (SLAs) that provide certainty over the reliability and uptime of the VMs. Now you can take advantage of this to offload your infrastructure and significantly reduce your server costs. Virtual machines are cross platform compatible, meaning you can deploy Linux, Windows or other platforms as you need to.

What Does This Mean for Me?

The main benefit of this is that you can now easily move your systems over to a virtual server farm. This reduces your costs significantly while improving the security and reliability of your systems. You also don’t need to worry about supporting and managing operating system upgrades, as this is all taken care of for you. You just take your existing applications and copy them to the cloud – you no longer need to redevelop your existing application to take advantage of the many benefits of cloud technology.

With virtual machines you have the ability to make fast decisions, scale quickly and bring real agility into your IT environment, while retaining full control and visibility over your infrastructure, your data and your costs.

How Can I Take Advantage of This?

Eirtight offers a straightforward Lift & Shift service that helps you to move your systems to Azure in 5 simple steps:

Step 1: Mapping: A full map of your IT infrastructure is documented to provide a comprehensive snapshot of your current systems
Step 2: Assignment: IT infrastructure divided into Standard IT and Applications (examples table to be shown)
Step 3: Analysis: Both Standard T and Applications are analysied for suitability for migration to Azure under the following heads (table)
Step 4: Recommendations: prioritised list of proposed actions and anticipated cost savings is provided in a report
Step 5: Implementation: a roadmap and migration plan is drawn up for priority areas and implementation begins.

How Should I Proceed?

Get in touch with us so we can discuss your specific IT setup and how we can help you begin a suitability assessment in your business.

Our Latest Eirtight Eirwave Newsletter

Tuesday, April 9th, 2013

So what’s been happening in Eirtight Towers since our last Eirwave? From a new Greek office, to an award winning app, and a joint Microsoft/Eirtight event looking at the real business benefits of the cloud and how you can take advantage in your organisation (running in Dublin on 25th April), it’s been our most successful and productive year to date so far!

Click here to read more…

Our Latest Eirtight Eirwave Newsletter

Monday, September 10th, 2012

This month we look at cloud data security – how safe is it to store your data with cloud services like Dropbox and Skydrive? New projects are on many minds at this time of year so we also look at how to choose a software development partner – is cheaper better, and what is the trade-off between cost and quality? Finally, we’ve got some updates on what else we’ve been up to over the summer – from our Microsoft Azure Circle membership to our new Eirtight Youtube Channel and first video! Enjoy!

How to keep your Data Safe in the Cloud

Monday, July 30th, 2012

Dropbox, Box.net, Skydrive, Amazon Cloud Drive, SugarSync, Google Docs – there’s a seemingly never ending list of cloud storage providers these days. How secure is your data when stored using one of these services though? Do you know your AES from your SSL? There are a number of potential security weaknesses – physical data security from viruses or hardware failure, hackers, government agencies and even dishonest service provider staff. So what can you do to protect yourself and your data?

Protecting Against Prying Eyes

Firstly, your password should be to a very high standard – at least 8 characters long, with a mixture of upper and lower case letters, numbers and symbols. Secondly, your environment – your PC, network and internet connection. Make sure to use a firewall and up-to-date anti-virus software. You should also consider not storing your password – manually log into your cloud storage account each time you want to use it.

The next thing to consider is what security standards and procedures does your chosen provider use. There are three standards and almost all providers will use one or multiple of these to protect your data from prying eyes:

  1. Transport Layer Security (TSL): this is the industry standard for web communications and most high profile providers will use TSL encryption. It works by engaging a ‘handshake’ to verify and then encrypting data before it is sent from your PC to the server to prevent eavesdropping/tampering.
  2. Secure Socket Layer (SSL): this is the predecessor to TSL and is also an encryption method used to safely transmit data online. SSL is considered a safe and secure method, but from a security standpoint, TSL is preferred.
  3. Advanced Encryption Standard (AES): this is the standard encryption method used by the U.S. government. While TSL and SSL are used to encrypt data while it’s being transferred, AES is used for data in rest, or while it’s being stored on a data server. With this method, a single electronic key is used to both encrypt data as it enters a server and decrypt it as it leaves. An AES key can contain 128, 192 or 256 bits; 256 bits is preferred, as it provides increased security.

What this means to you is that a provider that ensures your data is protected during transport using something like TSL and is protected in storage using something like AES is giving you the optimum commercially available storage security.

So assuming your data is protected from “hackers”, how safe is your data from the service providers’ employees? They have access to the data by virtue of the fact that they created the environment and they have access to everything. The answer to this boils down to asking “who holds the key?”…

As mentioned above, when the files are stored they are encrypted. Encrypted files can only be unencrypted using a key. Very often the provider has this key and they use the same key for all their data. They will make some promises that ensure that their employees don’t have access to this key and cannot see customers’ data, but there can be some contention around this. There was an incident last year where Dropbox was accused of allowing employees to access customer data (http://www.wired.com/threatlevel/2011/05/dropbox-ftc/). This boils down to reading the small print and finding out for yourself which provider you trust most.

There is, however, another option for how your encrypted data is accessed. Policy-based key management is where you can hold the key yourself or the key is managed by a separate provider.  This ensures that you and only you can unencrypt your data. Cloud storage provider’s employees don’t have your key and cannot see your data. Providers such as LockCube allow this.

The same applies to how secure your data is from governments. If a government wants access to your data they will ask the provider for it. If the provider doesn’t have your key they can’t unencrypt it. They can of course get the encrypted data and try to access it by hacking AES but this is no small task and it would take some time and money to do.

There is a lot of talk about the “Patriot Act” and how it allows the US government access any data stored on US data centres. The truth is most governments have the same laws and if you have your own key the data the government gets from the provider is encrypted. The question is, how important is that data to the government and how much time and effort will they spend to unencrypt it?

Protecting Against Data Loss

Most cloud storage providers don’t have a default backup of your data; they don’t store two copies of your data in separate locations. The data you store online is your backup. The two copies are one on your PC and one in the cloud. The security is in trusting that the likelihood of both your PC and the provider’s servers suffering catastrophic failure at the same time are minimal.

Some services such as SkyDrive allow you to synchronise your data across multiple devices, one of which is cloud storage. With you data spread across multiple devices and in the cloud the chances of all the devices and the cloud dying at the same time can effectively be discounted.

To be sure, you should have an offsite local backup (for example an external hard drive that is used to regularly backup your data and is then securely stored in another location – your home, etc.), and at least one cloud and/or cloud synchronised backup service. Remember to test your backups every once in a while to ensure they can be successfully unencrypted and restored!

In conclusion, there are many considerations when choosing cloud storage providers. For example, how fast can you restore your data in the event you have a data loss on your PC? Security is just one aspect of this topic. In reality most data is not worth the trouble to go into this level of detail on security considerations. A trusted provider and synchronising across multiple devices will be all that the majority of users will need.

Eirtight Invited to join Microsoft’s Azure Circle

Monday, May 28th, 2012

Eirtight is delighted to announce that we have been invited to join the prestigious Azure Circle by Microsoft.

This group is designed as a partner programme for companies with extensive, proven expertise in building solutions on the Windows Azure cloud platform. We’re delighted to have been invited to join, as it gives us official Microsoft recognition that the quality of the solutions Eirtight has been delivering are at the very highest level possible.

Our Latest Eirtight Eirwave Newsletter

Monday, April 23rd, 2012
This month we look at what happens when the cloud breaks – how do you ensure your data is safe and your business continues to function uninterrupted? We also look at mobile apps and what you should consider when deciding the best approach to take for your app. Finally, we have an exciting announcement to share with you! Click here to read the latest from Eirtight. Enjoy!

Another Record Month for Eirtight in March

Friday, March 30th, 2012

We’re delighted to be able to announce a record month for Eirtight in March, with new clients having awarded substantial projects to us in 4 countries in the last 3 weeks. We’d like to thank all of our clients and partners for helping ensure 2012 will be another year of growth and further international expansion for Eirtight. Watch out for another exciting announcement in our next newsletter!

Our Latest Eirtight Eirwave Newsletter

Monday, February 20th, 2012

This month we look at Haiti 2 years after the devastating earthquake – Eirtight continues to work with mobile phone network operators to ensure this critical infrastructure remains fully operational. We also look at the emergence of HTML5 and what this really means for those websites that use Flash or Silverlight. Finally, we consider whether outsourcing of software development is right for your organisation. Click here to read the latest from Eirtight. Enjoy!

Eirtight Software Adopted Globally by Dell

Thursday, January 26th, 2012

We’re delighted to be able to announce that Dell have confirmed that software developed by Eirtight to manage marketing spend will be rolled out globally, having initially being deployed in Europe and then the US. The next stage of the implementation starts in Latin America in the next couple of months, and then moves to Asia.