September 2006 - Posts
The last session of the conference for me is the repeat of Dana's security seminar. If you haven't seen Dana's sessions, you're really missing something. The main focus of his presentation was on using two-factor authentication. Two-factor authentication is comprised of something you have and something you know. For example, your bankcard - you have the card and you have to know the PIN.
One of the key issues facing small business IT shops is how to manage the administrator passwords for the systems you manage when you have an employee leave the company. If you change the administrator password, you also have to change the password for services that run as administrator, plus change the passwords of any additional admin accounts that may have been created, and this can take a very long time, especially if you have a large number of servers or a lot of turnover.
With a centrally-managed two-factor authentication solution, the need to change administrator passwords is either significantly reduced or eliminated because you can disable the OTP (one time password) for the departing employee in the central system and lock that user out of the systems you manage.
Some vendors who have solutions for two-factor authentication:
www.cryptocard.com (cryptocard) - bill@cryptocard.com ask for starter kit referred by Dana
www.rsasecurity.com
www.authenex.com
www.securecomputing.com
www.aladdin.com
www.actividentity.com
www.verisign.com (
www.vasco.com (VASCO)
www.passgo.com (Defender)
www.scorpionsoft.com (Anvil)
Dana demoed several implementations of two-factor security on live systems, including a new product from Scorpion Software that adds two-factor authentication to Remote Web Workplace.
One audience question - what about biometrics? Dana pointed out the "gummy bear attack" that gets past fingerprint scanners.
Now for the afternoon activities...
I sat in on Anne Stanton's CRM Project Planning session this morning. CRM is an avenue I'm looking into, and I've worked with Anne on a couple of leads for CRM application implementations. She focused specifically on the Microsoft Dynamics CRM product, but the basic concepts can apply to all CRM applications in general.
Anne started showing a project proposal template that she uses as a building block (living document) to work with a potential client and discussed the different phases of a CRM implementation. (Note to self and others - CRM implementations are more involved that just installing the software.) She then covered the basics of what it takes to install CRM SBE onto SBS. CRM SBE does integrate well with SBS, because it integrates with many of the components of SBS, but there are some "fun" points dealing with ISA.
Anne followed next with a deep dive into the implementation process. One of the most important phases, if not the most important, is the data migration process. This is taking all the existing data the client has and migrating it into the MS CRM app. One of the key aspects of data migration is data cleansing - making sure that the data you're importing is ready for importing - this is where some of the pain points of the entire project are really evident, because if the client data is not really "clean" this phase can take an extensive amount of time.
Audience question: How do you price data migration? Sit down with the customer to see where they are and try to find out how many records they have. If they have a small number of records, it might make more financial sense to have a temp re-key the records in the system, but a larger number of records might require some outsourcing for custom programming to get all the records imported.
Next, Anne showed some of the different planning templates. These documents have screen shots of each and every piece in the interface that you go over with the client and find out what they need or not in the interface and you can note in the template what changes you need to make. The template also breaks down the structure of the record so you can see what the individual fields are and what the data type is for each field. These templates are available for download from the Partner web site as a ZIP file.
As you're going through configuration, document everything that goes on during the research and deployment phases. Scope creep can really impact the project, but if you sufficiently document every request, at least you have the information that can back up any questions the client may have during the process.
Now on to the next magical session...
I had a wonderful opportunity this evening to really do something very cool, at least for me. I got to see my home town Texas Rangers play the Seattle Mariners at Safeco Field. The game went thirteen innings, and while my team ended up losing, it was a great game and worth the time. Oh, and did I mention that because of a few connections, I ended up watching the game from the Owner's Suite? Oh yes, it was suite indeed!
Now to get some sleep and try to rest up before tomorrow. No vendor hall, so I'll be able to attend at least a couple of sessions...
OK, so even though I thought I would attend sessions in-between the market expo times, once again I ended up spending the day as a vendor at the Community booth. The good news, I was able to move a number of books not only at the table but also to people who will order online because they had no more room in their outgoing luggage. The bad news, I really missed out on some of the side sessions and mingling that are so valuable at this conference.
Later tonight, I'll have a different activity that I could only take advantage of in Seattle. More on that later...
Day 2 of SMB Nation 2006 opened with a keynote speech from conference organizer Harry Brelsford on the global reach of Microsoft's Small Business Specialist certification program. Actually, it was more of a group participation effort than a talking slide deck. Bob Hood announced Arlin Sorensen as the SBSer of the Year. Harry summarized the events of the last year for SMB Nation the company including the interviews of members of the worldwide community on SMB Nation TV (and no, he didn't just stand there and play videos, but did have a couple of the interviewees come up and share a little about their activities with the audience). Harry discussed the activities of the SBSC implementations in Italy and Denmark. Jeremy from Auckland, New Zealand, discussed the way MS New Zealand is handling the SBSC memberships by making it more exclusive than general admission. Beatrice came up and discussed some of the lessons they learned in Amsterdam and EMEA in general. The general consensus from the different nations was that the different leads of user groups and other groups are keeping in contact with each other on a daily basis to help grow not only their businesses but their market as well.
Now back to the vendor hall to sell books for a bit while getting ready for the Mac talk...
Well, after the keynote session this morning, my experience at SMB Nation took a very quick left turn. As such, with the exception of participating in the MVP Panel session, I did not attend another session during the day tracks so, as such, I have nothing to report on those.
You see, yesterday I spent the day as a vendor, and it was quite a different experience.
This year, Harry agreed to let me sell copies of the SBS 2003 Unleashed book at the conference, specifically at the Community table (booth 108 for those at the show, in the back corner near the food extras). So right after the keynote, during the scheduled 45-minute "market expo" time, I headed back to the community booth, set up the display, and suddenly became "Eriq Neale, Vendor" instead of "Eriq Neale, Speaker and Attendee."
The community booth was a really happening place to start the morning. I'm working the booth along with folks from SMBTN, the SBS MVPs, and the SBS User Group community. Others have placed materials on the community table, including Jeff Middleton (an invite to his Saturday night party at Pub 85), Dana Epp (a discount for his Firewall Dashboard product), and a few other items. We had quite a few reps from SMBTN present to start the vendor time, and Handy Andy, who represents most of the groups represented by the "community" designation, hung out there quite a bit as well. At times, it was rather crowded inside the booth.
My plan was to set up and be available to sell the book during the "vendor time" and then break out with everyone else to attend some of the sessions. There were still a large number of attendees wandering the vendor hall at the start of the next session, however, so I opted to stay in my vendor hat for that session. There was only one presentation of the four being offered that I was sort of interested in, and if I didn't miss it, it wouldn't be the end of the world. And it wasn't.
After that session was the lunch break along with more vendor time, and the vendors were offered the option of getting lunch before the lunch rush came through, and I took advantage of that offer. Good thing I did, because once the crowd started through, the vendor hall was a madhouse again. Overall, I had a large number of people come by the table, see the book, and let me know that not only did they have it, but also they found it to be really valuable to them. I also heard from a number of user group members that they had finally received their eval copies within the last month (we've only been trying to get them out to user groups since January, and it finally came together, thanks in great part to Tim Barrett!) What I didn't do, however, was sell a single copy before the start of the afternoon sessions.
Which I also missed. I fully intended to go to Dana's session on security, but at the end of the lunch rush, I was exhausted, so opted to stay at the booth, just because it would be easier. And good thing I did, because that's when the book sales started. During the third session and the following market expo period, I sold several copies to grateful recipients. I was also able to get the majority of the authors in attendance at the show (except Chad Gross - I'll get you tomorrow) to sign the two copies I'm keeping for myself with all the author signatures.
I did break after that to sit in on the MVP panel discussion, which was taped by Tim Barrett and will probably be available for offline viewing later, so I won't dwell on the content here. But in the course of the discussion, a question about Group Policy came up, and we were able to point out that the book has two chapters on Group Policy. I mention that because immediately after the panel discussion, I sold another set of books to people who wanted to read up on GP because they heard about it in the panel discussion.
We packed up the booth right at 7pm and made our way over to Wayne Small's world record server build attempt on SBS R2. Sorry, Wayne, but I was exhausted from a long day of playing vendor, so a group of us cut out before the end and I headed back to the hotel and will crash as soon as I get this entry done.
So it was a very different experience for me this year over last for the first day, and I'm going to change it up a bit tomorrow and get more of the community feel again. But for now, I've got to wrap up and get some shut-eye so I'm rested and ready for my Mac talk tomorrow.
The conference is ready to start. Some folks had a bit of an adventure getting here via one of the shuttles, but I'm sure that story will appear in at least one other blog, and since it didn't happen to me, I won't recount it here. Enjoyed the SBSC breakfast and got to meet several folks in person who I've had the opportunity to interact with online.
The keynote room, the Kodiak at the MS Conference Center, is pretty full, so attendance for the entire conference looks like it will be pretty good.
Right at 9am, Seattle time, the opening video started, including talking heads from MS buttering up the attendees with the importance of the SBS community members and how MS is working to support the SB community.
Harry made basic introductions about the conference and then introduced Marie Huwe as the keynote speaker, who addressed increasing profitability in the small business segment. Quite frankly, this was a bunch of marketing speak, which makes my eyes go fuzzy, so it's tough for me to say much more than that. She did touch on both Partner Finder and the IAMCP (International Association of Microsoft Certified Professionals). The also touched on the Small Business Plus program which will have some enhancements over the existing Partner Finder product.
The call to action at the end of the keynote:
- Become a Small Business Specialist
- Install Office and Vista betas and take online training
- Expand your network: blogs, user groups, partner forums
- Expand your client base by using one component of the five small business campaigns.
A number of questions were addressed in the panel Q&A, but nothing really groundbreaking.
We ran our second live broadcast this morning for eOnCall. Tim Barrett of No Geek Left Behind joined me for a discussion on communities in the relam of small businesses. We also videotaped the broadcast so at some point in the future, for those who may be interested, you can see us pull back the curtains and witness just what we go through to put on a live show (it's not really as interesting as you might otherwise think).
Getting ready for the broadcast was a bit of an adventure, though. After being up for 22 straight hours (and only getting two hours sleep before that) I was about to crash in the hotel room when I noticed it was a bit warm in the room. I had turned down the AC earlier in the day, but it wasn't anywhere near that temperature. So I placed a quick call to the front desk and they sent someone right up. He got the fan blowing, but the compressor wouldn't come on, so I could either take a new room or let him spend a couple of hours trying to get it working. It was cool enough that I opted to open the balcony window to let the cool night air in and give it a go at that, and the thought of packing up the room and moving right then wasn't very palatable.
Unfortunately, I should have requested a room move right then and there, because it never did cool down and there was (surprisingly) a lot of traffic noise, and so I didn't get much sleep. So, at 5am local time, I called down and requested another room. I got a new room key brought up to me immediately, and I packed up and moved with an hour to spare before hooking up to get online for the broadcast.
At any rate, the show went off without a hitch, and the episode is already available on the archive site and on iTunes as well. Enjoy!
First, a disclaimer. When I originally booked my flight from DFW to SEATAC, it was before the London airline threat discovery and prevention and the related elevated security alerts. So, at the time, a 6:30am departure flight didn't seem like such a big deal. However, in retrospect, what the $%@#^ was I thinking???
Anyway, I did manage to get a couple of hours of sleep prior to the alarm going off at 3:30am so I could shower and finish packing before the shuttle arrived to pick me up at 4:00am. Don't know why I rushed, he didn't show until 4:15. Seeing as how I thought that would put me at the airport at 5:00 or after, I was worried I might not have enough time.
Well, for starters, there is NO traffic going to the airport at 4:15am, so we made the trip in 30 minutes. Second, I did figure out that only insane people take 6:30am fights to Seattle (via Denver) from DFW, and we're fewer in number than the general population might otherwise acknowledge. So, by 5am, I'm not only at the airport, I've already gone through security and have taken a seat to wait for the next 1.5 hours to start boarding. And while I used to be a big fan of Soledad O'Brien, seeing her spout the same tripe that insists on being called news these days every half hour for the next 90 minutes was enought to put me in a really foul mood.
Fortunately, the flight was better, both legs actually. Somehow, I was the only person on the flight from DFW to Denver that was continuing on to Seattle, and while I was expecting to just wait on the plane, I got asked three different times if I'd be more comfortable leaving the plane and waiting in the lobby. Since I knew the next leg was completely full, and I hate waiting in lines in general, I passed.
Got into Seattle with no difficulty, found my obnoxious green bag with no difficulty, and found my step-brother in his blue Cooper Mini with no difficulty. Got to the hotel, checked in, and immediately took a nap.
Now that I'm back up and awake, I can honestly say that this is one of the nicer places I've stayed in my recent travels. I don't think I'll mind the location for the next 6 nights.
Plan for tonight is to have dinner with my stepbrother and his wife and kid, and I think we're heading down to the piers (i've got a hankering for Red Robin - yumm), then come back to the hotel and hook up with my MVP buddies and other assorted attendees who will be in town tonight. But I can't stay up too late, as I have to get ready for the live eOnCall broadcast tomorrow morning at 8am local time (that's still 10am Central).
Now to find some munchies to hold me over until dinner...
OK, it's that time of year again. Time to pack the bags and get ready for the annual venture otherwise known as SMB Nation. This year is a bit different for me than last year, for a couple of reasons:
- I'm staying longer.
- I'm presenting this year.
Yep, I really haven't had time to really shout it from the mountaintops, but the Mac in SBS presentation is going to see the light of day in Redmond this year, and what an interesting story there is behind that. But I won't shed light on that until after the presentation is done.
Also, I'll be selling copies of the SBS 2003 Unleashed book for anyone who hasn't picked up a copy yet. And signing copies for those who want that done, too. Several of the authors who contributed to the book will be at the conference: Amy Babinchak, Tim Barrett, Susan Bradley, Henry Craven, Chad Gross, and Anne Stanton. Others may be in attendance, I just don't know for sure. I'm sure those who are there won't mind signing copies, either, but you will have to at least ask nicely.
So, starting after I get to the hotel and wake up from my flight tomorrow, the SMB Nation coverage begins. Until then, I have a lot of packing to do...
It's just one of those things, I guess, but when it causes so much pain, it's hard to see it as a little thing. I mean, come one, everyone makes little mistakes occasionally, don't they? I do, I own up to it when I do, also. And I've made some doozies in my day, too. But the mistakes I've made, including the big ones, have only impacted a small number of people.
But occasionally, there's the little slip up with the big impact. Yesterday saw another one of those, and while I was tangentially impacted, it really didn't hit me personally very hard. But those it did hit, it hit hard. You see, because of a mix up in a virus scanning search string, the product from a certain anti-virus vendor started identifying a core Windows system file as infected and quarantined the file. Oops.
Now don't get me wrong, I admire anti-virus vendors and the work that they do. They often times have a thankless job. It's amazing that they are able to create search strings for virus program patterns that will really only find the virus code in a file and not (usually) mis-identify a regular, uninfected program as a problem. Given all the different programs and files that can be present on any given computer at any given time, it's amazing that there aren't more false positives than there are.
Still, this is one that really should have been caught before it got out the door. I would think that if you are testing updates to a program, one of the basic things you would check is to make sure that it didn't break the OS it was running on. I have not done much software development recently, but back in the day, I wrote code for a Linux-based system, and we used a few scripts to configure certain file areas on the system. One of the first things I tested was to make sure the file system changes we made wouldn't render the system unbootable. Seems fairly basic to me. And maybe this company did do some level of testing, but somehow it still strikes me as odd that this wouldn't have been found in a thorough testing environment.
And this is not the only company that has released software that rendered systems unbootable. At least one other anti-virus vendor released a virus engine update that wreaked havoc. An uninterruptible power supply vendor had a program that, when not updated in a timely fashion, would keep a system from booting normally. And a certain operating system supplier has been guilty of releasing updates to its own code that had drastic unexpected results. It happens. Really, it does, and fortunately it doesn't happen more often than we see it happen.
Let me wrap up by saying that I'm really glad that this particular situation didn't happen close to Patch Tuesday. I can only imagine what would have happened if people went to install updates, rebooted, and found that their systems didn't come back up. The Microsoft phone lines would have been ringing off the hook, and a lot of people would have been chasing down the wrong road. This is actually a perfect example of why I always restart a server before installing security updates. If there's a problem with the server coming up before installing the updates, there very likely would have been problems with it coming up after the updates installed. And where would I have focused my ire, I mean, troubleshooting efforts? Right, at Microsoft. It would be easy to blame the patches for causing the no boot situation. If this had happened a couple of weeks ago, MS would have been crucified by thousands of callers blaming the security updates, and lots of time and energy would have been wasted looking in the wrong place for the cause.
Just goes to show that you should take any server reboot seriously. I always make sure that, before I reboot any server (mine or a client's) that I have the time to go onsite if a problem should present itself. It's very easy to become lax towards server reboots because, most of the time, they work exactly as they should. But in the case of some people yesterday who rebooted with their guard down, they had a bit of a rude awakening. Hopefully, the worst is over for now for this particular incident. Who knows where the next one will come from...