Tech Bitch

Businesses are relying more and more on extending staff beyond the conventional office setting in order to reduce cost in terms of office resources, utilities, and amenities. At the same time, businesses rely on remote professionals to extend the reach of their offerings, remove obstacles based on distance, build healthier and more personalised business relationships, and bring more customised services to their clients.

While on the road or working in home offices, workers are separated from many office resources, limiting productivity, creating redundancy, and impacting responsiveness to internal and external customers. Mobile technology allows business professionals to interface more seamlessly with business processes fundamentally tied to existing office automation.

Fujitsu’s ScanSnap S300 (£210/$249) is a mobile scanning solution which packs a raft of practical features into such a compact device, making it a great tool for the road warrior or home office worker looking to digitise important A4 documents. It’s actually the world’s smallest colour duplex automatic document feeder (ADF) scanner, enabling anytime, anywhere colour scanning for mobile professionals.

With a compact footprint measuring a mere 284×95x75mm and weighing less than 1.4kg, the sheetfed ScanSnap S300 scanner is small enough to fit in a briefcase or laptop bag, making it a great solution for frequent travellers. And with a good range of features and respectable scan quality, it’s equally well suited to sitting comfortably beside you in your office/home office when not on the go.

The first thing that hits you about the ScanSnap S300 is how good it looks and how well it’s built. The silver-and-black livery is guaranteed to impress potential customers, and the flip-open paper tray should survive years of relatively heavy use. The scanner as a whole feels like it has been designed for living out of a briefcase, with no flimsy attachments or other parts you have to be careful about handling. Having said that, we would have liked the paper tray be secured once closed, as it does have a tendency to flip open.

The ScanSnap S300 is particularly well suited to users who work with forms because it offers ‘one-touch’ conversion of paper documents into searchable Adobe portable document format (PDF) files. You simply load a stack of up to 10 documents into the top-loading ADF and press the silver ‘Scan’ button to produce searchable PDF files at speeds of up to 8ppm (pages per minute) for single-sided documents and 16ipm (images per minute) for double-sided documents.

The scanner can be powered from a USB connection (USB 2.0/USB 1.1) on any PC, allowing road warriors to scan paper documents, receipts, bills, invoices and business cards anywhere they go. If A/C power is unavailable, the ScanSnap S300 can be connected to a second actively powered USB port on a PC and provide colour batch scanning speeds of up to 4ppm (simplex) and 8ipm (duplex).

Some other key highlights of the scanner are that it reproduces both sides of a document in a single pass, and multi-page documents containing colour, black-and-white, text and graphic information on both sides are processed with just one touch of the Scan button. The scanner also has the capability to sense whether a page is blank and eliminate it from the scan, and automatically senses when images are misaligned (skewed) and corrects the alignment automatically before presenting the final image. It also automatically gauges page size and crops the edges accordingly (senses up to nine different paper sizes and can also be configured to support ‘custom’ paper sizes), and a document protection feature lets you password protect newly created PDF files.

Fujitsu’s ScanSnap Manager v4.2 utility provides a simple user interface that allows you to change settings for selecting applications, creating searchable PDF files, activating intelligent settings, choosing paper sizes, and modifying image compression output. The company also provides a utility (CardMinder v3.2) for converting business cards into editable information which you can then export to other contact managers such as Outlook, as well as software (Organizer v3.2) for viewing and controlling scanned content, including large thumbnails consisting of all the pages scanned within the batch.

Scan quality is very good for general business documents, but the ScanSnap S300 is certainly no match for a regular desktop scanner - especially at scanning colour photographs. It offers dual 600dpi optical resolution, and you have the choice of Normal (150dpi colour), Better (200dpi colour), Best (300dpi colour), and Excellent (600dpi colour).

Text quality is good, but it’s the fact that data is extractable and manageable that makes the ScanSnap S300 a great business asset. Whether you’re a business professional in need of capturing mission critical documents, or in need of an easy solution to digitise invoices at home, the ScanSnap S300 is up to the task. With the ability to digitise documents into PDF format almost instantly to protect critical business papers, you may wonder how you ever lived without it. [8]

Lindy’s USB VoIP Phone is no different to any other USB handset on the market - it allows you to take advantage of free and inexpensive phones calls over the Internet, with all the ease that is associated with using a regular phone. However, Lindy’s USB VoIP Phone (£21.99) looks a whole lot better than most products, and its two-piece design gives the look of a more traditional telephone. Its build quality is great too, and technophobes will love the oversized keys.

Once the handset is connected to your Windows PC using the built-in (non-removable) USB cable, Skype users will be able to benefit from the phone’s auto launch functionality that launches the popular VoIP software as soon as the handset is picked up. Lindy doesn’t supply a copy of Skype in the box, which is a shame for inexperienced users, but at least you know that when you download the software (it’s free, by the way) you’ll be getting the most up-to-date version available.

The black-and-red handset isn’t designed exclusively for Skype, as it’s also compatible with other popular VoIP software such as Windows Live Messenger and Yahoo! Messenger. The handset comes with a handy 1.3m USB cable and can be desk or wall mounted (no screws or raw plugs provided). Furthermore, it requires no soundcard, eliminating the need to unplug your speakers. In addition to dialling numbers, the larger-than-normal keypad allows you to navigate through the Skype software on your computer and also has a quick dial function. Another neat feature is that you can rotate the handset and place it in the cradle for hands-free communications.

VoIP can sometimes be a barrier for technophobes, particularly if they are just presented with a headset and microphone. Lindy’s two-piece VoIP phone makes you feel like you’re using a normal telephone and the auto launch for Skype makes VoIP so easy that even your granny could use it. You can’t be too hard on a VoIP handset costing just of £20, but the lack of an LCD will turn off more experienced users because you can’t see the day, month and time, nor is there a counter displaying how long a call has lasted.

With the raft of VoIP phones on the market these days - including some rather smart wireless numbers - the USB VoIP phone from Lindy is basic but still one of the better models if you’re looking for the familiarity and comfort of a conventional telephone to help you experiment with VoIP. Needless to say, advanced users will be left wanting in terms of features, and those demanding the best audio quality will be better served elsewhere. [6.5]

Before you dispose or replace your computer’s hard disk drive (HDD), remember that all the data you saved on it - credit card numbers, business data, e-mail address book/contact list, e-mail conversations, financial data, legal documents, passwords, software license keys, personal photos of friends and family, and even your Web browser’s history - is recoverable. Did you not know that deleting a file does not erase it from your HDD, or that formatting a drive does not erase it fully? It’s possible - and sometimes quite easy using the right software tools - for someone else to recover your files if you don’t dispose of them properly.

Think of WiebeTech’s Drive eRazer like a digital shredder for HDDs. It works independently from your computer, wiping hard disk drives clean of all data. This lets IT managers redeploy or dispose of drives without fear of confidential data escaping your organisation. It’s also perfect for individuals looking to recycle their old PCs, or to donate to charities and schools.

Drive eRazer is an ingeniously simple and secure answer to complete data removal from HDDs. From the makers of the ToughTech XE Mini, the Drive eRazer doesn’t even need to be connected to your computer to run - simply connect the blue aluminium box to a HDD removed from your computer, power it using the supplied AC adapter, and then flip a switch. The downside is speed - erasing a drive at an average speed of 35MB/s means a 250GB drive will be erased in about 2 hours.

At the time of purchasing the Drive eRazer you’ll have to decide on a number of models, each of which supports different HDD interfaces. For instance, the DRZR-1 is the entry-level model (£59) supporting 3.5-inch IDE/PATA drives. Next up is the DRZR-2 Pro (£89) for 3.5-inch IDA/PATA drives, followed by the DRZR-3 for 2.5-inch IDE/PATAs drives (£89). Unfortunately, even the top-of-the-line DRZR-2-VBND (£11 only supports either 2.5-/3.5-inch SATA or IDE/PATA HDDs - there’s currently not a single boxed solution for all HDD types. Having said that, used with WiebeTech’s optional v4 Combo Adapters (from £29.99), the DRZR-1 and DRZR-2 can be used with many drive types, such as most flash drives, PCMCIA, ZIF drives and DOM drives.

The unit works by writing ‘zeros’ over every bit of your drive. After it’s done, there’s nothing left to recover. For those who want even more assurance, the Pro model is capable of more than one pass with different characters, ending with a complete zero of the drive. Using the Single-Pass Mode (Standard and Pro models) a single data pattern is written once across the whole disk, deleting blocks including partitions and Host Protected Areas. Verification is also done after a single pass.

Using Multi-Pass Mode (Pro model only) almost totally eliminates ways of recovering bits of data even after completely overwriting everything on the drive - so much so that Wiebetech believes the laboratory cost required to actually pull off such a feat would cost millions of pounds. However, if you must convince someone that there’s no way data can be recovered, the Pro model with the multi-pass feature is for you. Multi-Pass mode deletes all blocks including partitions and Host Protected Areas, even ones normally invisible to operating systems. It also automatically checks for and removes DCOs, as well as writes to every sector of the disk using different data each pass and verifies after the last pass that the last pattern was successfully written across the disk.

For further piece of mind, the U.S. Department of Defence (DoD) recently (June 28, 2007) updated its specifications regarding sanitisation and the Drive eRazer meet all requirements for ‘clearing’ a ‘Non-Removable Rigid Disk.’ The specification requires destruction of a HDD containing government-classified data. As far as the DoD is concerned, Drive eRazer is as good as it gets without a degaussing machine or other destructive methods. Another benefit is that the Drive eRazer only destroys the data on a drive, allowing you to use the drive again or safely sell it on. It erased Mac, Windows, Linux, already blank, as well as home-brew formatted disks equally well in our tests.

Most people are comfortable simply clicking ‘Empty Trash’. The problem is that this data isn’t properly deleted, and can be recovered by a determined individual and forensic firm. Wiebetech’s Drive eRazer is a brilliantly compact solution for IT folks that de-commission a lot of drives. It’s a completely stand-alone solution, does not require a computer, is a snap to use, and is amazingly effective. It’s slow on larger drives, plus getting all the add-on interface adapters could prove expensive, but it’s an excellent solution to a growing problem. [9]

GMX (Global Mail Exchange) is a major branch of United Internet AG, a stock-listed company in Germany in e-mail service provide. To be honest, I’d never heard of the company until I saw a double-page colour ad in a popular computer magazine touting ‘The Ultimate Choice for Webmail’. So I thought I’d explore…

GMX was founded in 1997. In Europe, GMX offers a free Web mail service called ‘GMX FreeMail’, which currently has about 10,000,000 active users in Germany, Austria and Switzerland, according to the company. That’s no small number! In November 2007, GMX launched an English language service called ‘GMX Mail’ (reviewed here) with its own data centre in the U.S. and a different range of features than in the German language version. Like the European version, the English version remains completely free of charge.

GMX provides solutions for home users, as well as small and mid-size companies. Because GMX Mail is Web-based, it’s accessible from any computer connected to the Internet (just like Hotmail, Gmail, Yahoo! Mail and others). More importantly, its features and convenience rival those of traditional client-based software that require installation on your computer - and it’s completely free! Of course, without an Internet connection you won’t be able to read, send or receive any messages - unlike offline mail clients such as Outlook which download all messages onto your computer.

GMX Mail offers a number of time-saving mail management tools. It’s also really pretty (looks a lot like MSN Live Hotmail,), and the interface is simple and uncluttered (are you listening Google?). A focus of the new service is security - the company claims that it draws on many years of e-mail expertise and offers sophisticated spam and virus protection for up to 98% fewer spam e-mails.

GMX’s virus protection is based on McAfee and Symantec scan engines, helping to locate viruses, worms, and Trojans - even in compressed file formats. GMX mailboxes are protected from spam with seven anti-spam modules, resulting in a good clearout of junk mail. Also important is uptime - GMX guarantees optimum performance with data centres located in Europe and the U.S. I’ve only been using the service for a few days so can’t really vouch for spam credentials, but in that short space of time I’ve had very little junk delivered - much less than Gmail in fact.

GMX Mail provides 5GB of free e-mail storage (maximum 50MB per attachment), and 1GB of additional free file storage for photos, MP3s and other files. This fares very well against the leading mail clients. E-mail names are available for the domains @gmx.com, @gmx.co.uk or @gmx.us, and changing e-mail names after registering is even possible. It also supports all the popular mail protocols (POP3, IMAP and SMTP), allowing you to import up to 10 e-mail addresses to your new mailbox.

The ad-free (e-mails actually have a GMX ad link placed at the bottom of the message) and non-cluttered interface is intuitive to navigate, though some may find the constant opening of new windows a little irksome. Easy formatting of e-mails and organisation is achieved by drag and drop, and a proprietary ‘mail collector’ allows collection of mails from third-party accounts in a single mailbox. There’s also an address book for online contact management, and it’s compatible with Windows, Linux and Mac OS X using Internet Explorer or Firefox.

GMX Mail is flexible and easy to use. Even seemingly complicated tasks like switching e-mail accounts is a breeze. Thanks to the GMX Mail Collector, all messages from your existing accounts will be collected and sorted into separate folders in your GMX mailbox. If you’ve tried all the other free e-mail services but still aren’t happy, it certainly won’t hurt to give GMX Mail a spin. [6.5]

Online marketing has always been a highly accountable channel, with reams of analytics data to demonstrate its return on investment. But optimising that data relies on manual interpretation and action at a time when the skills to do this are more scarce, and expensive than ever.

When these gaps appear technology usually steps in, and the next big thing for Web marketers is on-site behavioural targeting. In fact, many market leaders have deployed on-site behavioural targeting already including banks that want to increase application rates, such as Lloyds TSB and HSBC, news sites aiming to keep readers returning, or leisure retailers like Lastminute.com hoping to promote the perfect holiday to each visitor.

Behavioural targeting combines individual Web site visitor’s observed click-stream behaviour with modelling techniques to decide what content is likely to be most effective for them. Hundreds of variables are analysed for predictive value, ranging from all historical behaviour to the time of day of the current visit, the referring site, search engine keywords, and the frequency and recency of previous visits.

This content is then served in a premium position on the site in order to achieve a commercial objective; such as increasing revenue, conversion, or engagement. On-site behavioural targeting works in real-time to watch and respond to the customer whilst they are on your site and can help create a 360 degree view which can be fed back into other online and offline activities to enable consistent, high-performance marketing.

Many companies understand how much they are willing to pay to attract a customer, but few appreciate the leaky buckets that their websites represent for new and repeat visitors. On-site behavioural targeting ensures that spend is maximised. It can deliver incremental traffic to key landing pages at a rate that is five times less expensive than paid search with twice the conversion rate.

The also works both ways, visitors will benefit from a more personal experience on your site delivering improved engagement, longer site visit times and repeat visits. This is especially true of customers familiar with personalisation such as that offered by Amazon. ‘Personalisation 1.0’ - based on resource-intensive rules development and coding - has raised the expectations of customers. Now they are less patient and sprint, rather than surf, the Web, so content needs to be on target to catch their interest. Your ability to understand their needs and to present the best messaging and content in front of each one at the right time impacts everything you sell, and everything that you fail to sell.

Consumer behaviour is complicated and with search engines, comparison sites and user-generated reviews to consider, it’s likely they’ll leave and return later. Would‐be buyers typically return two to five times before they purchase and may arrive via Google or an advert. On-Site Behavioral Targeting recognises every visitor as they return, remembers everything about their previous visits, and can use that to deliver even more relevant and targeted content increasing their likelihood to purchase.

It’s almost as if the consumer is just picking up where they were on their last visit. Your site will appear to serve their needs like a great sales person delivering a consistently good experience that shortens the sales cycle and increases conversion rates and average order values.

The way Internet technology works inherently means that every interaction is now part of a recordable conversation. Knowledge about your customers is the most important competitive advantage you have. On‐site behavioural targeting helps you leverage the knowledge about a customer both on the site and across other channels of the organisation.

Since more customer interactions are happening online - with every click delivering valuable insight - it is essential that businesses start to harness this insight and use it as a bridge between the on‐site experience and other customer channels. By integrating profiles of site visitor behaviour with CRM systems that track other channels, truly consistent multi-channel customer views become practical.

Your online and offline marketing efforts can be optimised to deliver dramatically increased sales through your site and with between 20- and 240% improvement in site performance, results which speak for themselves. Lastminute.com wanted to increase sales of its products including flights, hotel rooms, holidays, restaurant reservations, tickets and gifts. However, this variety of offers meant the retailer did not know which offer should be most prominent on the homepage.

If a customer was looking for concert tickets, for example, would they give up after a few clicks if all the content related to travel offers? The deployment of on-site behavioural targeting ensured that Lastminute.com featured relevant content for each individual visitor resulting in an increase of sales by over 200% on the targeted areas of the site.

Written by Neil Morgan, a man obsessed by numbers

Despite high demand, the majority of companies are still failing to support home working practices. This amazes me.

Teleworking offers significant benefits to employers, employees, self employed individuals and entrepreneurs, and in developing the local economy. It also presents opportunities to secure wider social benefits - for example by reducing the environmental impact of car and train travel.

Without getting too carried away and letting every employee pack away their desks, the benefits of working from home only accrue from successful teleworking programmes. Indeed, lots of companies have attempted teleworking programmes but subsequently reverted to office-based working having had a negative experience.

The main savings from teleworking are in premises costs, office overheads and labour. Companies adopting teleworking methods achieve significant reductions in total office occupancy. Work can be carried out wherever the appropriate skills are available at the optimum mix of costs and other factors. In some circumstances recruitment costs can also be reduced, as can the costs associated with high staff turnover (attrition) rates. If a company adopts a total ‘flexible working’ strategy, all costs associated with relocation of staff can also be eliminated.

There’s the personal touch too. Productivity increases of 40% have been reported, though a range of 10- to 40% is probably more typical across a large-scale programme. In successful programmes, employees respond well to the signal of trust and confidence indicated by the employer’s adoption of more independent work styles encouraged by teleworking, and employees who might otherwise leave can remain in their jobs, for example when the family moves because of a job change by another family member who works in a non-teleworking company. Employees who take a career break can continue working part time and remain up to date with the business and its methods, and employees who take maternity leave can continue to undertake some tasks and require less retraining when they return to work full time.

It’s not all rosy, though. As with any new technology or technique, teleworking only yields benefits when applied in the right circumstances and in the right way. For instance, home-based teleworking is inappropriate for a lot of people, such as those who have poor personal motivation and are not self starters. These people may need the external discipline provided by set hours and a managed environment. There’s also a case to suggest that young people entering work for the first time may benefit greatly from working in a conventional team setting in their early years. For some people, going to work is an important part of their lives, and the place of work is where they make friends and develop their social skills and contacts.

Nonetheless, a recent survey by remote control software developer by Famatech has revealed that almost one in four employees (22%) would be prepared to take a pay cut to work from home. 6% would be prepared to take a reduction in pay of between 6% and 10% and 2% would be prepared to take a pay cut of between 16% and 20%. With attracting high calibre staff high on the agenda of most organisations this year, 83% of respondents agreed that their decision whether to take a new job would be influenced by the ability to work from home. Despite the popularity of home working, only 14% of respondents stated that they are actively encouraged to work from home and 16% said that home working was not allowed at all at their place of employment.

With these kinds of figures it’s astonishing that so few companies encourage home working despite the numerous competitive, financial and environmental benefits they can be gained from doing so. The quality of the remote access technology that is now available ensures that working from home doesn’t mean the employee will be delivering less value or getting any less work done. But cutting-edge technology does have its problem, and high-profile cases of stolen laptops have meant many organisations are cautious about offering flexible working options for security reasons. But as long as organisations and individuals take the necessary security precautions this needn’t be too much of a concern.

There is actually the argument that using fixed remote access technology (i.e. a dedicated computer) can actually increase security, enabling home workers to access corporate applications, systems and databases securely with no need to store any information on a mobile device. By giving remote workers and IT administrators a more secure system from which to access workstations remotely, companies can reduce the likelihood of data loss caused by complacent employees leaving company equipment in the back of a taxi or at a restaurant.

The provision of home working offers lower operating costs and more flexibility to employers and provides employees with more family time and higher mobility and has environmental benefits due to the reduction in travelling. Beyond the benefits of offering remote working to people who choose it as a working preference, the provision of technology that enables home working can be useful when transport problems, weather, industrial strikes or someone’s personal circumstances make it difficult or even impossible for them to get in to work. It could also be great for personnel morale. What has your company got to lose - except a lot of confidential data if not implemented correctly!

Social networks have grown rapidly in the UK over the last few years and their share of total UK Internet visits more than trebled between November 2005 and October 2007.

As social networks expand their subscriber base, the network effect kicks in and the average time users spend on them increases as their number of friends and contacts increase.

For example, Bebo trebled its market share of UK Internet visits between February 2005 and 2006, and at the same time its average session time increased from 6 minutes, 22 seconds to 21 minutes, 32 seconds (Source: Hitwise). Consequently, social networks now receive one in every five page impressions in the UK - more than any other industry, including search engines and shopping & classifieds.

If any further evidence of social networking’s popularity is required, Christmas Day 2007 was the busiest day ever for social networks in the UK: Facebook was the third most visited Web site in the UK over the Christmas period, pushing eBay into fourth place for the first time since January 2005. But there’s a common misconception by users that these sites are altruistic, created to make the world a more sociable place. It is these people I feel sorry for because they are sitting targets.

If the whole online social networking craze has passed you by, let me take a moment to explain. There are Web sites out there that function much like an online community of Internet users. The most popular sites are MySpace, FaceBook and Bebo. Depending on the Web site in question, many of these online community members share a common interest such as hobbies, religion, or politics. Once you are granted access to a social networking Web site you can begin to socialise. This socialisation may include reading the profile pages of other members and possibly even contacting them.

This is where I start to have a problem. Actually, my problem starts from the outset - why are so-called ‘friends’ using the Internet to communicate? Isn’t that why God gave us the power of speech? Secondly, and perhaps more importantly, users of these sites divulge the most initimate of personal details that are being lapped up by advertisers looking to push products down your thoat while you catch up on the weekend’s gossip, as well as shaddy fraudsters sifting through your profile to extract personal data that can be used to extort money from your bank account.

Since most people access social networking sites from the comfort and privacy of their home or office, they can be lulled into a false sense of anonymity. Additionally, the lack of physical contact on social network site can lower users’ natural defenses, leading individuals into disclosing information they would never think of revealing to a person they just met on a street - or at a party.

Although some of these details may seem harmless, they actually provide rich pickings for criminals. Your date of birth and where you live is enough for someone to set up a credit card in your name. So while most people wouldn’t give this information to a stranger in real life, they will happily post it online where people they don’t know can see it. Of course, the user can make their profile private so only accepted friends can contact them, but there are plenty of users out there that don’t take these necessary safety precations and leave their personal data on show for anyone to see.

As a heavy Internet user you’re probably aware of the dangers of indentity theft, but there’s another dark side to online social networking - advertising. Advertisers are clamoring to engage people on social networking sites in hopes of generating viral brand awareness and affinity. The idea is to look for new opportunities in what’s known as user-generated content. Apparently the possibilities are huge (FaceBook says it’ll be bigger than Google), but the way advertisers are targetting users is worrying. Did you know that there are actually companies paid to sift through blogs/postings to pick out core keywords that can be used to target specific users? So, if you find that you and your friends talk a lot about movies, sport and holidays, be prepared for targetted ads selling cheap flights for snowboarders who like popcorn.

Social network sites are potentially useful business tools (LinkedIn is gowing in popularity), but only if you approach them with an adequate amount of caution and common sense. If you’re thoughful, discreet, skeptical, professional, wary, and check privacy policies, you’ve got nothing to worry about. Or am I just missing the point? My advice is to stay well clear.

In today’s networked world, the protection of sensitive data is one of the most critical concerns. Coupled with growing regulatory and governance pressures, this is forcing us to protect the integrity, privacy and security of information under our control more than ever before.

While this is a complex challenge that requires both policy and technology, cryptography is emerging as the foundation for data protection and is quickly becoming the cornerstone of security best practice. It is the last line of defence. Even if perimeter security is breached, cryptography means the data remains worthless unless it can be unlocked. Once seen as a specialised, esoteric discipline of information security, cryptography is finally coming of age.

Cryptography and encryption are not new technologies. Ever since the Egyptians, encryption has been seen as the most reliable way to secure data. National security agencies and major financial institutions have long protected their sensitive data using encryption, but today it is being deployed across in a much wider set of industry sectors, applications and platforms.

As merchants and retailers take action in order to meet the stringent Payment Card Industry Data Security Standard (PCI DSS), the need to protect sensitive data is highlighted by the recent TJX breach that exposed at least 45 million customers’ credit and debit card records.

The investigation by the Canadian Government indicated that the lack of proper encryption was to blame; but looking more broadly the issue isn’t limited to just credit card data. In September last year, more than 800,000 people who applied for jobs at clothing retailer the Gap Inc. were alerted to the fact that a laptop containing personal information was stolen, exposing the applicants to potential identity theft.

A recent independent survey conducted by industry analyst firm Aberdeen Group supports this increased use of encryption, while also highlighting the need for better encryption key management.

The survey found that best-in-class organisations (a category that Aberdeen defined as including organisations that have seen the most improvement in their IT security effectiveness over the past 12 months) reflected a major increase in the deployment of cryptography to protect sensitive data.

81% of respondents had increased the number of applications using encryption, 50% had increased the number of locations implementing encryption and 71% had increased the number of encryption keys under management compared with one year ago.

In order to address the challenges brought about by the increased deployment of cryptography, the same best-in-class companies were 60% more likely than the industry average to take a more strategic approach to encryption and key management. This is compared to the traditional and more tactical approach of addressing isolated points of risk such as the theft of laptops or backup tapes.

The survey concludes that by investing in enterprise encryption and key management technologies, these organisations have already benefited by lowering the instances of actual or potential exposure, while simultaneously reducing key management costs by an average of 34%.

Access to encryption technology is getting easier and easier. It often comes bundled for free and has already made its way into a host of devices we use every day. Laptop computers, wireless access points and even devices such as vending machines, parking meters, gaming machines and electronic voting terminals, have encryption embedded. The same is true for business applications and data centre hardware such as back-up tape devices and database software.

The widespread availability of encryption is good news but without a clear way of managing its deployment a number of pitfalls remain. We all need to look seriously at the management of the cryptographic keys - the secret codes that lock and unlock the data.

Encryption is a powerful tool, but getting it wrong either from a technology or operational perspective can at best result in a false sense of security and, at worst, leave your data scrambled forever. If a key is lost, access to all of the data is lost. To put it bluntly, encryption without competent key management is effectively electronic data shredding. Just as with house keys, office keys or car keys, care must be taken to keep backups and thought needs to be given to who has access to the keys. Establishing a key management policy and creating an infrastructure to enforce it is therefore a vital component of a successful security deployment.

Key management is about bringing encryption processes under control, both from a security and a cost perspective. Keys must be created, backed up, delivered to the systems that need them, on time and ideally automatically under the control of the appropriate people, and finally deleted at the end of their life-span. In addition to the logistics of handling keys securely it is also critical to set and enforce policies that define the use of keys - the who, when, where and why of data access.

Archiving, recovery and delivery of keys are all crucial parts of the equation. For instance, if a laptop breaks down or a backup tape is stolen the issue is not just one of security, but also business continuity. Information recovery takes on a whole new dimension, particularly in an emergency situation when the recovery process is performed in a different location, by a different team, governed by different policies and on protected data that is years or even decades old. What used to be a data management problem is now also a serious key management problem.

Traditionally, key management has been tied to specific applications and therefore quickly becomes fragmented as the number of applications increases. Scalability quickly becomes an issue as a result of relying on manual processes for renewing certificates, rolling-over keys or moving and replicating keys across multiple host machines and removing keys as machines and storage media are retired, fail or redeployed. This also results in higher costs, particularly where security and audit ability are high priorities.

The only way to deal with these challenges is through the use of a dedicated, general purpose key management system that can act as a centralised repository for storing and distributing keys for multiple applications or ‘end-points’. This provides a simple mechanism to unify key management policies and automate key life-cycle management tasks, greatly reducing costs and easing time critical tasks such as key recovery, key revocation and auditing.

But the key management solution itself must also be able to deliver complete security and integrity if it is to underpin enterprise date protection. This includes the security of the key repository, tamper controls surrounding audit capabilities and the fundamental integrity of the key management software.

If, as it seems, encryption is increasingly seen as the last line of defence to protect data, the key management challenge needs to be addressed. But this should not be a barrier. Implementing a flexible and extensible solution that automates many of the time-consuming and error-prone key management tasks in an automated manner is now achievable. But you need to deploy the correct tool to manage the keys. In the same way that data protection has moved from an IT challenge to a C-level issue, key management has now become a high-level business imperative.

Written By Richard Moulds, a man who trusts nobody but his Momma

Criminals are never at a loss for new materials. They’re also a pain in the friggin’ ass. Professional malcode authors are constantly evolving their tactics at the expense of unsuspecting victims, driven by the goal of detection evasion and greater profitability. Authors, like those behind Storm Worm, have automation systems designed to pump out new variants every hour, minute, or even second. With malware authors releasing new variants at a blazing pace, 2008 will be another record year of malware.

There is a raft of anti-malware solutions on the market, but Comodo Firewall Pro 3.0 is a little different - it’s a highly effective and totally free software firewall application. It’s a proactive solution based on Comodo’s new ‘A-VSMART’ technology architecture - short for ‘Anti-Virus, Spyware, Malware, Rootkit and Trojan’ - and helps prevent virtually all types of threats from penetrating your computer. Yet despite its sophisticated level of prevention, the software remains easy to install and use, and offers plenty of customisation options for the advanced user.

Comodo Firewall Pro 3.0 does a great job of protecting computers from malware because it operates from a prevention rather than a detection perspective, and incorporates a sophisticated, layered threat management approach. Unlike detection/signature-based firewalls and anti-virus solutions that allow all applications to gain access to system resources and then try to detect previously identified viruses by their signature, Comodo Firewall Pro takes the opposite approach - it allows only those applications known to be safe to gain access to computer resources, greatly reducing the probability of damage occurring.

Comodo Firewall Pro 3.0 uses an advanced Host Intrusion Prevention System (HIPS) that proactively monitors system and system processes to detect and prevent system changes such as rootkit installations, inter-process memory injections, and key-loggers. HIPS technology is driven by a white list architecture which identifies trusted applications and prevents untrusted applications being installed onto your computer. Comodo says it has one of the largest white lists in the industry, with a database of nearly 1 million safe executables. The integrity of every executable is checked against this database to determine whether or not it is genuine before it is given installation rights. With this system, potentially damaging applications should be prevented from being ever being installed.

How much interaction you have with the software relies on how you install and configure it. Typically, if you choose ‘Basic’ mode you don’t need to do much at all - you get a simple personal firewall that protects against attack from outside and controls which programs can access the Internet, much like ZoneLabs’ ZoneAlarm. Opting for ‘Advanced’ monitors and protects many other critical system resources, meaning you’ll get a lot more queries and notifications which need actioning. Thankfully, you can minimise pop-ups by allowing the software to automatically approve any program found in Comodo’s database of safe programs.

It also provides you with the ability to install the solution in Clean PC mode, which is useful for new PCs. In these cases, Comodo Firewall Pro creates a profile of the computer with all existing applications registered as safe. The firewall then prevents any unrecognised applications from being installed unless the application is recognized by Comodo’s white list, or you grant installation permissions. It also prevents any suspicious system processes from running. Furthermore, ‘Stealth’ mode helps to make your PC ‘completely’ invisible to opportunistic port scans, there’s a Wizard-based auto-detection of trusted zones, and you can password protect all firewall settings.

Version 3.0 sports a redesigned user interface without the separate Comodo Launch Pad used by Version 2.0. The updated software also offers a default summary screen displaying an immediate heads-up on all vital security settings and provides a central point of navigation to every part of the application. Pop-Up alerts also provide critical security information, such as when the firewall detects a potential security threat. Version 3.0 gives you more control over security settings. For instance, you can quickly set granular Internet access rights and privileges on a global or per application basis using the flexible and easy to understand interface, and the introduction of pre-set security policies allow you to deploy a relatively sophisticated hierarchy of firewall rules with a couple of mouse clicks. A vastly improved log management module allows you to export records of firewall activity according to several user-defined filters.

Comodo Personal Firewall locks down your system against internal attacks such as Trojans, viruses, malicious software and external attacks by hackers. It supports Windows Vista, a new interface and a whole host of improved security features, including host intrusion protection, network-based firewall and an application analysis engine. As malware writers use a variety of techniques to evade simple program control, virtually every such technique is covered by Comodo Personal Firewall’s monitoring. If you are still using the Windows Firewall (or worse, no firewall at all), give Comodo a try - it’s free and you’ve got nothing to lose … [8.5]

Convergence of technologies in one device is happening in the world of printers almost as fast as it is with mobile phones. You can now buy an all-in-one (commonly described as multi-functional devices or MFDs) that will give passable print, copy, scanning and fax results for less than the price of a good quality printer. If colour reproduction and image manipulation matters more then you will need to pay more - but you can still get great results and have the convenience of just one peripheral on your desk.

Some all-in-ones can be bulky and take up valuable desk space and on other models, the speed of the individual components, the copier, for example, can be considerably slower than dedicated devices. You may also find that the cost of printer consumables like ink and paper can be high. And, of course, if one element should break down, you may be without the other facilities while it is fixed. But an all-in-one is hard to beat for convenience and integration.

The X9350 sits at the top of Lexmark’s all-in-one (AIO) desktop inkjet range. Pitched as a ‘productivity machine’, the machine supports wireless (802.11g) two-sided printing, and boasts an eye-catching design. Of course, like any other AIO worth your money, it offers colour copying, colour printing, colour scanning, and colour faxing. Priced at just £149, it is the only AIO in its class equipped with built-in wireless connectivity and automatic two-sided printing. The machine also uses the company’s latest Evercolor 2 pigmented inks (4-colours, plus optional 6-colour photo cartridge), and is backed by the Lexmark Protection Guarantee that provides next-business-day replacement for up to one year.

The built-in wireless capabilities of the X9350 set it apart from other AIOs, and will appeal to today’s laptop/PDA users who want the flexibility to print without being anchored to their printer and prefer the clutter-free work environment of wireless. And for offices with multiple users, wireless and Ethernet networking make it possible to print from a single printing device - with or without a direct connection. Furthermore, budget-conscious offices will appreciate the automatic two-sided printing feature, which not only helps to give a professional look to reports and other documents, but benefits departmental budgets and the environment by saving paper.

The distinct white-and-brushed metallic finish of the X9350 houses a relatively rugged machine that’s capable of printing at speeds up to 32ppm black and 27ppm colour. Other noticeable features include a 150-sheet input tray - hardly an ample supply of paper (but typical of an inkjet), although an optional second tray doubles the input capacity for greater productivity - 2.4-inch flip-up colour LCD display, 48-bit flatbed colour scanner, stand-alone multiple page fax and copier, and 4×6-inch borderless photo printing capabilities up to 4800×1200dpi resolution.

Print quality is a fundamental need for many SOHO users, and the Evercolor 2 pigmented inks do a pretty good job at creating almost-professional results. From printing business cards, to marketing brochures, to fliers and presentations, Evercolor 2 pigmented inks deliver relatively crisp, clear results that are water-resistant and resistant to smearing from being handled or from markers used for highlighting text. The fade resistance characteristics and vibrant colours produced by Evercolor 2 pigmented inks and Lexmark PerfectFinish Photo Paper provide above-par printed results, but you’ll need top-notch paper to get the best from the machine - in our tests, prints using regular photocopier paper were well below standard.

Lexmark’s X9350 gives you most of the features, flexibility, quality and reliability you need to get more done. The X9350 is hardly a workhorse (its recommended monthly duty cycle is just 5000 pages), but it’s good value (in the short term at least) and the built-in 802.11g, ADF and duplex support are much welcomed. You’ll need to spend a lot of money on quality paper to get the best from the unit, plus it drinks ink like it’s going out of fashion, but for the asking price it’s not a bad overall package for occasional use. Those printing or copying lots of documents should opt for a colour laser. [7]