Sadly, if you run an IT department, you’re probably used to IT being a reducible cost when budgets get tight, and with not much light visible at the end of the economic tunnel; this is unlikely to change any time soon.

With this in mind, it makes sense to take steps to make agility a priority for your IT infrastructure.

Although some “old school” IT managers remain stubbornly resistant to the attractions of cloud services, these individuals are becoming increasingly isolated. A recent survey from North Bridge Venture Partners, in association with GigaOM Research, revealed that 75% of respondents are now using some form of cloud service within their IT infrastructure.

One reason for the continuing march towards the cloud is the obvious and high profile push from major vendors. The past year has seen two great examples of this:

1. Microsoft discontinuing Small Business Server, the backbone of a vast number of SMB networks, in a move to push the sector towards the cloud.
2. Adobe making all future releases of their industry-leading Creative Suite products available exclusively “as a service” via Adobe Creative Cloud.

The good news for your IT department is that in reality you are far better served by the new generation of cloud services than you were by the old way of doing things.

Consider the rollout of a new system: Previously, you would have to base license counts and storage capacities on vague predictions. While this may have worked during boom times, it’s not a great model when times are hard and every penny counts. Now, you can roll out the same functionality with a cloud service but pay only for what you need right now. If demand for the system increases, cloud services bring inherent scalability. This is clearly preferable to the risk of disaster if you didn’t get the server specifications quite right.

If you’ve not been keeping track of the cloud-based alternatives to some of the things you do internally, it’s well worth having another look at the marketplace. Cloud service providers have been very responsive to customer needs and have done much to eliminate the doubts of all but the most traditional IT people!

At the same time, the focus of products has undergone some change. The very fact that businesses are now buying a service has not gone unnoticed; something illustrated by the fact that in-depth reporting for the business is almost a “given” on the features list of industry-leading cloud products.

Meanwhile, the datacenter infrastructures supporting these cloud systems have developed to use advanced multi-tenancy technology, which keeps prices low as well as ensuring clients’ data are compartmentalized and secure.

There’s no longer any IT service that can’t be handled from the cloud, from core user-facing systems that handle all the file, print and authentication that used to require “on premise” systems, to all of the back-end stuff that the IT department needs but the business always resents paying for: antivirus, patch management and monitoring being just three. It makes sense for the business to pay only for what it needs right now, rather than predict needs too far ahead, and cloud services exist that allow this to be the reality.

So, in conclusion, however long you’ve been in the industry, try not to fight progress. Cloud services are now very much “up to standard”, and provide you with the tools you need to provide a first class, agile IT service that management is sure to appreciate.

Want to learn more? Visit our website to find how GFI Cloud can keep your IT department agile with antivirus, patch management, monitoring and asset tracking all managed from the cloud.  Start a free trial and give cloud services a go!

The VBSpam comparative testing is a regular independent comparison of anti-spam solutions which offers its readers the best impartial advice about anti-spam security and products on offer. The certification is awarded to products that exceed a predefined threshold based on a combination of criteria relating to the products’ spam catch and false positive rates.

GFI MailEssentials met the VBSpam+ criteria in blocking a large percentage of emails in a live spam stream and identifying all but a very small percentage of emails in a live stream of legitimate emails.

Want to learn more about this product? Check out GFI MailEssentials, or register for a free 30-day trial and give it a spin today! 

IT solutions that save money and reduce financial risk

Date: August 22, 2013 – Time: 5 p.m. BST / 6 p.m. CEST – US: 9 a.m. PDT / 12 p.m. EDT

For most businesses email is the biggest, most critical source of company information. How are you managing this constant flow of information and addressing issues such as archiving, compliance, spam and network protection?

In this webcast Mary Watkins, ex FT reporter, shares some real life stories about companies who have learned about financial risk the hard way. We will also take a look at how organizations can create cost savings and limit risks significantly by having the right messaging and archiving systems in place.

Register now

Secure your network in minutes. Don’t let the bad guys win…

Date: August 27, 2013 – Time: 4 p.m. BST / 5 p.m. CEST – US: 8 a.m. PDT / 11 a.m. EDT

Security is paramount at Central Bank & Trust; more so, since a virus got in and did damage. Travis Homi, IT Manager at the bank shares his experiences around keeping the network secure; the challenges he faced, the solution he put in place and what he learned along the way. Join Travis, in our live webcast, hosted by Barclay Rae, an independent ITSM consultant and put your own questions to Travis during the live Q&A.

Register now

Securing your IT Infrastructure: Vigilance is the Watchword

Date: August 29, 2013 – Time: 5 p.m. BST / 6 p.m. CEST – US: 9 a.m. PDT / 12 p.m. EDT

The role of an IT administrator does not end when the network is set up and the necessary security measures are in place. The ongoing health and security of the network is also dependent on the business satisfying a number of laws and regulations which the IT administrator must be aware of. Furthermore, the admin must also monitor the network continuously for faults as well as suspicious/malicious activity.

In this webcast we will show you how to use log data analysis and other techniques to proactively address hardware faults, malicious intrusions and other unwelcomed issues in real time. As a result, you can avoid having to react after the incident has occurred when, often, the damage has already been done.

Register now

The Metrics That Matter: An Intelligent Approach for IT Service Providers

Date: August 29, 2013 – Time: 11:00 AM US EDT

Your business data may be the most powerful tool in your toolbox and if you’re not leveraging it you’re likely missing opportunities for optimization and growth. According to a recent survey that polled hundreds of IT Service providers around the world, best-in-class ITSPs are taking a data-driven approach to decision making. Please join us for a special webinar to review the findings of the 2013 IT Service Provider Benchmarking Study and hear what your peers had to say about:

• Essential metrics for running a successful business
• Identifying and measuring business efficiency, staff utilization, profitability, and client satisfaction
• Best practices

Our guest will be Leonard DiCostanzo, Senior Vice President of Community and Business Development of Autotask.

Register now

The results are based on a survey of more than 170 customers who use the GFI Cloud platform.

Functionality, ease-of-use and price were the three main reasons why the respondents chose the GFI Cloud solution, the survey shows.

Key Findings

The IT professionals who participated in the GFI survey revealed the following interesting facts:

1.     Centralized device management is crucial

50% of the IT professionals surveyed stated that the lack of a central view of devices and issues was a strong motivator in purchasing GFI Cloud.

This central view is particularly important given the increased mobility of the modern workforce, as is well illustrated by the next point.

2.     Managing remote devices is a headache for IT admins

38% of respondents complained about the difficulty of managing remote devices, such as laptops, and 32% worried about keeping them secure. This is perhaps an unsurprising reflection of how employees expect modern IT to be inherently more mobile.

The survey responses showed positive signs that GFI Cloud implementation is an effective way to make things easier for the IT team: 61% specifically highlighted that centralized management was easier post-implementation.

3.     Security is enhanced with the right solution

40% of the professionals questioned reported that they had experienced fewer security breaches due to antivirus and patch management since they implemented GFI Cloud.

38% also reported a more stable IT environment, with less unplanned downtime.

 4.     GFI Cloud saves money

While centralized IT admin and the desire to save time were both reported as strong motivators for the initial purchase of GFI Cloud, the survey results seem to imply that users of the product have also experienced unexpected cost savings.

41% of respondents reported that using GFI Cloud had reduced their costs, and 39% said that they were able to complete more tasks using fewer resources.

In totality, the survey responses present a clear picture of IT departments that are now able to enjoy a greater level of control over their infrastructures. Furthermore, the biggest “headaches” reported by respondents prior to implementation (lack of a central view, and managing and securing remote devices) are soundly addressed by the functionality of the GFI Cloud software.

The most significant finding from the survey is great news, both for GFI and for the customers who have selected the GFI Cloud package for their business:

Over 86% of respondents said that they would definitely recommend the product to others.

Finally, and worthy of a special mention, is the fact that 22% of respondents felt that implementing GFI Cloud had helped the IT department be seen as more of a business enabler than a “break / fix” team. In an age where IT is becoming so much more service-driven, it’s pleasing to see that such a change in perception can be born of the use of just one product.

Do you want to learn more about this product? Visit our website to find how GFI Cloud simplifies IT management with one centralized view of antivirus, workstation and server monitoring, patch management and asset tracking across all your servers, PCs and laptops on the move! See for yourself, with a free 30-day trial of GFI Cloud™.

Here are some of these stories I witnessed as an independent consultant: I present the 31 worst face-palm moments in IT.

1. On a project where I was a consultant, security declared a system in violation of security policy several weeks into the project. They had been advised of the overall plan before it began. When I asked to see the security policy, the security guru said the policy was confidential and couldn’t be shown to any non-employee. 95% of IT were contractors.

2. The project lead on another client engagement read an article about Java saying it was the next big thing. He declared that the project should switch to Java. What he didn’t understand was that Java was being shown as the next big thing…for security exploits!

3. Another customer’s PMO scheduled an all-hands meeting to go over the project plan. It was mandatory attendance for all team members on the project. The room they scheduled was too small by half, and had no projector. Picture if you can 12 people looking over someone’s shoulder at MS Project on a 14″ laptop screen.

4. I once saw management at another customer approve a mid-day DNS change because they were told it was zero risk. The DNS admin made the change to the zone, but forgot the trailing dot. As a result, it took down email for 20,000 people. It was the last mid-day change ever approved at that company.

5. Another customer’s ISP had a major outage which took down their entire office. My contact asked me why their office was down, so I explained that because they had opted not to provision a backup circuit from another provider, they were down until the ISP got things fixed. His first request was that I call the second provider I had recommended and get them to install a new circuit that day. The second was to see if they could borrow some bandwidth from my company’s connection. My office was across town. The Internet –it’s like a cup of sugar.

6. Here’s one for the Netware folks. I once was called in to a client to figure out why their server crashed and no one could access any data. It turns out that a junior admin saw that Z:, Y:, and X: all had exactly the same content. EXACTLY. THE. SAME. To save space on the file server, he went into X: and deleted everything there. He then switched to Y: only to see that it was now empty too. He probably would have then looked in Z: except that suddenly everyone starting complaining that their systems crashed.

7. Here’s another one for the Netware folks. I was called in to try to help figure out why Internet access suddenly stopped for one of the two offices this customer had. It turns out this is what happened. They built a Netware 4.11 server in one office. They configured IP and IPX, got everything the way they wanted it, and then drove it to the other office and plugged it in. They configured IPX for the new location, assigned it an ip.addr for that datacenter, and thought they were done. Suddenly, no one in the office could reach the original site, or the Internet. Packets kept coming back destination unreachable. The server might have had a new ip.addr, but it was running RIP, and considered that it was directly connected to the original network. Since that was also the default route to the Internet, it effectively took down an entire office until I finally figured out it was the new server as the source of the destination unreachable messages.

8. At another customer, an admin who wanted to experiment with P2V virtualized a physical host, pulled the network cable out of the back of the original and brought up the guest on a new VMware server. All went well for a couple of weeks until he went on vacation. As it turns out, he never licensed the VMware server, so it stopped functioning at the 30-day mark. Since none of his co-workers knew about his little experiment, all they knew was that a critical server went down. They rushed to the server room to find that the network cable had been pulled. It was quick to fix, but of course, this new server was now a month out of date for all data/changes to the application. A two-fold inquisition commenced to review the access logs and video to find who entered the server room to pull the cable out that morning, and also to find who restored a month old backup to this server. Three days later the original admin got back and sheepishly confessed all.

9. I once was working with a client that deployed a full rack of servers in datacenter A, for eventual deployment in datacenter B. When it came time to move them, I urged them to unrack the servers before transport. The shipping company assured my client it was going to be okay, so they loaded up the rack and sent it on its way. They got the rack to the datacenter B, started to lower the rack on the truck’s tail lift, when the whole thing overbalanced and dropped six feet to the pavement. Only two 1U servers survived to boot up.

10. This one is probably one many of you can relate to. A client had a new datacenter going in, and the cabling vendor was giving the orientation tour of what they had done. As they all leaned inwards to see a particular area, one of the admins started to lose his balance and reached out for the wall to support himself. Of course, as you can imagine, his hand came down right on top of the emergency actuator for the fire suppression system. I was in my client’s office at the time, heard the “BANG” of the actuation charge, and spun around to see them coming running out of the datacenter with a bank of fog rolling out behind them. That cover that should have been over the emergency fire actuator? It was on backorder and due to arrive the following week.

11. A similar story was relayed to me by another customer. A vendor was running some new fiber in the datacenter. As the two techs were laying out the fiber run, and one was slowly backing up as they unspooled and laid out the fiber, he backed right into the emergency power off switch for the datacenter. Again, there was no cover protecting the EPO from accidents.

12. Several years ago I was consulting with another customer on a video conferencing pilot. The team needed new hardware so we submitted a requisition to purchasing to obtain 20 new laptops for the video conferencing project. We provided the specific model number and the breakdown of all components, and explained it was for the video conferencing project in the justification paragraph. They placed the order, but when the laptops arrived, none of them had the built-in webcams that were specified. My client assumed the vendor screwed up and went to tell purchasing they needed to get it fixed, only to have them proudly tell him they saved the project $50 per laptop by not ordering webcams, since the business didn’t have any video conferencing deployed and there wasn’t a need for webcams.

13. I once consulted for a company that wanted to put in Cisco Telepresence into a new office. The vendor came in to do all their physical and sound measurements and certification criteria, and finally signed off on the room. The next team arrived a week later to do the install, only to declare the room unsatisfactory. Apparently, the first guy measured sound while the office was essentially empty. Before the second team arrived, the cooling units for the new datacenter were installed and turned on, and the hum of that system was too loud for Telepresence.

14. At the same company, and with the same Telepresence setup. For the very first conference between this office and HQ, one of the senior leadership could not make it, and wanted to dial in. Back then, Telepresence was a completely closed system. They had to steal a speaker phone from another room, quickly make a 60 foot Ethernet cable, and run it down the hall from the closest Ethernet drop so this remote VP could listen in.

15. I once was a consultant at a company that had dozens and dozens of conference rooms. Every one of them had a projector. None of them had a screen. They were glass boxes in the middle of the floor, with windows all around all four walls. They were called fish bowls for a reason. They used to have to take large pieces of easel paper and tape them to the windows to create a projection surface.

16. At another company I consulted with, their IT team wanted to manage all their DMZ servers using Active Directory, but didn’t trust traffic coming into the internal network from the DMZ. So they moved a domain controller out to the DMZ. Because that’s more secure.

17. I once consulted for another company that was in the process of deploying Lotus Notes. They couldn’t figure out how to get the client to work correctly, so they made everyone a domain admin. Every. Single. User. Domain Admin.

18. Another company I worked with needed to move their entire datacenter, essentially in a weekend, in what these days we call a forklift operation. Rather than planning out the required connectivity and security, management made the decision to just permit IP ANY between the DMZ, the database servers network, and the internal network, planning to “clean it all up later.” Later took over two years to finally arrive.

19. I once was a consultant for a company that was trying to adopt Oracle across all seven of its business units. They literally had over 100 consultants in a giant war room for over two years trying to get it all working. One CIO change later, the entire lot were sent home and the effort was abandoned. It’s not the choice to give up that was the face palm… that should have happened ages prior. It was that two years x 100 consultants x $$$ that was wasted because the previous CIO just couldn’t admit he had made a mistake.

20. An admin with too much power deleted a user account from Active Directory by mistake. In an attempt to “fix it” this admin chose to do an authoritative restore of AD from a one month old system state backup. For those of you who aren’t AD savvy, this had the effect of restoring the entire forest back to the state it was in a month ago. In a company of 30,000 users, you can imagine how much fun that was.

21. That same admin once configured restricted groups in AD, because he read that it helped with security. He added domain admins and enterprise admins to that list, but didn’t put any users into the Member Of tab.

22. I once saw a company implement a GPO to provide one user with rights to use RDP to connect to a server, with the unintended consequence of locking every other admin in the company out of every single server in the domain. It was a simple edit, to the Default Domain Policy.

23. I once provided some security consulting to a company that refused to implement any kind of proxy server, web content filtering, or anything else that would help control outbound Internet access. However, every year the CIO would demand that the security team found a way to block access to the Final Four basketball tournament.

24. Fireproof safes are fireproof, not heat proof. A business down the street from where I once worked found that out the hard way when, following a fire in the office, they found their backup tapes so much melted slag.

25. I understand why end users want to turn off antivirus software when their machines seem slow, but why oh why would an admin do that? The worst virus outbreak I ever saw came about at a customer I regularly worked with, because the SQL team had disabled a/v on all their servers because it “slowed them down.” Then SQL Slammer hit. Slow got redefined that day.

26. I once had to help a client clean up the devastation caused when a user created a print ready PDF to send to a distribution list of around 10,000 users. That print ready PDF was about 48 MB, and their mail system had neither attachment size limits, nor recipient count limits. We’re still not sure how many got out before the entire mail system came to a halt, but we spent the next 8 hours watching the inbound servers dying from all the NDRs, purging the queues, restarting, and waiting for the next wave to come crashing in. The worst part of it? Once the mess was finally cleaned up, we took the print ready PDF and saved it for web publishing. It came in at just under 800 KB!

27. At another customer, I once saw their shiny new fiber-optic switches stacked, one atop the next, on the floor in the corner. There was no rack, no cooling, and no support. Just 48U of switches freely standing, powered up and running, without even air handling to help keep them cool.

28. In this same datacenter, the “doorbell” you had to ring to gain access was literally two low voltage wires sticking out of the wall in the corner. You pressed them together to ring the bell, and separated them to silence the bell. There’s nothing like a 50 volt jolt to make you ask yourself if you really want to go in.

29. And again in the same datacenter, to that same stack of fiber switches, the trunk fiber to connect the stack to the main network was zip-tied up the wall and across the ceiling. Some zip ties were so loose the fiber was swinging in the breeze, while other zip ties were so tight it must have been fracturing the cores.

30. At another organization I used to work with, they had central IT for seven different companies all tied together by the parent’s ownership. All change requests had to be approved by unanimous vote. It took the company almost a year to replace a failed switch because it would cause an outage (in the middle of the night, during a weekend change window) because one org kept vetoing in case it caused them problems during their testing.

31. A company I consulted for had outsourced their IT to a major provider about a year before. I discovered that not a single patch had been applied to any of the 100+ servers in that entire time, because the outsource provider didn’t think patching was a part of server maintenance and support.

While these face-palm moments were all personally experienced by me, I bet you have some you’d like to share. Leave a comment and let us know the best (or the worst) face-palm moment you’ve ever experienced. We’d love to hear about them!

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

One could argue that the IT profession today is where the medical and legal professions were two centuries ago. There’s no formal training, testing or governmental approval required to become an IT practitioner.  Some believe it’s time for that to change. They postulate that in a world where all networks are connected to one another through the global Internet, an incompetent network admin can be responsible for grave damage to companies, individuals and national infrastructures.

Does the current move toward the cloud provide an opportunity to rethink the qualifications for IT positions? What are the pros and cons of going to a “licensed professional” model?

Licensing isn’t reserved for just those “high end” professions mentioned above. From amusement ride inspectors to well diggers, plumbers to hairdressers, the state and/or professional organizations regulate occupations of all sorts at all levels of income. Some states license dog breeders, palm readers, boxers, egg handlers and other unlikely occupations. New York State licenses 126 occupations. The rationale is protection of the public and those individuals or companies who utilize the services, although of course there is almost always a monetary cost to the licensee, which may or may not cover or exceed the actual cost of administering the licensing program.

Licensees are usually required to complete a certain amount of continuing education in their fields in order to renew their licenses on a specified regular basis (which of course means additional on-going costs). A disadvantage (to the public) of licensing is that it can drive up the cost of the services performed by the licensed personnel, both by imposing costs on them that must be recouped and by creating an artificial shortage of qualified personnel. Of course, this is beneficial to those who are licensed professionals.

Some argue that licensing requirements stifle competition by imposing extra cost and sometimes irrelevant educational prerequisites on those who want to practice an occupation or profession, and that issuance is sometimes based on subjective criteria, which can allow those within the profession to exclude others they deem “undesirable” for reasons that have nothing to do with job abilities. In addition, licensing boards are usually made up of political appointees who may have their own agendas.

The closest thing to licensing that the IT industry has had, for a long time, is certification. There are hundreds of different IT certs available. Software vendors operate programs to train and test IT pros in the use of their products and issue certifications such as the MCSE (Microsoft), IBM DBA (IBM) or CCIE (Cisco) in recognition of demonstration of competency according to their standards. Vendor-independent organizations such as CompTIA and SANS also provide testing and certification in network administration and security that are not tied to particular product lines.

The big difference between licensing and certification is that the latter isn’t mandatory in order to get a job in the profession, although certified professionals may command higher pay and find it easier to get a job. Companies can set hiring policies that require certification, but they’re free to hire uncertified IT pros if they want. Generally, performing the duties of a licensed professional without a license can carry heavy penalties, such as fines or even imprisonment under the criminal laws, and/or civil lawsuits.

Those who favor the licensing model for IT pros point out that the complexity of computer networking approaches that of law and medicine, and that the ramifications of mistakes on the part of IT professionals can have similar negative impact. Those who are not in favor of licensing argue that the standards for legal and medical professionals, as well as those for most other licensed occupations, are much more established and grew out of centuries of evolution of those occupations.

Computer networking has only been around since the 1950s and widespread Internet connectivity for businesses and individuals didn’t come about until the 1990s, less than half a century ago. Thus those standards are much less absolute. Creating licensing exams that truly measure a candidate’s ability to do the job would be a challenge. Certification exams tend to be very specific, focusing on a particular vendor’s product(s) or on a specialty area (such as security) or be overly broad and high level to the point where the cert doesn’t guarantee any real in-depth knowledge of the subject matter. There is also the issue that some people who can do a job well don’t perform well on written exams, and hands-on exams (such as the CCIE) are very time-consuming and expensive to administer.

For the IT pros themselves, there would be both benefits and drawbacks to a licensing mandate. Those who made the cut might enjoy increased compensation and greater status – but entering the profession would be considerably more difficult. Am I in favor of licensing IT pros? No. Do I believe it’s inevitable, sooner or later? Probably.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

Meanwhile you have myriad systems to patch, and endless patches to test and then install. Then you have to do it all over again. And again. And again.

No wonder a recent study by the UK-based Federation of Small Business shows that little more than a third (36%) of small shops patch regularly. Then these shops wonder why they got compromised, or blame their software vendors, especially Microsoft® – a common security punching bag!

Patching, well, patching properly, solves the majority of security problems. In fact 90% of successful exploits are against unpatched systems.

Even environments that should presumably be highly secure too often fail to patch. Last year an audit at the U.S. Department of Energy found that some 60% of their desktops lacked important patches.

Unpatched systems are so vulnerable because most hackers are lazy. Script kiddies are one the laziest – they take existing exploits and maybe tweak a few lines and release it as their own creation. And because the script worked before, chances are it will again. Most tech savvy people these days can become successful hackers if proper defenses – like patching – aren’t mounted.

Patches offer another shortcut, and a main artery right into the heart of your computers. There are two ways this works. The worst is when some security researcher looking for a headline finds and then blabs about an exploit that the software maker is then forced to quickly patch. This is an alarm for hackers to devise and mount attacks against this vulnerability.

The second is a patch that is released to fix a hole that only the vendor really knows about.

Either way the patch defines the hole and acts as a blueprint for a hack attack. Even though the hole is presumably fixed by the patch, it is only fixed for those that install the patch.

Unfortunately many never patch (that crazy 36% again) and even those that do don’t always fix holes immediately due to time constraints and the need to test patches for conflicts.

Patching Microsoft Isn’t Enough

Microsoft, for all the knocks it takes, is pretty darn good at handling patches, and actually a bit of a role model. The company is open about its problems, and the second Tuesday of every month, Patch Tuesday, publicly releases its fixes. It even gives a heads up as to what’s coming.

And it has a decent free tool, Window Server Update Services (WSUS), to install these patches – think of this as Windows Update on steroids. That’s why Microsoft patches are the most commonly and regularly installed.

But when was the last time you came across an all Microsoft shop? These days FireFox, Adobe Web tools, and even Oracle® all have more patches than a pair of old hippy pants. In June alone Oracle released fixes for 40 holes in Java. And most of these holes allow attacks that bypass user names and passwords. In April Oracle fixed 128 holes in its applications, middleware and database. Still think Microsoft is all you have to worry about?

Gartner is all worked up about this problem:

“In the darkest woods of IT, patching 3rd party application on a desktop remains a significant challenge for many organizations. Patching server OSs (Windows and Linux/UNIX) and 3rd party server applications also remains challenging due to fragility of many server environments. Add virtualization to the mix – and you have a full-blown slow-cooking disaster. And then you have Java…a security disaster in a league of its own,” wrote Gartner analyst Anton Chuvakin in a recent blog. “Java, Adobe Reader and Flash, Firefox, Oracle fat clients as well as many vertical and business-specific applications are often patched MUCH later than Windows and Office.”

BYOD only makes this all worse. These days you have to patch anything and everything. And fix these holes before the hackers jump in!

If patches are the hackers’ best roadmap, shouldn’t patching be a top priority?

WSUS is not enough. You need a broader tool that embraces multiple platforms and automates as much as possible patch testing and deployment.

With today’s world of distributed enterprises, mobile workers, BYOD and telecommuting you need to keep remote off network machines patched. You simply can’t have IT travel to update all these devices or ask end users to patch the machines themselves. Here a cloud patch management tool is the perfect answer.

See for yourself how easy it is to keep your servers, PCs and laptops up-to-date, with a free 30-day trial of GFI Cloud™. Whether your users are in the office, on the road or working from home, GFI Cloud is the easy way to keep their devices patched, secure and running efficiently, from one central console.  Learn more

1. Microsoft Fix It Solution Center

The Microsoft Fix It Solution Center is an online tool that helps you to quickly find and fix common system issues. Once you’ve entered the symptoms, you can either download an executable to automatically fix the issue or be directed to a relevant Microsoft Knowledgebase Article that explains what the cause and recommend workaround is.

To use the Microsoft Fix It Solution Center, simply open http://support.microsoft.com/fixit/ in a web browser, select a problem area from “Step 1”, choose what type of problem you are trying to fix from the list in “Step 2” and then choose which solution you’d like to execute or learn more about from “Step 3”.

2. Problem Steps Recorder

Hidden away in Windows 7 / Windows 2008 and above is a neat little utility called Problem Steps Recorder (psr.exe). The Problem Steps Recorder will record the step-by-step interactions that occur while the user replicates the problem, taking screenshots of every action. It then bundles all this into a report with detailed information and any relevant error logs.

This tool is great if you have a user in your environment who is experiencing an issue that you want to gain more information about and the steps they took to reproduce the problem, or if you want to create a report to send to a third party vendor as part of a support case.

To launch the Problem Steps Recorder, go to the Start menu and type “psr.exe”. Click “Start Record” and the tool will record every interaction from then on. You can add comments during the recording process and then click “Stop Record” to save the report as an *.mht file within a zip archive.

3. Reliability Monitor

Windows Vista / 2008 and above include a tool called Reliability Monitor. This tool provides an overview of overall system stability and details about events that can impact reliability. The idea is to pinpoint any troublesome areas and take steps to improve system reliability based on what you learn (e.g. you might identify a trend in a certain application crashing when opening a certain file type).

To run the Microsoft Reliability Monitor, go to the Start menu and type ‘Reliability’. This will bring up a “View reliability history” shortcut. Clicking on this shortcut will launch the Reliability Monitor directly. You can also launch this tool from the Performance Monitor tool by right clicking on Monitoring Tools and selecting “View system reliability”.

Start by selecting whether you want to view information by Days or Weeks, and then click on a specific area within the graph to view information in the bottom hand pane. Once you’ve viewed reliability history for a specified period, you can choose to save the information to a file, view a list of all problem reports and check for solutions to problems.

4. WELT (Windows Error Lookup Tool)

When troubleshooting issues, you may come across Win32, HRESULT, NTSTATUS or STOP error codes which are likely to mean nothing to you or I. Using WELT you can find out what the error code means in plain English and what it relates to.

To launch WELT, simply execute Windows Error Lookup Tool.exe from the folder where you extracted welt.zip to. Enter the error code in the textbox and the error details will appear automatically.

5. PowerShell Troubleshooting Packs

As I mentioned in my article entitled Windows PowerShell™: Essential Admin Scripts (Part 1) the PowerShell Troubleshooting Packs (bundled with Windows 7/2008 and above) can be really handy when troubleshooting system issues. As such, they are a collection of PowerShell scripts that you can use to diagnose different aspects of your servers, clients or network. Different packages are available to troubleshoot printers, networks, performance, power, Windows Update, etc.

To run a PowerShell Troubleshooting Pack, open a PowerShell command prompt and import the modules associated with the pack by running the “Import-Module TroubleshootingPack” command. Then, run the following command to start the desired Troubleshooting Pack:

Get-TroubleshootingPack <TroubleshootingPackLocation> | Invoke-TroubleshootingPack

6. WinAudit

As part of the troubleshooting process, it is helpful to know as much information as you can about the machine where the problem resides to assist in finding a solution more quickly. WinAudit scans your computer and gathers a whole raft of information about Installed Software, TCP/IP settings, Drives, Error Logs, etc.

Note: At the time of writing, the download link available from the developer’s website was broken. You can download the latest version of this software from a popular application download site like CNET.

To start an audit of your local machine, simply execute WinAudit.exe to start the application and then click the “Audit” icon in the top left hand corner.  Once the audit is complete, you can start to review the information from the different categories in the left hand pane, or save the information as a PDF / CSV / TXT / HTML file.

7. Joeware Utilities

Joeware Utilities are a list of free troubleshooting and system information utilities aimed at making the life of an administrator easier. These tools are built by a system administrator from his own experience of not finding a tool out there that did the job he needed for whatever he was trying to solve. The tools available include anything from tools that dump user information from Active Directory, modify a user account’s expiration flag or perform TCP/IP port connection testing.

Note: Unfortunately Joeware Utilities do not come as a bundled package and will have to be downloaded individually from the website. However, using a small add-on for the NirLauncher application mention below, you can download and categorize the tools ready to be launched from the NirLauncher application itself.

Some of the tools available from Joeware Utilities include:

SidToName

SidToName is a command line tool that resolves SIDs (Security Identifiers) to friendly display names. You provide it with a valid SID and it returns the object name associated with that SID.

AccExp

AccExp is a command line tool that you can use to modify or read the expiration date of local user accounts.

8. Nirsoft NirLauncher

NirLauncher is an application that bundles more than 170 portable freeware utilities. The tools available include password recovery tools, Internet tools, programming tools, and system tools – all of which can be used for troubleshooting and information gathering.

Some of the most popular tools bundled with NirSoft NirLauncher include:

USBDeview

USBDeview is a small application that lists all current and previously connected USB devices on a local or remote machine. USB device information includes device name/description, device type, serial number, the date/time that the device was added or last used, VendorID, etc.

CurrPorts

CurrPorts displays a list of all currently open TCP/UDP ports on the local machine. Information about which process opened the port, the time the process was created and the user that created it is displayed. Using CurrPorts you can also close open connections and export the information to a file.

LastActivityView

Using LastActivityView you can see what actions were taken by a user and what events occurred on the machine. Any activities such as running an executable file, opening a file/folder from Explorer or performing a software installation will be logged. The information can be exported to a CSV / XML / HTML file.

9. Microsoft SysInternals Suite

Microsoft SysInternals Suite is a collection of over 60 lightweight troubleshooting tools all bundled into a single download package. Whatever issue you’re trying to tackle, you are sure to find a tool in this package to help you manage, troubleshoot and diagnose your systems and applications.

Some of the most popular tools bundled in the SysInternals Suite include:

Autoruns

Autoruns allows you to view which programs and services are configured to run at system boot up or login, in the order in which Windows processes them.

Process Monitor

Using Process Monitor you can troubleshoot application and system related issues by monitoring activity related to processes, threads, DLLs, the registry and file system in real-time.

AccessEnum

Using AccessEnum you can quickly view permissions of file system directories or registry keys and then save the results to a text file and compare results with a previously saved log.

10. WSCC (Windows System Control Center)

WSCC is not a troubleshooting tool per se, but it does facilitate issue troubleshooting by acting as an inventory for various system troubleshooting tool suites (such as those from Microsoft SysInternals and NirSoft). It allows you to install, update, execute and categorize the entire collection of tools in a single location.

When you launch WSCC for the first time, you are given the option to download and install the latest versions of the entire set of over 270 tools. If you choose not to install them locally, WSCC will download each application when you first click on it and store the file in a temp folder within the WSCC directory. To launch a troubleshooting tool, choose a tool from the category within the navigation pane on the left hand side. You can also add favourite tools to the Favourites folder or search for a utility by name.

Are there any free tools not on this list that you’ve found useful and would like to share with the community?

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

And we’re not stopping there. Knowing most of our followers are sys admins we thought of ordering another 50 150 GFI Superhero T-shirts… That’s right, you can celebrate with us and get your own free T-shirt!

Here’s how:

It’s really simple. We’re giving away a GFI Superhero T-shirt (like the ones in the picture) to the first 50 150 sys admins who participate in our competition – all you need to do is complete this form!

Dates:

Registration opens now and we will update this blog post when we’ve received 50 complete forms.

The all-important small print:

Before you do that though, be sure to read our Terms and conditions – it’s very important that you follow these, as you could be disqualified if any of these rules are infringed. Having said that, good luck to all and…

HAPPY SYSADMIN DAY! 

Terms and conditions:

• The first 50 150 complete forms will each win a GFI Superhero T-shirt (as shown in image above)
• GFI Software employees and their families cannot participate in this competition
• All entrants must be sys admins; non sys admins will not be considered for the prize
• Winners will be notified by email
• GFI is not responsible for the timeliness of the prize dispatch T-shirts are available in Small, Medium, Large, X-Large and XX-Large
• Upon contacting the winner/s, if no reply is received within a week (7 days), GFI retains the right to choose another entry
• Whilst GFI does its utmost to ensure that all prizes are delivered in a timely fashion the company does not retain responsibility for any prizes that are lost/stolen in the mail
• Any incomplete or irrelevant entries or entries that do not comply with these Terms and conditions will not be eligible to win
• Prizes are as described and cannot be substituted for cash.

To say “thank you”, here’s a list of 26 simple ways you can show your appreciation for those unsung heroes that toil away to keep the servers humming and the tubes unclogged. Some of these are low cost gestures; others might be something the boss should cover or the office should take up a collection, but all are guaranteed to put a smile on the face of that favourite SysAdmin of yours, on the one day a year where you know better than to drop a broken machine off or open a last minute helpdesk ticket.

1.      A card

When you care enough to send the very best, but you don’t have a lot of money to invest, a nice card at least shows some thought. Just make sure it is a card themed around IT, general geekiness, or otherwise shows that you didn’t pull one out of a card drawer because you forgot about it.

2.      Coffee shop gift cards

Whether your SysAdmin’s favourite brew comes from Starbucks or the local shop down the street, a gift card is the gift that keeps on giving, or at least for a couple of cups of really good Joe.

3.      Mobile store gift cards

If coffee isn’t their thing, you can bet a gift card to the iTunes Store, Google Marketplace, or Windows Store will be appreciated. Find out what kind of phone they have and get the card to right shop and you can bet that by the end of the day they will have a couple of new apps to try out.

4.      Amazon gift cards

While this may be the fallback of last resort, even people ten years in the grave can find something at Amazon that they want.

5.      Lunch

You’d be amazed at how far a nice lunch can go towards saying thank you, especially since that SysAdmin usually eats lunch at their desk because there is so much work to do. Whether it’s a one on one affair, or you make it a team event, just providing them the opportunity and excuse to see the sun at least for one day a year is a great gesture to make.

6.      Dinner

Better still, buy your SysAdmin dinner, by getting him or her a gift card at a nice restaurant so they can take their significant other out for a nice meal. Remember, every time you call your SysAdmin after hours to fix something, you are impacting their family too. Thank Yous should extend to them as well.

7.      A red Swingline stapler

The icon of geek and snarkiness, the Red Swingline Stapler is something every SysAdmin will love.

8.      TV Show or movie-themed swag

With a simple conversation, you can quickly find out what your SysAdmin’s favourite sci-fi TV show or movie is, and then a quick visit to ThinkGeek will provide you with tons of options for low cost, but very cool, thank you gifts. Very few adults will ever buy themselves a Sonic Screwdriver, but secretly, we all  want one!

9.      Poster

Use the same recon skills as above, but this time visit Amazon for cool movie posters or other theme art so your SysAdmin can pimp their cube in style.

10. A Pizza party

Here’s one the whole office can enjoy, and EVERYONE loves pizza. And since SysAdmin’s day is on a Friday, it’s a perfect fit for the day.

11. Light Dims LED Light Blocker

These cool little stickers dim otherwise overly bright lights, and can be applied to TVs, monitors, UPS systems, alarm clocks, or any other status light that needs to be seen, but is just a bit too blinding for most. Check them out at: http://www.thinkgeek.com/product/eeb6/?srp=1

12. Hacking putty

Part silly putty, part play-dough, part caulk, and completely awesome – Hacking Putty can be used to fix or enhance almost anything.

13. Star Trek TOS Phaser Laser Pointer

Anyone who needs to demonstrate or point out anything needs a laser pointer, and every SysAdmin has pretended that they had a phaser when they were using one. Here’s a gift that says thank you with a nod to having fun: http://www.thinkgeek.com/product/1124/?srp=2

14. Zombies are in

Did you know that Zombies are “in” right now? Anything from the Walking Dead to World War Z to remakes of George Romero movies are selling like mad right now, and thank you gifts that play into this will bring a smile and a chuckle to any SysAdmin’s face.

15. Powerstrip with USB

Every single person that sees one of these in action wants one. Get on your SysAdmin’s special list with this as a thank you: http://www.amazon.com/Outlets-To-Power-Strip-USB/dp/B0018MEBNG/ref=sr_1_4?ie=UTF8&qid=1374538925&sr=8-4&keywords=power+strip+usb

16. Bawls

Long hours mean a need for caffeine and sometimes coffee just won’t cut it. A case of Bawls is a delicious and refreshing way to hold of sleepiness during those late night changes.

17. Caffeinated mints

And these can not only fight off fatigue, but bad breath as well. It’s a multitasker, and any SysAdmin will appreciate that!

18. Herbal Tea collection

Of course, too much caffeine can be a bad thing. Many SysAdmins have discovered the benefits and the deliciousness of a good cuppa, and herbal teas can help you relax without hyping you up. Show your SysAdmin you care without feeding their addiction.

19. Emergency battery

Everyone needs more power, and when your cell phone is dying, nothing is more helpful than some emergency power. USB batteries come in a variety of sizes and capacities, and can save the day time and again.

20. A really cool coffee mug

Can you tell coffee is a big deal to SysAdmins. A cool coffee mug makes a statement, and can also handle those herbal teas. Look for one that plays to the TV or movie tie in for bonus points.

21. Anything by Neil Stephenson

A SysAdmin’s folk hero, anything that Neil Stephenson was involved in creating will be a greatly appreciated gesture, and you will go up at least five points in the recipient’s opinion.

22. Like/Dislike stamp set

Even SysAdmins who aren’t on Facebook will love these. I bet they will even use them on their TPS reports: http://www.thinkgeek.com/product/e5f5/

23. Cable organizers set

Velcro is so over. The new hotness is cable organization using silicone polymers and oddly-shaped, brightly colored widgets to keep cables in place, bound together, or otherwise organized.

24. Paracord survival bracelet

Everyone wants one… but many people think they will look silly if they buy one for themselves. Help your SysAdmin get past that mental block. If disaster ever strikes, you know they will know how to McGyver something out of the bracelet to save you all – or at least, your email.

25. Beer

Free speech, free beer, it’s all good. Find out their favorite and get them a case. It’s the kind of gift that says…you work your #$(& off, thanks, now have a cold one!

26. Programmable LED light

The last on our list has no practical value, which is one reason no SysAdmin will ever buy it for themselves… but they are so cool! Replacing their desk lamp with this bulb will add new factors to coolness, and help them stay awake during those interminable conference calls: http://www.amazon.com/HitLights-BlueLux-Changing-Quality-Feature/dp/B005SHR2C4/ref=cm_cr_dp_asin_lnk

Twenty-six ways to say thank you to a SysAdmin that toils indefatigably for you 24/7/365. It’s one day a year that you get to really show your gratitude to them, so pick one from the list above, and remember your SysAdmin this Friday!

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!