qtslogo10.gif (7142 bytes)
 ad1.gif (2831 bytes)
hvl_home.gif (1239 bytes) hvl_about.gif (1244 bytes) hvl_techres.gif (1285 bytes) hvl_customers.gif (1285 bytes)
hvl_stay.gif (1256 bytes) hvl_contact.gif (1236 bytes) hvl_sitemap.gif (1230 bytes) hvl_jobs.gif (1261 bytes)

Quality Technology Solutions, Inc.

QTS QuikNews – June 2002 – Issue 2002.6  June 17 2002

**************************************************************************

Welcome to the June edition of QTS QuikNews, our Monthly E-Mail newsletter.  In this monthly e-mail, you will receive an update of what's new at QTS - new products we support, new patches and upgrades, solution ideas and promotions to save you money, and information about our company and our clients.

As a QTS client, a prospective client we have had discussions with, or a “friend of QTS,” you have been automatically added to our newsletter distribution list.  To unsubscribe from this mailing please see the instructions at the bottom of this page, or call your QTS Account Manager.  Please do not respond to this e-mail.  This is an unmonitored account.

**************************************************************************

IN THIS ISSUE

**************************************************************************

1.       QTS News

2.       Events

3.       Patches & Upgrades

4.       President’s Corner

5.       Special Offers & Featured Solutions

**************************************************************************

QTS NEWS

**************************************************************************

MICROSOFT LICENSING PROGRAM CHANGES & SEMINARS

Effective July 31st Microsoft is making significant changes in its licensing programs, which will impact most if not all QTS customers to some degree.  The core change in the programs is that software upgrades will not be available under the new program – so, if you wish to upgrade any of your Microsoft products to the current version (i.e., upgrade from Windows NT to Windows 2000, Exchange 5.5 to Exchange 2000, etc.) you will want to do so before the new program goes into effect – otherwise, you will need to purchase the new products with no credit for your prior investment.

Contact your QTS Account Manager for more information if you have not attended one of our seminars or do not understand how these changes impact your organization.

NOVELL PRODUCT SUPPORT LIFECYCLE

Manufacturer support for software offerings typically runs a 3 year lifecycle from initial product release these days – sometimes sooner, sometimes later, depending on the frequency of interim updates.  The following Novell products are coming up on their end-of-life date:

8/1/02 – Novell BorderManager 3.5
8/1/02 – Novell GroupWise 5.5

See http://support.novell.com/lifecycle/forecast.html for more information.  Note that support for NetWare 4.11 was discontinued effective 12/31/01, and NetWare 5.0 was discontinued effective 3/31/02.

+++ FROM THE WEB +++

QTS BECOMES SURFCONTROL AUTHORIZED RESELLER

6/17/2002: QTS today announced that it has become a SurfControl Authorized Reseller.  This enables QTS to offer Internet Security solutions to its customers based on SurfControl's SuperScout content filtering software solutions.

Read more at http://www.QTSnet.com/stayinformed/l3_stay_pr28.htm

**************************************************************************

EVENTS

**************************************************************************

No events are scheduled this month.

**************************************************************************

PATCHES & UPGRADES

**************************************************************************

Call the Customer Support Center to have us apply QTS-standard patches and keep your systems current.  The following patches have been recently released and are recommended by QTS:

* Microsoft SMS 2.0 Service Pack 4
* Microsoft Security Fix for Unchecked Buffer in RAS Phone Book Vulnerability in MS02-029 (Windows NT, 2000 and XP)
* Novell BorderManager 3.5 and 3.7 Proxy & Client Trust Update
* Novell BorderManager 3.6 Updates (includes above)
* Citrix MetaFrame XP Feature Release 2/Service Pack 2
* Citrix ICA Client 6.30

Norton Antivirus Corporate Edition signature files are currently at version 40614v (6/14/2002).  CA InoculateIT 4.x signature files are currently at version 37.00 (6/14/2002) and 6.x signature files are currently at version 23.55 (6/14/2002).  McAfee VirusScan/NetShield signature files are currently at version 4207 (6/12/2002).  Please keep your antivirus signatures, and your scan engines, current!  If you do not have your system set up to automatically distribute updates from your server to your PCs, please call your QTS Account Manager or the Customer Support Center.

Some patches can cause problems, especially in combination with other software programs or patch levels.  Please talk to us to verify whether we see any possible problems in your environment before patching your systems independently.  We make best efforts to test patch combinations but cannot guarantee compatibility between software and hardware manufacturers’ products.

**************************************************************************

PRESIDENT’S CORNER

**************************************************************************

In the last issue of QuikNews, we announced our new QuikSecure Security Policy Development service.  This is a very important aspect of IT planning, and I would suggest that it is an equally important general business management issue that is often neglected.  This month, I’d like to take a moment to explain what a security policy is, and why it is important.

First, as many of you know, QTS regularly runs security seminars for our customers, and I do a fair amount of speaking at security events.  One question I always ask is how many in the audience have formal, written Security Policy documents.  The number is always far too low, typically less than 10 percent of the people.  This is even the case in larger organizations, where the task of assembling and managing such a document can be daunting.

A Security Policy is important because it defines the rules your business has set for how its systems should, and should not, be used.  It therefore should drive the decisions you make on how your systems are protected, and what you need to protect them.  Most people buy firewalls, VPNs, antivirus, content filtering and other technologies without a clear plan of how to deploy them, or what it is they want to protect.  The Security Policy document defines, in clear business terms, what the business wants done to protect its systems – what employee behaviors are acceptable/unacceptable, how technologies are to be used to protect the business resources, how information is to be classified and protected, etc.

A key element of this that is often overlooked is who should be involved in the process.  Clearly IT plays a significant role, but a Security Policy that is drafted by IT and implemented by IT, in isolation, is a waste of time and will fail.  A Security Policy is a cross-departmental function that needs to involve IT, Human Resources, Legal and other key business areas and leaders.  Furthermore, for the process to be successful it is critical that an Executive Sponsor, with suitable cross-departmental influence, be involved.  Without a powerful Executive Sponsor to show the organization is serious about the policy, and to make key decisions and resolve differences of opinion at a business level, the Security Policy will invariably fail.

A Security Policy needs to be communicated to the employees, and there needs to be a process for ongoing communication, education and commitment.  With a well-written and well-communicated Security Policy, you will avoid a lot of ugly situations that waste time and potentially put the organization is a position of legal risk and exposure.  Without one, you may be at risk for loss of confidential data, for lawsuits from current and former employees, and for wasted time and lost productivity.

Standard elements of a Security Policy include:

* Acceptable Use
* Internet Access Policy
* Email Policy
* Remote Access Policy
* Perimeter Security Policy
* Password Policy
* Information Classification/Confidentiality

These are a few of the key topics that need to be covered, though there are many others that should be included as well.  There are several books available on the subject, and some Internet sites have templates that can be used as a starting point in building this docment (although all that I have seen require considerable work and are targeted at large enterprise organizations).

What we’ve done with our QuikSecure Security Policy offering is to take many of the templates that are available, take many of the books that provide advice on the subject, pull them all together, integrate them, make them work as a unit, and refine the end product to be targeted specifically at the needs of a medium enterprise organization – a company with between roughly 50-5000 computers/users.  We’ve identified all the decision points, versus all the non-changing boilerplates that shouldn’t be changed, and put together a one day consultative engagement where we take you through the process of learning about security policies, identify your business issues and needs, and take you through the decisions that need to be made to customize the document for your business.  The end result is (what we believe to be) a ready to use Security Policy document, combined with our recommendations for implementation, training and management.  In effect, in one day we deliver what would take you months of effort, if not more.

I am hopeful that this offering can help drive up the number of people in the audience next time that can answer yes to my question.  The process is a lot of work, but is important from a variety of reasons I’ve noted above.  I am interested in your feedback on this, so please call or email me with any thoughts you have.

As always, feel free to email me your comments or thoughts at nrosenberg@QTSnet.com.  Thank you.

Neil Rosenberg
President & CEO
Quality Technology Solutions

**************************************************************************

SPECIAL OFFERS & FEATURED SOLUTIONS

**************************************************************************

NOVELL ZENWORKS FOR DESKTOPS

Novell NetWare 4 and 5 users own NAL Starter Pack, which provides software distribution and policy-based management for desktop PCs.  Through July 31st, these users can upgrade to ZENworks for Desktops 3.2, adding remote control, Windows 2000/XP support, inventory and other management features, and can save up to 50% on software upgrade costs when combined with Full Term Upgrade Protection.  Contact your QTS Account Manager for more details.

**************************************************************************

To Comment on this newsletter, send an email to QuikNews@QTSnet.com.

**************************************************************************

To Remove yourself from this mailing list please send a reply to this message with the word UNSUBSCRIBE in the subject field.  Or call or email your QTS Account Manager.

**************************************************************************

To Subscribe to this Newsletter, tell your friends and colleagues to go to http://www.QTSnet.com/QuikNews.

**************************************************************************

To View an archive of all QTS QuikNews editions, please visit http://www.QTSnet.com/stayinformed/QuikNews/QuikNews_Index.htm.  **************************************************************************

ã2002 Quality Technology Solutions, Inc.

This site last updated 06/17/02
© 1999 Quality Technology Solutions, Inc.
76 South Orange Avenue Suite 302, South Orange, New Jersey 07079
telephone: 973.761.5400       fax: 973.761.1881
email: info@qtsnet.com