Matt Sarrel, Dorothy Stanley of the WiFi Alliance and myself will be speaking at an online seminar next Tuesday, May 8th, about what you can do to make your wireless networks more secure. It is part of an all-day online security seminar sponsored by PC Magazine. Hope you can join us!

The recent flap about Katie Couric’s ghostwritten blog (and firing the ghostwriter when outted) has generated some funny commentary on Dilbert. Do we call this a glog? Ghost-log? Got me. The moral of the story: don’t do it.  Here are the links to the strips:

First, second, third

We all have heard stories about that panicked user call in the middle of the weekend to fix a broken server or restart a downed connection. One of the most productive tools a VAR can use is a Web-based remote control productUnlike client-based products of the past such as Symantec’s pcAnywhere and RealVNC’s VNC, there is no need for software on the client computer, and the remote control session happens through a small piece of software that works with a Web browser.There are two main products in this space: LogMeIn’s Rescue and Citrix Systems’ GoToAssist.

You can read more of my story for eWeek here.

In recent years, color output – printing, faxing, scanning and duplicating — has gotten cheaper, more manageable and more competitive when compared against monochrome output. As more business applications make better use of color and costs continue to drop, it makes sense to consider your choices for migrating to color and managing how to best use color printers and multifunction products in the enterprise.

I wrote this paper for CMP’s Custom publishing site called Color Document Solutions, sponsored by Toshiba American Business Systems. It talks about why color printing is important for the enterprise and ways that Toshiba is getting a handle on solving some of the cost and management issues.

I continue to talk about this topic with a speech to the members of Washington University’s Center for Application of Information Technology on March 22nd and for the Association of IT Professionals on April 26th. I will examine current solutions and products that claim to provide endpoint security and their strengths and deficiencies. I will highlight the different components of solid endpoint security solutions, and outline the four questions that you need to have answered before you get ready to buy solutions for your enterprise. I will also look at the standards being developed by Microsoft, Cisco and open source, how they stack-up against each other, and what you can be doing now as these are being finalized.

Here is a link to a presentation on cracking NAC that was presented at Black Hat Europe last month.

We have entered a new era in airline booking with the creation of YACA (yet another cheap airline): Skybus, operating out of all places, Columbus Ohio. I mean no disrespect for the town, where parts of both sides of my family once lived before they all retired to Florida or Vegas. And I wish this new entry well, even though they don’t fly anywhere near where I live.

There are several things that are interesting about Skybus. First, their Web site is modeled after EasyJet and Jet Blue and has a nice booking engine where you can quickly figure out what flights are available at what prices. I call this Strom’s first law of airline booking: a customer wants the utmost in transparency and ease of use when it comes to finding the cheapest fare. The sites and airlines that do this well will succeed. It isn’t enough to know that I can find the cheapest seat, but that I can have some reasonable assurance that the seat I buy today will continue to be a good deal next week too.

I like the calendar view that Skybus and EasyJet use, but I also like how Southwest shows you the prices of flights the day before and after your initial query. If you have some flexibility in your trip, it is very easy to use.

Other travel booking sites have gotten into doing some interesting things with searching the airline reservation system, and the one that I have come back to more than once is Kayak.com. It takes some learning to figure out how to eliminate and focus on the flights that you want to take, and I am not sure of its entire universe of fares, but for trips where you have to connect and could use a variety of hub cities, it has a lot of promise.

My second point about Skybus is you can’t call them – operators are definitely NOT standing by to take your reservation, they are 100% Web-only. If you have a problem, send them an email. I think this is great until you have a problem and need someone to resolve it. And time will tell if they are responsive via emails.

We all have our horror stories about airline travel, especially after this winter, and I will share one of mine here with flying United. One of the things I learned about United is that their call center is really sub-par. Clearly, they have outsourced this offshore, and the level of expertise is definitely lower than what I have seen on other airlines. About a month ago, I ended up sitting on the tarmac here in St. Louis, knowing that I will miss my connecting flight in Chicago. So I get on the phone and see if I can at least expect that a seat for the next flight out of Chicago. The call center people – and I tried multiple times – all were spectacularly unhelpful, even going so far as to say that the connecting flight was sold out. Of course, when I got to O’Hare and got on the next flight it was nearly empty, and I had no problem finding a seat.

But I will never fly United again, if I have a choice. Now trying to project that experience with Skybus, they still need something for passengers who get delayed. Perhaps at the Columbus hub they will have plenty of terminals that you can access – I haven’t been there so can’t say – but what if you have problems at their remote airports where the Internet connectivity isn’t that good, and there is only a single flight per day?

My third point is that Skybus is also being transparent about charging for things beyond the space your body fills on their planes. Want early boarding so you can get the seat of your choice (they don’t assign seats, ala Southwest)? Want to check a bag? Change your ticket? They are upfront about these charges, although they could do a better job of enumerating them in a single place on their site. They are also upfront about those oversize passengers that should book two seats, but usually don’t. Having sat next to quite a few of these people who “compromise any portion of the seat next to them” (a wonderful locution from their site), I applaud this wholeheartedly. One nit: golf clubs aren’t charged extra but bikes are.

In the past year we have seen dozens of endpoint security products come to market. In this article for Techweb/Information Week.com, I provide a roadmap, some suggestions on price points, and ways to sift through all of the products by answering six basic questions before you purchase any endpoint solution.

Let’s say you are trying to develop a new Windows application, say a new kind streaming media player. You want to find all the possible places, interfaces, and settings in both XP and Vista that your application will touch and interact with. You want to write your code so that your customers can install your software and have it work without interfering with Windows Media Player or other Microsoft-supplied applications that come with Windows by default.

So you go to Microsoft’s Developer Network Web site and spend a couple of hours digging around, and you come back with a pile of documentation that is confusing and conflicting. What you would really like is a single authoritative source for this information, presented in a way that you as a developer can understand and use. Thankfully, there is a solution, called the ISV Settings Manager that is found in an odd place.

The problem is that Windows these days is very complicated. While it is easy for anyone to install software –- you just click on the link on a Web site and download to your desktop –- getting this software to work reliably isn’t so easy. Where does the software go: on the quick launch toolbar, as a desktop icon, under a particular menu? What happens when the application depends on automatic preferences in Windows, such as the function that plays a music CD with the preferred music player? Does your application need to modify the existing file associations settings? Which registry keys are needed to be modified so that your application won’t step on something else? These are not simple questions, and the more you want your independent application to work smoothly with these various experiences, the harder it is to write the right code.

The ISV Settings Manager tools that are available from the link above manage all of these issues, and put in one place everything that is needed for a new application to work on both Vista and XP. It has been up on The Technical Committee’s Web site for several months and was written so “that developers have an easier job finding and selecting registry settings for their applications,” according to the site explanation.  There are several files available for downloading, include the entire source code listing.

So who is The Technical Committee, and why did they do this? It sounds like something from a bad Bond film (one can argue if this is redundant), but they are a small group of people that are responsible for keeping Microsoft on the straight and narrow path after the US Justice Department won their monopoly case against Microsoft back in 2002. The TC was created to monitor Microsoft’s compliance to the final ruling, have access to Microsoft source code, and obtain documentation from Microsoft when it needs to.

Apparently, when TC members tried to find all of this documentation for Windows interfaces, they found the mass of conflicting MSDN notes and set out to write their own. It is a great resource, and no Windows developer should be without this tool.

 The notion of combining the various security devices to protect your network isn’t new, but lately the market has become more competitive with the entry of CheckPoint Software’s UTM-1 product. UTM stands for unified threat management, and the idea has a lot of appeal – combine firewall, intrusion detection and prevention, and virtual private networks (VPNs) inside a single piece of hardware. Then wrap around some management software so that a security manager can have a single view of what is attacking your network.

According to IDC, UTMs are the fastest growing segment of the security appliance market and by next year they will even outsell firewalls and VPNs. But finding the right UTM appliance will take some careful research and testing. In this article for Datamation.com, I review some questions that will help you decide on the right product.

IT managers have more choices when it comes to supporting remote users. The traditional remote-access marketplace has evolved into four different solutions that can provide secure connectivity. The four solutions include two different types of Virtual Private Networks (VPNs) and two different types of shared computing (terminal services and what we’ll call Web-based remote access).

This article for CIOupdate.com goes into more detail.