iOS wireless backup

John Gruber posted an excellent article last week about the state of eliminating the need for a PC from the use of an iOS device, and is an excellent read. He builds upon Chad Olson’s three key iOS-iTunes dependancies with a fourth, so that we end up with:

  • getting your stuff onto your new iPad (Chad Olson)
  • updating iOS (Chad Olson)
  • backing up and restoring your iPad (Chad Olson)
  • device activation (John Gruber)
John then does a great analysis of activations and updates. However, I don’t think he is quite right when it comes to eliminating the PC from the backup and restore (and naturally the ‘getting your stuff’) portion of his analysis. In the end, it boils down to this paragraph: Continue reading

Apple and the Enterprise

So I’ve had this thought for some time now, and have shared it with a few people here and there. Before I start getting deep into speculation, I want to lay down some facts:

  • Oct 2010 – Apple outsources Enterprise sales and support to Unisys.
  • Nov 2010 – Apple announces the discontinuation of the XServe. At the same time, they release a laughable white paper, referring to the Mac Pro and Mac Mini Server as reasonable replacements. The Mac enterprise community is shocked, not so much at the discontinuation of the XServe, but at the options left behind.
  • February 2011 – Apple releases Light Peak (rebranded as ThunderBolt) enabled Macbook Pros. ThunderBolt represents a huge increase in external interface bandwidth for consumer-level equipment, allowing them over three times the bandwidth of the fastest interface- eSATA.
  • April 2011 – Promise announces SANLink ThunderBolt to Fiber Channel interface, with assistance from Apple in the design.

Macs in the data center.

Many Mac Administrators have begun to believe that Apple is just giving up in the enterprise market, relegating the server space to Windows and Linux machines running on VMWare virtualization clusters of IBM/Dell/HP blade servers.

My thought is the opposite. Apple can make a compelling case to replace the blade servers from other manufacturers with Apple kit.

Continue reading

Evolve’s Password Policy

Evolve has administrator access to the majority of its clients. Naturally, there is a great responsibility to not allow this trust to be used inappropriately- by Evolve, or others. As such, I have created a series of policies that govern how administrator access to client systems is handled.

Evolve’s administrator access password policy is this:

  • All passwords are auto-generated and unique to the client.
  • All passwords are stored in a client-specific keychain file.
  • All passwords are strong, according to the Mac OS X password generator.
  • Any Evolve accounts on a client’s machine must have an equivalent account for internal client use.
  • Evolve account passwords are not shared with the client.
  • Any shared-password account, such as airport admin passwords, is marked as such in the keychain.

This policy is in place to protect both Evolve and the client. It performs several goals:

  1. No cross contamination of passwords between clients, which reduces the likelihood of any potential security breach traveling between clientele.
  2. Log entries on client systems for system activities mentioning Evolve are always performed by Evolve, provided the account has not been breached itself. Because the user account is not shared with the client, it also allows for detection during a security breach. This is especially imperative with accounts that allow Evolve to VPN into their networks.
  3. Clients have the ability to lock out the Evolve account at any time. This is useful, if they decide to terminate the relationship without administrator functionality being lost.

System Imaging for small business

I like deploying small business networks in a manner consistent with enterprise networks. Sometimes people don’t understand why I install imaging systems on a five computer network. The reason is efficiency. It makes more sense to manage these five (or ten, or 25) individual computers as one computer image, rather than individually. This allows me to better manage my time with your business, keeping your costs down.

For instance, a recent client was replacing part of their aging network with new iMacs. The time that it took to setup the image system, create the image, and install it on three computers was equal to the time that it took to use Apple Remote Desktop to configure two of the non-imaged machines that they did not want imaged. The additional benefit is that if there are problems with one of the iMacs, it is trivial to bring it back to a default state for their business, rather than a factory fresh computer that needs additional work to become productive.

I like to use DeployStudio for system images. It doesn’t add anything to the bottom line in terms of cost, and it has a well supported and vibrant community of administrators that utilize it.

Mac Trojan Horse

I’ve always held the opinion that Macintoshes are worse off when running antivirus, as the threat is very low and the drawback is high as your computer runs shower and is often less stable. I still don’t suggest doing so. However, I want you to be aware of a threat that has come out today for the Mac:

In particular, it appears to be running under the certificate for “PhotoAlbum”, an example of which appears as an image in this email. If you receive this certificate, please press the cancel button (as you should for any untrusted certificate other than the ones that I’ve setup for your office.)

If you have pressed continue at this dialog, please contact me immediately.

I will be monitoring this situation, and will recommend other changes as they are necessary. If you feel that your organization needs antivirus, I will be happy to work with you on acquiring and installing it onto your Macs. I expect the particular security holes used in this trojan horse to be patched relatively quickly.

Please feel free to distribute this within your office as you feel is necessary, and contact me directly if you have any questions.

Make it simple, expert

Mike Wagner of White Rabbit Group has an excellent post titled Don’t “keep it simple, Stupid”! which talks about how nothing in business starts out simple, so the old adage should be “Make it simple, expert” rather than the old adage “keep it simple, stupid.” The key quote is this:

The real expertise businesses and organizations need comes from those professionals who know how to “make simple” what is already way too complicated. Reward that! Insist on that!

Computers are all about taking complexity and making it simple. Rooms of humans computing the books of a company (the origin of the term “computer”) are now replaced with a single application running along with several other, equally complex applications. Rows and rows of secretaries have been eliminated. Human productivity is up because each user can do more in an hour than our ancestors could do in a week.

Making tasks simpler

Mac OS X allows us to make simple tasks out of long repetitive ones through the use of Automator, Applescript, and UNIX shell scripts. My favorite recent example is a process I came up with when I was updating all of the avatar pictures of myself on the web. I had just taken part in a photo shoot, and had a DVD full of beautiful, giant TIFF files.

Files that websites like, Facebook, and Twitter reject because they want 300k JPEG files.

The process was about eight or nine steps to do manually, which also required me to think about the best way to deal with the files each time. I didn’t really need all of the photos shrunken, so I was doing them in batches of one and two on an as-need basis. I then realized that I was performing the same actions over and over again.

I then opened Automator, and a few workflow commands later I had a service that automatically converted any photo that I select into a 300k JPEG. The beauty of doing this in Snow Leopard is that I can now right-click on a file and convert it.

Getting back to Mike’s point, I took a complex (in numbers of steps and time, not in the difficulty of each step) task and made it simple. There is a staggering amount of complexity sitting in the background, but the end user doesn’t see it.

They just right click and have a file they need.

Des Moines’ Entrepreneur Climate

Mike Colwell of BIZ (Business Innovation Zone) has an excellent article talking about how detrimental it is for serial entrepreneurs in Des Moines to “Fail Fast.” One of the things he hits upon is something that I tend to tell people at least once a week:

Des Moines is a small town with a long memory.

While I knew this to be true, Mike Sansone was the person that gave me a plausible explanation. He explained that Des Moines’ culture is of risk aversion. Our largest industry, insurance, is dedicated to mitigating risk. The agricultural part of the state also has a culture of mitigating risk in the corn field, be it from deer, water, hail, etc.

Our culture dictates a certain level of hostility to something new. Startups are more difficult here because of our culture. However, the consensus is that the entrepreneur climate has improved greatly over the course of the last decade, particularly in the last five years.

How do we ensure that this trend continues for the next decade?

For myself, this means:

  • A commitment to honesty.
  • A conscious effort to learn from failures.
  • An openness to new ideas.
  • A pledge to reinvest in Des Moines’ entrepreneur community.
  • The ability to forgive past mistakes, given true contrition.

– Jon

Photo courtesy of Carl Wykoff