Vol 01 - Edition 06

.

Outsourcing pitfalls to avoid
By Zen Lee, ZDNet Asia
Monday , May 24 2004 11:34 AM

Outsourcing is increasingly becoming a popular trend. In a recent report by analyst firm Gartner, the number of businesses starting new outsourcing deals will grow by 30 percent this year globally. However, a successful outsourcing deal is no easy feat, not least for small and medium-size businesses.

Linda Cohen, managing vice president of Gartner tells CNET News.com: "Outsourcing requires an ongoing relationship that has to be managed proactively and measured to achieve what is expected. Outsourcing is hard work, and it takes a lot of preparation."

Therefore, before a company decides whether to outsource, it is essential to consider the possible pitfalls.

Beyond dollars
Often, the decision for companies to outsource is based on the preference to cut down operational costs. Outsourcing helps to achieve this in more ways than one. Via outsourcing, employee headcount can be reduced in order for companies to save costs on salaries. IT spending due to software and hardware maintenance and upgrading can also be minimized.

However, Janice Leong, general manager of Enterprise Infrastructure, Management and IT Security for NCS Communications Engineering, warns against an overemphasis on cost.

"Outsourcing for cost reasons alone does not last," says Leong.

"The reasons must not only be cost considerations but also of how the outsource service provider value add to the business success at the strategic level," she adds.

According to Leong, companies need to study their core capabilities before embarking on an outsourcing deal. The services outsourced are usually non-core activities, so companies do not have to divulge too much intellectual property to the service provider. Such activities are usually related to the aspects such as IT, network security, logistics, human resource and administrative processes.

An example is IT security. As more and more businesses start establishing an online presence, they are required to be more vigilant about security on the Internet. By turning to security service providers, they are freed of the responsibility of having to monitor their equipment, which may require additional manpower. They also do not have to worry about security issues such as firewalls or software licensing.

In other words, an efficient outsourcing partnership not only frees up resources for the company, it also allows the customer and the service provider to focus on their core business competency to achieve a higher standard of service.

This Month's Tip:

You can't schedule a defrag using Task Scheduler, but you can do it from a batch file. Greg Shultz explains how to schedule Windows XP's Disk Defragmenter.

The Microsoft Management Console houses the Windows XP Disk Defragmenter, which makes it impossible to schedule a regular defragmenting session via Task Scheduler. However, there's also a command line version of this utility, called Defrag.exe, that you can schedule. To do so, create a batch file that runs Defrag.exe along with the appropriate parameters, and then create a schedule to run your batch file.

To run Defrag from the batch file, use the following command line:

Defrag x: [/parameter]

In this command, x is the drive letter of the hard disk you want to defragment, and parameter is one of three optional settings that you can use to configure Defrag:

• /a: Analyzes the volume and displays a summary of the analysis report.
• /v: Displays the complete analysis and defragmentation reports. Can be used in combination with /a to display only the analysis report.
• /f: Forces defragmentation of the volume regardless of whether it needs to be defragmented.

Here's how to schedule the Disk Defragmenter:

1. Launch Notepad.
2. Type the appropriate Defrag command line.
3. Save the file as Defragger.bat.
4. Go to Start | All Programs | Accessories | System Tools | Scheduled Tasks.
5. Launch the Scheduled Task Wizard by double-clicking Add Scheduled Task.
6. Click Next and select Defragger.bat.
7. In the following three screens, select the Weekly or Monthly option, the time that you want to defragment your hard disk, and then type a username and password with Administrative privileges.
8. Click Finish.

Now, your computer will regularly run a defragmentation operation to keep your Windows XP system in tip-top shape!

Note: This tip applies to both Home and Professional editions.

Originally published at TechRepublic.

Panda Labs Uncovers New “BrizTrojan” Computer Scam

Panda Software Labs Uncovered a New Scam Aimed At Stealing Confidential Data From Computers Worldwide!

• The attackers are using the new I variant of Briz, causing suspicion that this action is connected to the scam involving the creation and sale of custom designed Trojans discovered recently by Panda Software Labs

• This Malware network has been monitoring 2,700 computers across more than 120 countries without users’ knowledge, capturing personal information including bank details and passwords

Panda Software Labs has detected a data theft scam using the new I variant of the Briz Trojan. According to data from Panda Software Labs, the page the attackers used to control the network showed that 2,700 computers across more than 120 countries were infected.

The creators of this newly uncovered network have been distributing Briz.I from certain Web pages, mostly related with illegal or pornographic content. Panda Software Labs is working with other security companies to identify and close down each of the websites related to this network and prevent the threat from spreading.

The emergence of Briz.I could be related to the scam for creating and selling customized versions of Briz, recently discovered by Panda Software Labs. According to Luis Corrons, director of Panda Software Labs: “It is possible that the creator of the original Trojan has decided to profit directly using the same Trojans sold before. Alternatively, Briz.I could be a new version of one of the Briz Trojans sold while the previous scam was still in operation.”

Briz.I infiltrates infected systems under the name “iexplore.exe,” simulating an Internet Explorer process. Once on the system, it downloads a file that sends information – including the IP address or country of the infected computer – to the attacker’s website. Another of its components integrates in Internet Explorer, capturing all information users enter on online forms, such as e-mail passwords or data used to access online banking services. This malware allows the computer to be used as a gateway tp connect to other Web pages while masking the identity of the attacker, who can remotely access files on the local computer.

Briz.I is designed to run unnoticed by users and security companies. It covers its tracks once each component carries out the task. It also modifies the “hosts” file in Windows to prevent users from accessing security company Web pages and disables the Windows firewall.

“The current objective of malware developers is to profit from their creations, so they are concentrating on inserting malware surreptitiously, and, in this case, trying to capture data and login details to commit fraud,” explains Luis Corrons. “Traditional signature-based detection technologies are proving to be insufficient to combat these threats. To prevent this silent epidemic, they need to be paired with proactive technologies such as TruPreventTM which can detect malware without having previously identified it.”

To check if a computer is free from all types of threats, including Briz.I, Panda ActiveScan™ is available to users free of charge. (http://www.activescan.com)

Customers using Panda’s BusinesSecure with TruPrevent™ are already protected from this scam, as well as the new category threats from organized cyber crime and targeted attacks that are increasing in frequency.

For further information about this and other computer threats, visit Panda Software's Encyclopedia at www.pandasoftware.com/virus_info/encyclopedia.