All posts by Alok Chakrabarti

How to Create a Folder Accessible to only a Specific User (Data Backup User)

Data backup is like taking an insurance on your data. Just as we cannot predict what will happen with our life and property the next moment, and take cover of a good insurance, the same is true for our data too. Our precious data may be lost due to various reasons – natural disasters (earth-quake, flood, storm, fire), man-made havoc (theft, arson, violence), equipment failure, hacker attack etc. Backup acts as a good insurance against all such incidents. So, let’s make sure to regularly backup data.

It’s most common take backups onto another storage device, such as an external USB drive or a network share. It’s definitely a good step, but such storage also can be targeted by malware and virus. For example, if you map a network share to a drive (such as map \\myserver\backupshare to the drive x:) or attach an external USB drive to your computer, malware can identify such a drive and do the same damage as it does to regular drives in a computer. To protect the backup drive from malware attack, take the following steps so that the drive / folder is accessible ONLY to your dedicated backup user account as explained in our other blog post “How to Handle Ransomware Threat: Be Cautious and Backup Data“.

NOTE: Though the following set of steps use the folder name “BackupShared” as an example, DO NOT use such an easy-to-guess account name. Choose something suitable for your case that does NOT include your name, username etc.

a) Right-click on the folder (in this case E:\BackupShared as an example), and from the context-menu click on ‘Properties’ option.

b) Click on ‘Security’ tab to select it. You will see the dialog below.
Create Secure Drive - Step B

c) Click on the ‘Advanced’ button. You will then see the dialog below.
Create Secure Drive - Step C

d) Click on the ‘Disable inheritance’ button, which will show the following dialog.
Create Secure Drive - Step D

e) Select the option ‘Remove all inherited permissions from this object’.

f) Remove all ‘Permission entries’ (if any) from the following dialog.
Create Secure Drive - Step F

g) Now click the ‘Add’ button in the above dialog, and you will see the following dialog.
Create Secure Drive - Step G

h) Click on ‘Select a principal’ and you will get the following dialog.
Create Secure Drive - Step H

i) Specify name of the backup-only user created in step (b) above and click on ‘OK’.
Create Secure Drive - Step I

j) You will next see the following dialog. In the ‘Basic permissions’ section, select ‘Full Control’. The other options within this dialog should be as shown below. Then click ‘OK’.
Create Secure Drive - Step J

k) Now click ‘Apply’ in the following dialog.
Create Secure Drive - Step K

l) Change the ‘Owner’ by clicking on the ‘Change’ link in the above dialog. This should be the same as the backup user.

m) Click ‘OK’ to close the dialog. You will come back to the following dialog.
Create Secure Drive - Step M

n) Open the ‘Sharing’ tab, and click ‘Share…’.
Create Secure Drive - Step N

o) Then you will see the following dialog.
Create Secure Drive - Step O

p) If the “backup username” does not appear in the box, click on the dropdown list and select ‘Find people…’. Specify the “backup username” in that dialog and click ‘OK’ to come back to the File Sharing dialog. Then click ‘Add’. Choose ‘Owner’ or ‘Read/Write’ as the ‘Permission Level’ for the user.

q) Click the ‘Share’ button to share the folder. Click ‘Done’ on the following dialog.
Create Secure Drive - Step Q

r) Click ‘Close’ in the following dialog to complete the security settings.
Create Secure Drive - Step R

Yes, you are really done! It took quite a number of steps to go through, but now you have secured a folder / drive from unapproved access by malware and hack attacks. This is a safe destination for your backup data. Go ahead, start the backup process now.

How to Handle Ransomware Threat: Be Cautious and Backup Data

Why spend money on a backup program or bother setting it up? I know my data is safe.

This commonly-held belief was shattered by the recent WannaCrypt / WannaCry ransomware. The attack started on Friday, May 12, 2017, and has been described as unprecedented in scale, infecting more than 300,000 computers in over 150 countries. Some of the people had to pay up hoping to get back their data, while others just lost it. It is estimated that more than US$80,000 has been paid in ransom so far, but the total loss due to this attack might be as high as US$4 billion (according to CBS News).

“Ransomware” is a type of malicious software that blocks access to a user’s data generally by encrypting the files and displays a message demanding ransom payment. It won’t allow the user to get back the files until a “ransom” is paid (generally through untraceable ways of Bitcoin). Ransomware may also encrypt the computer’s Master File Table (MFT) or the entire Hard Drive. The WannaCry ransomware enters a network (an organization’s LAN) via an email attachment or from a compromised website. Once in the network, it uses a vulnerability in the Microsoft’s implementation of the Server Message Block (SMB) protocol to spread across the entire network. Back in March 2017 (i.e., nearly 2 months before the attack happened) Microsoft provided a fix for this security vulnerability for Windows Vista and higher. Recently Microsoft has released a patch for the outdated and out-of-support Windows XP Operating System too.
This ransomware encrypts the files in a computer and demands a payment of around US$300 in Bitcoin currency within 3 days or US$600 within 7 days. After 7 days, the files will become completely unrecoverable.

Wannacry Ransomware Screenshot
[By Source, Fair use, https://en.wikipedia.org/w/index.php?curid=54032765]

Ransomware attacks have happened before, and will happen again, and again. On May 19 another new ransomware, Xdata, has started spreading mainly in Ukraine.

So, how can we prepare to protect our valuable data from such attacks? There are two ways of handling this threat.

1. Prevent or minimize the chance of a malware attack.
2. Minimize the effect of being infected / hit by a malware.

The above two-prong proactive defense is important, because one of the possible ways of getting rid of the malware “industry” is to frustrate the players, who are not some intelligent-but-bored teenagers having fun, rather organized criminals are into this to make money. If they can’t break into enough computers, either to cause disruption (and thereby derive some perverse pleasure) or make money (which is the main goal), their interest will eventually fade. Let’s do our part to weaken, and over time hopefully get rid of, this menace.

1. Prevent or Minimize the Chance of a Malware Attack

There are some basic precautions all of us need to take to minimize (and hopefully eliminate) the threat of various malware.

a) Always use genuine software – Operating System (such as Windows) and applications (such as Office, Photoshop, browsers etc.) – from reputed companies and their suppliers. If you get pirated software (especially OS) from someone or download random software from the Internet, you are immediately vulnerable to different security threats.

b) Always keep your OS updated with the latest updates and service packs. Do not use an outdated OS.

c) Use a good up-to-date anti-virus to protect your system. Using an ineffective anti-virus is equivalent of using a door lock that anyone can open without the required key. Microsoft provides free download of its own anti-virus and anti-malware (Security Essentials and Defender). Also, regularly update the virus definitions.

d) Avoid using the computer by logging into an account with administrative privileges. It’s safer to do day-to-day work from a limited privilege user account.

e) Avoid visiting unknown or unreliable websites, and do not accept to run any script or application, if prompted by the websites. Also, use recent (preferably latest) version of one of the top browsers – Chrome, Firefox, Internet Explorer (11 only), Edge, Safari, Opera.

f) Avoid installing browser plug-ins or extensions from unknown providers. Keep vulnerable plug-ins or extensions disabled.

g) Do not open an email attachment from an unverified source, sometimes even from supposedly known sources such as friends or colleagues. Never run any attachment directly from the email client. Always download the attachment and run a virus scan on it before opening the attachment.

h) Do not insert any random media device (USB drive – flash or hard disc, SD-Card etc.) in your PC. Such media devices might been used on a compromised / infected computer. If need be, format it, or scan it using an up-to-date anti-virus before plugging it into your PC.

2. Minimize the Effect of Being Infected / Hit by Malware

In spite of all the precautions, it IS quite possible to still get infected / hit by some malware. For such scenarios, safeguard what the attacker is aiming for – your data.

NOTE: In such a case, you will need to re-setup the computer (such as reformat the hard drives, install OS and applications, reconfigure as per your needs), and then restore the data from existing backups.

First Rule of Safety – Take regular backups. Use a good backup tool to regularly backup your files and folders, preferably scheduled to run automatically. There are lots of backup tools at different price points for every OS. An application like SARANGSoft filexpertez for individual PC backup costs just US$19.95 (one-time license fee). More advanced network backup tool like SARANGSoft WinBackup Business starts at less than US$100 for 10 PCs. It’s a very small price compared to losing all your valuable data to ransomware as well as virus or hacker attack, natural disasters, equipment (such as hard disc) failure, or accidental deletion.

Take the following steps for a secure backup arrangement.

a) Dedicate an administrative user account for backup only: Create a user account for backup only and assign administrative privileges to it. Avoid logging into this account other than backup purposes. Choose a strong password for this account, e.g., use 10 or more characters, with a mix of upper and lower case, numbers, and special characters, and avoid your own name date of birth etc. Do not store / save the password anywhere in the PC.

NOTE: Do NOT use names like “backupuser” or “mybackup” or “backupadmin” etc. for the backup user account, which can be guessed by hackers. Pick something different and uncommon, but definitely NOT using your name, username etc.

b) Create a backup destination accessible only to the dedicated backup user: Create a backup destination folder, either in an attached external USB drive or in the drive of another computer within your network. Assign full access of this folder to the backup user account created in step 2(a) above. Do NOT provide access to any other user for this folder, not even to ‘SYSTEM’ account. If this folder is in a different computer of your network, share it only to the dedicated backup user account of step 2(a). Follow the detailed set of steps shown in our other blog post “Steps to Create Backup Destination Accessible only to a Specific User”.

c) Use cloud storage as backup destination: You can also choose to store the backup archives in a cloud storage such as Amazon AWS S3, Microsoft Azure or one of your choice. For example, SARANGSoft filexpertez enables direct backup to AWS-S3 and Azure as part of the backup definition process. Using local storage for backup is fast and convenient. Backup to cloud involves a little more work and recurring cost, but it also provides additional safety.

d) Schedule Automatic Backup: Schedule a backup to run periodically (e.g., every night) on the computer. Identify all your important documents and folders to be backed up and include those in your backup. Ideally, a full backup should be scheduled to run once a month or quarter and an incremental backup should be done every day. You can choose depending on your own / organization’s needs.

e) Run the backup manually once and also schedule to run it using the dedicated backup user account created in step 2(a) above. Avoid logging into this account for anything other than backup purposes. Chose the “Backup Destination” folder created in step 2(b) above to store the backup data (archives).

Now even if you lose your the data in your computer for any reason, including virus or ransomware attack, you are protected because you still have a backup copy of the required data saved in another location — in local or cloud storage.

Threat to an IT Network from End User Activities

Background
A major goal of managing IT networks is to guard against security breaches. A hardware or software asset needs to be monitored on a regular basis, if possible continuously, so that appropriate preventive steps can be taken to keep the IT infrastructure running well as well as secured, because an organization’s success and reputation depends on its IT systems being protected. Though security threats may come from improper management of hardware and software assets, it is quite likely to be caused by end-user actions as well, such as unmonitored user activities.

What is meant by ‘Monitoring User Activity’
What does it mean to monitor “user activity”? It means checking for uncommon, unexpected, suspicious actions by users, including use of (specific) computers, network shares, applications, services, data etc. within the network. Being able to quickly identify any system misuse is an effective security mechanism, which might enable to stop an attack, and clean up any fallout.

In an IT environment users take many actions as part of day-to-day activities, such as run various applications, collect / create / process data, install & uninstall software, request to upgrade hardware & software etc. As part of managing the network, IT Administrators deploy new versions / patches of Operating Systems and applications, add and/or replace components / peripherals. The combination of existing software in the network and certain user actions might unknowingly open the door for security problems, such as attempt to hack the computers, copy / alter / delete data, download virus / malware etc. Sometimes these problems are inadvertent, but deliberate actions to compromise network security is possible, and are not uncommon. Effect of any such security breach can be devastating for an organization – ask the dozens of high-profile companies in the news for the wrong reasons over past couple of years! A potential problem indication can be as simple as a particular user logging into / trying to log into a computer (server / desktop) that is not expected or at an odd hour (beyond normal office hours), or a USB drive being plugged into a computer and such. At times it could be a genuine requirement, in which case the red-flag can be reviewed and discarded. In the other cases, that’s the main clue to track down and fix the problem. Being aware is essential to protect anything, or at least to assess and address any damage.

Challenges of monitoring user activity
Manual tracking of these events are hard to start with, and it gets increasing complex and time consuming. What is needed is an automated process that tracks users’ activities in detail as required. Every organization’s network has its own requirements, priorities, challenges. Accordingly, the relevant events can be setup to be monitored and alerts can be raised for review by the IT administrator.

But how to monitor effectively?
Finding the proverbial needle of security-threat in the haystack of activities is challenging. Automation is a viable way of identifying potential issues and narrowing down the list to actionable items. It’s not just the power of recording all possible actions & events in the network and analyzing those, the flexibility and ease of fitting the tool into an organization’s own requirement is just as important.

SARANGSoft SysExpertez is an application (Windows IT Asset management) that does this monitoring efficiently and with ease. SysExpertez enables the IT administrators to setup alerts on important user activities or even various status (e.g., a disk drive free space falling below a level, System Thermal State, System Power Supply State), so that all these events are reported with details, which can be reviewed as report as needed. A number of such reports are available in the ‘User Activity Reports’ section. Here are some of the reports generated on user activities in a network:
  • Currently Logged-in Users
  • Currently Logged-in Users by Computer
  • Users’ Login / Logout Times
  • Computer ON Status
  • User Logged into Different Computers
  • Users Logged into a Specific Computer
  • USB Device Plug-in
  • USB Device Plug-in by Computer

This variety of reports on end-user activities provide a good idea as to what is happening in the network related to the end-users. You can get a report as a whole as well as use ad-hoc queries regarding specific users or particular activities.

Detecting Prohibited Software

What is a ‘Prohibited software’?
Prohibited software refers to a software program or application, which is deemed inappropriate and not allowed to be installed in any computer in a specific IT environment. The reason in general are security vulnerability / threat that it can create to that computer or even to the entire IT environment. It’s a kind of banning or blacklisting a particular software for a specific IT environment. The reason for putting a software in such a category differs from organization to organization, depending on the domain of operation, data sensitivity, security concerns etc. Therefore, a software that is “prohibited” or blacklisted in one organization might be freely used in another, and vice versa. However, certain kinds of software are more likely to be marked as prohibited in workplaces.

Importance of detecting ‘Prohibited Software
Computer users of an IT network often install different kinds of software – within the organization (e.g., on a server share), from a friend / colleague, download from the Internet, and such. Many of these software turn out to be failing in the security standards and cause vulnerability / threat to the entire network. New software of various types and increasing complexity are emerging on a regular basis. There are a lot of free software available on the Internet that are quite useful. For example, Adobe PDF Reader, Internet browsers (Firefox, Chrome, IE, Safari, Opera), Skype etc. are from highly reputed software publishers and widely used at home as well as in small to large organizations. There are also many popular games, media players, chat applications etc. From our own experience, a widely used “free” media player app also tries to install a bunch of other software, and even if you opt out of all of them, they still silently slip in a couple of questionable software into your computer! First of all, these are unknown software, on top of that they sneak into your system. How comfortable / happy does that make you feel? In most cases, the adverse effect of such software on the IT system is unknown for a while. As a result, IT network security threat increases significantly as more such software are installed. Software from commercial software providers are regularly reviewed and updated, but some of the commonly used software do not go through proper follow-up and are rarely updated. Any security flaw in such software remains and create a backdoor for hackers and malicious programs to penetrate an organization’s IT network.
On the other hand, there are some popular software including gaming, media, and social networking, usage of which is likely to affect focus and productivity of employees. Presence of such software in workplace can also lead to various compliance issues. Also, if employees in an office downloads various software from the Internet and installs on work computers, it can lead to serious legal issues, such as license violations.
That’s why every organization needs to know what software are installed on its computers and if those are required and acceptable for business reasons. If not, such software should be identified as “prohibited” and arrangements made to stop those from being installed on any work computer. Controlling software installation is not a choice anymore; it’s a required step to address security, productivity, legal, and compliance issues.

Importance of ‘Software Asset Management’ in this regard
Detection of ‘Prohibited Software’ is a part of the bigger area ‘Software Asset Management’. Software asset management (SAM) is a business practice that involves managing and optimizing the purchase, deployment, maintenance, utilization, and disposal of software applications within an organization.
Proper software asset management is necessary for effective security practices to help combat cyber-attacks that can damage an organization in various ways. An effective SAM practice delivers intelligence on software across the network, providing clear visibility of entire network inventory that helps Network Administrator to take more informed software security decisions. SAM helps to minimize the attack-surface of an organization by detecting unauthorized and unsupported software and preventing them from being installed, or at least to be removed.

Methods of tracking ‘Prohibited Software’
Traditionally, the method known as ‘application blacklisting’ is used to track the unwanted applications. This method works by maintaining a list of applications that are to be denied system access and preventing them from being installed and executed. However, since the number, variety, and complexity of applications are increasing day by day, that approach is hard to follow these days.
The opposite approach to ‘blacklisting’ is ‘application whitelisting’. In this approach, an authorized list of applications is maintained. When a new application is going to be installed, it is automatically checked against the “authorized list”. If the application is not in the list, it’s not permitted to be installed. This depends more on the honor system.

Are these methods full-proof?
Nowadays applications are coming with increasing levels of complexity, variety, in increasing numbers. So, ‘application blacklisting’ process is not likely to be full-proof. On the other hand, the ‘application whitelisting’ method also might not be practical, because of the administrative resources required to create and maintain an effective whitelist often turns out to be inadequate.

Any way out of this problem?
Considering the possible threat to the IT network, it’s not recommended to rely on manual processes to detect the unwanted software. Rather we have to rely on an automated system that can detect such applications automatically without any manual intervention – a system that continuously monitors the IT network and immediately informs about the presence of any unknown or unwanted software.
SARANGSoft SysExpertez provides this functionality along with full-fledged IT Asset Management (tracking of hardware, software, and users) in a Windows network. Let’s see how SysExpertez helps detect the unauthorized / unwanted software within a Windows network.

Role of SysExpertez in detecting ‘Prohibited Software’
SysExpertez categories installed software broadly in three distinct categories.
1. Licensed: is associated with legal copies of commercially published software from reputed providers, license for which are purchased and budget is allocated for such software to be renewed / upgraded; e.g., Microsoft Office, SQL Server, Adobe Photoshop, Oracle database, AutoCAD etc.

2. Approved: There are many free but wonderful software available. Depending on an organization’s needs and policies, its IT team can identify some of those as “Approved”; e.g., Adobe PDF Reader, Skype, Firefox and Chrome browsers, some text editors (like Notepad++, TextPad) etc., which are suitable / beneficial for use in workplace;

3. Prohibited: There are some software that an organization might choose not to allow in its network for various reasons – security threat, productivity loss, legal / compliance issues etc. These generally include games, media players, chat apps etc. Any installation of such software within the IT network should be detected ASAP, and immediately acted upon (such as uninstall and prevent future occurrences);

SysExpertez helps put the known and relevant software into one of above three (3) categories – Licensed, Approved, and Prohibited. If any software outside these three lists is installed on any computer within the network, SysExpertez can detect that, classify it as an “Unknown”, and immediately notify the IT Administrator about it. The IT Administrator can investigate the case, and either

  1. Accept it as one of the first two categories (i.e., Licensed or Approved), or
  2. Put it in the Prohibited category and instruct the user(s) of the concerned PC(s) to immediately uninstall the software (and refrain from installing it in the future).

Monitoring of software assets helps keep the network safer and comply with legal and standards requirements.

VW emission scandal: How prevalent is QA/QC cheating?

The scandal around Volkswagen cheating US EPA’s emission test process is known to almost everyone who follows current news.  To recap the known facts about 11 million vehicles (with 4-cylinder diesel engine) are affected around the world. Recalling and fixing those will cost VW about US$7.3 billion.  The company might face fines as much as US$18 billion by the US government.  Sales of all vehicles, including VW and Audi, that might be affected by this have been stopped, at least in the USA (not sure what’s happening around the world).

Now there is news that other car companies might be using the same / similar tricks to fool the emission testing process.
http://www.thefiscaltimes.com/2015/09/22/Volkswagen-May-Not-Be-Only-Car-Company-Cheating-Emissions

Shocking, right?  Hardly.  Businesses use all kinds of tricks to get past regulatory / legal requirements, and some supposedly pro-business people — from that world as well as politics — consider that necessary for doing business (or succeeding in it).

I would like to share an experience (from around 2009) we had with a prominent manufacturing company based in Kolkata, India, where our offshore software development center is located.  This company builds and supplies important parts for big name heavy machinery makers around the world.  Their production process seemed really old-fashioned — very manual, quite unmanaged, clearly inefficient, but still they supposedly were profitable and busy filling large orders.  In fact, the problem was that this company had a lot of orders to fulfill, but often their parts didn’t pass QA / QC due to defects in the production process, which led to the finished parts being rejected by their customers.

Our company was supposed to build a system to monitor their product testing process via automated data acquisition, check if technical requirements were met, and record results, which would be reviewed later on.  In fact, this system was supposed to be built as audit-ready, i.e., the company will show the recorded results to its buyers as proof of tested and passed products.

During one of the many discussions, one of their managers asked us to keep a backdoor to access and modify the test data, if needed.  The idea, he explained, was that say plating of a part was supposed to be between 70-72 micron thick.  But sometimes it might happen to be 68 micron (or may be 75 micron) due to some defect in the production process.  The automated system would measure the actual thickness and store it in the database, from which the reports will be generated for review and audit.  This company wanted a backdoor to the database backend, so that they could manipulate the stored thickness data if those were not within the permissible range, but came close, i.e., in the 67-69 or 73-75 range.  That means the Quality Control process for those parts are being compromised.  Is that a lot?  No.  Does it affect the final product quality, performance, reliability etc.?  I don’t know.  Is it dishonest?  Absolutely, no doubt.  I am glad, and relieved, that we didn’t happen to do that project for various reasons.

This must not be the only occasion, or area, where this company cut corners, and many more like it do the same, all across the world, on a regular basis.  Sometimes they get caught and/or it blows up in their face, there is a lot of hoopla about it, and then everyone goes back to normal life, without knowing how many more such corner cutting are going on all over the place.  It happens in construction, in production of household goods to electronics, in medical — medicines and devices, in automobiles (as in the case of VW), and almost all industries.

What can we do about it?  I am not sure.  These cheating systems (software — yes, that’s why I picked up this topic) have been developed by some software (and hardware?) engineers, who probably knew what was going on, but did it as part of their job.  If we individually do not stand up for what is right, we will collectively keep on suffering the results of all of our misdeeds.  Could we have stood up and said No to that customer’s demand for the “backdoor”?  As a small software company, under serious pressure at that time, the potential new customer was quite important for us.  To be very honest, I am just glad that (potential) customer ultimately decided not to work with us on that project.

I am sure a lot of people have encountered deliberate and willful compromises with quality, reliability, performance of products they use and depend on everyday. So, VW’s case is not shocking (in a way), because it’s not that we didn’t know something like this could be happening for some product or the other.

SARANGSoft: Over the past 15 Years

The last 15 years went by pretty quickly! In early 2000, we were in discussion with a few friends about the software industry, its strengths vs. weaknesses, then most prevalent “body shopping” model, the future potential and challenges.  We knew right then “body shopping” won’t work; needed a model that would be both cost-effective and logistically viable. On the other hand, we wanted to start something from the city we are so intimate with – Kolkata.  It supplied, and still does, a lot of technical talent across the world, but wasn’t a recognized spot on the IT map, not even within India.  We felt it was possible to tap the raw talent from the area and build a team that can deliver quality software to two markets – USA (where some of us are located) and India (where the core team is) –   to start with.  To be very honest, the whole decision was based on more emotion and gut feelings than serious business analysis.  Still, SARANGSoft Corporation and SARANGSoft India Pvt Ltd or SIPL (then called SARANG Infotech and Software Solutions) were started in 2000.  The first set of people came on board and we started with a modest setup.

In early 2001, we got a big break to work with a major medical insurance provider, who was migrating a massive legacy system (IBM mainframe-based) to Unix & RDBMS environment. Our team started working on-site, offsite, and offshore – at its peak involving total 10 engineers.  It went on for about two years, during which we moved to better offices and added more to the team.  In 2003, we took a different turn – after the legacy system migration project ended, we moved away from that area and focused more on Windows and Linux.  Around the same time, we started working as a direct vendor of Microsoft.  That brought a number of interesting projects in the Windows Operating System and multimedia in particular.  The team expanded even more, new offices were setup, and also came a lot of excitement and learning in the process.  There were several ups and downs too.  At times it felt like end of the road, while at other times we could barely keep up with customers’ requirements.  We worked with several small and mid-size companies too, and each was different in significant ways.

The downturn of 2008-2009 had a serious effect on our business as it did for most organizations.  All the customers clammed up in uncertainty, new projects stopped, existing projects stalled / shrunk, some customers couldn’t / didn’t pay as agreed upon.  We went through a couple of horrible years.  Some of our long-time clients continued to work with us, and some new clients did start during this time.  We are happy that most of those relationships are stronger today.  As the market sentiment improved over the last couple of years, we have expanded our business and feel much better now.

During the downtime, we started focusing more on our own software products, and released a number of those starting in 2009.  We offer Data Backup – for Windows PC (filexpertez) to entire Windows network (WinBackup Business), Document Digitization and Management (digipaper), IT Configuration Management (SysExpertez), Cloud Data Browsing & Transfer (CloudScape), Developer Tools (Logastic and Testology), and more.  We didn’t actively market those; actually we are not good in marketing ourselves. Still, some people have noticed the products, tried out a few those, liked what they saw, and purchased.  Based on customer feedback, we have been making improvements to our products, and newer versions are being released frequently.

Over the past 7-8 years, we have concentrated on some specific areas.  Windows platform remains our core strength as before.  We can do almost anything on Windows – at OS level or with apps, components, tools, system services.  Our other area of strength is the web platform – .NET and Open Source.  We design and develop websites, web apps, web services, and anything in between.  For the past 4 years we have also been working with Cloud technologies, especially AWS and Azure.  We are increasingly moving apps and services to appropriate cloud platforms.  We are also working on mobile apps, but not the typical native apps for each of the two dominant platforms.  We prefer to build a common cloud backend for the app core and a lightweight frontend for each mobile platform.

Today we are at an important point in our journey.  After a long stormy night, we are at the break of a new dawn.  Our team of about thirty people is motivated and dedicated.  Our product and service offerings are rich.  We are strong on skills, experience, and innovation.  And we are as committed as we have always been to deliver the best to our customers and partners.

visit: www.theappsolutions.com and see more

Absence of data backup made Mumbai Mantralaya fire turn more disastrous.

A tragic incident of fire has caused a lot of damage at the Mantralaya in Mumbai. Lives have been lost and a number of people have been injured in the fire. There is report (http://news.in.msn.com/exclusives/it/article.aspx?cp-documentid=250206858#page=1) that more than 90% of nearly 500 computers have been destroyed by the fire. Loss of data is the worst impact of such incidents, because the hardware and software can be bought and replaced, but not the data. On the other hand, there was a problem at RBI, Kolkata, because of which a PC with vital data got badly damaged beyond repair. There within less than 1/2 hour, the data of that PC was restored from the latest backups. Contrast the two cases — in one place most data is lost vs. lost data is quickly recovered.