Microsoft Office is pretty ubiquitous, but most of our clients in the past few years have been complaining that each new version offered little reason to upgrade except that without the new version, you couldn’t open documents others created with the new version. Not really good value for money there, especially when each copy can cost several hundred dollars…

Since we are ourselves somewhat frugal, we have been using OpenOffice instead of Microsoft Office for several years now. Sure, we still have a few copies of Microsoft Office around when needed, but propeller heads like us get a big discount from Microsoft so the pain to our wallets has been minimal. (FWIW, Typically we exchange documents with others in Adobe Acrobat format, not Microsoft Office. OpenOffice includes a free pdf generator with a one-button click.)

Being open source, OpenOffice is both free and readily customizable by anyone who cares to. Novell (SuSE Linux), offers a version called Go Office which includes bits not included in the version available from OpenOffice.org, like better WordPerfect and Microsoft Office import filters. Sun offers a paid, supported version of OpenOffice and IBM’s Lotus division has a free, supported version of OpenOffice called Lotus Symphony.

Not widely reported, back in the Spring IBM made a decision that the OpenDocument format (a world standard supported by OpenOffice) would be the document interchange standard within IBM. The deadline for all 360,000 IBM’ers to start using Symphony (OpenOffice) instead of Microsoft Office is September 22. Already, 330,000 IBM’ers are using Symphony, according to Linux Magazine (http://www.linux-magazine.com/Online/News/IBM-Throws-Out-Microsoft-Office).

Of course, this doesn’t mean the end of Microsoft Office, but it is a nice reminder that we all do have choices, and that if IBM can cut the cord, then maybe we can do it too.

If you would like to learn if OpenOffice is for you (because it isn’t for everybody), call us at (207) 772-5678.

Mark Stone
CIO

We went to quote out a new firewall for one of our clients this morning — and found the vendor’s site had been hacked.

Since we had some behind-the-home-page links in our browser’s history, we could see that only the home page had been defaced. So, we called the vendor and they immediately took the entire site down to fix things.

While it might seem a little ironic (if not somehow darkly entertaining) that a company selling firewalls for a living got hacked, there are a few old-school lessons here worth repeating:

1. A great firewall, even correctly configured, isn’t enough to protect you entirely from external threats.
2. A great firewall, even when configured with gateway anti-virus, anti-malware, intrusion prevention and a bunch of other propeller-head acronyms, isn’t enough to protect you entirely from external threats.
3. All of the applications exposed to the Internet (web, email, ftp servers etc.) need to be kept up date with security patches too.
4. Automated monitoring–of web sites and log files–would have given the company’s system administrator a near-immediate heads up that something was wrong.  As it was, the hacker had put a visitor counter on the hacked home page, and 18,402 unique visitors had already been to the site before we arrived (and before the company was aware they had been hacked).

None of these protections cost much in the way of system administration resources or hardware/software costs, (though they do require a fair amount of expertise to implement properly) and very well might have prevented this hack.

Damage to a hacked company’s reputation can cost a lot more than a new firewall for sure. When you take credit card payments, the legal requirements for dealing with a breach can result in astronomical costs.

All of which is a long way of saying that if you haven’t looked over your company’s security posture recently, now might be a good time to give us a call.

Take care,
Mark