I'm an American veteran.
One of the luckiest in the nation having served in a narrow slice of the American time line, known as "Peace Time." As a Navy Photographer on the USS Nimitz my biggest daily stress was if the camera flash went off to properly light the scene of the "Skipper" and a visiting dignitary on the Bridge of the carrier. For a while I was the editor of the ships cruise book and the Captain's personal photographer. I had the world by the balls and I knew it at the time!

When someone thanks me for my service, I feel a little bit of pride. But if they say, thank you for your sacrifice, I get embarrassed. Sacrifice? I was away from my family one Christmas while I was overseas. In Naples Italy, Franko, the guy that owned the Pub I frequented, pretty much adopted me and a couple of shipmates for Christmas. He and his wife Maria had us up to his family villa for dinner and several bottles of vino. He then gave us his car to drive back down the mountain to our hotel. Some sacrifice.

We are surrounded by men that fought in wars from yesteryear and also now, women from battle fields not long ago. Not all sacrifices are as visible as a missing limb and it's not easy to tell what sacrifice a warrior carries in their heart. Or if part of their soul was left in a far away land. These are the men and woman I'd like to salute this Veterans Day.
Thank you for your service.
Thank you for your sacrifice.

-Sully

#VetransDayIs

We were all thrown into a whirlwind of activity with North Plain's (NP)  notice this year of the End of Life of SGL's FlashNet for Xinet. Here's the State of the Nation with regard to Archives:

In the immediate near term there's a great new archiving solution using modern software. The builder of the integration has a long history of writing to exactly this space, and his current tools allow restores from FlashNet as well. For the medium term, we can help you setup a system that will give you easy access to archives using the familiar tools, while you restore as much legacy archives as you feel needed. Long term- you restore files using the base FlashNet software, for as long as you can find hardware that will support the tape technology in use at time of archive.

SGL's FlashNet is going away, and in it's place we'll be relying on Archiware's P5 Archive. This backup software is robust, modern, with a hugely enhanced toolset, and a long history or being present in this exact space of Graphic Arts. We're excited by the options and capabilities it presents, from hyper-intelligent backups to much better hardware support, to a modern web-based interface. Archive to Disk? check. Perpetual intelligent incremental backups? check. Ability to offload backup off primary disk to either other disk or tape? check. It's great stuff, and we can't wait to help you getting  it in place and using it.

FlashWeb and it's recent replacement WebNative Archive are going away, being replaced by InPress' OnFile. InPress has been building solutions for Xinet for forever, and has a rich history and understanding of how to write robust code for the ecosystem. They have hundreds and hundreds of instances of InPressive and Accelerator out there, and a great tool set that enhances the Xinet experience. NAPC has been doing business with them for years, and are really excited and pleased by North Plains choosing of InPress as the heir to building out the interface between Xinet and Archive. Jorgen and Co. are well on the way to an initial release that will fulfill the common need- an easy way to find archives, submit them for restore, monitor progress, or ask an admin to restore files.

The other large concern we've been facing is how to ensure continued access to legacy archives. SGL's licensing machine is going dark next summer, so if there's a HW failure that requires a new license, one won't be available after that, which is a crippling prospect. We've worked out with NP a strategy for setting up a legacy restore server: a separate, static Xinet setup, one that has a small license but full access to archives through the web interface, to allow for easy user restores while a larger restore operation takes place. We're envisioning this as a small older server (or VM) with the older tape library attached.

In the longer term, for 'deep' archives that weren't worth the effort of restoring in bulk, you'll be able to attach a standalone drive to an even smaller box, and restore the very occasional file through the much beloved X interface. There's never been a license needed for FlashNet to restore through a single tape drive, licenses are only needed to drive a robot or to use the higher level functionality.

We're all over this- we understand the value and need for robust archiving and access to the lifework of your company. Please let us know if you have any questions, concerns, etc..., etc....

rob

I'd like to start a discussion regarding the many offerings we can provide to make your life easier, more productive, and more secure. One area we excel in and can help you out with is Active Directory Integration, Security and Auditing.

Active Directory is wildly popular in the enterprise, and with good reason. It's arguably one of the best products Microsoft has come out with. A single point of entry for new employees, permissions, and security, it's a great way to make sure you know who has access to systems, that password security meets a standard, allows users to be turned on and off centrally, and it 'just works'.

NAPC has partnered for years with Centrify, the leader in Non-Windows AD integration. We've been using them for Unix integration since they first came out with their world class solutions, and they just keep getting better. You probably know of us and them from your Xinet server. We also have been doing Mac desktop integration (Centrify leans on us for this expertise when they need implementation !). Check out our video on easy rollout of desktop macs to get a sense of what can be done, in addition to the basics-

http://www.youtube.com/watch?v=VHrvZiYEZaE

That's just the tip of the iceberg though. Centrify and NAPC can provide data-center wide services- helping implement AD integration across all your *nix systems. There's a very powerful suite of permissions tools included, so you not only get a stable central authentication structure, you also get an easy way to put 'like' servers into admin groups, and assign rights for users and groups to multiple servers simultaneously. This is tremendously efficient. They have the ability to apply sudo permissions as well in this way, all through an easy, intuitive interface.

On top of this, there's even a great story for Windows servers. Centrify gives reporting capabilities that AD itself doesn't. The suite includes much finer grained abilities to search for idle users, accounts, and machines. We've had people fail SOX audits, and been shown the tool in Centrify that  would have caught the exceptions beforehand. And with automated reporting, you can show the auditors you're trapping for this now, and there's no more examples of it. Talk about looking like a hero!

Another example of what can be done is ongoing auditing of systems. You can load a very lightweight client on any Unix or Windows machine that will actually record screen captures of a users actions. That way, if a system goes down, and an Admin or service provider can't remember exactly what they did, you can watch a video of them typing, mistyping, pushing buttons. This helps you from a SOX auditing standpoint for allowing remote providers in, but also allows you to understand exactly what was done that broke the system. This is hugely powerful, not only to speed up recovery, but also from a training perspective for your admins.

This just breaks the surface of what the tools are capable of. Please feel free to reach out and ask what else can be done, or if you have specific needs, or just feel like you could be doing more on the security and auditing front. Odds are, there's a solution that can address your needs, get you home on time, and sleeping soundly!

Xinet Pilot from FlatheadU on Vimeo.

I blogged about the new North Plains, Xinet Pilot, when it first came out and we've had a few inquiries about it's configuration and functionality. Xinet Pilot is a Desktop Service. North Plains' description is an evolution from the Asset Browser feature into a Xinet-aware media browser for Mac client desktops. That's the fancy speak. I just call it awesome!

They further explain that Xinet Pilot runs on the client as a service, no longer restricted to working within the a Adobe application. And that's the awesome part: Freedom from the individual applications!

I provide a look at Xinet Pilot in our latest Flathead U video. Comments and feedback are always welcome.

"BEIJING: Cyber attacks that stole information from 141 targets in the US and other countries have been traced to a Chinese military unit in a drab office building in the outskirts of Shanghai, a US security firm alleged Tuesday." - Reuters

Google, Facebook, New York Times, U.S. Chamber of Commerce, Nortel Networks hacked. What chance do you stand?

If you can't trust your hardware, what do you trust? Information. Information is the key to both preventing and recovering from cyber attacks to your infrastructure. The right set of tools can be essential in protecting your data, digital assets, and your peace of mind.

1. Firewall - The first line of defense.

This is reasonably straightforward, however you need to be sure you're getting what you expect. Newer hardware from Cisco, Sonicwall, HP and Dell should be fine. ZTE not so much. Keep your hardware reasonably up-to-date to ensure the best security at the perimeter. Older, unpatched hardware is just open door.

2. Identity Management - a means of authentication and Identification. You need to know who is in your systems.

You need to maintain a centralized store of usernames and passwords. Islands of unmanaged identities is questionable if it is resides inside your firewall or even worse, on your DMZ. Ensuring that you are both recording login failures and password lockouts is also an essential part of prevention. If you have stores of unmanaged accounts that provide access to anything on your network you really need to make those go away. This is the achilles heel of any security-conscious company.

3. Authorization - You need to know who can do what.

You need to manage what levels of access every account in your organization has. This means that each role in your company should have an assigned set of requirements for infrastructure access, and that should determine exactly what their needs are for privilege requirements.

4. Auditing - you need to know what they are doing or what they did.

Log as much information as possible and review that information regularly. It's often the case that after the forensics on a hacked system that evidence of the compromise was there weeks or even months prior to the system actually being hacked. In fact we've found it's more the rule han the exception. Hackers are lazy, and typically will simply run automated scanning scripts on entire ranges of IP addresses looking for vulnerable systems. They often don't come back to the list of systems until they have some need later on. In many cases you can prevent a system compromise by simply being diligent in monitoring your systems.

5. IDS/IPS - Intrusion Detection and/or Prevention system.

"IDS" if you are unaware stands for Intrustion Detection System. These are typically network-resident systems that monitor network traffic and analyze it for potential nefarious conditions. Some of these systems rely simply on being able to promiscuously monitor all network packets, however some actually use client-installed detection systems that read directly from the machines in question. Using a combination of a well-designed IDS and IPS (Intrusion Prevention System) it's pretty much assured that you will prevent 99.9% of network/server compromises.

The part not discussed here is the likelihood of individual vulnerable systems either becoming compromised or becoming vectors for compromise. Some of this can be mitigated by the items above, however it's not silver bullet. The primary goal of the above is to prevent unauthorized access to your critical systems. Preventing access to your desktops, laptops and mobile devices is going to be a much more difficult job.

On Wednesday, we enjoyed the opportunity to cohost a webinar along with NAPC partner North Plains and Henry Stewart DAM entitled The Seven Deadly Sins of Brand Asset Management. 200 attendees from over 20 countries listened in, and NAPC's own Scott Tully took the mic at one point to speak on issues relating to brand asset management.

The sins themselves are as follows: Consistency, compliance, collaboration, connection, communication, control, and cost. Each sin has the potential to cause tremendous embarrassment to your brand and cost your company significant amounts of money. If you missed the event, you can catch it at your convenience; simply watch the playback right here!

The idea of taking your finished goods, project files, or other files you don't think you'll need ready, and sending them to the ‘cloud’ has gained tremendous steam over the past several years. Historically, the archive environment blended itself very well to maintaining databases, dealing with hierarchies and storage, especially as discs with more space became commercially available.

Unfortunately, the archive has always had some big problems:

-People need to buy new technology to replace legacy technology, not only creating an upfront cost but causing learning curves.

-The archive creates significant capital expense.

-Large archives inevitably create red tape, which there is significant marketplace pressure to avoid.

The historical kneejerk reaction is to simply buy more discs, but this leads to the archive’s biggest weakness: Disc space grows exponentially because archive data never goes away. Disk storage is more expensive than other media types (i.e.: tape), increasingly difficult to manage, and put you at risk even with an effective disaster recovery plan. Having this massive trove of data somehow backed up or stored in a secure facility isn’t a great answer because you lose easy access.

NAPC believes that the real future is a shift to a cloud storage module with it naturally and conveniently trackable by Xinet, leading to the whole concept Amazon is propagating with its array of cloud storage services.

Approaching cloud resources as part of a hierarchical storage management (HSM) environment will provide highly-leveraged benefits. You’ll be able to define business rules based on how much you archive, how frequently you archive, and how much time from the date you archive to the date you upload. You can put rules in place to automatically manage this information and keep the vast preponderance of your data in the least expensive location. When you need to simultaneously convert a large amount of data, you’ll be able to tap Amazon’s ability to transfer as much as 16 terabytes at once from the discs. Everything will be meticulously maintained by Xinet’s database.

If you can accept a four-hour wait to get your data back, Amazon’s Glacier service is extraordinary cheap (just 1-cent/Gb/month). Keep in mind you could easily spend more than 4-hours sifting through massive, unorganized archives and NEVER find what you need. Cloud storage, including Amazon, is represented by cheap pricing with wonderful enhancements of everything being online.

Amazon promises reliability and access, and some people have raised concerns over Amazon’s reliability, but really: Amazon is one of the most successful web companies ever. If you aren’t going to trust your web storage with them, who can you trust?

At NAPC we’ve embarked on a project working with our own Sean Kenny. Sean builds a very comprehensive step that we expect will take everyone into account who uses any integrator, Xinet or otherwise, BrandControl, took into account things like first period of time that someone archives from live to a final resting place, is your highest possibility of needing it back, incorporated the ability to initially put the archive data into the much more live on demand Amazon S3.

Offline information will show up as offline. Everything shows up as the same environment from a user’s perspective to search and browse, to determine for certain it’s what you want, and to automatically request a restore. You avoid additional infrastructure and IT costs and you eliminate the need for creating secondary copies of all your backup discs and storing them in a secure facility.

At the end of the day, here’s what cloud storage nets you for a very modest price: Support, software configuration, a storage fee, and making the cloud a natural extension of the business environment. Perhaps most importantly, your business looks like real thought leaders to potential leads. Who doesn’t like spending less money for even better results?

Xinet Pilot is a Xinet-aware media browser that will replace the Asset Browser plugins, and a quick look shows it works extremely well so far. North Plains describes it as a powerful hybrid of web browser and production navigation technology that provides Xinet-related tools within creative media environments.

Instead of an Asset Browser plugin, Xinet Pilot is a service that runs directly from the desktop. By launching it once, you can use it across Adobe Illustrator, Photoshop, or InDesign seamlessly. You can drag and drop files from the Xinet Pilot into the three Adobe programs, but you can also upload files to the server and apply metadata on the fly.

The really exciting part about Pilot's upload ability is that it will respect the Template Permission settings for Uploader, Enabled and "Required". So it will work like the Uploader Application in that respect, that we can set data fields to be required. Great! But unlike the Uploader Application, Pilots uploads are limited to singular assets. That's right, one asset at a time. (So far)

North Plains has said that they’ll be “depreciating” Asset Browser plugins and migrating to Xinet Pilot. North Plains has also promised to evolve Pilot in future releases and it will support Adobe Creative Cloud. I'm speculating that people are going to love Xinet Pilot and the first feature requests are going to be for multiple asset uploads.

There's not a lot of configuration options in this first release, but I imagine that will be coming also. Not everybody likes the 'executive black' background. North Plains is rightly taking the approach of providing the right user experience and tools now, and hopefully providing aesthetics in those later updates.

If you haven’t climbed into the pilot’s seat yet, you should.

Between long hours, heated debates and late night ping pong matches, ad agency groups tend to be very closely knit. As exciting as it is to welcome new blood when hiring season rolls around, as it is for the class of 2013, it can be strange to have new team members during a big client pitch, especially if they’re replacing somebody who just left. An agency is only as successful as its team is united, which is why you should use both in-person skills and social technology to make newbies feel at home.

Connect Everyone Through An Enterprise Social Network

Everybody has different preferences for social networks. Some people are more avid Facebook users while others gravitate towards LinkedIn. In an online environment it can be very difficult to connect everyone when there are so many options and so many different personal preferences. Use an internal social network specifically tailored to your ad agency. Beyond being able to efficiently collaborate it will encourage icebreaking and inside joke creation, providing a virtual water cooler where new hires can mingle with senior managers easily.

Encourage Idea Contribution

New employees love feeling valuable. When you encourage them to share their ideas during meetings, pitches or conference calls, they benefit from seeing their work in action. Even if their ideas aren't great, they can learn from veteran team members. The result is that new employees feel like they're contributing to discussions and projects while also learning about the needs of clients.

Share Work Examples

It’s the question everybody wonders about the new art director or graphic designer: What’s their style? Get everybody together and swap work samples: Banners, fliers, graphics, whatever you can share to help each other get a sense of what your artistic talents are and where your strengths lie. An online sample room can make internal collaboration a lot of fun, and it will encourage inspiration and creativity among the entire team.

Make The First Move

Intern or 30-year veteran, it’s never easy being new. Not getting the inside jokes or only being identified as the “new guy” can make it daunting for the new people to introduce themselves. Save them the trouble by walking up, introducing yourself, and giving the rookie the rundown on what’s been happening at the agency. You’ll help them work better by understanding the ins and outs of your environment and make them feel welcome in the process.

Ask How New Hires Are Doing

This simple gesture can make new employees feel right at home, and even make them want to contribute more to a company-driven social network as a result. When I was a rookie at my first internship, the Human Resources Director dropped by my desk on a daily basis for the first few weeks. No big updates, no problems; she just wanted to say hi, check in, and ask how I was acclimating. It was a few minutes out of her day that helped ease my nervousness at being new and 10 years younger than almost everybody at the office. As a result I wound up getting involved in the company events, including prepping for the Christmas party.

Keep these tips in mind as we head into summer, particularly as a fresh batch of recent college graduates arrive at their desks. Be good to them and they'll be great to you.

You're struggling with Mac deployments and wasting your valuable time fine-tuning the user experience on every Mac you release. You're sick of running around to desktops just to change minor settings like DNS, proxies, or background images. Who has the time?

Thanks to Centrify, you can deploy your Macs simply, quickly, and cheaply with a modicum of effort and the ability to easily customize the end user experience all with a single OSX image file, all from the comfort of your desktop. 



You can easily manipulate the users' look and feel based on the role of the machine, so a kiosk would look different from a laptop or a desktop. This all happens after deployment, meaning the look and feel changes all happen after the users logs into their respective Macs.

Watch the video for the full rundown of how Centrify will make your life a lot easier when deploying Macs. There's much more to learn about Centrify on our site!