Thursday, September 15, 2011

13 Infrastructure Decisions That Result In Poor IT Security





Introduction

Designing, architecting, and implementing a corporate network is a daunting task. It is easy to become lost in
the minutia and overlook some big picture issues. This is especially true in regards to security. Some decisions that make sense in terms of efficiency, throughput, compatibility, ease of administration, etc., might not result in good security. This white paper presents 13 somewhat common infrastructure decisions that can result in poor IT security. (They are not in any particular order.)

1. Choosing Speed over Security

A high-performance network that supports efficient productivity is highly desirable. However, when a decision must be made between a reduction in throughput versus increased security, security should be valued at least as highly as productivity. Without security, productivity will not last. Without proper and sufficient security controls, malicious code or hacker attacks can quickly render a network infrastructure unable to support legitimate communications or transactions. High-speed communications are important, but we must protect the availability of the network in order to have a network.

2. Implementing a Single Internet Connection

Any single point of failure is a poor infrastructure and design decision. There should be two exits from every
room. There should be at least two copies of every file. And there should be at least two connection paths out to the Internet. (There is an assumption here that Internet connectivity is an essential utility of the organization. If not, then redundancy is not as important.) With only a single connection to the Internet, there is a single point of failure. One mis-configured connection device, one hardware failure, one payment lost in the mail, one misguided backhoe, and the connectivity is lost. Every aspect of a network should be designed with redundancy in mind in order to avoid single points of failure.

3. Failing to Implement Internal Traffic Management

More than half of security breaches are caused by internal personnel. It is often incorrect to assume all users, programs, and processes within the organization’s network are safe and trustworthy. Every moderate to
large network should implement traffic shaping, traffic throttling, and traffic control measures internally. By
implementing these features, no one network service, application, protocol, or user can fully consume all of the network bandwidth to the exclusion of others. Thus, mission- critical communications will always have sufficient bandwidth reserved for them.

4. Not Using Network Event Auditing

Evidence of compromise is a valuable asset. However, it can only be obtained at the instant the compromise
is performed. If the network is not already actively recording network events into a log file or audit trail, then
security breaches will go unnoticed. It is better to record events to a log file that are not needed, than to not
record events that are essential to detection, response, and potential prosecution. Without an ongoing permanent record of events (i.e., log files), you have no evidence of benign or malicious activity, and trends toward bottlenecks will go unnoticed as well.

5. Depending on Physical Security

Every environment must properly address logical/ technical security, administrative security (i.e., policies and
people), as well as physical security. Each of these three areas is somewhat self-contained in that the security
measures of one do not ensure protection against threats from the other. In other words, logical protections
defend against logical attacks, and physical security defends against physical attacks. It is a mistake to assume a strong physical security solution is compensation for poor or lax logical security. Malicious code and social engineering attacks are still possible even with an impenetrable physical fortress. Just as with logical security, there are a wide variety of physical security options. You need to implement those that are relevant to your specific needs. However, some common examples of physical security controls include security cameras, security guards, lighting, conventional and electronic locks, burglar alarms, man traps, fencing, fire resistant building materials, and fire detection and suppression systems.

6. Assuming the Electrical Service Is Reliable and Consistent

Electricity is the life blood of computer technology. Without power, computers and networks fail. And not just any power; pure, consistent, clean, regulated power is necessary for the long-term viability and stability of computer networks. Power grids can and do fail. The power company cannot guarantee uninterrupted service or prevent electrical noise. You must use surge protectors, power line conditioners, uninterruptible power supplies, and on site power generators to ensure only consistent, conditioned power is fed to your electronics. The loss of power, even for short periods of time, means operational downtime and potentially lost or corrupted data.

7. Failing to Store Backups Offsite

Bad things happen. You must be prepared. Backups are the only form of insurance against data loss. Without backups, your data is at risk. Serious risk. Real risk. You need to follow the backup 3-2-1 rule:

  • There must be 3 copies of data
  • There must be 2 different forms of media
  • There must be 1 copy stored offsite

Failing to store a backup offsite is also a failure of taking the real world seriously. Complete and total destruction by fire, flood, tornado, and other acts of nature is common. No home or office building is completely protected. Assume the worst, and then plan to survive it. No, not just survive, but thrive through it. Be better prepared than your neighbors or competition. Be the first to fully recover and be back in business.

8. Leaving Unused Ports Open

Leaving unused ports open and active is the same as leaving your back door unlocked while you go on vacation. Anyone can connect an unauthorized system to an open port. System hardening has two basic steps: remove what you don’t need, lock down what is left. If a physical port is not in use, disconnect it, turn it off, make it go dark. When you need the port in the future, then re-enabled it. Don’t enable any connection path before it is secured or before it is needed for a business task.

9. Deploying Wireless Networks

Wireless networks are a challenge to secure and support. Often, the cost in effort as well as budget is not worth it when compared to using a physical cable. Before deploying a wireless network, ask a few questions.

  1. Will a power cord be needed anyway? If so, running a network cable as well will not be much additional effort.
  2. Is the wireless for customers or visitors? If so, it does not need any link into the private LAN; a public ISP link would suffice.
  3. Are any essential business tasks dependant on wireless? If not, you might not be implementing wireless for a real business reason.

I would generally recommend against installing wireless networks for most organizations. This is because interference and DoS are always possible, even with the best wireless security configured and the strongest wireless encryption enabled.

10. Not Planning for Mission-Critical Task Interruptions or Disasters

Murphy (as in Murphy’s Law) hates you. The universe tends towards entropy. The only thing that remains the same is change. Assuming your organization will continue to function into the future exactly the way is does now is a fantasy. Things will change; some for the good, many for the bad. Natural disasters, malicious code, fire, thieves, disgruntled employees, criminal hackers, and the rambunctious children of your employees can cause mission-critical task interruptions, downtime, and disasters. By failing to plan, you plan to fail. You must plan your response and recovery now before a business interruption occurs. Disaster recovery planning focuses your recovery on the most mission-critical processes in priority over less essential functions.

11. Avoiding Hardware Replacements Based on MTTF/MTBF

The most common cause of unplanned downtime is hardware failure. Most devices are tested and rated based on how long they should operate under normal conditions before experiencing their first failure. This is a time rating of either mean time to failure (MTTF) or mean time before failure (MTBF). MTTF is for devices that are usually replaced upon failure. MTBF is for devices that can be repaired and returned to service. The MTBF thus serves as the measure for the time frame before the first failure and between all subsequent failures. Hardware should be scheduled for replacement/repair around 95% of its MTTF/MTBF. While some statistical outliers will fail earlier, and some might last for much longer without failure, statistically, the odds are in your favor when you plan to replace devices just before their average failure time is reached.

12. Allowing Outside Portable Media

Any communication pathway that supports legitimate transmission of data can also be used to transfer malicious code. One of the more notorious culprits of this is removable media. Whether CD, DVD, floppy, zip disk, smart card, flash drive, or USB hard drive, all of them present a real and current risk. Many forms of malicious code can spread through removable media one machine at a time. If a system is infected, potentially any storage device connected to that machine can become infected. Then as that storage device is connected to other computers, the malicious code spreads. When anyone brings removable media in from anywhere there is a significant risk of infecting the company network. Make it company policy that all media from outside sources must be screened and scanned on a dedicated malware scanning system before being used on any other office computer.

13. Allowing End Users to Install Software

Another common method of distribution of malicious code is the Trojan horse, which is a supposedly benign
program that happens to contain a hidden malicious payload. When the host program is used, the malware is
delivered. Trojan horses can be obtained from removable media brought in from outside sources, downloaded from the Internet, exchanged through peer-to-peer services, received as an e-mail attachment, and shared across network services. When regular users have sufficient permissions to install new software, they, in turn, also have permission to launch malicious code. One method to eliminate this risk (or at least significantly reduce it) is to prevent end users from being able to install software. One way to accomplish this is through the use of a white list. A white list is a file of the names and hash values of all executables that the organization has deemed safe and necessary for users to accomplish their work tasks. Only the applications on the white list will execute on the user’s system. All other programs, including any installation process or malware, will fail to execute as it will not have permissions to do so. White listing does restrict a user’s freedom, but on a work computer, security is often more important than granting users complete control over their workstations.

Summary

I hope your organization is not making all of these mistakes in its infrastructure decisions. It is possible that your organization can improve its security in one or more of these areas. Take the time to assess your current security policy in each of these areas to see if there is room for refinement or improvement. Keep in mind that security is never an accomplishable goal. Instead, it is a long and difficult journey that requires vigilance and persistence in striving towards improved security over time.

Author:
James Michael Stewart, Global Knowledge Instructor, CISSP, ISSAP, SSCP, MCT,
CEI, CEH, TICSA, CIW SA, Security+, MCSE+, Security Windows 2000, MCSA
Windows Sever 2003, MCDST, MCSE NT & W2K, MCP+I, Network+, iNet+


Original Source

Wednesday, September 14, 2011

10 things you can do to boost PC performance



 
Takeaway: Does your PC performance need a kick in the pants? These simple steps will help speed things up.

 
There’s so much information out there about PC performance (especially on Windows machines), it’s difficult to be sure what’s right and what’s not so helpful. Here are 10 proven performance enhancements you can make to your computer, many of which are free.

 
1: Get rid of malware
New machines shouldn’t have malware on them. But one of the most common causes of the “my PC used to be fast, and now it isn’t!” complaint is actually the presence of malware. Malware can sneak onto a computer in a zillion different ways and quite often it sits in the background slowing your machine to as it sends out spam emails, searches for other computers to infect, works on cracking cryptography, or any number of the other nefarious tasks that hackers like to use their botnet slaves for. There’s a good chance that the malware brought even more friends with it (that’s often how you see computers with thousands of viruses on them not long after the initial infection), and the infection may be bad enough to justify a wipe and reload. My first step in investigating a slow system is usually a virus scan.

 
2: Upgrade to a better video card
For typical business productivity tasks, a video card probably isn’t an upgrade that will have a lot of value. But for gamers and other similar uses, a video card is a slam dunk upgrade. If your current card and motherboard support SLI or CrossFireX, adding a second card and bridging them will be a good option as well. In some scenarios, better video cards can be a huge benefit even without heavy onscreen video work, because certain applications can leverage the GPUs for calculations.

 
3: Get a faster drive
Many times, the real performance issue is the speed of disks. Look at numbers like the RPMs, cache size, seek speed, and transfer rate to buy a faster drive. Often, a good drive will seem slow because the computer’s power settings are allowing it to spin down. You may want to consider changing these settings to make sure that the disk is more likely to be ready to work when you need it to. While the SSD vs. hard disk debate is still continuing, SSDs usually seem to feel faster to users. Boot times are usually cut for sure. But something about an SSD makes a system feel more responsive or “snappy” to use, and for day-to-day work, that’s a great feeling.

 
4: Address hardware and driver issues
All too often, system slowness is actually a sign of hardware problems. For example, if your CPU isn’t being properly cooled, it will often have its speed reduced in an effort to keep it from overheating. Recoverable errors with disk access can kill your throughput while not showing up as a dead drive. And bad hardware drivers can often make the whole system slow, especially video drivers. Using utilities to check your CPU speed and various temperatures, scanning for hard drive errors, and updating your drivers is a good start to investigating performance problems. Often, problems caused by hardware or drivers are not just poor speeds, but system flakiness too.

 
5: Use a RAID
Using a RAID can dramatically lower the read and write speeds of your disks, depending upon the RAID level you choose. You will want to do some research to see what RAID level fits your needs the best. Personally, I am a fan of RAID 1, 6, and 10 because I feel that they offer appropriate levels of data protection along with a good measure of speed improvements.

 
6: Try a different browser
It’s no secret: Different browsers perform differently, and most people spend a lot of time in their Web browser. Benchmarks really muddy the browser speed conversation. Some browsers perform well on some but do badly on others, even when they are supposed to test the same thing. The problem with the benchmarks is that what they usually test is not real work performance! While JavaScript is an important part of the modern Web, few Web applications beat on the JavaScript engine hard enough to produce a noticeable impact on performance. That said, it’s been my experience that the Chrome browser is the fastest for actual work. If you want to have your Web browser feel more responsive and lively, consider a switch to Chrome.

 
7: Remove junk
It’s easy to have a computer get loaded up with junk that slows it down. The worst part is, we invite this garbage into our lives by installing “helpful” utilities, toolbars, and other add-ons. I could easily write a list of 10 kinds of computer-stalling junk. Here are some of the things you’ll want to seek out and remove for best performance:
  • Automatic update systems for various applications (but be careful: some apps, like Flash, Acrobat, QuickTime, and Web browsers are prime malware targets and you will want to keep these up-to-date)
  • Things that run on startup
  • Windows services you don’t really need
  • Crapware from the PC maker
  • Toolbars
  • Browser plug-ins (the Skype browser plug-in is an especially bad offender, I’ve found)
  • P2P applications
  • Web servers and database servers that were installed by since-removed applications, but left behind

 
8: Add a faster DNS lookup server
Most ISPs love to brag about how much bandwidth they are giving you. But they don’t mind letting the rest of their infrastructure slowly get overwhelmed or deteriorate. Among the biggest offenders are the DNS servers our ISPs use. If you want to know why things seem to take forever to start loading, slow DNS servers are often the cause. Consider adding a fast DNS server as your primary DNS server in your TCP/IP settings. Google’s Public DNS server is a great option.

 
9: Defrag
Defragging your hard drives is a great way to get some more performance. While modern Windows systems automatically defrag on a regular basis, I’ve found that the Windows defragging is fairly unaggressive. We’ve reviewed a lot of different defrag apps here at TechRepublic. I suggest that you check out your alternatives and find one that does a better job for you.

 
10: Check network connectivity
Time and time again, “system slowness” actually is caused by networking issues. Our computers do so much on the Internet that slowness there can affect just about everything you do on a regular basis. While there isn’t enough space to write an exhausting troubleshooting list here, some of the things you should try (or investigate) are:
  • Replacing the network cables, switches, routers, WiFi access points, etc.
  • Calling the ISP and checking the distance from the CO (for DSL) or the local segment’s current load (for cable); the ISP may need to rewire or rework its connectivity. Satellite customers will want to double-check their dish installation and ensure that it is tightly locked down and pointed in the right direction.
  • Malware scanning on all PCs to see if malware is burdening the network
  • Inspecting the wiring of the phone lines (for DSL) or coax (cable customers) to look for loose connections, corrosion, or flaky wires
  • Cable customers will want to find out how many splitters are between the line from the pole and their modem. If it is more than one (and preferably only a two-way splitter), they should rewire so that they have only a single two-way splitter between the pole and the modem to ensure the cleanest signal possible.
 

By Justin James
September 9, 2011, 2:17 PM PDT
Original Source

Tuesday, September 13, 2011

4 Steps to Import Export Blackberry Contacts using csv file


One of the most annoying problem in Blackberry is managing contact. Desktop Manager does not provide facility to maintain the contacts through desktop interface, which means RIM suggest the user to maintain the contacts through handheld.

For some user - such as marketing people, company, etc.- who need to import a lot of contacts from their excel file will be paintful. Desktop manager provide the service, but sometime it fails.

After some experiments, import contact Blackberry using cvs file can be done with Gmail Contacts mediation.

Step 0 - Backup your data

This is the most important step. For any experiment, ensure to backup the data first. Don't go to other step before you've completed this step.


Step 1 - Synchronize your blackberry contact to gmail account

See this explanation, on section: Use wireless address book synchronization.


Step 2 - Export your gmail account into csv file 

  • Login to your Google Contacts
  • Export your contact to csv file, choose gmail contact format.
    Purpose of this step to get the gmail contact template.

Step 3 - Input your contact

  • Adjust your contact data with csv format.
  • Ensure to not include the same data with existing, to avoid duplicate contacts.
  • Please ensure your header match with google format.

Step 4 - Import your contact 

  • Go to your Google Contacts, import it now.
  • Wait for couple of minutes to Blackberry sync with your Google Contacts.
  • Done!

10 things you may be asked during a developer interview (and how to handle them)


Takeaway: These tips will help you clear some of the most common interview hurdles when you’re trying to land a developer job.

Many software developers I have talked to absolutely dread job interviews. And I have seen job candidates absolutely flub a number of questions. Some are standard interview questions, but a developer will still need to answer them in a way that relates them to the job. Other questions are specific to the software development industry. Here are 10 job interview questions that come up in development interviews, with tips on how to address them.

1: Tell us about your current position

Employers want to know about what you are currently doing a lot more than they want to know about prior positions. The reason for this is simple: The world of software development moves so fast that what you did two or more years ago is interesting for background but probably has little bearing on their current work. When asking this question, the interviewer is trying to relate what you currently do to the position the company is offering, and you will want to answer with that in mind. For example, if the position you are applying for involves a lot of database programming, emphasize where in your current job you have worked with databases.

2: Programming challenges

Many employers will present you with some sort of programming challenge. These range from being asked to sketch out a piece of pseudo code that implements some business logic or being handed a piece of code and told to find the bugs to being put down in front of a computer and asked to code away. What they are usually looking for is not just a certain level of competency — they also want to see how you go about solving the problem. You can offer to narrate your thought process as you solve the problem. If they take you up on it, that will help them to learn what they are looking for. Or perhaps when you are done, you could walk the interviewer through how you solved it.

3: Do you have any examples of your work?

Employers love to be able to look at real-world examples of your work. Unfortunately, this is rarely possible. The truth is, in most circumstances, your work is the property of your employer and you can’t be taking it outside of the building without permission. And it would be unusual to have a boss say, “Sure, go grab a couple of your best apps from source control to take on the job interview!” Instead of being unable to provide any samples, contribute to an open source project or work on an application at home that is sophisticated enough to let your skills shine. Then you will have something that you can show the interviewer and also be able to demonstrate an ability to work on your own and manage your own time, too. These side projects can often serve as a great talking point in the interview.

4: Brainteasers

Apart from asking you to demonstrate some programming abilities in the interview, some employers may give you a variety of brainteasers. Some people are really good programmers and stink at these, but the idea is to test your overall problem-solving skills. Luckily, you can prepare for these a little bit by picking up a few brainteaser books (usually only a dollar or two) at a book store or supermarket and doing a few every day. Most of these brainteasers follow a similar format, so by practicing, you will understand how to approach the most common types. There are also a few standard ones that come up on a regular basis, such as the one where you need to get a group of people across a river with a boat of limited capacity.

5: Do you have a security clearance?

Depending upon the job, a security clearance may be required. Employers prefer hiring people with one already because it simplifies things. It would be a big hassle to hire someone and then discover that they can’t get the needed clearance to do the job. If you have a clearance, make sure that it is up to date. It’s also a good item to list on a resume.

If you do not have a security clearance, ask before you come in for the interview about any security requirements for the job and research whether you are eligible for any security clearances needed. This way, when asked, you can answer with something like, “No, I do not have that clearance, but I have looked into it and I can obtain one if needed.”

6: Background check and criminal history information

Information about criminal history and other background check items typically will not come up in an interview with a hiring manager, but they will often come up in an interview with HR or a recruiter (especially the recruiters). They do not want details, for the most part, but they want to know whether it will be a waste of time interviewing you. Obviously, it is great to have a squeaky clean record, but there are plenty of good job candidates who don’t. You will need to be honest here, because things show up on the background check anyway. If what you say does not match the check, they will feel that you lied to them. At the same time, limit your sharing to the minimum. You can start with something like, “I have a misdemeanor conviction from three years ago” and take it from there.

7: What is your experience level with XYZ?

When interviewers ask about your experience level with a technology, they really want to get a feel for what you have been doing with it, not how long you have been doing it. For example, if they are asking about SQL, is it important to them that you have been writing statements no more complex than, “SELECT id, name, city FROM people WHERE state = ‘NY’” for 10 years? Not really. Performing complex data transformations, correlated subqueries, etc., for six months will be much more impressive. When talking about your experience level, emphasize the kinds of challenges you solved with those technologies and the unique aspects of the technologies you used to solve the problems.

8: What’s the hardest challenge you have had to overcome — and how did you approach it?

This is a stock interview question, but it has some special pitfalls for the programmer. One of the failures I’ve seen in interviews is that candidates do not properly set the context of their answer. I have faced some challenges that at that point in my career were difficult but that later on were trivial. If I brought them up in an interview without explaining my experience level when they arose, it would put me in a bad light. The interviewer would be thinking, “Why would someone with his experience struggle with this?” So when you answer, give a short (one sentence) scene setup. Also, put your focus on the problem-solving steps you took, not the technical details. No one really cares if the problem turned out to be that the variable was one character shorter than the data going into it; they want to know how you did the research to discover it.

9: Describe your programming habits

There are a number of variations on this question, some of which just ask about things such as:
  • Source control
  • Testing
  • Variable/file/class/whatever naming
  • Application architecture decisions
Some things we do by habit are not flattering when we answer these questions, but it is because of circumstances outside of your control. For example, if your current employer does not have a source control system, do not say, “I do not use source control” because it makes you look awful! Instead, an answer such as, “My current employer does not have a source control system, but I have used TFS at a previous employer, and I use Mercurial at home for personal projects” will be much better.
Other times, we simply have bad habits; in those cases, it is better to recognize them and show that you are trying to change them. You could say something like, “I tend to not write as many unit tests as I should, but I have been working hard to ensure greater code coverage.” Of course, don’t lie about this. But employers like to find people with enough self-awareness to see and correct their flaws, and the honesty to be able to discuss them.

10: Tell us a little bit about yourself

Often, job candidates go way off the deep end on this question, talking about things they do not need to be discussing in a job interview, personal stories and relationships, and so on. Or worse, they bring up things that present them in an unflattering light. What the interviewer is really looking to learn is how your personality relates to the job of software development. For example, if you enjoy restoring antique furniture, you could point out that it requires a lot of patience, eye for detail, research, and so on. Of course, you will want to talk about your personality traits as well. Unusual experiences or education can be brought up here, too. What you definitely do not want to do is talk too long. Try to make it a back-and-forth conversation, but if it isn’t, limit your time to a few minutes and don’t trip all over yourself trying to cram in every last detail.



September 8, 2011, 2:13 PM PDT
Origininal source

Wednesday, September 7, 2011

20 things new teachers should be doing this year

<
Teachers around the world are gearing up for the new school year -- but the experience is going to be vastly different for new teachers. Where an experienced teacher has the knowledge of what worked and what didn't, a new teacher is going to be bombarded with tons of new info and the need to process it! Not to mention, they will be preparing for the most important piece of all: their classroom instruction.
In no way, do I want to add to the burden of the already-filled-to-the-brim, new teacher stress bucket. I do however, want to share just 20 tidbits which I hope will help ease new teachers into a fun, successful school year. Some of these will be in the form of social media tools, which I think are awesome, and wish I had had as a newbie. And each little tidbit is linked to a resource which I hope you will find supportive.

1. Seek Your Passion!

As a new teacher this may be the farthest thing from your mind. But... it's the real reason you wanted to be a teacher in the first place. I recommend that you consistently keep in mind what your passion is as a teacher. Read The Passion Driven Classroom by Angela Maiers and Amy Sandvold<. It's all about the role passion plays in our work, our lives and our classrooms. Grab a copy and take your time this year to read it.

2. Be a 21st Century Educator

We all hear this term so often around the web... but what does it mean? Visitthis wiki for an easy read about what it means to be 21st century educator. It has great resources to take you further in the journey when you're ready. Be sure to view the video at the bottom of the wiki home page.

3. Build Relationships

As you begin your first year, building relationships with grade-level buddies and others at your school site is critical to your success. Don't be afraid to reach out and let them know that you are eager to get to know them. You want to seek out your administrators also and begin to build a good relationship. Encourage them to get to know you, too! This also includes the most important relationship: the one with your students and their families. You are central to their lives now, and your actions will play a big role in all they do this year -- you can count on that! Read this article and begin thinking about how you will build trusting relationships with your school community.

4. Communicate

How you begin to communicate with your student's and families, is truly a reflection of your commitment to them as their teacher. Communication now and throughout the school year is so important. It's vital and essential that it's on-going and creates an environment of collaboration -- with parents as your partners in this journey. Take a look at teacher Pernille Ripp's example of first-time communication with students' parents and get a feel for how you might get started.

5. Collaborate

When I was a new teacher, I sadly taught in isolation. Experienced teachers were unwilling to share resources or lesson plans with me. They held those very close, almost like a mom holds their infant child. It was a tough time for me and I had to rely on my own skills and talents to get me through those early years. This lack of sharing and collaboration meant that every time I wanted to launch a project, I was on my own to make it happen. It doesn't need to be that way! Open yourself up -- share and collaborate with your grade-level team and/or college classmates. Share resources, join planning teams, be a part of the conversation! You will find that the road to developing lessons and projects will be so much more meaningful to you because you did it with a collaborative spirit! And check out the Collaborators Wanted Grouphere on Edutopia.org to get some inspiration.

6. Get a Mentor

I believe strongly in the power of mentoring. I believe that this relationship is vital to the success of a new teacher. However, not all experienced teachers at a school site are able to take on this challenge. A year ago I had the idea, that if there weren't enough experienced teachers at a school site who could, or were willing to mentor a new teacher, why not a virtual mentor who would be willing to lend support? The Teacher Mentoring Project was born! I urge you to seek out this group on the EduPLN.com community. Many amazing educators from around the globe are available to support and mentor you through the first years of your practice and beyond!

7. Ask for Help

I spent over ten years as a site principal. One thing I noticed most of all, as I worked with my new teachers, was that they failed to ask for help. They didn't ask for help from me, their mentors, or even their own colleagues! Then when the big concerns arose, as they almost always did, they spent all this time apologizing for why they weren't successful. Don't make this same mistake. Ask for help! It's okay and shouldn't be seen as a sign of weakness. On the contrary, most will see it as a strength. Isn't this what we expect from our students? Don't we tell them to ask for help if they are struggling with a concept? So why wouldn't you?

8. Be Willing to Grow

You know it all... right? Are you sure? It has been my experience that some new teachers are offended when their mentor or admin asks them to make some adjustments, or dare I say it, improvements. Don't let that be you. Don't let your ego get in the way of an opportunity to grow or move in a better direction. As the year develops, if you have a good admin, you will have an opportunity to be observed. Again, if you have a good admin they will comment on your lessons and offer some ideas on areas for growth. Be gracious and accept them. Ask questions about what they observed. Ask what they offer as a proactive solution, and how they will be supporting you. Then take some time for personal reflection. Read the post by Edna Sackson. It's a great start...

9. Blog for Yourself

I know... I've heard it all from many new teachers: "It's too hard. I'm too tired. I just don't have anything to say." I hope you will consider leaving those excuses behind. Many new teachers are blogging and I can't say enough about the power of blogging in your life as a new teacher. It will help you reflect, get feedback, and collaborate. I, myself, was a novice blogger two years ago. I'm happy to share that I feel like my blogging experience will always be a journey of discovery -- and I kinda like that. In any case, take a look at my blog, and the "Blogs I Follow" on my home page, to get a feel for what others are doing with blogs. There are some awesome blogging platforms available on the web. Pick one that speaks to you and then... jump in! Let me know when you've finally got it up and running!

10. Blog with Your Students

As soon as you have jumped in and started to blog, get your students doing it too! I know there might be confidentiality issues that may persist at your school sight, but if you are able to, this is a must-do. The insight you'll gain about your students' lives will be priceless. Many teachers have their students blogging worldwide. I'm happy to connect you to them so you can ask questions and collaborate. Give it some thought...

11. Make Time for R & R

If you don't take time for rest and relaxation you will crash and burn! This is the truth -- no doubt about it. What commitment have you made to yourself to ensure that you do this -- and get some exercise, too? Joan Young started a blog fueled by this idea: "The goal is for us to help keep ourselves motivated and dedicated to living our healthiest, best lives." Check out this blog for ideas on how to be sure you make the time to refuel yourself -- and not just with coffee!

12. Start a Wiki

A wiki is a website that lets any visitor become a participant. You can create or edit the actual site contents without any special technical knowledge or tools. A wiki is continuously being transformed and is a living collaboration. I encourage you to take the time to create a wiki for your classroom. It can hold all kinds of great content that you can share with your students and their parents -- the power of wikis is amazing! Check out this site for ideas on how to get started.

13. Use Skype

Most of us know how to use Skype to chat with friends or colleagues, but did you know that you can use it to connect with educators (some who are also new teachers) around the globe? Be sure to check out Skype in the Classroom for awesome ideas, projects, and collaborations!

14. Join Twitter

Twitter is an online social networking and micro-blogging service that enables its users to send and read text-based posts of up to 140 characters, informally known as "tweets." Twitter is an amazing social media tool for educators and can be a huge source of support for new teachers. If you aren't yet on Twitter, check out Steven Anderson's Live Binder on Twitter for Educators. It's not to be missed. If you are on Twitter... Bravo! Now pass this link to a friend who's still on the fence.

15. Participate in Twitter Chats

Twitter chats are the next best thing to sharing a coffee with a buddy at a local Starbucks. New teachers can find many wonderful support systems in chats. I want to take this time to invite you to join our New Teacher Chat on Twitter (Wednesdays, 8pm ET, #ntchat). It's small, practitioner focused, and supportive. If you are new to chats, it's really the best place to start. I hope you will join us!

16. Join a Community

As a new teacher, you may at times feel isolated. The power of an online community is that you can probably find someone else who'd like some company. Kidding aside, more than that, it's a way to be a part of something bigger than yourself! You can also freely contribute, share a blog post, or ask a question. Consider joining our New Teacher Connections Group here on Edutopia, for starters. You can also find other great communities such asNing, which will offer amazing opportunities to connect to resources you may have never known existed! Seek out relevant content specific communities for deeper learning.

17. Start a YouTube Channel

The YouTube channel in the link above was created for new teachers, by me. It's a collaborative with several educators in Canada. The purpose is to provide year-long feedback to new teachers on how to get through the first year of teaching. Think about how you could use your own YouTube channel with your students, parents, and colleagues. It's fun, and easy to do. Give it a try.

18. Participate in Free Online Professional Development

As a new teacher, it's vital that you carve out some time to attend professional development conferences. And these days, it's no longer necessary to spend tons of hard-earned resources to participate. You can attend amazing free professional development opportunities online -- and often times in your jammies! Take a moment to explore an example of what an online conferencelooks like. And research other opportunities on your own. Let us know what you think about the idea of free online webinars!

19. Journal About Your Experience

When you look back on the journey of this first year, you will be amazed at your experiences! I really hope that you will capture them in a journal, a blog, or with an online diary. I'm a big fan of journal writing, and over the years have captured some amazing memories that would have otherwise been lost. The ability of a journal to allow for personal reflections is truly amazing. In the process of your own journal writing you will think of great ideas of how to do this with your students. For a quick, easy way to journal, check out Penzu. It's really cool -- and it's free!

20. Don't Be Afraid to Fail

"And why do we fall, Bruce? So we can learn to pick ourselves up." ~Thomas Wayne from Batman Begins (2005)
What a great movie quote, don't you think? It speaks to the fact that we are going to fail. No doubt about that. It happens to all of us. But what we do about it, regardless of what "it" is, is truly what's the most important. The sooner you learn that it's okay to fail, the more enriching your experience as a teacher will be. You will embrace your failures as opportunities for new beginnings.
I'm fortunate to be a part of The 30 Goals Challenge. For this challenge I created 30 blog posts on various subjects that speak to the heart of what it means to be an educator. As I close this "20 Tidbits for New Teachers" post, I leave you with the message of goal #13: Learn from your mistakes.
Let me know what you think. All the best to you on your journey!
It's been great to be a part of Edutopia's 20th anniversary celebration! There are so many more awesome "tidbits" that can be shared with new teachers. What would be one of yours?

Original Source

Monday, September 5, 2011

Green IT is the solution

The hottest topic in some famous IT articles/magazines in early 2008 is GreenIT. For examples InformationWeek, February 2008, give headline “Energy Crisis” and eWeek ran a story in March called “Watt a Shock” (John J. "Jack" Mc Gowan, 2008). World is getting hotter day by day. Global warming becomes hot topic in many conversations.

Information Technology include as the “person” who gives contribution in adding carbon dioxide – causes of global warming. Some research said that IT use bigger resource compare with the airline industry. Bad waste management, inefficient use of electricity, inefficient usage of server, will contribute greater bad effect to the environment.
There are some solutions has developed, such as: virtualization technique, power generation alternatives, power management, newer hardware, materials recycling and mobility efficiency. There would be initial cost to implement some/all of those techniques. Some companies do not want to spend some capital for this project. And some company thinks this is important, but not necessary to do it now, there are still many urgent projects to be done. Most businesses aren’t about to spend more money than they have to for eco-friendly IT measures. They will do so only if the payback is there—if the green of dollar savings matches the green of environmental benefit (Gibson, 2008).
Similar with conducting business ethics, Green IT will give long term and sustainable benefit for the company. By spend initial cost to create Green IT, company will get saving cost such electrical, IT resources and telephone bill in long term. In the other hand, the environment will be well taken care. For every layers of the company; small, medium or enterprise should think to start the Green IT to get double side solution: cost reduction and environment friendly.