Freehold Consulting
502 Lewis
Coffeyville, KS 67337

office (620) 307-0288
fax (620) 307-0154

Frequently Asked Questions

Below are answers to some questions you may have.

Q: Do I need internet connectivity?
A: Today's marketplace is becoming increasingly dependant upon being "connected." From simple web pages to advanced database driven "shopping cart" ordering. From simple POP email to advanced email and collaboration services. With Microsoft Windows Small Business Server 2003 and an internet connection you can have a full suite of internet services to enable your workers to not only use the internet for information and email but also for remaining connected with the office while they are in the field.

Q: What is Microsoft Small Business Server 2003?
A: SBS-2003 is much more than a file server. In addition to providing one central place to store your business information SBS-2003 also allows the sharing of resources and equipment, the ability to work from virtually anywhere and to run your business applications of choice. SBS-2003 also provides email and collaboration services with Exchange 2003, database storage with SQL-Express or SQL-2005, a complete virtual web host with IIS-6 complete with web based productivity applications built-in. VPN and SSL services and in the premium version ISA-2004 firewall and the full version of SQL-2005.

Q: What is Remote Web Workplace?
A: Remote Web Workplace is a completely secure portal into your systems from the internet with any modern browser. Once you are authenticated in RWW you can access your email with OWA or you can even take control of your PC at work with Remote Desktop. RWW contains a complete help section with instructions on using the features of your system. All data including your authentication is transferred with SSL encryption.

Q: What is Outlook Web Access?
A: Outlook Web Access is a complete email and collaboration application based solely on .aspx web pages. It has many of the features of Outlook 2003 such as email, calendar, contacts, public folders, etc...

OWA requires no installation on the PC to be able to use it other than .NET 1.1. The full suite of OWA features are accessible from IE6 and most of it's features are accessible with modern non-Microsoft browsers. You can access OWA from any internet connected PC.

Q: What is VPN?
A: VPN is Virtual Private Network. It is a catch-all term for a set of protocols and services which enable you to transfer data and files securely across the internet as if your PC were directly connected to your companies network.

Q: What does a firewall do? What is SPI?
A: A firewall is either a device or software which works to block certain types of access from the "anything goes" internet to your sensitive intranet where your PC's and Servers are housed. Simple firewalls only block traffic on certain ports but modern firewalls also use Stateful Packet Inspection or SPI. Not only are unused ports blocked but all traffic is examined to determine if it is actually what it purports to be. Some firewalls can even examine packets for malicious content such as Virii, Worms and Trojans. Modern firewalls also enable NAT internet connection sharing. NAT is Network Address Translation. With NAT an outgoing request packet is stored and it's originating IP address is translated to the IP of the firewall's internet connection. When a response packet is received it is matched with the request to determine which intranet IP is should go to then it's destination IP is translated so that it gets to the PC which sent the original request. In this way many PC's on the company intranet can share a single broadband internet connection.

Q: What is ISA and how is it different from an ordinary firewall?
A: Internet Security and Acceleration ISA is a software service which provides both incoming and outgoing SPI firewall, VPN, SSL, HTML caching Proxy Server and the routing of protocol services to other machines behind your firewall. It is recommended that both a hardware firewall and ISA be used to protect your systems.

Q: What is SQL?
A: Structured Query Language SQL is an industry standard for accessing relational databases. Microsoft Small Business Server now includes SQL-Express which is a limited use version of SQL-2005 or the full SQL-2005 product in the Premium version of SBS-2003 R2.

Q: What is the Sarbanes-Oxley Act (SOX)?
A: SOX was enacted in the United States in response to various corporate scandals. From an IT and internal control perspective, the most prominent part of SOX is Section 404. This section of the act requires publicly traded companies to assess the effectiveness of their internal controls for financial reporting in annual reports they submit at the end of each fiscal year. Section 404 also requires publicly traded companies to engage independent auditors who must attest to, and report on, the validity of their assessments. The U.S. Securities and Exchange Commission is the regulatory agency responsible for enforcing SOX.

Q: What is the Gramm-Leach-Bliley Act (GLBA)?
A: GLBA, also know as the Financial Services Modernization Act of 1999, protects the privacy and security of private financial information that financial institutions collect, hold, and process. The privacy component of this act requires financial institutions to provide customers with an annual notice of their privacy practices, and to give them the option to direct financial institutions not to share such information. The safeguards component of the regulation requires financial institutions to establish a comprehensive security program to protect the confidentiality and integrity of the private financial information in their records. A number of U.S. federal agencies, including the Office of Thrift Supervision (OTS) and the Office of the Comptroller of the Currency (OCC), enforce GLBA.

Q: What is the Health Insurance Portability and Accountability Act (HIPAA)?
A: HIPAA includes among its components privacy and security rules. These rules focus on Protected Health Information (PHI) and Electronic PHI (ePHI) that result from efforts to streamline the health care system in the United States, and mandate the standardization of electronic transactions, code sets, and identifiers. The privacy and security rules for this act are detailed and prescriptive. Although the regulation focuses on companies in the U.S. health care industry, it can extend to other companies if they engage in certain activities, such as managing employee group health plans, or providing services to companies that this regulation directly affects. Sub departments of the U.S. Health and Human Services department (HHS) enforce HIPAA regulations.