This press release is downloadable in the following formats:

• 02_Feb_2007--Fast50.txt   [Plain Text - 3 KB]
• 02_Feb_2007--Fast50.pdf   [PDF - 13 KB]

N E W S  R E L E A S E

February 2, 2007
For Immediate Release

2nd Year: Web-savvy Engineering Firm Rockets onto Alberta Venture's Fast 50

In order to reach out to customers world wide who need help to secure and harness the power of their high technology infrastructures, Optrics Engineering cast itself into an engineering consultancy and e-commerce enterprise that is not only exemplary at maximizing the benefits of the very technologies and solutions Optrics sells, but is also streamlined for doing business on the Net. So streamlined, in fact, it landed Optrics Engineering the #14 spot on Alberta Venture’s 2007 “Fast 25 Under $20 million.”

With an impressive 3-year revenue increase of 126%, and 2006 revenues totaling $4,389,860 listed in Alberta Venture’s index of the fastest growing companies in the province, the question is how does a professional high-tech consultancy sustain such a lean and hungry business model in a booming Alberta economy?

“We do most of our business online, including training and repairs.” Optrics Engineering CEO, Bording Ostergaard, comments in Alberta Venture’s January 2007 issue. “We don’t have to leave the office so we don’t incur the expense of having people on the road.”

Even with Edmonton’s runaway real estate market, basing online operations here still beats maintaining outbound sales and technical teams.

“We operate our entire business out of 4,000 square feet in Edmonton and our inventory is extremely low,” Ostergaard explains. “So increasing overhead is more of an annoyance than a big problem.”

Optrics Engineering provides clients with expertise in computer networking, security, software development and related aspects of computer, network and Internet technology. Among the many internationally known organizations that have relied on Optrics Engineering for technology solutions are NASA, Microsoft, Best Buy, US Army, Air Force and Navy, DND, Boeing, Lockheed Martin and Mercedes-Benz. Locally, the firm has worked with the University of Alberta, AMA, Capital Health, Fountain Tire and Fraser, Milner & Casgrain. For a larger client listing go to: www.Optrics.com/clients.

For more information, contact:
 Bording Ostergaard, P.Eng.
 Optrics Engineering
 780-430-6240
Email: bording@optrics.com

This press release is downloadable in the following formats:

• 04_Jun_2007--Profit100.txt   [Plain Text - 4 KB]
• 04_Jun_2007--Profit100.pdf   [PDF - 110 KB]

N E W S  R E L E A S E

June 5, 2006
For Immediate Release

Edmonton Internet-based engineering firm's growth gains national attention

If ranking 44th on the PROFIT 100 in 2006 was a sign that Optrics Engineering was a rising force on the Canadian entrepreneurial scene, then advancing to 39th in 2007 signals the Edmonton-based corporation is on track to connect a burgeoning global market of IT administrators and engineers with only the very best vendors of network-management and security hardware, software and services.

“Finding ourselves a PROFIT 100 company in 2006 was a pleasant surprise but certainly a consequence rather than a goal,” says Bording Ostergaard P.Eng. CEO, “and the result of focused effort to be a leading pioneer in online IT sales and consulting. Our success has come as much from simply trying to keep up with all the companies that have chosen to reach out to us for our expertise in addition to our ability to deliver true leading-edge IT solutions.”

Ranking Canada’s Fastest-Growing Companies by five-year revenue growth, the PROFIT 100 profiles the country’s most successful growth companies. Published in the June issue of PROFIT and online at PROFITguide.com, the PROFIT 100 is Canada’s largest annual celebration of entrepreneurial achievement.

“Internet marketing expertise in addition to technical expertise is what sets Optrics apart,” says Ostergaard. “You can have the best products and services in the world but if your clients can’t find you, nothing ever leaves the shelf. On the other hand, if you are successful at being found but don’t understand what it is you are selling, especially in the high-tech area, customers will not have the necessary confidence to choose you as their provider. Optrics’ success is due to its strength in both of these key areas.”

According to Ian Portsmouth, editor, “Profit 100 companies are the new heroes of Canadian business, creating jobs at home and products used around the world. They’ve accomplished this by building great employee teams, exploiting export markets and rapidly responding to customer’s fast-changing needs.”

About Optrics Engineering:

A pioneer in online marketing and commerce, Optrics Engineering provides clients with expertise in computer networking, security, and IT infrastructure management. Among the many internationally known organizations that have relied on Optrics for technology solutions are NASA, Microsoft, Best Buy, US Army, Air Force and Navy, DND, Boeing, Lockheed Martin and Mercedes-Benz. Locally, the firm has worked with the University of Alberta, AMA, Capital Health, Fountain Tire and Fraser, Milner & Casgrain. For a larger client listing go to: www.Optrics.com/clients.

About PROFIT Magazine:

PROFIT: Your Guide to Business Success, offers news, strategies, tips, interviews and other resources to entrepreneurs leading Canada's fastest growing companies. Each year PROFIT—which currently reaches 373,000 readers nationally—hosts a number of events that bring together business leaders in the fast-growth segment and champions the interests of those leaders. PROFIT was founded in April 1982, as Canada's first national magazine geared to entrepreneurs. Visit PROFITguide.com.

For more information, contact:
Bording Ostergaard, P.Eng.
Optrics Engineering
780-430-6240
Email: bording@optrics.com

Optrics Engineering is a division of Optrics Inc. Optrics Inc. is licensed to practice professional engineering in the province of Alberta under the The Engineering, Geological and Geophysical Professions Act of Alberta. To learn about APEGGA please visit www.APEGGA.ca.

N E W S R E L E A S E

January 5, 2006

Compliance in the Middle

By Shari Weiss

Maintaining a secure and compliant data environment is a challenge for companies of all sizes but mid-tier companies often find themselves stuck in the middle when it comes to finding cost-effective systems and processes for meeting regulatory requirements.

With regulatory compliance costing well into six and seven figures for large enterprises, and the packaged technology designed for small businesses ill-suited for larger networks, what are mid-tier organizations to do?

While mid-sized companies still face the myriad of obstacles in complying with regulations like Sarbanes-Oxley and HIPAA, the likely don't have the budget, personnel, and existing infrastructure to get the job done.

"The key is to demonstrate that you are making your best effort to meet legal requirements and secure your information network and system administration," says Bording Ostergaard, CEO and founder of Optrics Engineering, a professional engineering firm with staff specializing in network design, security and network-specific solutions. "A mid-tier company that does nothing has already, in a sense, agreed that they have failed to comply. If a problem arises or an audit is scheduled, this company may face severe liability issues. Everyone has areas of responsibility, and mid-tier companies do not usually have the resources to fund internal personnel and whole departments to address compliance issues.

"An alternative option is to hire an outside security professional and/or deploy a security appliance, thereby, in effect, buying liability insurance in the form of being able to point the finger in the direction of the hired expert or service," Ostergaard says.

The recently discovered Windows metafile security hole is a perfect example of the challenges and liabilities of ever thinking you can safely tell people their network is secure and in compliance, according to Ostergaard. "At best all you can do is provide your best efforts or best-intentioned opinion based on defined criteria you are confident you can monitor and assess," he said.

With new threats released so often, security is a moving target, according to Vann Abernethy, executive vice-president and CTO at Avanton, a vendor partner of Optrics. Avanton provides multi-function security products that eliminate the complexity gap for small- to medium-sized businesses to secure and manage their networks and meet regulatory demands.

"Mid-tier companies typically have smaller IS staffs with either no dedicated security officer or an overworked network administrator who has the added burden of being the compliance officer. They do not have the resources to purchase sophisticated solutions where staff members have to go off site to get certified, a process that could take a week or more," Abernethy says. "Our solution presents information that is useful to the average IT person, whether that be a systems administrator or network administrator. A person doesn't need a super secret decoder ring to figure out our product. Just good, solid networking and systems administration knowledge is enough, a level of technical expertise required to be in those positions in the first place. We cater to that level of knowledge."

Compliance Department In A Box

Avanton does not sell its products direct, but works with value-added resellers like Optrics to introduce its appliance-based system to mid-tier companies. This was how Reading Eagle Company found its compliance-department-in-a-box.

Reading Eagle Company has been Reading, PA's local news source for more than a century, but in the last decade the organization has decided to venture into e-mail and web hosting, not only for their own purposes, but for other companies, as well. Over the past two years, this hosting business has sky-rocketed to more than 150 hosted Web sites, with hosted e-mails and other Web services, according to Roy Quickel, IS network administrator at Reading Eagle Company.

Reading Eagle Company had been able to develop direct relationships with a few technology vendors for computer hardware and software needs as well as networking hardware and switches. "But when it came to compliance issues, we were pretty much on our own," says Quickel. "With the sheer volume of Web sites hosted on our property, many of which are being provided with e-commerce solutions, we are subject to compliance reports.

"Compliance is a serious concern," Quickel continues. "We went looking through the Web for a solution and saw Avanton's ReadyARM come up on the Optrics Web site. Optrics partnered with some of the same vendors already used by Reading Eagle Company, and their customer list impressed the staff of the news company. There was an element of trust that they were telling us what we need to know."

Reading Eagle Company did check out other vendors for basic set up costs and support, but the nearest competitor's charges for the same type of solution were four times higher. "During our ‘Try and Buy Agreement,' we decided the ReadyARM device met, and even surpassed, our needs for central monitoring and compliance reports, giving us exactly the support and functionality we were seeking," said Quickel who implemented the appliance-based system in October, 2005.

The hardware device plugs into a network device to monitor traffic, according to Quickel, who noted that, similar to an IDS, it sits outside of band so that it doesn't affect bandwidth. "This solution gives our small staff a nice central location to view things like system logs and network equipment. It does vulnerability scanning so we can determine how severe a threat might be," he adds.

"Centrally located management and monitoring enables us to identify and respond to problems much quicker," Quickel explains. "I can go to one device and review the whole picture. With this product we did not have to make any changes to our infrastructure, nor did we have to retrain staff."

Quickel said that ReadyARM provided his company with a consolidation strategy that put several critical components into place: vulnerability detection, intrusion detection, system logs, and auditing reports.

A Four-Step Process

Compliance involves a four-step lifecycle process, according to Abernethy of Avanton. ReadyARM handles the first two steps: monitoring the network and generating reports. The third step is analysis, which is often handled by local administrators, but can also involve outside consultants. The fourth step, remediation, involves implementing changes in security policy to address flaws that were uncovered during the analysis and/or fixing specific issues—for example, low patch levels. These may require additional solutions. A systems integrator and network specialist like Optrics can offer advice specific to the problem.

IS managers of mid-tier companies can meet compliance requirements without revamping the entire IS infrastructure and retraining the workforce by implementing a two-fold approach, said Abernethy. "First you must have a defined policy and communicate it to the workforce," he says. "You do not have to change anything. But, secondly, you must enforce that policy. Where you find flaws in the policy, you will need to make changes. This does not require administrators to do a lot if they have something in place to identify threats and policy deficiencies and fine-tune when those are detected. This does not have to impact normal users."

Abernethy describes security as information warfare. "Most of today's companies have some type of firewall and some flavor of antivirus," he explains. "These are the two biggest problems: defending the perimeter, i.e., the connection to the Internet and defending companies from themselves, i.e., users who download tainted files and click on problem sites. However, where mid-tier companies often fall down is that they forget the firewall is designed to not only stop things, but also allow access in and out over certain ports and protocols, and those ‘holes' can be taken advantage of.

"The only way to completely stop things from coming in through the firewall is to unplug everything, but, of course, this is not a viable solution," Abernethy continues. "You must defend against what is coming in, but, more importantly for compliance issues, you must be diligent about what is going out. Knowing what is going on in your network allows the local administrator to make an informed decision about what steps are necessary to affect change and shore up security. If you talk to regulators and auditors, they will tell you that when they look at companies, 10 percent of issues involve the perimeter while 90 percent concern what is going on within the network. Polices must be kept up-to-date and enforced. To do that, companies need to be able to shine a bright light into the dark corners of the network."

Shari Weiss is a freelance writer based in Northern California.

Source:
Compliance Pipeline
http://www.compliancepipeline.com/175801638