Responding to RFP or Not

Request for Proposal (RFP) also knowns as Request for Quote (RFQ), Request for Bid (RFB) are documents released by municipalities to get pricing for products and services these entities are looking to buy.

RFPs often include specifications of the item, project or service for which a proposal is requested. The more detailed the specifications, the better the chances that the proposal provided will be accurate. Generally RFPs are sent to an approved supplier or vendor list.

In most instances, only selected bidders may be invited to participate in subsequent bids, or may be asked to submit their best technical and financial proposal, commonly referred to as a Best and Final Offer (BAFO). Subsequent changes can be referred to as the Best andRevisedFinal Offer (BARFO).

Once both the parties i.e. a buyer organization and seller organization agree on the technical and commercial terms and conditions of the proposal, they could move on to next steps like contract signing, statement of work which would formalize the purchase transactions.

The bidders return a proposal by a set date and time. Late proposals may or may not be considered, depending on the terms of the initial RFP. The proposals are used to evaluate the suitability as a supplier, vendor, or institutional partner. Typically organizations follow a detailed vendor screening process to short list the vendors who should be invited for further rounds of negotiation. This screening process could either be vendor scoring models or internal discussions within the buyer organization. 

Ed Eisenstein experienced his first RFP award in early 90’s when he was in his 20’s about winning a Million Dollar School District bid for computers in every classroom. He started his career with being awarded this Million Dollar RFP that came from the Smithtown School District in the early 90’s.

Ed Eisenstein is happy to guide other companies and business owners through this process. Today, Ed Eisenstein works on 1 to 2 RFP responses each month.

How long does a hard drive last?

How long does a hard drive last?  Why is this an important question?  Has a computer ever stopped working for you and the tech told you.  ” Your hard drive crashed” you need to restore from backup.  For those unfortunate folks that did not invest in their data backup and redundancy strategy, they will pay dearly when hearing the tech say those words.

Fact is, Hard drives up until recently have been mechanical devices with arms and fast spinning plates that statistically have a high failure rate. hard-drive-internal

Research in Hard Drive Life expectancy shows three distinct failure “phases.”
In the first phase, which lasts 1.5 years, hard drives have an annual failure rate of 5.1%.
For the next 1.5 years, the annual failure rate drops to 1.4%.
After three years, the failure rate explodes to 11.8% per year.
In short, this means that around 92% of drives survive the first 18 months, and almost all of those (90%) then go on to reach three years.

Extrapolating from these figures, just under 80% of all hard drives will survive to their fourth anniversary.

Failure rate will probably stick to around 12% per year. This means that 50% of hard drives will survive until their sixth birthday.

Data Experts at United Network Associates, Inc. (UNA) prevent unexpected downtime when details like hard drive life expectancy are taken into consideration.

A business that cannot afford downtime works with a firm like UNA to assure smooth operations in their infrastructure as well as their security stance for compliance.

Contact us at: 631 393 2980
visit our web site:



DFS 500 Cyber-security Requirements Document\

The New York State Department of Financial Services (“DFS”) has been closely monitoring the ever-growing threat posed to information and financial systems by nation-states, terrorist organizations and independent criminal actors. Recently, cybercriminals have sought to exploit technological vulnerabilities to gain access to sensitive electronic data. Cybercriminals can cause significant financial losses for DFS regulated entities as well as for New York consumers whose private information may be revealed and/or stolen for illicit purposes. The financial services industry is a significant target of cybersecurity threats. DFS appreciates that many firms have proactively increased their cybersecurity programs with great success.

Given the seriousness of the issue and the risk to all regulated entities, certain regulatory minimum standards are warranted, while not being overly prescriptive so that cybersecurity programs can match the relevant risks and keep pace with technological advances. Accordingly, this regulation is designed to promote the protection of customer information as well as the information technology systems of regulated entities. This regulation requires each company to assess its specific risk profile and design a program that addresses its risks in a robust fashion. Senior management must take this issue seriously and be responsible for the organization’s cybersecurity program and file an annual certification confirming compliance with these regulations. A regulated entity’s cybersecurity program must ensure the safety and soundness of the institution and protect its customers.

Experts at United Network Associates, Inc. are available to consult and resolve this matter.

Ed Eisenstein, President

DarkWeb Scan. What is that?

Is your companies data already sold on the dark web?

The dark web, as the name suggest, is the hidden, dark side, of the Internet. Often behind cryptic addresses and only reachable via vast encrypted networks lays a world of political forums, questionable images, sites who’s members seek privacy as well as outright criminal marketplaces where people happily trade guns, drugs and stolen items as well as information.

When businesses are being compromised, their data often is being offered to the highest bidder on dark web auctions or sold in bulk for a fee. Many businesses find out that their network had been hacked, with help of information, obtained on the dark web, where it had been up for sale for weeks or months. If they would have known, preventive measures, would have prevented the disaster.

Do you know if your data is already being traded on the dark web? Passwords and personal information of employees are the most commonly traded items.

Recently former Nassau county chief information officer and now private Cybersecurity expert Ed Eisenstein, has introduced a sophisticated monthly service that scans the dark web continuously for hints, that point towards your business and alerts you immediately once compromising information is being found. This service, available for less than 35 cents per day, is a must have in the tool belt of every security aware business and should be the minimum line of awareness that is being build. For more information check:

The top 5 continuity planning tips for SMBs

Count-On-450x280Hard-drives, power sources, operating systems, backup drives, they all will fail. Be it a mechanical error, virus infection , malicious actor, all the way to completely automated and large scale hacks – every system goes down! Otherwise it would reach the statistically near impossible 100% up-time mark.

Knowing this, thorough planning is a must. This area of IT is called “continuity” planning. Having measures in place that ensure that business can continue as usual as quickly as possible after a catastrophic IT event that will certainly hit every business at some point. Always be aware that the statistical chance that nothing will ever happen is near 0.

Ed Eisenstein, former Chief Information Officer of Nassau county shares his top continuity tips. Today Ed is founder of a New York based Cybersecurity and IT services firm, serving hundreds of businesses in different verticals. As homeland security instructor and former liaison officer for the FBI his insights are a great guideline.

Here are his top 5 tips:

1. Identify all critical or vital business components. This includes location, power, people, data systems, banking, etc. (he uses checklists for his clients)

2. Identify critical information and contacts. This includes easily accessible emergency contact information as well as critical banking and online system access information

3. Create a written action plan. A business continuity plan and disaster recovery effort that is realistic and doable and becomes part of the company culture that everyone is aware of.

4. Set realistic recovery objectives. What is needed and in what timeline for the business to continue and ultimately not fail due to a disaster situation.

5. Test the plan and keep it up to date. A realistic continuity plan is based on keeping the information and workflow up to date. The best course of action is to keep it as current as possible or at least make it an annual review process.

If you are interested in learning about those strategies and how to implement them, you can reach Ed Eisenstein at