Blog

September 21st, 2012

Imagine having your phone, tablet and computer wiped, followed by email accounts hacked and deleted, taking with them nearly your whole digital life. This would be a devastating loss for anyone, but it happens on a fairly regular basis. In the past few months alone, there have been two similar instances, both involving Apple, that’s making users wonder just how safe and secure Apple’s and other companies’ products really are.

Here’s a brief overview of the two high profile Apple security breaches and seven steps you should take to prevent these from affecting you.

Mat Honan’s problem Mat Honan is a writer for Wired, who in early August had nearly his whole digital life wiped off the map. His article on Wired is a fantastic and scary read, we highly recommend it. To summarize, he had the majority of his website accounts linked together, with one account linked to many. Hackers were able to get into his iCloud account by taking advantage of Apple’s lax password reset.

To begin with, the hacker wanted to take Honan’s Twitter account. They noticed that he had a Gmail account linked to Twitter, and from there was able to find that an Apple account was linked to the Gmail account, as a secondary account. To get access to the Apple account, they reset the password, which requires a billing address and the last 4 digits of the card registered to that account. The card number came from hacking into Honan’s Amazon account, which shows the last 4 digits of the card.

From there, it was a simple step of resetting the Apple account and shortly thereafter the Gmail password, sending the Gmail reset to the registered Apple account address (the secondary address on the Gmail account). Once in control of the Gmail account, asking Twitter to reset the password using the Gmail account and Bob’s your uncle, the hacker had access to the Twitter account.

Apple UDID leaks In early September infamous hacker group Antisec, related to the hacker group Anonymous, released over 1 million Apple UDIDs. A UDID, Unique Device Identifier, is the code Apple applies to all devices to be able to identify them. Upon the release of the UDIDs, Antisec announced that they had come from a breached laptop, owned by the FBI, and that the FBI was using the UDIDs to track users.

While it’s not known exactly where the breach came from, security experts have been able to prove, to a 98% surety rate, that the UDIDs came from Blue Toad, an app developer that had a digital breach previous to the release of the UDIDs. Blue Toad’s CEO has come forward acknowledging the leak and noted that the company is sure the info came from them, and not the FBI.

While it can be alarming that UDID were out there, users can be assured that passwords were not exposed, as the UDID tends to store information like account name, phone number and address. Yes, contact information is out there, which might raise concerns,  but don’t kid yourself, this information, or most of it, is already readily available on the Internet anyway.

With these two, fairly serious incidents, iPhone users are right to be a little wary, and should be taking steps to insure their information is secure. Related to these two events, here’s seven steps you can take to minimize the chances of this happening to you:

  • Unlink all essential accounts from one another.
  • Set up an email account that’s only used for other account resets.
  • Regularly back up all your devices onto a secure hard disk.
  • Change your password regularly and use two-factor authentication if available.
  • Don’t have the same username or password for all accounts.
  • If the information isn’t necessary for your account don’t provide it.
  • Delete and never store any credit card numbers.
If you have any questions or concerns about the security of your accounts or systems, please don’t hesitate to call us.
Published with permission from TechAdvisory.org. Source.

Topic Security
September 13th, 2012

Peter Parker: a smarter than average high school student, often ostracised for being different, and more commonly known as Spider-Man. Spider-Man goes to extremes to protect his identity and if he had an email address in the modern age, he would ensure it wasn’t captured by web criminals. Do you channel Spider-Man and take the necessary steps to protect that which is important to you, namely your email address?

If you don’t have a superhero watching over your email, here’s five things you can do to ensure your email address is properly protected.

Give your email a disguise
Superheros often protect their identity through the use of a disguise. We’re not saying you need to dress up in spandex, go out and search for spammers/scammers to beat down, or prevent from getting your email. Instead, you should be aware of how scammers operate – largely by writing programs that search websites for email addresses – and disguise your email from this.

Many programs look for traditional emails like imthebatman@gmail.com, so to disguise your email, spell it out: imthebatmanATgmailDOTcom or, imthebatman(DELETETHIS)@gmailDOTcom. People are smart enough to figure out that the AT and DOT are actually @, . or to delete (DELETETHIS). You’d be surprised at how much this will cut down on spam.

Protect your email’s identity
Aside for a disguise, superheroes will often go to great lengths to protect their identity. You should do the same with your email address. When signing up for a new service, forum, or anything that requires a username, don’t use your email as the username. If possible, don’t use your email address at all.

You should also read the Privacy Statements of all websites you have accounts with. Yes, there is lots of legal speak and they are long, but thats to get the user to scroll to the bottom of the document and hit accept. Look for clauses regarding your email, and note any companies that say they reserve the rights to sell your email to advertisers or aren’t held liable for stolen information, as you can ensure that your email will be spammed.

Beyond that, many websites allow you to hide your email address from other users. It’s highly recommended that you do this and an option to do so can usually be found in the Account Options or Account Security sections of your user profile on websites.

Don’t respond to flashy requests
When a superhero is not out fighting crime, they’re off cultivating and maintaining their alter-ego. They hardly do anything outside of their normal character, and normally won’t respond to flashy requests for super luxury balls (unless you’re Bruce Wayne or Tony Stark of course). If you get an email that sounds too good to be true, such as announcing that you’ve won something spectacular, it’s a good idea to not open or respond to it, as chances are near 100% that it’s a scam or simply aimed at getting your email address or other information.

Get your email a side-kick
Some superheroes have sidekicks that help them fight crime or solve mysteries. We recommend that you get your main email a sidekick and sign up for a separate email that you use for online shopping, forum registration and basically anything that’s non-work/family/friends related.

Take a picture of your email
In numerous Spider-Man story arcs, Peter Parker is tasked with taking pictures of Spider-Man. Of course, being Spider-Man, all he has to do is take a picture of himself and people seem to be happy with that. As many spam programs don’t take information from pictures, it’s a good idea to make your email addresses into a picture that you place onto email signatures, or into the body of the email itself.

The easiest way to do this is open MS Paint, (if you have a windows machine), or an online image creator like pixlr and type your email address into the image, resize so it just fits the font and hit save. The best format to save it as is a .jpeg, as it can be easily read by Internet browsers and email programs. Most email programs will allow you to put an image into your signature, typically done under Settings.

You don’t have to be a superhero to protect your email, just take these precautionary steps and your important email addresses will be as safe as any superhero’s true identity. If you’d like to learn more about staying secure while surfing the Internet, please contact us, and we will come to your aid.

Published with permission from TechAdvisory.org. Source.
Topic Security
September 13th, 2012

Productivity of your employees can be a hard enough thing to manage and encourage when your employees work in the same office as you, let alone employees who work remotely. While it’s a dream for many to work remotely from home, very few employees find they can pull it off. For those that do, bosses need to ensure that they’re as productive as onsite employees.

Here’s five tips on how you can better connect with and manage your remote workers, freelance or otherwise, to help ensure optimal productivity.

Establish workflow As your employees work off site, they will set their own hours. This means they have to rely on their own discipline to get work done. Because of this, it will be hard for you to set/control their hours, which means you’ll have to trust them to get their work done. You should be aware of when they prefer to work, simply by talking with them, and be flexible with their schedules.

Working with remote workers is a two-way street, and while you should know your remote employee’s schedules, they should also know your schedule, and how you work. If you answer emails in the morning and have meetings in the afternoons, be sure to let them know that you expect/will answer their requests before lunch, for example.

Communication is key As in most businesses, communication is key to both a happy and productive workplace. You, as the manager, need to ensure that an open line of communication with your remote employees exists. This could be as simple as a telephone number or VoIP account that’s always on, (within reasonable hours of course), or an instant messaging platform. It’s important to ensure that you find out if your employees have the tools to complete their job.

Two-way feedback, both positive and negative, is also an important part of the communication process. You need to provide near constant feedback, even on small issues that would ordinarily be glossed over in physical interactions, while encouraging your employees to do the same.

Remember: you’re the boss Many bosses with remote employees find that the employee seems to run the show, and getting projects or tasks completed on time can be a bit tough. As the boss, you need to clearly explain what is expected of remote employees, why it’s expected, and the consequences of not meeting expectations. If there’s a problem it’s up to you to try to fix it.

Most importantly, if you work with strict deadlines, you need to ensure that remote employees are not only aware of the deadlines but are held accountable for them. If deadlines are missed, you may want to find another employee, remote or otherwise.

Provide a secure platform While the majority of remote employees connect to the office from their home, there’s a chance that they may connect from other locations, like coffee shops or libraries. A large percentage of public Wi-Fi connections have little to no security, and the last thing you want is to have your data breached due to unsecure connections.

This means you should provide remote employees with a secure way to connect to the office. Some solutions include virtual desktops or a secure laptop. Providing a secure connection isn’t enough, you need to ensure your systems can actually handle remote connections and that IT support is available for remote workers. The added benefit to this is that you can better monitor productivity, as the systems can be monitored using the same software as is used for computers in the office.

Judge by the final product Productivity is not easy to judge when you can’t physically see someone sat in their seat. For remote workers, the easiest way to monitor productivity is by the quality and consistency of the final product turned in compared to the time it took them to provide it. In reality, remote workers should complete tasks in about the same amount of time it takes employees who work onsite. The time and date of submission shouldn’t enter into decisions unless there are deadlines.

Employees that connect remotely can offer companies who employ them many benefits too and if you’re interested in employing remote staff, why not contact us. We can help find a solution that will work for both parties for best productivity all round.

Published with permission from TechAdvisory.org. Source.

Topic Productivity
September 7th, 2012

There are many trends when it comes to technology and one of the most popular is virtualization, taking physical systems and creating virtual copies that can be accessed anywhere. While there are a number of different kinds of virtualization, desktop virtualization, is quickly gaining popularity, however, there are still some users who are apprehensive about security.

In general, you can do nearly everything on a virtual desktop that you can do with a physical desktop. The majority of office oriented software now has versions that operate in the cloud, or give administrators the ability to install the program on one machine and license it out to other machines.

The largest difference between the two systems comes in the form of security. Virtual desktops are susceptible to the exact same security issues as their physical counterparts, but they also have a few extra potential problems which are unique to virtual machines. The biggest security issue with virtual desktops comes in the form of access. With physical machines, you can lock an office door which will usually prevent people from physically accessing the machine. With virtual machines you are not able to do this. Anyone with access and a password can get onto the machine.

While this may sound like a deterrence to the adoption of virtual desktops, users should be aware that vendors are aware of this issue and have adopted measures to ensure their products are safe. In fact, if implemented properly, virtual desktops are often safer.

To ensure safety of data and machines virtual desktops need to be implemented in a specific manner. For example, some solutions will create a new environment every time you need to access a different system. This is like starting with a blank slate, with unnecessary data being deleted when you log off. Users won’t be able to customize their workspace, but it can help stave off problems of errant downloading, or installation of unnecessary programs.

Other systems allow users to customize their workspace, but save the changes in a separate location when the user logs off. This keeps any changes made to the base system easy to keep track of, and it’s easier to spot security problems, while keeping them local.

If you’re looking into virtualizing your office’s desktops, we strongly recommend you work with an experienced IT partner who can help deploy a system that meets your needs, while remaining safe. We can help with virtualization, so why not give us a call?

Published with permission from TechAdvisory.org. Source.

September 7th, 2012

If you were to visualize the relationships between different industries and companies it would probably look like a giant web of interconnected nodes linked to each other. Indeed, almost every company relies on other companies to operate, and these companies in turn rely on others. One of biggest relationships in this model is between companies and the Information Technology (IT) industry. The IT industry is no doubt important, and a new report highlights the importance of IT as well as its forecasted growth.

A report released in the summer of 2012 by Gartner, Inc. an IT research and advisory firm, states that in the year 2012, companies will be spending a worldwide total of around $3.6 Trillion on IT related products and services.

This represents a year on year growth of 2.5% in spending when compared with 2011. Growth like this is nothing to sneeze at, and it will continue to grow as more products and services are invented, developed and released to the mass market.

The report noted that the largest sector of the IT market is in telecommunication services, with an expected growth of 1.4% this year. It also stated that companies in emerging markets will spend more on Internet technologies and consumer electronics. This means that with more capital, tech companies in these industries will be able to invest in and release more products.

One IT silo is expected to have significant growth over the next four years. Cloud tech spending is forecasted to grow 19% year on year, and double again by 2016. This indicates that companies and developers are incredibly interested in cloud computing, and it will continue to be an important part of modern technology.

While this report is primarily inward facing towards the IT industry, it does showcase the fact that IT is an integral part of modern business infrastructure. This report also highlights the impact that companies in the IT industry will have as they continue to innovate and release new products. If the past half decade is anything to judge by, new technology will continue to get more complex. The result of this is that businesses will benefit from close relations with IT providers and subject matter experts.

If you’re feeling overwhelmed by the increasing complexity of programs and solutions, take a logical and simple step in the right direction and contact us. We’re here to help ensure your IT experience is as smooth as possible for the future.

Published with permission from TechAdvisory.org. Source.

September 5th, 2012

Few programs are more useful than Microsoft’s Office which can be found in nearly every business and home and has become the go-to program for nearly everything related to information development or gathering. Microsoft has recently introduced a new version of Office, Office 15, more commonly known as Office 2013. This latest development looks to bring drastic changes to Office.

Here are the major changes you are going to see with Microsoft Office 2013:

Overall changes
With Office 2013, all of the major Office components have been updated to take advantage of the new layout in Windows 8. This means that the whole Office suite is now set up with a tablet friendly layout.

At this time, there are five different plans available for users who want to buy Office 2013.

  1. Office Web Apps. A free web based version of Office that is integrated with SkyDrive, Outlook.com and Facebook Messages.
  2. Office Home Premium. The consumer version that comes with Word, Excel, PowerPoint, Access, Outlook, OneNote and Publisher. This version can be installed on up to five computers at once, and comes with 20GB of storage space on SkyDrive.
  3. Office 365 Small Business Premium. Has the same programs as the consumer version, but instead of SkyDrive, uses Office 365. This version also has Exchange email, SharePoint and Lync.
  4. Office 365 Pro Plus. This plan has the same programs as Small Business as well as InfoPath.
  5. Office 365 Enterprise. Enterprise is the most complete plan, with all accounts being 365 Enterprise accounts and the full version of Exchange.

You’ll also be able to subscribe to Office, which will allow you to take your account anywhere and access/stream Office software and documents. Office will download/stream the program you need while you’re using it and then delete it afterwards. Almost every major program of Office has also been updated.

Word
Word has been cleaned up a little and the ribbon at the top of the window (where all your editing options are) has been modified slightly to make it more useful. Laying out your documents has been made a lot easier with the ability to insert images directly from the Internet without having to download them first. You’ll also be able to adjust images more quickly due to enhanced alignment tools.

It’s obvious that Word 2013 has been designed for tablets by default, and the window is slightly taller but a lot wider. Some functions like Spell Check also take up a lot more space, which can make it tougher to edit/navigate documents. This could take some getting used to, but shouldn’t pose much of an issue for your employees.

PowerPoint
PowerPoint shines with the new layout, with your project or presentation taking center stage with tools fading into the background. If you’re editing a presentation and you close the program, you’ll get a pop-up offering to take you directly to where you left off last time when you restart the program.

Embedding images and videos is a lot easier with the ability to search for media within PowerPoint and embed it directly, without having to mess with code and downloading images. Media also has quick formatting options which are easily accessed from where show up as a small box beside the media element.

There are also some great new presentation tools, including a preview of the next few slides that only you can see, the ability to zoom in/out on slides, and better ability to jump between slides.

Excel
Excel has also had a similar facelift, with the latest features aiming to help users with their spreadsheets. Select a range of cells and Excel will give you a Quick Analysis option which can suggest ideas about what you may want to do with that data. When creating a chart or graph, Excel will make a suggestion as to the most appropriate chart/graph for the data. With complex data that can be analyzed using pivot tables, Excel will build the tables automatically. Editing of charts, tables and data has also been made easier.

Excel has been made to look more ‘alive’. If you make a change you will visually see the results (if you change data, the resulting chart will update). If you make an error, Excel will now give you detailed explanations about the error, not just the usual error code from previous versions.

Outlook
Outlook has been updated to be more efficient too, and you’ll be able to view and reply to emails directly from the main screen, without having to open emails in a new window. Instead  your emails open in a new pane that’s part of the main screen. You’ll also be able to quickly view all of your unread emails, by simply clicking Unread.

The address book has also received an overhaul, to bring it closer to the one on Windows Phone. It will try to put similar accounts together into one card and addresses can be more easily viewed.

There is a slight downside though, as notifications stack up on the right side of the window. If you’ve been away on vacation and return to 100s of emails, you’ll be flooded with notifications that take up a large portion of the screen. They do fade after a few seconds, but they could prove to be a nuisance.

There have been lots of changes made in Office 15, and no doubt more will be made before the retail release of Office 2013. You can sign up to preview Office 2013 here. While you can try it, we recommend that you don’t implement it as the new office suite in your office until the retail version is released. If you’re as excited as we are about Office 2013, and would like to learn more about implementing it after the release please contact us.

Published with permission from TechAdvisory.org. Source.

September 4th, 2012

The proliferation of mobile medical devices means providers are collecting more data than ever before—but how do you leverage it to improve your practice?

With health-care reform making clinical outcomes more vital, payers and providers alike will likely come to see the value in collecting and analyzing data in order to affect future decision-making. Payers can use it to justify healthcare expenses and drive preventive health-care programs, while providers can use it to improve clinical outcomes.

Despite its value, the use of such “business intelligence,” as it’s called, is rare in medical practices. Lynn Dunbrack, program director for IDC Health Insights, noted, “The recent surveys show about 44 percent of providers see the value in analytics, yet only 26 percent have a business intelligence program in place.”

Electronic medical records are making date a collection easier. More and more, we’re seeing data in consistent formats. Down the road, we may even see vendors begin integrating analytics applications into workflows.

For now, if you’d like to implement a business intelligence plan of your own, remember, it’s not just about collecting the data; it’s about engaging in a conversation about it. "The problem is to take this incredible technical capability and match it with the appropriate insight," says Thomas Payne, MD, medical director of IT services for UW Medicine.

Published with permission from TechAdvisory.org. Source.

September 4th, 2012

It hasn’t been long since the release of the Stage 2 meaningful use final rule—some 700 pages that will define how eligible Medicare and Medicaid providers can qualify for incentive payments—and it’s already getting mixed reviews.

Leaders of the Healthcare Information and Management Systems Society (HIMSS) say the rules allow the health-care community to continue down the road of ensuring health information technology supports the changing health care landscape.

The HIMSS named several significant policy decisions included in the rule, including moving the start date for Stage 2 to 2014; allowing a 90-day reporting period in the first year of Stage 2 and accepting 2013 as the attestation deadline.

Still, many providers are already suggesting there’s a problem—namely, the rule isn't flexible enough, posing difficulties for physicians with fewer resources.

"We remain concerned that physicians have to meet all of the required measures, and failing to meet just one measure would cause a physician to miss out on incentives and even face financial penalties," said Steven J. Stack, MD, board chair for the American Medical Association (AMA).

One problem is that the rule often makes a provider's ability to comply dependent on someone else. For example, 40 percent of lab results must be reported in the universal standard known as LOINC (for the Logical Observation Identifiers Names and Codes)—but some physicians, particularly in small groups and solo practices, may work with smaller labs that don’t use LOINC.

This leaves some issues to be ironed out before you switch over to Stage 2. If you have any questions regarding the switch, please contact us.

Published with permission from TechAdvisory.org. Source.

August 31st, 2012

In many parts of the world, the Internet is quick enough to allow businesses to operate solely in the cloud with relatively few problems. There are however issues with many Internet connections, and at times the service can slow to a crawl, leaving many managers wondering what is going on and how to fix it.

Have you noticed that from time to time the Internet is a lot slower than it should be? If so, this could be because something is hogging all the bandwidth, which is the rate at which data is transferred in and out of one connection. Here are six of the most common bandwidth hogs.

  1. YouTube. If you allow employees to watch YouTube or connect to other streaming services, and they are using it frequently, you’ll notice a significant decrease in overall Internet speed. Some companies have noted that 40 staff using YouTube will account for over half of the total bandwidth usage.
  2. FTP sites. Some companies run FTP sites that host essential files that employees can download. When more employees are downloading/uploading files to the FTP site there’s less bandwidth available for other operations, so the Internet will be slower.
  3. P2P. P2P covers a large number of aspects including video conferencing and sharing of files via programs such as BitTorrent. All P2P services use an incredibly large amount of bandwidth when in operation, slowing the Internet to a point where speeds from 10 years ago were faster.
  4. Online backup. Backing up essential files will capitalize bandwidth leaving very little for other operations. It’s a good idea to conduct backups after office hours to minimize interruptions.
  5. Encryption. In certain industries regulatory bodies require a certain level of encryption, or for companies to take certain steps to secure data. Any extra encryption or security features will slow sites down, however this usually cannot be avoided.
  6. Spam/Virus/Malware. As many scams aim at stealing information the main way this is done is by sending the information over an Internet connection, that is your Internet connection. If you have viruses or other security threats you can guarantee that your Internet will be slower.
If you notice your Internet is slowing down at certain times, it’s a good idea to check and see if any of these six bandwidth hogs are in action. You can:
  • conduct a virus scan to look for malware;
  • ensure your computers aren’t backing up and if they are schedule the backup for later;
  • turn off or block any and all sharing services, and schedule video conferencing for times when bandwidth isn’t needed by other functions; and,
  • limit the bandwidth assigned to YouTube and other streaming services.
Before you tinker with any network connections though, it’s best to contact an expert . We may not just be able to help, but potentially provide an even better solution for you, speeding up your connection and your business success.
Published with permission from TechAdvisory.org. Source.

August 22nd, 2012

One of the biggest technical issues plaguing companies around the globe is security of their systems and information. The vast majority of companies store their data on computers, with many moving some or all of it onto the cloud. When employing the cloud, companies have to trust the provider’s security, which has come under attack with increasing intensity in the past few years.

In this year alone, nearly every major cloud provider has had issues with their services. From natural disasters to hackers, companies have seen their data exposed or unavailable, and this isn’t the first time this has happened. In 2011, Sony Entertainment had nearly 77 million accounts hacked, exposing user’s information, Dropbox had numerous service outages, and Gmail had a 30 hour outage that resulted in 44,000 accounts being lost. The list goes on and issues since 2011 go to show that cloud providers and their systems aren’t invulnerable.

Despite numerous attacks and problems, many data centers where cloud providers have their servers are physically secure. Google’s recent security video is a good example of how secure the physical locations are.

When companies talk about cloud security however, they don’t just talk about how secure their physical location is, they also strive to protect against three other elements:

  1. Service outages
  2. Confidentiality of your personal information and control over who can access it
  3. Privacy of banking details and other related information
By focusing on these four factors cloud providers are able to provide close to 99% security. However, many companies are still at risk when using the cloud and this risk actually comes from inside the company. Nearly every cloud service requires a password to access, but scammers know this and they can attack other services, or your company, to get you to give up your password. Once they have obtained this your data is compromised regardless of where it’s stored. This is what happened in a latest security issue with Dropbox.

If your company utilizes cloud services there are a number of things you need to be aware of when it comes to security:

  • According to all cloud providers, liability for sensitive data stored in the cloud rests with your company, not the provider.
  • Some cloud vendors provide reports written by a neutral third party on the security of their service. These should be taken into account when looking for a provider.
  • As with anything online, you should be taking steps to backup data stored in one cloud to a secure physical location.
  • You should establish a process that encourages your employees to change their passwords at least every three months.
Do you have cloud solutions in your company? If so let us know what your concerns are about security. If not, then let us know why.
Published with permission from TechAdvisory.org. Source.

Topic Security