MediaBytes

Dementia and Alzheimer’s are scary for both patients and caregivers. Right now, there is no cure. Scientists are trying to find ways of prolonging patient’s lives and delaying the onset of the disease. IT Technicians are finding ways to make lives better and caring for patients easier. Some remarkable work is doing things for these individuals that has never been seen or done before.

First, A Word About The Disease

According to Alzheimer’s International, nearly 44 million people worldwide have Alzheimer’s or related dementia. More than 5 million American’s are living with it, and Between 2017 and 2025 every state is expected to see at least a 14% rise in the prevalence of Alzheimer’s. Those statistics are startling, especially since Alzheimer’s disease is irreversible.

Accounting for around 70 perfect of dementia cases, Alzheimer’s Disease is the most common cause of dementia, a group of brain disorders that results in the loss of intellectual and social skills. These changes are severe enough to interfere with day-to-day life. It progressively destroys the brain and ruins memory and thinking skills, and eventually the ability to carry out the simplest tasks.

A Few Other Statistics

• In 2017, Alzheimer’s cost the United States $259 billion.
• By 2050, costs associated with dementia could be as much as $1.1 trillion.
• The global cost of Alzheimer’s and dementia is estimated to be $605 billion.
• Alzheimer’s is the 6th leading cause of death in the United States.
• Between 2017 and 2025 every state is expected to see at least a 14% rise in the prevalence of Alzheimer’s.
• By 2050, it’s estimated there will be as many as 16 million Americans living with Alzheimer’s.
• Every 66 seconds someone in the United States develops Alzheimer’s.
• 1 in 3 seniors dies with some form of dementia.

Technology at its Finest

Because of these sad stats and high numbers, IT experts have come up with some amazing devices that use modern technology to aid in the care of people suffering from memory problems. Here’s a look at a few of the latest innovations.

Clocks

Clocks precisely intended for those with Alzheimer’s and dementia can help ease the stress associated with day to day life. Someone who has dementia may confuse night and day so an easy to read clock can help them to better tell the time.

Medication Management

Medication management technology created high tech automated pill dispensers which beep and open to remind caregivers and those with dementia to take their medicine. Vibrating alarms on a watch have also been fashioned to remind when it’s time for a pill. This technology serves the busy caregiver well by helping them not to forget medication time as well.

Video Monitoring

Video monitoring technology supports both care recipient and caregiver, by allowing both people more freedom. The patient doesn’t feel watched constantly because loved one can spend a little time away, and loved ones get the comfort of being able to see their family even when they’re not in the same house.

GPS Location and Tracking Devices

People with Alzheimer’s or dementia may wander. Tracking devices can be worn by the person in some way and have alert systems that let a caregiver know if their loved one has left a certain area. This type of technology can also alert emergency personnel to aid in a quick recovery.

Picture Phones

Picture phones are specifically designed for people who cannot remember phone numbers. These phones have large numbers and are pre-programmable with frequently called phone numbers. Some of the phones come with clear buttons where photos can be placed so that the person can just push the button associated with the photos to call their loved one quickly.

Electrical Use Monitoring

This device monitors a patient’s use of electrical appliances. It plugs into a wall outlet or power strip and will alert caregivers if their commonly used appliances have not been turned on or off.

Wearable Cameras

Wearable cameras and augmented reality glasses could be the next big thing in helping patients. These devices can take hundreds of pictures every day from the user’s point of view logging their lives in this way.

A Village of Care

In Kitchener, Ontario, something wonderful is happening. Facilities have been designed to be less institutional-looking, friendlier and homier. “Schlegel Villages” is one of the first of its kind and is improving the quality of life for the people that live there.

One problem they deal with though is when at-risk seniors become confused and attempt to leave. According to Schlegel’s IT director, Chris Carde, “Some seniors with certain types of mental illness can remember the door-lock code to get out but can’t remember anything else. A confused senior wandering out into a southern Ontario winter can be a serious, even fatal, incident”.

Schlegel Villages is also implementing an e-health system to replace paper charts at its care facilities. Carde states, “Nurses would have to write down a patient’s vital signs, then enter them into a desktop computer some distance away. The new system, which will use iPads and iPad minis to enter health information directly into the database, is being greeted warmly by clinicians”.

Thinking Outside of the Box

A German senior center applied the idea of using fake bus stops to keep Alzheimer’s disease patients from wandering off. Because their short-term memory is not intact, but their long-term memory works fine, they know what the bus stop sign means, and they stop. It is a huge success in Germany, now they want to bring it to several clinics in North America.

A Final Word

Thanks to these researchers and IT innovators, the future is much brighter for patients with memory diseases and their families and care providers. This is just the beginning when it comes to making life easier. Information Technology has only just begun to scratch the surface of what can be done to help in the fight against dementia and Alzheimer’s.

17 Product Groups Named-Their Production Halted and Update Support Ended After Irrefutable Evidence Uncovered Flaw in Intel Chips.

The information about the Spectre attacks came to light back in January 2018. Intel and other technology firms and vendors were made aware of research findings by Paul Kocher from Spectreattack.com and Jann Horn from Google Project Zero.

Paul’s collaboration team regarding the chip flaw and the notorious Spectre Attacks were:

• Daniel Genkin (the University of Pennsylvania and University of Maryland)
• Mike Hamburg (Rambus)
• Moritz Lipp (Graz University of Technology)
• Yuval Yarom (University of Adelaide and Data61)

The research findings from Paul Kocher’s team and Jann Horn supported what the U.S. Department of Commerce’s agency, NIST (National Institute of Standards and Technology) found. At NIST’s, National Vulnerability Database website is the research published on January 4, 2018.

Take note of these excerpts, the indirect branch prediction and branch prediction in both announcements:

CVE-2017-5715

Current Description: “Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.”

CVE-2017-5753

Current Description: “Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.”

After the findings arrived, on January 3, 2018, Intel responds to Paul and Jann’s security research findings with this disbelieving statement: “Intel believes these exploits do not have the potential to corrupt, modify or delete data.”

With the proof in front of them, Intel believed the research reports were flawed and incorrect. The idea of these acts caused by a “bug”, or a “flaw” was not possible. Their explanation was, “there are many types of computing devices, using different vendor’s operating systems and processors. All are at risk of being exploited.”

But Paul’s team exploited speculative execution and had solid proof.

They experimented on multiple x86 processor architectures. They used the Intel Ivy Bridge (i7-3630QM). The Intel Haswell (i7-4650U). The Intel Skylake (unspecified Xeon on Google Cloud) and finally an AMD Ryzen processor.

In every test, the team observed the Spectre vulnerability across all of these CPUs. Similar results on both 32- and 64-bit modes, and both Linux and Windows. Some ARM processors also support speculative execution, and the initial testing confirmed, ARM processors could not pass the test.

When they attacked using native code, they were able to read the entire victim’s memory address space, including the secrets stored within it, with ease.

When they attacked using Java code, they successfully read data from the address space of the browser process running it, with zero effort.

The research evidence was irrefutable.

Their results showed there was a flaw in Intel chips.

A day later, January 4, 2018, Intel issues updates to protect systems from security exploits. They released this statement: “Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from both exploits (referred to as “Spectre” and “Meltdown”) reported by Google Project Zero.”

Three months later on April 2, 2018, Intel’s Microcode Revision Guidance is released and what’s inside exposed the truth. In this 19-page pdf document, you will find 17 product groups listed, (color-coded in red), productions halted, and update support has ended.

Looking through the guide, you will find the columns listed by Product Names, Public Name, CPUID, Platform ID, Production Status, Pre-Mitigation Production MCU, STOP deploying these MCU revs, and New Production MCU Rev.

The pages with the discontinued products are below:

• Page 4: Bloomfield and Bloomfield Xeon
• Page 7: Clarksfield
• Page 8: Gulftown and Harpertown Xeon CO & EO
• Page 11: Jasper Forest
• Page 12: Penryn/QC
• Page 15: SoFIA 3GR
• Page 16: Wolfdale CO, MO, EO & RO, Wolfdale Xeon CO & EO
• Page 17: Yorkfield & Yorkfield Xeon

When you review the columns, you will see one labeled STOP deploying these MCU revs. Intel’s definition for this column is as follows:

• Intel recommends discontinuing using these select versions of MCU that were previously released with mitigations for Variant 2 (Spectre) due to system stability issues.

Intel also states in their Microcode Revision Guidance Legend:

• “After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release”
• “Microcode updates for these products for one or more reasons including, but not limited to the following:”
• “Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)”
• “Limited Commercially Available System Software support.”
• “Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”

As you can see, Intel’s exhaustive investigation could not discredit Paul, Jann and NIST’s research and proof. Intel decided, due to microarchitectures and microcode capabilities, for the specific products listed, not to move forward and release microcode updates for these products.

If you own a PC, Mac, or Cell phone, a Spectre attack can affect your device. If you use Cloud Services, your provider’s infrastructure may be vulnerable to a Spectre attack and theft of customer’s data. If your device uses any of Intel’s older microprocessors, you may be shopping around for a new machine.

As of May 25^th, 2018, if local businesses aren’t ensuring the highest possible level of data privacy, they’re risking serious financial consequences. The General Data Protection Regulation (GDPR) is coming into effect. What does this mean? All local businesses MUST be ready to take security more seriously than ever before. The EU Parliament approved GDPR in April of 2016 with enforcement set to start in a couple of weeks on May 25^th, 2018.

Who Must Comply with GDPR?

All businesses storing or processing data of people living in the European Union must comply, regardless of where you’re located in the world. The EU is very consumer-focused and always has been. As data travels beyond the borders of the EU, GDPR is designed to help protect citizens as any company, anywhere in the world, is bound by its rules as long as they’re holding data on citizens.

Businesses of all types and sizes – from small one or two person shops to multi-national corporations – must comply. There are no exceptions. For those businesses already complying with the Data Protection Act (DPA), they’re one step closer to being in compliance with GDPR.

What’s the Risk of Non-Compliance?

Local companies who fail to comply with face fines – up to $24 million OR 4% of annual global turnover, depending on which number is higher. In addition to fines, local companies who fail to comply will also face the devastating impact of reputational damage as most consumers won’t feel comfortable working with a company that doesn’t prioritize data privacy.

What Do Local Companies Need to Know About GDPR?

First and foremost, local companies need to know that compliance is not optional. Every organization should become familiar with the provisions of GDPR so they’re aware of the requirements.

Here are a few key facts to know about GDPR:

• Strict parameters must be followed to receive consent for the use and/or storage of data. These parameters require an easily accessible form and withdrawing consent must be simple.
• The right to be forgotten enables consumers to request their personal data be deleted and/or erased immediately with all third-parties halting any processing of said data.
• In the event of a breach, notification must be done within 72 hours of becoming aware of the breach. This means all affected parties must be notified and offered information on the incident.
• Consumers may request to receive their personal data, in order to transmit said data to another data controller as needed. Companies must ensure data is easily accessible to provide upon request.
• Data protection must always be considered when designing any system or solution, which means it cannot be an afterthought or addition done after the system or solution is designed.
• Specific protection is in place for children as they are generally more vulnerable. When storing data relating to or involving children, parental consent must be received for children up to age 16.

Essentially, local businesses will have to review their marketing processes in terms of data mining and remarketing. However, those who have already prioritized data privacy will have less work to do to ensure compliance.

What Steps Must Be Taken to Ensure Compliance?

1. Assess what needs to be done: Review all requirements of GDPR to understand how the provisions impact your company and/or which departments will be affected.
2. Perform a complete audit: Audit what personal data is collected and stored, where the data came from, and who the data is shared with, then record your processing activities.
3. Update all privacy notices: Privacy notices must be updated to communicate how personal data will be used and collected, as well as explaining the lawful basis for processing personal data.
4. Verify data accessibility and portability: Verify that access requests can be accommodated in 30 days and data can be received in a commonly used, machine-readable format.
5. Review instructions for receiving consent: These instructions will help you properly seek, record, and manage consent for the use and/or storage of data.
6. Work with all third-party providers: You can be held responsible for breaches resulting from non-compliance on a third-party providers part, so work with email service providers, CRM providers, and more.
7. Educate every single staff member: ALL staff members must be educated in case they come into contact with information relating to customers.

Lastly, make sure you’re working with a trusted team of technology experts who can help you put all of the tips above into action. You almost certainly WILL require some changes to your information technology environment in terms of how data is stored and processed. A good Omaha IT support company will help with this.

You need a technology services company Omaha businesses trust to help them comply with GDPR. InfiNet Solutions is that technology services company. Call us now at (402) 895--5777 or email us at [email protected] to get started.

Where Did They Go?

In 2017, Microsoft planned to release a lightweight version of Windows 10. This was their effort to provide a Windows solution that delivered a predictable performance by using only Microsoft-verified applications via the Microsoft Store.

Microsoft also wanted to compete with the Google Chromebook and promote Windows 10 S for use in the K-12 education market. Windows 10 S was initially offered as part of the Surface Laptop which is a premium, and quite expensive product. So, this addition to the education market was quite a leap.

Windows 10 S was going to be offered at a reduced price with the option to pay more to “unlock” the full Windows 10 Operating System. But Microsoft changed their minds. They realized that we don’t want to pay extra for something that should have been included, to begin with.

On March 7, 2018, they said:

Based on customer feedback we are simplifying the experience for our customers. Starting with the next update to Windows 10, coming soon, customers can choose to buy a new Windows 10 Home or Windows 10 Pro PC with S mode enabled, and commercial customers will be able to deploy Windows 10 Enterprise with S mode enabled.

What this means is that the Windows 10 S computer has been retired. Instead, Microsoft has decided to incorporate Windows 10 S as a “mode” for all Windows 10 Operating Systems.

Microsoft hopes this new approach will make it possible for their customers to start using the S mode. They say that it provides a streamlined computing experience that enhances security and performance across all editions.

So, for the foreseeable future, Windows 10 S is now a configuration in the Windows 10 Pro and Windows Home computers. The S Mode will lock down Windows 10, so it can only run applications from the Microsoft Store–essentially, exactly what the dedicated Windows 10 S operating system was intended to do.

Microsoft is letting Windows 10 Home users disable the S Mode free of charge. However, Windows 10 Pro customers with S Mode enabled on their device will have to pay $49 to get access to the full version of Windows 10 Pro.

Should You Consider Using the S Mode? The “S” in Windows 10 S was supposed to stand for “simplicity.” Its intent was to provide a productive and secure Windows experience. Microsoft says that it’s designed for superior performance. Starting up, streaming HD video and switching across applications is much faster than with Windows 10.

Windows 10 S only uses apps from the Microsoft Store and provides a safer browsing capability via Microsoft Edge. Because the applications for Windows 10 S only come from the Microsoft Store, the folks at Microsoft say that it ensures security and integrity. And they say that Microsoft Edge is more secure than using Chrome or Firefox browsers. The Windows Defender Antivirus and other security features in Windows are also included in Windows 10 S.

Windows 10 S comes with built-in apps and new features like Cortana, Windows Ink and Windows Hello so you can sign on without a password. It integrates with OneDrive, so you can easily save your files to the cloud and sync them across your other devices. If you decide you want to run applications that aren’t in the Microsoft Store, you can easily switch to Windows 10 Pro (except you’ll have to pay $49 to do so).

What Do Others Think About Windows 10 S?

Microsoft says that 60% of their users stay with Windows 10 S when using third-party devices. And those who do switch, do so within 24 hours of setting up their device. Those who keep using Windows 10 S for a week or so, end up keeping their device in S mode (83 %). These statistics are for low-end PCs as the only high-end computer running Windows 10 S is the Surface Laptop. These users weren’t included in their survey.

It looks like the Windows S Mode is here to stay. But some experts predict that it poses problems for Microsoft down the line. They believe that it’s going to confuse people. While the Home versions offer a free switch path, the charge for the Pro versions could bother users who want more premium devices.

Here is another issue with this change— Microsoft says that AV/Security apps will come in the Windows 10 S mode. But what about the AV software from third-party providers? Will these applications run in the S mode? If so, this defeats the purpose of what the S mode is supposed to do. Does this mean that using these apps will hamper the promised performance in Windows 10 S? We’ll have to wait to see how Microsoft deals with this. But for now, it seems like a contradiction.

Windows 10 S devices span a price range from $189 to $2,199 (for the top Surface Laptop). It’s not impossible to provide solutions for both low-end and high-end device users, but some feel this will be difficult for people to get their minds around.

Windows 10 Spring Creators Update will probably be released with a different name: Windows 10 April Update. However, it’s been delayed while Microsoft rushes to fix a newly-discovered bug. Between the changes with Windows 10 S and now the next Windows 10 update, it seems there’s a lot of “plate-spinning” going on at Microsoft right now.

What Is It?  What Do We Need To Know?  What Should We Do?

If you don’t know what the GDPR is, and if you’re not ready for it, you’re going to get caught short because this is a legal deadline and it’s coming up fast. The General Data Protection Regulation goes into effect May 25, 2018.  It’s a privacy law that the European Union is enforcing to protect the personal data businesses collect. Even if your business is outside of the EU, you must comply.

What is the GDPR?

The GDPR affects all internet business worldwide. It’s a very complex law, so we can’t explain everything here. We’ve provided some resources below that you should check out.  Keep in mind that there are many gray areas where this law is concerned. So, you should do some research to determine how the law affects your organization’s unique situation.

The GDPR is an internet privacy law. All businesses, small or large, and even entrepreneurs who do business on the Internet with consumers located in the European Union need to be aware of how the law affects them.

It doesn’t matter if your company is inside the EU, or anywhere else in the world– If you do business with anyone in the following countries, you must comply with this new law by May 25th:

1. Austria
2. Belgium
3. Bulgaria
4. Croatia
5. Cyprus
6. Czech Republic
7. Denmark
8. Estonia
9. Finland
10. France
11. Germany
12. Greece
13. Hungary
14. Ireland
15. Italy
16. Latvia
17. Lithuania
18. Luxembourg
19. Malta
20. Netherlands
21. Poland
22. Portugal
23. Romania
24. Slovakia
25. Slovenia
26. Spain
27. Sweden
28. United Kingdom

The GDPR is a consumer data protection law. It ensures that individuals can:

• Access their personal data.
• Export their personal data.
• Correct errors to their personal data.
• Object to the processing of their personal data.
• Erase their personal data.

The GDPR applies to the acquisition, processing, and storage of personal data – from initial gathering to final deletion of this data and every point in between. It applies specifically to personal data and anything that pertains to identifiable data such as:

• Names
• Email Addresses
• Physical Addresses
• Phone Numbers
• Birthdate
• Age
• Sex
• Race
• ID Numbers
• Nationality
• Citizenship
• Marital Status
• Family Data
• Health Data
• Physical Characteristics
• Profile Pictures
• Occupation
• Employment History
• Income
• IP Addresses
• Cookies
• (and more)

This could be information you collect automatically from Google, an opt-in, or other collection method online – anything that would identify an individual.

How Will The GDPR Affect My Business?

If your business has a website or an email list, you may be affected.

The GDPR affects any business relationship or transaction whether commercial or free where one or more of the entities are in the European Union. It’s not based on citizenship, rather location.  Any business within the EU must comply with the GDPR across its entire audience. If your business is in any of the 28 European Union Member States, you must comply with the law if you conduct a transaction with anyone located anywhere. If your business is located in the U.S. and you collect data about any business or person in the EU, you must comply with the GDPR.

How Should We Prepare For The GDPR?

There are three requirements you must meet before May 25th.

Controls and Notifications

• Protect personal data using appropriate security.
• Notify authorities of personal data breaches.
• Obtain appropriate consents for processing data.
• Keep records detailing data processing.

Transparent Policies

• Provide clear notice of data collection.
• Outline processing purposes and use cases.
• Define data retention and deletion policies.

IT and Training

• Train privacy personnel and employees.
• Audit and update data policies.
• Employ a Data Protection Officer (if required).
• Create and manage compliant vendor contracts.

Some Examples

Before the GDPR:

Let’s say you offer a whitepaper or free video to people online. Before the GDPR, your prospect provided their information, you gave them the freebie, and the consent was assumed because they accepted your gift.  Pretty easy, right?

After the GDPR:

You can no longer assume that their consent is given if they accept your gift. Now you must specifically obtain their consent. It must be given freely, specifically, and be unambiguous. Nor can you require them to give their consent to receive the gift.

Note: This new standard applies to all of your existing lists. Beginning May 25th, you can no longer send marketing emails to anyone who hasn’t given their precise consent for you to keep their personal information.  Plus, you cannot go back and ask them for their consent. You’ll need a stand-alone system to do this.

What Can We Do To Comply With These Strict Rules?

This is important. You must do this BEFORE May 25, 2018.

Compliance/Preservation

Step 1. Segment your email mailing lists into two parts.

• Non-EU subscribers
• EU-based subscribers and any unknowns

You want to continue to build goodwill with your Non-EU contacts so reach out to them as you would have before.  The EU-based and unknowns you’ll need to re-engage with. Here’s what we mean:

Step 2. Reengage EU-based and Unknowns.

• Before emailing them, add additional value and content to your website.
• Then send them a link to your website and request their specific consent to keep their personal information.
• Set up a system to migrate those who give consent over to it.
• On May 24, 2018, you must delete anyone in this group who hasn’t consented.

Remember, storing and deleting their information is considered processing. That’s why you must do this BEFORE May 25th.

Breach Notification Requirements

The 2018 GDPR replaces the old Data Protection Directive of 1995. The most recent GDPR breach notification requirement was enacted in April 2016.  It set a higher compliance standard for data inventory, and a defined risk management process and mandatory notification to data protection authorities.

Breach notification is a huge endeavor and requires involvement from everyone inside an organization. In-house tech support and outsourced Technology Service Providers should have acquired a good understanding of the consequences a data breach causes and the data breach notification requirements for their organization.  They must be prepared in advance to respond to security incidents.

The Following Are Additional Steps You Should Take To Prepare Your Technology Before May 25th  

Your Technology Solutions Provider Can Help

• Perform a through inventory of your personally identifiable information, where it’s stored–in onsite storage or in the Cloud. And determine in what geographical locations it’s housed. Don’t forget about your databases. PII is often stored in databases.
• Perform a Gap Analysis. This is a process where you compare your organization’s IT performance to the expected requirements. It helps you understand if your technology and other resources are operating effectively. By doing this, your Technology Solution Provider (TSP) can then create an action plan to fill in the gaps. The right TSP will understand the GDPR regulations and how your IT must support your compliance efforts.
• Develop an Action Plan. Your TSP should document a detailed action plan for how to use technology to meet the GDPR if you experience a data breach. This should include individuals’ roles and responsibilities. Conduct tabletop exercises to practice how the plan will work with specific timelines and milestones.
• Ensure data privacy. If you don’t have a Technology Solution Provider, then you need one for this. Data protection is key for any-sized organization. Consumers have the right to have their data erased if they want. This is called “the right to be forgotten.”  This is a concept that was put into practice in the European Union in 2006, and it’s a part of the GDPR. You won’t be able to do this if their data is stolen.
• Be sure to document and monitor everything that you do that’s related to GDPR Compliance. This includes any changes or upgrades that your TSP makes to your IT environment. You may need to demonstrate that you’ve done your due diligence when it comes to protecting citizens’ private information and that you practice “defense-in-depth” strategies where you use multiple layers of security controls when it comes to your technology.

Resources To Check Out For More Information

The European Commission’s website regarding the GDPR:

https://ec.europa.eu/info/law/law-topic/data-protection

Wikipedia

General Data Protection Regulation

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

Information from the service vendors you use:

• Mail Chimp
• Salesforce
• Google
• Microsoft

These and other services have GDPR-centric webpages with helpful information that impacts your relationship with them, how they handle processing, and how they can help you comply with the new regulations