Blog

Want To “WOW” Your Boss With Professional Diagrams And Flowcharts?

I Have Some Tips For You.

Microsoft Visio

I often get asked by my boss to take the data she accumulates and put it into easy-to-read diagrams and charts. I was using Excel until just recently, which is great, but I needed something with more functionality and design choices. Then I found Microsoft Visio. I think it’s one of the best options available today to create diagrams and flowcharts. I have access to so many great templates and shapes that give my work the professional look my boss requires.

I really didn’t know much about Visio until a colleague told me about it. And when I gave it a try, I was sold. Now my diagrams can be as simple or complicated as I want. Visio provides all the tools and functions I need and comes with a wide variety of built-in shapes, stencils, and objects. I can even create my own shapes and import them if I want.

Have you heard about Visio Online? Microsoft Visio 2016 Viewer lets you view Visio drawings inside your Microsoft Internet Explorer Web browser. It’s a web-based version of Visio. So, when I’m away from the office I can still use it to design, create, edit and share diagrams and flowcharts online. I just upload my Visio diagrams and flowcharts to either SharePoint or OneDrive for Business and edit them in my browser.

Now I can collaborate with my team to streamline projects and work with them on diagrams right from my web browser. And I don’t have to worry about security. The only people who have access to my charts are the ones I authorize. I can even review their comments and add my own directly from my browser. And here’s another plus!—I can store all my diagrams in our OneDrive cloud storage that has 2GB of space.

What my team and I like best about MS Visio is that it’s so easy to use. It’s simple to create top-notch diagrams with commonly-used diagram types and rich shape sets. It’s easy to collaborate with team members and stakeholders, view and add comments, and share the diagram with others. We can pull external information into Vision such as an Excel sheet, or Access database. Now when my boss sends tons of data to me, I pull up my Visio, Excel or Access and design fantastic diagrams in just an hour or so. (She thinks I work all weekend to get this done!)

In case you didn’t know, Visio 2016 was released in September 2015 along with Microsoft Office 2016. It has dozens of templates you can use for a multitude of industries and verticals.

A few new features were added such the ability to connect to Excel data, information rights management for your Visio files, modern and detailed shapes for site plans and floor plans, IEEE-compliant electrical diagrams and home plans (architects, contractors, engineers, and designers will like these), and even 3D map diagrams. Plus, it comes with a bunch of new starter diagrams, themes, and built-in shapes–Hundreds of them! All these shapes are categorized, so they’re easy to find and choose from.

Want to know some really helpful Visio tips? I’ll share them with you here. I now consider myself a Visio expert, and I know there are a lot of beginners out there who might appreciate them.

Text Editing

Sometimes you need to edit text when you’re putting everything together, and not all applications let you do this. However, it’s easy to do in Microsoft Visio: Just click on the shape next to your text and press the F2 button. That’s it. Now you can edit as you wish–Simple! When you’re finished just press “Esc” to get out of the text-edit mode.

Shortcuts

  • F1 -for Help
  • Tab key to switch between shapes
  • Crtl+1– for the “selector” cursor
  • Ctrl+2 – for the text tool
  • Crtl+3– for connector lines
  • Alt for the main toolbar.
  • F3 for the Format Shape task pane
  • Crtl+PageUpor PageDown to move between sheets
  • Ctrl+ scroll up or down with the mouse to zoom in and out
  • Ctrl+click on and drag an object to copy and paste it in another place.  

Draw Shapes

The Drawing Tool is next to the Pointer Tool on the Ribbon. Click on the arrow and select a shape from the drop-down menu. Then you can start drawing your shape. Try combining shapes with the Pencil Tool to make more complex or intricate shapes. You’ll be an expert before you know it.

Save Shapes

If you want to save a shape that you made, Visio lets you do this. Look on the left of the toolbar for “More Shapes” > “New Stencil” and drag and drop your shape into the blank space. Then right-click it and choose “Save As.” Now, just rename the shape and save it.

Add Files

With Visio, you can copy anything from other Microsoft Office apps and paste it into your diagram or flowchart. So, if you have an Excel table or diagram, just copy and paste it right into your Visio diagram or flowchart. This saves you from having to redraw it. You can now proceed with Visio’s editing tools.

Create Flow Charts Quickly in Visio Online.

  1. Choose the Basic Flowchart diagram.
  2. Choose a shape from the Shapes Panel and drag/drop it into your canvas.
  3. Hold your pointer over the shape until you see the Auto-connect arrows.
  4. Move the pointer to one of the Auto-connect arrows. You should see Quick Shapes where you can choose the shape you want to add.
  5. If you want to add some text, double-click the shape.
  6. You can add more shapes by dragging and dropping them from the Quick Shapes list.
  7. Use the smart guides to align your shapes the way you want.

Before long, you’ll be an expert in Microsoft Visio. I hope this helps, and you get the kudos from your boss that I did from mine!

Want To “WOW” Your Boss With Professional Diagrams And Flowcharts? Read More »

Why I No Longer Charge My Mobile Phone Overnight and Why You Shouldn’t Either

I just read this warning: “Don’t overcharge your mobile phone. Make sure you unplug it from the charger after it reaches 100%. Don’t leave it charging overnight.”

Why is this?

It’s because your mobile phone charger doesn’t stop charging after your phone reaches 100% capacity. It keeps topping off the charge during the night. This is called a “trickle charge.”

Charging Mobile Phones

While you’re sleeping, and the phone is plugged in, it works to keep fully charged by compensating for the small amount of charge it loses by just being turned on. This is bad because the trickle charge causes your mobile phone to retain a higher ambient temperature than it should. This ultimately reduces the battery’s capacity.

I wondered why I couldn’t seem to keep my phone charged all day. It’s barely three-years-old, and I’m already having battery issues! Now I know why. I’ve been damaging the battery all this time by charging it at night while I sleep. I wish I had known this before!

Mobile phones contain a rechargeable lithium-ion (or Li-ion) battery that charges faster than traditional rechargeable batteries. So, when we plug our iPhone or Android into a charger, it can get fully charged in just about two hours.

By keeping our phones charged overnight we’re increasing the amount of time it spends on the charger, thereby degrading its battery capacity that much sooner.

Hatem Zeine, the founder of Ossia, a developer of wireless charging technology, tells us: “If you think about it, charging your phone while you’re sleeping results in the phone being on the charger for 3-4 months a year. So even though the manufacturers try their best to cover this scenario, this process inevitably lowers the capacity of your phone’s battery.”

Batteries decay from the moment you start using your new phone. This means they gradually lose their ability to hold a charge. By charging your phone overnight, you’re increasing the amount of time it spends with the charger. As a result, it degrades the capacity much sooner.

If you’re like me, you’re always on your phone checking text messages, emails, calling people, listening to music, watching videos, surfing the Web and more. It’s no wonder the battery runs down so quickly. However, if we’re careful about the way we recharge our phones, we can get much more life from the battery.

The people at Cadex Electronics that make lithium phone batteries say:

“Go ahead and charge to 100%. There’s no need to worry about overcharging as modern devices will terminate the charge correctly at the appropriate voltage…Modern smartphones are smart, meaning that they have built-in protection chips that will safeguard the phone from taking in more charge than what it should. Good quality chargers also have protection chips that prevent the charger from releasing more power than what’s needed. For example, when the battery reaches 100%, the protection hardware inside the phone will stop current from coming in, and the charger will turn off.”

However, they go on to say:

Li-ion does not need to be fully charged as is the case with lead acid, nor is it desirable to do so. In fact, it is better not to fully charge because a high voltage stresses the battery.”

Don’t wait until your phone battery gets to 0% to charge it. A good time to charge it is when the battery reaches 35-45%. Doing this will help to preserve the battery life. If you do this religiously, then you should be able to keep your smartphone for longer than two years.

So essentially what I’ve learned is that rechargeable batteries are doomed to failure. They are constantly decaying from the moment you first turn on your brand-new phone and eventually lose their capacity to hold a charge. How depressing!

This is why my phone keeps losing its charge more quickly the longer I have it! I’ve owned my current iPhone 7 for over two years, and I’ve experienced a significant reduction in battery capacity.

Even worse, Apple tells us that constantly charging and recharging the iPhone battery isn’t good because the capacity of Li-ion batteries diminishes slightly with each charging cycle.

Most Android phones have a feature that allows for fast charging. They also have a chip with a Power Management IC (PMIC) that tells the charger when it’s receiving the higher-voltage fast charging to prevent it from overheating. Heat is a bad thing for all mobile phones. This is why you should never leave your phone in a hot car. The same goes for freezing temperatures.

So, what do the experts advise us to do? How should we charge our smartphones?

Here’s what the people at Cadex say to do:

“Don’t wait until your phone gets close to a 0% battery charge until you recharge it. Full discharges wear out the battery sooner than do partial discharges. Wait until your phone gets down to around a 35% or 40% charge and then plug it into a charger. That will help preserve the capacity of the battery. You should also keep your phone cool, as higher temperatures accelerate the loss of battery capacity.”

Another tip: Take off your phone’s case before you charge it so it won’t overheat.

Well, I guess this is the reason why I never seem to keep a phone longer than two years. This, coupled with the fact that Apple keeps coming out with cool new phones entices me to replace my old one. I know–This can be an expensive proposition. Maybe this is what the phone companies planned for all along–To keep us buying new phones! And with the pay-by-the-month plans that providers now offer, they make it even easier to swap out our not-so-old phones for a new one.

But for those of you who want to keep your phones for longer than two years, charge your phone during the day after it reaches 35 to 40 percent and unplug it when it reaches 100%. This might get you more longevity from your Li-ion battery so you can hang onto your phone for another year or so.

Why I No Longer Charge My Mobile Phone Overnight and Why You Shouldn’t Either Read More »

New Threat Alert From The FBI – Password Spraying

7 Steps To Protect Yourself

You probably use a number of personal identification numbers (PINs), passwords, and passphrases to get money from ATMs, to use your debit card when shopping, or to log in to your personal or business email. Hackers represent a real threat to both your personal and business password security and confidential information. Now, these criminals are using a technique called Password Spraying to steal your information.

Password Spraying

According to information derived from FBI investigations, malicious cyber actors are increasingly using password spraying against organizations in the United States and abroad. In February 2018, the Department of Justice in the Southern District of New York indicted nine Iranian nationals, who were associated with the Mabna Institute, for computer intrusion offenses. However, password spraying isn’t limited to this group. Other hackers are using it to gain access to both personal and business confidential information.

Manhattan U.S. Attorney Geoffrey S. Berman said: “Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code. As alleged, this massive and brazen cyber-assault on the computer systems of hundreds of universities in 22 countries, including the United States, and dozens of private sector companies and governmental organizations was conducted on behalf of Iran’s Islamic Revolutionary Guard. The hackers targeted innovations and intellectual property from our country’s greatest minds. These defendants are now fugitives from American justice, no longer free to travel outside Iran without risk of arrest. The only way they will see the outside world is through their computer screens, but stripped of their greatest asset – anonymity.”

How Does Password Spraying Work?

Password spraying is a type of brute force attack where hackers use a username with multiple passwords to gain access to your IT system. With traditional brute force attacks, the criminal uses one username with multiple passwords. Employing a lockout functionality, which locks the criminal out after a set number of login attempts, is an effective means of dealing with traditional brute force attacks.

However, with a password-spray attack (also known as the “low-and-slow” method), the malicious cyber actors use a single password against many accounts before moving on to another password. They continue this process until they find one that works. This strategy works for them because they can avoid account lockouts. It circumvents lockout functionality by using the most common passwords against multiple user accounts until they find one that works.

Password spraying targets single sign-on (SSO) and cloud-based applications using federated authentication. A federated authentication identity provides single access to multiple systems across different enterprises. Criminals target federated authentication protocols because it disguises their activities and ensures their anonymity.

Attackers use password spraying in environments that don’t use multi-factor authentication (MFA), rely on easy-to-guess passwords, or use SSO with a federated authentication method.

 

Your Email Is Also At Risk

Hackers also prey on email accounts that use inbox synchronization (which pulls emails from the Cloud to inboxes on remote devices). Malicious actors use inbox synchronization to obtain unauthorized access to your organization’s email directly from the Cloud. Then they download email to locally stored files, identify your company’s email address list, and secretly apply inbox rules to forward your sent and received messages to them.

The United States Computer Emergency Readiness Team (US-CERT) details how hackers use password spraying, what you should watch out for, who is at risk, and the impact this type of attack can have on your organization.

Your Technology Service Provider can explain this to you and your employees in plain language, and help you protect your organization against password spraying and other attacks.

 Traditional Tactics Techniques & Procedures

  • Using social engineering tactics to perform online research (i.e., Google search, LinkedIn, etc.) to identify target organizations and specific user accounts for initial password spray
  • Using easy-to-guess passwords (e.g., “Winter2018”, “Password123!”) and publicly available tools, execute a password spray attack against targeted accounts by utilizing the identified SSO or web-based application and federated authentication method
  • Leveraging the initial group of compromised accounts, downloading the Global Address List (GAL) from a target’s email client, and performing a larger password spray against legitimate accounts
  • Using the compromised access, attempting to expand laterally (e.g., via Remote Desktop Protocol) within the network, and performing mass data exfiltration using File Transfer Protocol tools such as FileZilla

Indicators That You’ve Been Attacked

  • A massive spike in attempted logins against the enterprise SSO portal or web-based application;
  • Using automated tools, malicious actors attempt thousands of logons, in rapid succession, against multiple user accounts at a victim enterprise, originating from a single IP address and computer (e.g., a common User Agent String).
  • Attacks have been seen to run for over two hours.
  • Employee logins from IP addresses resolving to locations inconsistent with their normal locations.

Typical Victim Environment

The vast majority of known password spray victims share some of the following characteristics:

  • Use SSO or web-based applications with the federated authentication method
  • Lack multifactor authentication (MFA)
  • Allow easy-to-guess passwords (e.g., “Winter2018”, “Password123!”)
  • Use inbox synchronization, allowing email to be pulled from cloud environments to remote devices
  • Allow email forwarding to be set up at the user level
  • Limited logging setup creating difficulty during post-event investigations

The Impact

A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:

  • Temporary or permanent loss of sensitive or proprietary information;
  • Disruption of regular operations;
  • Financial losses incurred to restore systems and files; and
  • Potential harm to an organization’s reputation.

7 Steps You Can Take To Mitigate Password Spraying Attacks

  1. Enable MFA and review MFA settings to ensure coverage overall active, internet facing protocols.
  2. Review password policies to ensure they align with the latest NIST guidelines and deter the use of easy-to-guess passwords.
  3. Review IT helpdesk password management related to initial passwords, password resets for user lockouts, and shared accounts. IT helpdesk password procedures may not align with company policy, creating an exploitable security gap.
  4. Many companies offer additional assistance and tools that can help detect and prevent password spray attacks, such as the
  5. Make sure your employees change their corporate passwords every 60 days.
  6. Establish a password policy that prohibits easy-to-guess passwords. Enable multi-factor authentication (MFA) for all web-based applications. If MFA practice is already in place, review current protocols thoroughly to ensure it is maintained well
  7. Ask your Technology Solutions Provider to conduct Security Awareness Training for your employees at all levels.

The FBI Reporting Notice

The FBI would like you to report any suspicious or criminal activity to your FBI field office or the FBI’s 24/7 Cyber Watch (CyWatch). Field office contacts can be identified at www.fbi.gov/contact-us/field. CyWatch can be contacted by phone at (855) 292-3937 or by e-mail at [email protected].

Your report should include:

  • The date,
  • Time,
  • Location,
  • Type of activity,
  • Number of people affected,
  • Type of equipment used for the activity,
  • The name of your company or organization, and
  • A designated point of contact.

New Threat Alert From The FBI – Password Spraying Read More »

Getting the Most Out of Your Business Website

Today’s internet has literally changed the way businesses function. It has redrawn the boundaries and changed the rules of competition in today’s business climate. The Internet has allowed business owners to create much closer relationships with their customers. In addition, it has given consumers more power through access to unlimited information.

Business Website

Regardless of the size of your business, you probably have a website and a pretty decent one at that. In fact, websites are not as costly as they once were to build and manage. Thanks to the increase in the number of web developers and online sites that host websites, almost anyone can have a website if they want it.

For savvy business owners, their website is the key to greater sales and stronger relationships with customers. A successful website is constantly adding new content that offers value to consumers. They update the site regularly with the latest security and technology. A company with an amazing website almost always excels in the marketplace over competitors who don’t. Why? Because they understand that their business website is the voice of their company online.

Websites have become a valuable commodity to business owners. They are the first stop of prospective clients who want to find more information about your business. Current clients also rely on websites to find product information and updates. Your website is the place where all the action takes place each day. Your website can make or break your business. Knowing how important websites are, most business owners are interested in learning how they can get the most out of their site.

Allow your website to communicate your story to clients

With the understanding that websites do speak to your customers, you should ask yourself the question, “What do you want your website to say to customers?”

Each day, you must make sure that the information you provide is important to your customers and that it’s accurate. Does it resonate well with them? Will it make them want to purchase your products or services? Image is everything in a business. Since your website represents the first image that people have concerning your business, it’s important to make a good first impression. As it is commonly said, first impressions matter. What story do you want the website to tell?

The best websites always tell a compelling story. Sometimes your story is all about why you started your business and sometimes it’s more about your roots, your background. Great businesses have a unique reason for their existence. Bill Gates got the idea for Microsoft when a friend, Paul Allen, showed him the 1975 issue of Popular Electronics. This issue featured a story on the Altair 8800, one of the first microcomputers. Both Gates and Allen saw the potential for developing a programming language for the computer. The rest is history.

In putting together the story behind your business, it may be necessary to hire a good writer to help craft the message. This expense is well worth it. Once you create a great story that customers can relate to, your next job is to write professional content for your site. Though your budget may initially be small, you can go back and redo this once you have the time and money to do so. Usually, your website is a work in progress anyway. It is constantly evolving and changing as your business grows.

Good content will make customers feel that they need your goods and services to meet a need in their lives. You should include information about how these goods or services are better than those offered by others in the same industry. Many of today’s most successful brands have become indispensable to their customers. Think about how Prada and Louis Vuitton have changed the handbag industry. Their customers feel a strong urge to own one of these exclusive handbags and many are priced in the thousands of dollars.

Provide contact information

Imagine locating a website online, and the information given therein is attractive. You read through their homepage and look at what they offer. In your mind, you are convinced that this is it. They are exactly what you need. You pick up your phone while scrolling down, looking for the contacts page and you find nothing. No phone number, no email address, no physical address, nothing. This can be frustrating, right? In fact, most people will get disheartened immediately. They will look elsewhere for other products. Consumers feel that if there’s no contact information, then the business must be shady. So it’s important to include your physical location, email address and phone number. This degree of transparency tells consumers that you have nothing to hide.

Collect lead information

If you have been in business long enough, you know that some clients will visit your website more than once before they decide to make a purchase. Do not despair, this does not mean that your website is not fulfilling its mandate. It simply means that many customers enjoy doing lots of shopping before they make a purchase. In the meantime, you can collect lead information using a lead capture form. This will give you the opportunity to send them regular email updates about specials you might have. Often, if a prospective customer gets an email telling them they can get a discount by making a purchase right away, they will do so. Everyone loves to get a great deal.

User friendly navigation

The whole science behind user experience has grown tremendously in the past ten years. A site must be intuitive, responsive and user friendly. You cannot afford to hide things or make it hard for customers to get information. Websites that are difficult to understand end up chasing customers away. Try to get regular feedback from users. Find out what people are saying about your site. Correct any issues you may have right away.

Final thoughts

All in all, if you maximize each component of your website, you will discover the magic that a great site can offer. Customers will visit often. They will tell their friends about your site. An amazing website truly is priceless.

Getting the Most Out of Your Business Website Read More »

FBI Issues Cyber Security Warning

Russian Hackers Target Routers in 50 Countries Worldwide

FBI Cyber Security Warning

In a day and time when everyone is being super careful not to click on suspicious links, there’s a new threat lurking. Just about every home and office has a router. It’s an inconspicuous piece of equipment that most of us rarely think about. And now, a new alert issued by the FBI says that Russian hackers have targeted routers in 50 countries around the world.

Just last week, the FBI issued a warning stating that a malware botnet known as VPNFilter was responsible for taking over millions of routers worldwide. The affected routers are thought to be primarily consumer-grade routers purchased at Best Buy and other retail and online electronic stores. The authorities also believe that routers provided by internet service providers such as Frontier Communications, Spectrum, and Charter have been affected. Commercial grade routers found in many businesses are also at risk.

Why the router?

Routers are rarely updated. Unlike the operating system on a smartphone or computer, most router manufacturers do not send out regular updates for their products. Last January, a complaint was filed against router manufacturer, D-Link. In the complaint, the FTC said that the manufacturer was leaving their users at risk by not installing adequate security measure. Their failure to do so had left many consumers open to attacks from hackers.

Experts are now saying that there’s no incentive for router manufacturers to release regular updates to their products that could stave off attacks. Up to now, these manufacturers have not been held liable and when there’s no liability, manufacturers will often take cost-saving shortcuts.

How hackers are getting in

Using malware to target the VPNFilter, cybercriminals are able to collect user data. Once the hacker has control of the router, they can use it to eaves drop on consumers. This weakness also allows hackers a doorway to all home computers, TVs, smartphones, or anything connected via the router.

The FBI recently discovered one website that hackers had set up to use in their attack. This website was designed to give instructions to the routers that had been taken over. Though shutting this site down did cut off one avenue of attack, the FBI warned that millions of routers were still infected. This leaves millions of consumers around the world vulnerable and most users will not even realize they’ve been hacked.

Who is responsible for the hacks?

The Justice Department said the hacking group referred to itself as “Sofacy” and that they answered to the Russian government. The hacking group also goes by the names Fancy Bear and APT28 and they have been involved in some very high-profile targets over the last few years. This group was blamed for the hacks carried out during the 2016 presidential campaign that targeted the Democratic National Convention.

Cisco Systems Inc. performed its own investigation and found that the targeted routers include Netgear, Belkin’s Linksys, QNAP, Mikro Tik, and TP-Link. There may be others involved as well and most were purchased by consumers at local electronic stores and online. Cisco shared the results of their investigation with the Ukrainian government and the U.S. The FBI said that they believe some of the affected routers were also provided by internet service companies.

What routers have been infected?

Authorities have put together a list of the known affected routers, but recommend that everyone take the precaution of rebooting the router and changing the password as soon as possible. The known affected routers include:

  • Linksys (Models E1200, E2500 & WRVS4400N)
  • Netgear (Models DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000)
  • Mikrotik Cloud Core Routers (versions 1016, 1036 & 1072)
  • TP-Link R600VPN
  • QNAP NAS devices running QTS software
  • QNAP (Models TS251 & TS439 Pro)

New types of warfare between Russia and the Ukraine

Russia has long been involved in attacks against the Ukraine and Ukrainian companies due to ongoing hostilities between the two countries. In the past, these attacks have cost millions of dollars and exposed the personal, confidential information of both businesses and individuals. At least one attack was responsible for an electricity blackout in the Ukraine.

The Ukrainian government recently stated that the Russian government was planning a cyber-attack against some privately held companies, along with Ukrainian state bodies. They believe these attacks were meant to disrupt the Champions League soccer finals which were being held in Kyiv.

What to do next

Experts are recommending that everyone using a router shut it down and reboot it. They also recommend disabling remote manager settings. If at all possible, upgrade the router to the latest firmware and change your password.

Managed IT providers are recommending many commercial grade firewalls and routers for business owners who have quite a bit more to lose than the average consumer. They have stated that commercial grade firewalls and routers offer powerful firewall technologies and some offer wireless access point that offers stronger protection for the home or office.

Consumer-grade routers used by the average individual are most at risk. Businesses who have remote employees working from home often forget that these workers present a weak area that hackers can take advantage of. Most individuals have never upgraded their router’s firmware or changed the original password that came with the router. IT experts believe that hackers will eventually exploit all weaknesses like this.

An ongoing risk

The FBI warned, “The size and scope of the infrastructure by VPNFilter malware is significant.”

Their experts said that hackers could render the routers affected completely inoperable if they wanted to, but that wasn’t their primary goal. Instead, they were planning to steal data off the computers, phones, and other connected devices by taking over the routers that controlled internet access. The FBI stated that the malware would be very hard to detect even by professionals because of encryption and other tactics used by the hacking group.

In addition to rebooting routers and changing passwords experts recommend contacting your internet service provider for possible firmware updates or other guidance.

FBI Issues Cyber Security Warning Read More »

How Managed Networks Can Deliver Better Wi-Fi Service

It’s one thing for a business to have installed Wi-Fi networks, but it’s another thing to ensure that the equipment is and will continue to work properly. This means the network should be able to continue supporting the growing demands of a business. It should be able to upgrade automatically whenever necessary to provide the latest and most convenient improvements available. This may sound simple and manageable by the IT staff, but it can be challenging.

Managed Networks

Having in-house IT staff means that you have to get in line with other departments and wait your turn before you get help. They already have enough work each day so your Help Desk request may get pushed to the back. This is just one reason why it can be beneficial to have a trusted partner manage your Networks and computers.

The Right Fit

So many managed IT providers say that they’ll be there when you need them. How can you find the right fit for your business? It can be challenging in this day and time, simply because of all the many great choices. But, it can be helpful to sit down with your supervisors and talk to them about the ideal IT provider – someone who will take the time to listen to you, show concern about getting it right for you, someone who really will become a trusted partner.

A good IT partner will stay on top of daily maintenance for your hardware and software. They’ll keep the Wi-Fi equipment running smoothly. They will make recommendations about new products your company could benefit from. If you could find an IT service provider who stands by their promises, imagine how much easier your life would be. Your company would stop demanding so much of your time. You might actually get a vacation this year.

How to find your IT Managed Services Provider

Talk to other businesses owners in your area. Ask them to recommend someone. Check all names, credentials, and reputations online. You can find out quickly whether someone has a good strong reputation in the business world. Visit the company and meet some of their staff members. Do they seem capable, knowledgeable and skilled? If you walk in and find a young receptionist on the phone with her boyfriend and two of the techs in the back flirting, then get out of there quickly! That’s not the right place for you.

You’re serious about your business. You want it to succeed for yourself and especially for your family. So don’t settle for lame vendors that never show up and don’t do good work when they do meander by your place. Take as much time as you need finding a professional team of IT techs who know their jobs exceptionally well and love to come to work each day. These guys will know what’s going on when you get the Blue Screen of Death. They can fix it remotely in just a few minutes and you’re back to work.

Communicate your needs

When you find the right IT managed support team, sit them down at your office and make it clear that you want the very best they can give. You’re in this to win it and if they want to go along for the ride, they’re welcome. But they will have to pull their weight.

When you set down some guidelines right at the beginning of any relationship, you’ll find that the relationship is much more rewarding for both people. Of course, there will be contracts to sign that will state and include everything you talk about. A good contract is clear about what your responsibilities are and what the IT provider will provide. The cost should be included and can be a monthly charge or a fixed price you pay several times a year. Most vendors will work with you because they want your business.

Below, are just a few of the more important IT and networking services/products that your business needs:

  • Cloud storage and backup
  • Remote monitoring/management of servers, desktops, mobile devices
  • Business continuity plan in case of disaster
  • Cybersecurity for all computers and devices
  • Regular preventative maintenance
  • Scalability
  • 24/7 tech support

There are many other services you could opt for and you should discuss this with your IT professional.

The best managed wireless is all about handling many different services well. Every phone and computer should be secure even those of remote workers. Communications should be up and running 99 percent of the time. If you run a hospital or medical office, then you understand the importance of a good communication system. Most providers will suggest VoIP. It’s cloud-based and dependable, plus it can fit nicely in any budget.

With managed services, an organization should not have to worry about maintaining their Wi-Fi networks. Work with someone you have confidence in; someone who will exceed your expectations. You need a good, trusted IT service provider who is willing to get to know your business and work right alongside you to see it grow. Don’t settle for less than the best!

How Managed Networks Can Deliver Better Wi-Fi Service Read More »

FBI Issues Warning

As you may be aware, the FBI issued a warning last week about a malware botnet called VPNFilter. This malware originated in Russia and attacks “consumer-grade” routers typically purchased from retailers such as Best Buy andor installed in homes by Internet Service Providers such as Spectrum, Time Warner, and Charter.

VPNFilter

The malware has not been found to infect commercial grade routers typically installed in your business, such as those from Cisco, Fortinet, SonicWALL or others. If you or any of your staff has one of the following routers installed at home, we recommend the Internet Service Provider be contacted for guidance.

At a minimum, the router should be rebooted – and the router password should be changed to one with a fair amount of complexity. (ISP technicians have a reputation for often not changing the simple “factory default” password when they install a router.) In some cases, a router firmware upgrade may be required.

The affected routers identified so far are:

  • Linksys (Models E1200, E2500 & WRVS4400N)
  • Mikrotik Cloud Core Routers (versions 1016, 1036 & 1072)
  • Netgear (Models DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000)
  • QNAP (Models TS251 & TS439 Pro)
  • QNAP NAS devices running QTS software
  • TP-Link R600VPN

While we are unable to manage the consumer-grade routers targeted in this attack, We can offer you a powerful network security appliance (router/firewall/wireless access point) that can provide commercial-grade protection at your home or office.

If you have teleworkers or executives who access your network by working from home, you should be concerned about business risks created by consumer-grade routers. A relatively inexpensive corporate or business-grade firewall is likely an appropriate solution. Please let us know if you would like more information.

FBI Issues Warning Read More »

IT Helps Dementia Patients

Dementia and Alzheimer’s are scary for both patients and caregivers. Right now, there is no cure. Scientists are trying to find ways of prolonging patient’s lives and delaying the onset of the disease. IT Technicians are finding ways to make lives better and caring for patients easier. Some remarkable work is doing things for these individuals that has never been seen or done before.

Dementia Technology

First, A Word About The Disease

According to Alzheimer’s International, nearly 44 million people worldwide have Alzheimer’s or related dementia. More than 5 million American’s are living with it, and Between 2017 and 2025 every state is expected to see at least a 14% rise in the prevalence of Alzheimer’s. Those statistics are startling, especially since Alzheimer’s disease is irreversible.

Accounting for around 70 perfect of dementia cases, Alzheimer’s Disease is the most common cause of dementia, a group of brain disorders that results in the loss of intellectual and social skills. These changes are severe enough to interfere with day-to-day life. It progressively destroys the brain and ruins memory and thinking skills, and eventually the ability to carry out the simplest tasks.

A Few Other Statistics

  • In 2017, Alzheimer’s cost the United States $259 billion.
  • By 2050, costs associated with dementia could be as much as $1.1 trillion.
  • The global cost of Alzheimer’s and dementia is estimated to be $605 billion.
  • Alzheimer’s is the 6th leading cause of death in the United States.
  • Between 2017 and 2025 every state is expected to see at least a 14% rise in the prevalence of Alzheimer’s.
  • By 2050, it’s estimated there will be as many as 16 million Americans living with Alzheimer’s.
  • Every 66 seconds someone in the United States develops Alzheimer’s.
  • 1 in 3 seniors dies with some form of dementia.

Technology at its Finest

Because of these sad stats and high numbers, IT experts have come up with some amazing devices that use modern technology to aid in the care of people suffering from memory problems. Here’s a look at a few of the latest innovations.

Clocks

Clocks precisely intended for those with Alzheimer’s and dementia can help ease the stress associated with day to day life. Someone who has dementia may confuse night and day so an easy to read clock can help them to better tell the time.

Medication Management

Medication management technology created high tech automated pill dispensers which beep and open to remind caregivers and those with dementia to take their medicine. Vibrating alarms on a watch have also been fashioned to remind when it’s time for a pill. This technology serves the busy caregiver well by helping them not to forget medication time as well.

Video Monitoring

Video monitoring technology supports both care recipient and caregiver, by allowing both people more freedom. The patient doesn’t feel watched constantly because loved one can spend a little time away, and loved ones get the comfort of being able to see their family even when they’re not in the same house.

GPS Location and Tracking Devices

People with Alzheimer’s or dementia may wander. Tracking devices can be worn by the person in some way and have alert systems that let a caregiver know if their loved one has left a certain area. This type of technology can also alert emergency personnel to aid in a quick recovery.

Picture Phones

Picture phones are specifically designed for people who cannot remember phone numbers. These phones have large numbers and are pre-programmable with frequently called phone numbers. Some of the phones come with clear buttons where photos can be placed so that the person can just push the button associated with the photos to call their loved one quickly.

Electrical Use Monitoring

This device monitors a patient’s use of electrical appliances. It plugs into a wall outlet or power strip and will alert caregivers if their commonly used appliances have not been turned on or off.

Wearable Cameras

Wearable cameras and augmented reality glasses could be the next big thing in helping patients. These devices can take hundreds of pictures every day from the user’s point of view logging their lives in this way.

A Village of Care

In Kitchener, Ontario, something wonderful is happening. Facilities have been designed to be less institutional-looking, friendlier and homier. “Schlegel Villages” is one of the first of its kind and is improving the quality of life for the people that live there.

One problem they deal with though is when at-risk seniors become confused and attempt to leave. According to Schlegel’s IT director, Chris Carde, “Some seniors with certain types of mental illness can remember the door-lock code to get out but can’t remember anything else. A confused senior wandering out into a southern Ontario winter can be a serious, even fatal, incident”.

Schlegel Villages is also implementing an e-health system to replace paper charts at its care facilities. Carde states, “Nurses would have to write down a patient’s vital signs, then enter them into a desktop computer some distance away. The new system, which will use iPads and iPad minis to enter health information directly into the database, is being greeted warmly by clinicians”.

Thinking Outside of the Box

A German senior center applied the idea of using fake bus stops to keep Alzheimer’s disease patients from wandering off. Because their short-term memory is not intact, but their long-term memory works fine, they know what the bus stop sign means, and they stop. It is a huge success in Germany, now they want to bring it to several clinics in North America.

A Final Word

Thanks to these researchers and IT innovators, the future is much brighter for patients with memory diseases and their families and care providers. This is just the beginning when it comes to making life easier. Information Technology has only just begun to scratch the surface of what can be done to help in the fight against dementia and Alzheimer’s.

IT Helps Dementia Patients Read More »

Billions of Computer Devices Won’t Get Intel’s Spectre Fix

17 Product Groups Named-Their Production Halted and Update Support Ended After Irrefutable Evidence Uncovered Flaw in Intel Chips.

Intel Processors

The information about the Spectre attacks came to light back in January 2018. Intel and other technology firms and vendors were made aware of research findings by Paul Kocher from Spectreattack.com and Jann Horn from Google Project Zero.

Paul’s collaboration team regarding the chip flaw and the notorious Spectre Attacks were:

  • Daniel Genkin (the University of Pennsylvania and University of Maryland)
  • Mike Hamburg (Rambus)
  • Moritz Lipp (Graz University of Technology)
  • Yuval Yarom (University of Adelaide and Data61)

The research findings from Paul Kocher’s team and Jann Horn supported what the U.S. Department of Commerce’s agency, NIST (National Institute of Standards and Technology) found. At NIST’s, National Vulnerability Database website is the research published on January 4, 2018.

Take note of these excerpts, the indirect branch prediction and branch prediction in both announcements:

CVE-2017-5715

Current Description: “Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.”

CVE-2017-5753

Current Description: “Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.”

After the findings arrived, on January 3, 2018, Intel responds to Paul and Jann’s security research findings with this disbelieving statement: “Intel believes these exploits do not have the potential to corrupt, modify or delete data.”

With the proof in front of them, Intel believed the research reports were flawed and incorrect. The idea of these acts caused by a “bug”, or a “flaw” was not possible. Their explanation was, “there are many types of computing devices, using different vendor’s operating systems and processors. All are at risk of being exploited.”

But Paul’s team exploited speculative execution and had solid proof.

They experimented on multiple x86 processor architectures. They used the Intel Ivy Bridge (i7-3630QM). The Intel Haswell (i7-4650U). The Intel Skylake (unspecified Xeon on Google Cloud) and finally an AMD Ryzen processor.

In every test, the team observed the Spectre vulnerability across all of these CPUs. Similar results on both 32- and 64-bit modes, and both Linux and Windows. Some ARM processors also support speculative execution, and the initial testing confirmed, ARM processors could not pass the test.

When they attacked using native code, they were able to read the entire victim’s memory address space, including the secrets stored within it, with ease.

When they attacked using Java code, they successfully read data from the address space of the browser process running it, with zero effort.

The research evidence was irrefutable.

Their results showed there was a flaw in Intel chips.

A day later, January 4, 2018, Intel issues updates to protect systems from security exploits. They released this statement: “Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from both exploits (referred to as “Spectre” and “Meltdown”) reported by Google Project Zero.”

Three months later on April 2, 2018, Intel’s Microcode Revision Guidance is released and what’s inside exposed the truth. In this 19-page pdf document, you will find 17 product groups listed, (color-coded in red), productions halted, and update support has ended.

Looking through the guide, you will find the columns listed by Product Names, Public Name, CPUID, Platform ID, Production Status, Pre-Mitigation Production MCU, STOP deploying these MCU revs, and New Production MCU Rev.

The pages with the discontinued products are below:

  • Page 4: Bloomfield and Bloomfield Xeon
  • Page 7: Clarksfield
  • Page 8: Gulftown and Harpertown Xeon CO & EO
  • Page 11: Jasper Forest
  • Page 12: Penryn/QC
  • Page 15: SoFIA 3GR
  • Page 16: Wolfdale CO, MO, EO & RO, Wolfdale Xeon CO & EO
  • Page 17: Yorkfield & Yorkfield Xeon

When you review the columns, you will see one labeled STOP deploying these MCU revs. Intel’s definition for this column is as follows:

  • Intel recommends discontinuing using these select versions of MCU that were previously released with mitigations for Variant 2 (Spectre) due to system stability issues.

Intel also states in their Microcode Revision Guidance Legend:

  • “After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release”
  • “Microcode updates for these products for one or more reasons including, but not limited to the following:”
  • “Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)”
  • “Limited Commercially Available System Software support.”
  • “Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”

As you can see, Intel’s exhaustive investigation could not discredit Paul, Jann and NIST’s research and proof. Intel decided, due to microarchitectures and microcode capabilities, for the specific products listed, not to move forward and release microcode updates for these products.

If you own a PC, Mac, or Cell phone, a Spectre attack can affect your device. If you use Cloud Services, your provider’s infrastructure may be vulnerable to a Spectre attack and theft of customer’s data. If your device uses any of Intel’s older microprocessors, you may be shopping around for a new machine.

Billions of Computer Devices Won’t Get Intel’s Spectre Fix Read More »

Are Local Businesses Ready For GDPR?

As of May 25th, 2018, if local businesses aren’t ensuring the highest possible level of data privacy, they’re risking serious financial consequences. The General Data Protection Regulation (GDPR) is coming into effect. What does this mean? All local businesses MUST be ready to take security more seriously than ever before. The EU Parliament approved GDPR in April of 2016 with enforcement set to start in a couple of weeks on May 25th, 2018.

GDPR

Who Must Comply with GDPR?

All businesses storing or processing data of people living in the European Union must comply, regardless of where you’re located in the world. The EU is very consumer-focused and always has been. As data travels beyond the borders of the EU, GDPR is designed to help protect citizens as any company, anywhere in the world, is bound by its rules as long as they’re holding data on citizens.

Businesses of all types and sizes – from small one or two person shops to multi-national corporations – must comply. There are no exceptions. For those businesses already complying with the Data Protection Act (DPA), they’re one step closer to being in compliance with GDPR.

What’s the Risk of Non-Compliance?

Local companies who fail to comply with face fines – up to $24 million OR 4% of annual global turnover, depending on which number is higher. In addition to fines, local companies who fail to comply will also face the devastating impact of reputational damage as most consumers won’t feel comfortable working with a company that doesn’t prioritize data privacy.

What Do Local Companies Need to Know About GDPR?

First and foremost, local companies need to know that compliance is not optional. Every organization should become familiar with the provisions of GDPR so they’re aware of the requirements.

Here are a few key facts to know about GDPR:

  • Strict parameters must be followed to receive consent for the use and/or storage of data. These parameters require an easily accessible form and withdrawing consent must be simple.
  • The right to be forgotten enables consumers to request their personal data be deleted and/or erased immediately with all third-parties halting any processing of said data.
  • In the event of a breach, notification must be done within 72 hours of becoming aware of the breach. This means all affected parties must be notified and offered information on the incident.
  • Consumers may request to receive their personal data, in order to transmit said data to another data controller as needed. Companies must ensure data is easily accessible to provide upon request.
  • Data protection must always be considered when designing any system or solution, which means it cannot be an afterthought or addition done after the system or solution is designed.
  • Specific protection is in place for children as they are generally more vulnerable. When storing data relating to or involving children, parental consent must be received for children up to age 16.

Essentially, local businesses will have to review their marketing processes in terms of data mining and remarketing. However, those who have already prioritized data privacy will have less work to do to ensure compliance.

What Steps Must Be Taken to Ensure Compliance?

  1. Assess what needs to be done: Review all requirements of GDPR to understand how the provisions impact your company and/or which departments will be affected.
  2. Perform a complete audit: Audit what personal data is collected and stored, where the data came from, and who the data is shared with, then record your processing activities.
  3. Update all privacy notices: Privacy notices must be updated to communicate how personal data will be used and collected, as well as explaining the lawful basis for processing personal data.
  4. Verify data accessibility and portability: Verify that access requests can be accommodated in 30 days and data can be received in a commonly used, machine-readable format.
  5. Review instructions for receiving consent: These instructions will help you properly seek, record, and manage consent for the use and/or storage of data.
  6. Work with all third-party providers: You can be held responsible for breaches resulting from non-compliance on a third-party providers part, so work with email service providers, CRM providers, and more.
  7. Educate every single staff member: ALL staff members must be educated in case they come into contact with information relating to customers.

Lastly, make sure you’re working with a trusted team of technology experts who can help you put all of the tips above into action. You almost certainly WILL require some changes to your information technology environment in terms of how data is stored and processed. A good Omaha IT support company will help with this.

You need a technology services company Omaha businesses trust to help them comply with GDPR. InfiNet Solutions is that technology services company. Call us now at (402) 895--5777 or email us at [email protected] to get started.

Are Local Businesses Ready For GDPR? Read More »