Personal Information Security on the Internet

datePosted on 12:35, December 9th, 2010 by headgeek

Last night at the #SMDIndy event for Toys for Tots, I was asked to call Tisha Lewis of Channel 59 News, the Indianapolis local Fox affiliate.  Lewis was looking for a technology person to interview for a piece about the Chase Bank ATM and account fraud, lately.  Here is the interview:

 

 

categoryPosted in Uncategorized | commentsComments Off | moreRead More »

Safely Using the Internet for Work Research

datePosted on 12:22, October 31st, 2010 by headgeek

The internet has become an integrated part of our daily lives. We can access it via our mobile phones, in kiosks, libraries and at work. Anyone using the internet, even if just reading articles is exposing some little portion of themselves to this digital world. This can be even more of an issue when using the internet in a professional capacity, such as researching some work related issue. Here are 4 tips on how to use the internet safely while conducting research.

Tip 1 – Possibly THE most important of all the tips: Updates will help protect you!

Microsoft is constantly updating their software with security patches, fixes and functionality updates. No program or piece of code is ever 100% bullet-proof. As the saying goes, “Make a better mouse trap and you will get smarter mice.” This is particularly true about internet security measures and software. But updates to your particular version of windows is not the only updates you need to be concerned with. Also watch for updates of your security software. Packages like Symantec (aka Norton), MacAfee, AVG and all the others are there ot help protect your system and you from over exposure to the internet. As good and useful as these applications are, though, they will never be better than an informed user, wary of the dangers and risks. Also, using other browsers can help, too. Microsoft owns the largest slice of end-users on the internet. Internet Explorer is the default web browser as it is a part of Microsoft’s Windows. Using an alternative web browser, such as Mozilla’s Firefox, can help reduce your risks because it is not as popular with the people looking to steal your information. This is a simple law of labor vs. profit. These people looking to intentionally exploit the weaknesses of internet usage will always seek the most common and popular weaknesses to maximize return on their efforts. But regardless of what applications you use on the internet, make sure you keep it current and updated.

Tip 2 – Ensure encryption is active before giving out personal or professional data.

Have you ever filled out a form requiring your name, e-mail address and a password while online? Most of us have. If you have a hobby or a particular work interest, there are many forums and places on-line to gather for the purpose of sharing information. Not a big deal, right? … Uhm, right?

Maybe it is a big deal. Any time you are on a web page that is asking you to enter personal information, look to the lower portion of your web browser of choice. Most web browsers have a status bar across the bottom that can share a great deal of information about the site you are visiting. One of the most important items to look for, when you are being asked for personal information, like a password, your e-mail address or even just your name, is a small icon that looks like a pad lock. Legitimate online retail store sites, bank sites and even those forums mentioned above will use an encrypted page to collect your data. This means that your web browser and the web server have agreed to use a private and unique encryption pattern on any data you send to the web server. With only your browser and the web server having the keys to encrypt and decrypt the information, anyone who might be spying on your web traffic will not be able to identify your password and use it for their own uses.

So, look for that key icon on the web browser status bar, before entering in any personal data.

Tip 3 – Keep your surfing in the correct security ‘zone’.

Internet Explorer has what are called ‘Security Zones’. To see this, locate and click the ‘Tools’ menu option in Internet Explorer, from this drop down list, select Internet Options. Within the ‘Internet Options box that now opens, click on the ‘Security’ tab to expose the Security Zones.

There are four zones to help make your surfing more safe and secure. The first zone listed in labled ‘Internet’. This is considered a zone like the wild west legends with characters like Billy the Kid. A rough and tumble, anything goes environment. Web sites that are in this zone are not very trusted and will be more closely guarded by the web browser.

The next zone is ‘Local Intranet’. These will be the most trusted sites as they are a part of your organization’s network. Being internal websites they are under the control of your IT department and therefore are trusted.

This is followed by a ‘Trusted Sites’ zone. This zone should be used for sites you use regularly that would considered safe. Think of this as sites like the office supply store purchase site, bank sites or other, similar websites.

Finally, there are the ‘Restricted Sites’. These are the sites you do not want the system going to, at all. In a conservative work environment these would include sites of an adult nature, sites that offered pirated software (warez) or were potentially offensive to anyone else in the office or were counter to the Acceptable Use Policy of your workplace.

Tip 4 – Cookies, watch out for them. Too many are not good for you.

Cookies are small files stored in your computer by websites, containing specific data that website might need about you or your account with that website. This information might be simple data like your preferred language on a site or more important like your password to your personal bank account.

Originally, cookies were a good idea as they stored useful information about your surfing profiles of specific sites. Today, however, cookies can be very problematic, as we do not know what each every cookie is programmed to collect. A quote from a recent Microsoft article describes the dangers of a cookie like this:

If it’s malicious, you could quickly end up with a spiteful little program stored directly on your hard drive. A malicious cookie can collect and store almost any information that you may not want it to, such as your name, credit card information, address, or more. Cookies make it possible for unwanted information to be stored and accessed repeatedly when you visit a website.

By default, Internet Explorer accepts cookies for all zones, except the Restricted Sites zone. To change this, use the steps above to access your desired zone, and move the slider up to increase security or down to lessen the restrictions.

To clear the cookies in Internet Explorer, use the Tools menu to access the General tab of the Internet Options page. There is a section of that page for ‘Temporary Internet Files’ that includes a ‘Delete’ button. This will provide you with another box to choose what you want to delete. Each check box has a name and definition so you can more comfortably manage these files.

As always, if you have any questions with these steps or with internet usage, please feel free to call or e-mail us.

-HG

categoryPosted in Uncategorized | commentsComments Off | moreRead More »

Non-Computer Small Business Support – a.k.a. Newsletter – BETA TEST

datePosted on 10:37, October 1st, 2010 by headgeek

Non-Computer Small Business Support – a.k.a. Newsletter

As I may have mentioned in the past, I’m a member of LINX, a local B2B referral networking group. On October 14 th, we will have a Visitor’s Day, where we open the doors, and invite everyone to come join us for breakfast, networking and introductions. If you would like more information, e-mail me

One of the other members, Lisa Wood has started a newsletter. Together we hope to be sending this out to many people. Lisa works with PayChoice, providing great payroll solutions to employers who need reliable and responsible payroll assistance and will be writing from that experience. I will be adding information for businesses to use technology for profit, not just as necessary tools. If you would like to help us test drive these newsletters or even contribute to them, please click here. This will add you to the manually managed list, of beta testers and contributors.

-HG


categoryPosted in Small Business | commentsComments Off | moreRead More »

Working Remotely to Avoid Disasters

datePosted on 11:28, September 23rd, 2010 by headgeek

Yesterday I posted about Disaster Preparedness. This was short introduction to how I am managing my data needs to ensure business continuity. As I was discussing this with potential client, this morning, it occurred to me what I had written only covered severe disasters, such as flooding, fire or theft. There are other types of situations where Disaster Preparedness can turn an almost immediate profit for the time and energies spent. Let’s take a look at this scenario:

A law firm has a few lawyers, a couple of paralegals, an intern and a book keeper. A small staff totaling 8 people. If any one of these people are unavailable, the business can continue on, albeit slightly impacted. However, if any of the support staff are parents, particularly single parents, the impact can become very difficult, very quickly. The key idea here is to determine HOW a person may be able to work from a remote location, maintain connectivity with the office and still keep confidential information secure and protected.

Time to look to applications and websites such as GoToMyPC.com or LogMeIn.com. Both of these services offer remote desktop functionality over secured channels. However, these applications also require monthly subscriptions.

Two other potential resolutions are probably already available. Most businesses of this size are using a server, running Microsoft Windows Server. Many are even using Small Business Server (SBS). Both of these provide support for Virtual Private Networks (VPN); a private, encrypted tunnel is run through the internet between two locations, virtually inserting the remote computer into the business network. Once this connection is made and the employee’s personal computer is temporarily added to the network, the user can then use Microsoft’s built-in Remote Desktop functionality to access their workstation, as though sitting in front of it. Depending upon the speeds of the internet connections between the home PC and the office network, the end user may not even notice any differences in performance.

This is one way to keep private issues, such as sick children of employees, from having a large impact on business continuity.

-HG


categoryPosted in Small Business | commentsComments Off | moreRead More »

Disaster Planning and Preparedness

datePosted on 14:01, September 22nd, 2010 by headgeek

I just received a ‘tweet’ from @KYBizInfo that stated: “Roughly 40 to 60 percent of small businesses never reopen their doors following a disaster.” 40 to 60 percent? That is a wide margin. Very wide. Too wide. So, out of curiosity, I followed the embedded link(s) and ended up at http://www.property-casualty.com/News/2009/11/Pages/Experts-Say-Small-Firms-Lag-In-Disaster-Planning.aspx

In her article, Experts Say Small Firms Lag In Disaster Planning , Caroline McDonald states that a majority of large businesses have the plans in place to handle serious issues that will affect their business in the event of catastrophe. This really got me thinking about my own business and the steps I have and have not taken to protect myself and what situations would cause serious or damaging hardship for me.

I keep all my records for my business in QuickBooks Premier. No, I am not plugging this application, it just works for my needs and has all the growth potential I need. I still prefer GunCash for my household financial tracking. QB is running on an XP machine, that I keep fully updated. This machine does nightly backups to a large file server. I also have QB running on my laptop and connect back to this system via VPN when I need to make an invoice, while onsite. When QB requests to backup the database, I always put that to a USB flash drive I keep in my tool kit.

The next set of records I have is my e-mails with customers. Currently my e-mails and domain are hosted. Using IMAP protocol, I organize my e-mails into folders that are on the hosting server and only delete items I will have absolutely no business need for (like spam) gets removed, daily, so I don’t over size my mailbox. I run a few rules against my mailbox that backups anything over 90 days old to the large fileserver in my home office and removes it from my mailbox. As an example, each customer and vendor has their own folder in my mailbox. So I can easily find anything to or from that customer or vendor. It really helps keep things organized.

And that is really about all I have to worry about. Sure, I’ve got a few template documents for agreements and such. They are backed up by a couple of processes. First, I sent them as attachments to myself on a gmail account.

Sure, I’ve got other pieces of software I use to work on client’s machines, but all of those are available online. Most of them (like anti virus and anti spyware/malware tools) get updated weekly or monthly as it is. For ease of use, the majority of my ‘toolbox’ fits nicely on a couple of special bootable CD’s. The ISO’s for are on a couple of USB flash drives I keep in my pocket for easy access as needed.

That’s really it. I have little or no inventory to worry about. And IF things were to go really bad and I lost my office and contents, I still have my laptop and USB flash drives. At the very worst, I still have my flash drives. A replacement laptop and a broadband internet connection would put me back in business in just a couple of brief hours.

How are you set up? Are your backups running? Are you getting the data you need included in your backups? Are those backups being taken off site, just in case something happens to the office? If something were to happen to your office, do you know where you would set up, again, permanently or temporarily? If any of these questions are not answered, we should have a conversation. There are A LOT of quality, low cost or no cost steps you can take, now, to prepare for what may happen. Let’s get together and discuss them.

-HG


categoryPosted in Small Business | commentsComments Off | moreRead More »

Business Building

datePosted on 10:41, August 31st, 2010 by headgeek

WOW! It has been a crazy busy couple of weeks. I apologize for not posting more frequently.

The last few weeks have been very interesting for me. My new customer engagements are staying about the same, but I’m landing more work. Customer referrals are growing.

What does all this have to do with the tech side of the site? Well, I’ve found myself caught between two customer’s needs. Both critical, on-site with one and another calls in needing immediate assistance. With work unfinished, it is not right to just up and leave to assist another customer. This is where remote access applications come in handy and make it into my ‘required tools’ toolkit.

I’ve tried several web services such as Webex, GoToMyPC and others with various levels of success. On a whim I recently tried TeamViewer. At first I was very critical of the application, because of their licensing costs. As a service provider, I decided the reporting and the remote agent .msi install with re-branding features were what I would want. The reports are useful as they show the times and duration of connections to client machines that can be printed or added into an invoice or monthly statement. Their secure service handles file transfers with ease and is low on bandwidth needs by comparison of other services and products.

I will be purchasing that TeamViewer license in the nearest possible (read: $$$ available) future.

-HG

Backups – an Essential part of any IT solution

datePosted on 11:17, August 12th, 2010 by headgeek

Backups – an Essential part of any IT solution

Backups, the failure of many an IT person. Failed backups have caused the loss of employment for many IT professionals. They run at night, during the off hours. If lucky the software sends an e-mail after each backup, detailing what was backed up and if the backup completed successfully. But just because you have backups and successful e-mails does not mean you are covered. The backups still need to be tested. After all, of the mission critical server were to go down, how long will it take to bring it back online? What will be missing? Who is impacted by that missing data? Can the machine be brought back to a ‘moment in time’? All of these questions are important, have a fiscal impact on the business and determine the quality of success.

Now for the ‘skinny’ on backups and what you think you may know.

First, tapes are dead. Using tapes for your mission critical backups is slow, unreliable and painful. Most data warehousing outfits with terabytes of data to be backed up are moving tapes to a thrid or fourth tier solution for very long term storage.

‘External Storage’ like USB drives are good for smaller environments, the SMB and individual workstations. Using a USB drive of sufficient size and a tool such as Clonezilla, a system can be restored to an image. Other features within a Windows domain environment, like folder redirection and roaming profiles helps to bring a client station or workstation back to a point in time, prior to the failure. Usually in about an hour, dependent upon the amount of data.

Larger enterprise environments are using ‘backup servers’ for their data storage needs. Through the use of redundant storage devices, backups occur across the network. Restores are performed the same way.

As you look to identify your backup solution, consider that with Server 2008, Microsoft no longer provides support for tape devices. Bare metal restores of system states via tape are no longer possible without specialized ASR (Automated System Recovery) disks.

So, keep these things in mind, and when you have questions, ask your nearest IT professional, then test the solution to make sure it works the way you need.

-HG

What is a Software License?

datePosted on 12:39, August 3rd, 2010 by headgeek

In essence a software license sometimes referred to as an End-User License Agreement (EULA) is a permit to use the software in question. There are many different licenses types for Free and Open Source Software and most commercial software vendors will have a unique license to their product. But this really does not define what a license IS. Rather than give definitions I prefer to relate to other situations a person may already be familiar with.

Let’s take a look at an unrelated issue to get a better understanding of Software Licenses. Legal operation of your vehicle on public roads is what we are going to use to demonstrate the complicated issues of software licenses. Please keep in mind this is a generalization, is not specific to any particular license or type and more detailed questions will be welcomed.

To legally operate your vehicle on the public roads in this country you are required to have three specific things, the first is an operators license or permit, often referred to as a driver’s license. Next, for most vehicles, is a license plate, which shows or demonstrates taxes paid on the vehicle in question. And finally proof of auto insurance to show the ability to pay for damages in the event of a mishap.

So, now that we have these items in mind, let’s start relating them to software licenses. In a business environment there are generally two classifications of machines: workstations and servers. Workstations (the computer at the desk of the user) usually require an Operating System and then specific applications that the user employes to execute the tasks of their job. The Operating System (OS) may be some version of Windows (XP, Vista, Win7, etc), the Mac OS (if the workstation is an Apple product), or a distribution of Linux or Unix. Applications run on the machine can range from Firefox to MS Office, Quickbooks, or a custom piece of software written for a particular business. Each of these pieces of software have licenses. The OS license is like the license plate on a vehicle. Without an OS, the machine is unlikely to be useful for anything more than a paperweight. The individual application licenses are like a drivers license or an operator’s permit.

Servers are a bit different, but have many commonalities. For example, a server is still a computer that requires an operating system (license plate). For our example, we will use the Microsoft server model, even though there are several licensing models, this one is currently the most prevalent. Most Microsoft Server licenses include the single machine license (license plate) and 5 Client Access Licenses (CALs). The Client Access License is only a permit for a specific number of users to access the services of the operating system or specific application running on the server. For example, Microsoft includes in the base Server operating system ‘services’ such as file sharing. So, if you were to use a machine with Microsoft Server as a file server for an office of 10 machines, you will need to purchase the OS (Server 2003 or Server 2008) plus 5 additional Client Access Licenses. Only 5 additional CALs are required because Server 2003 and Server 2008 both include 5 CALs.

Now to take this to another level of confusion, let’s add an application such as Microsoft Exchange to the situation. Microsoft Exchange is an e-mail service with many additional collaboration components. But, in essence, MS Exchange is JUST an application like MS Word. In this example, you still need the Server 2003 or 2008 Operating System. If you desire to still use the server as a file server AND still run Exchange, you will still need a CAL for each user that will be accessing the file sharing services. On top of this, you will need the license for Exchange. AND a CAL for each user that will be accessing Exchange for e-mail (special drivers license). Now to get your e-mail from the Exchange services, you need a client application, like MS Outlook which also needs it’s own license (though it is usually included in the MS Office Suite).

Licensing of the above ten user network breaks down like this:

On the server hardware is the Operating System (Server 2003 or 2008) with it’s license.

10 Client Access Licenses (CALs) are also needed, one for each user that will be accessing the file share on this server.

1 Exchange License to provide the e-mail and collaboration services

10 Exchange CALs, one for each user that will be checking e-mail on the server

On the workstations is the Operating System (Windows XP, Vista or 7) with it’s license.

1 user license for MS Outlook to access the Exchange Services.

The Operating System licenses are like license plates. Without the license plate, it is very difficult to operate a vehicle, legally.

The Application licenses are like a drivers license, again, a necessity to legally drive on public roads.

The Client Access Licenses (CALs) are more like your insurance premiums. If you have a business vehicle (like a delivery truck) employees that will be using that vehicle will need a valid drivers license and possibly a special classification (like an application license). But for each employee you have that will be using that vehicle, your insurance premium will go up. You need not insure each employee to be a driver on that vehicle, only the specific employees that will be using it. The same is true in the above example with Exchange. If your business has employees that will not need access to Exchange, then there is no need to get a CAL assigned to them or to provide them with unnecessary software tool.

I hope this is helpful. If you have any questions, please leave a comment or e-mail me.

-HG

categoryPosted in Small Business | commentsComments Off | moreRead More »

VistaPrint and New Businesses

datePosted on 17:32, July 19th, 2010 by headgeek

VistaPrint and New Business

Just for the record, I wanted to state that I really like VistaPrint for business cards and other material one might find they need. Reasonable prices, fast service and delivery and a very wide selection of samples and templates.

Yes, I know, VistaPrint is not a local company. I DO prefer doing business with local companies, but both the local print companies are extremely proud of their product. I have purchased cards from both and had them price the VistaPrint cards as done by them. The VistaPrint price, delivered in 7 days was 10.99 for 250 cards. Local shop 1 could deliver the 250 cards in 3 days for $65.00. Local shop 2 could deliver 500 cards as a minimum on a lighter weight stock in 9 days for $78.00. Both would have been required to charge tax as it was a local purchase. Both also wanted a one-time setup fee of $125.00.

VistaPrint is, in my opinion, a reasonable, respectable resource for quality print and promotional items.

-HG


categoryPosted in Getting Started | commentsComments Off | moreRead More »

OpenSource DeskTop Publishing.

datePosted on 11:24, July 19th, 2010 by headgeek

Scribus for Desktop Publishing

Taking a bit of a side step, today. A few posts back I started on writing about OpenOffice and how it can be used to replace or in place of Microsoft’s Office suites. Today, I’m gong to break away from OpenOffice to introduce Scribus. I will be using Scribus today and tomorrow as I make up fliers to be handed out on Wednesday in the Business Building at the local County Fair.

Microsoft Publisher is an application that can be used to create and publish clean and professional looking websites. Originally Publisher was known as a Desk Top Publishing application. It can still be used for the creation of newsletters, fliers, brochures, catalogs and just about anything put to paper. Before Publisher, people would have to take their ideas and manual layouts to a print house where all of this was done for them. But now, anyone with the program and a computer can print like a big shop from a simple color printer.

Though Publisher is of superior quality, other applications from Adobe and Mac are much more realistic for commercial use.

Scribus, is, of a yet higher quality. Being extremely flexible and easy to use, Scribus is great for the professional as well as the home-user. Unlike Publisher, which works only on the Windows platform, Scribus is a freely available application that works with just about any operating system platform, being much more universal. A wider number of people are exposed to the application due to this simple fact.

The benefits of Scribus over MS Publisher start with pricing. Scribus is an Open Source project and application. That means everyone has access to the source code, can write extensions and plug-ins, offer patches and improvements. When a new version of Scribus is released, it will have been made available to a beta test team that anyone can join and participate in. None of this is possible with the current Microsoft model of closed source tools and solutions.

Another benefit is that Scribus can edit Publisher documents, so any investment made into Publisher or a received Publisher document can be edited in Scribus.

Scribus is also able to generate commercial grade PDF documents supporting ICC Color, separations, spot color and CMYK.

Scribus has a well established reputation, very few complaints and many high reviews, and the application is growing more and more popular, very quickly. Give it a try, yourself, and you will be telling others about it, as well.


categoryPosted in Open Source | commentsComments Off | moreRead More »
1234567PreviousNext