tag:blogger.com,1999:blog-12208350978627780562024-03-12T19:08:41.754-07:00Consultant or Amateur?A blog intended to help business owners find good, competent technical support - and use them wisely.Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.comBlogger27125tag:blogger.com,1999:blog-1220835097862778056.post-82440381971360510642018-04-21T19:07:00.000-07:002018-04-21T19:07:19.571-07:00Reviewing - and Cleaning Up - Your Facebook Data<div dir="ltr" style="text-align: left;" trbidi="on">
Note: You may need to pay someone to help you with this process.<br />
<br />
- - - - -<br />
<br />
Most people saw the stories about Facebook releasing your "personal" data and didn't really know what to make of it. This article will walk you through downloading your data from Facebook and then deciding whether you need to make some changes.<br />
<br />
It's a little long, but I hope it will be worthwhile.<br />
<br />
<b>First: Download Your Data</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-cy3kp6oY-ZM/WtvsSWNrbKI/AAAAAAAAFP8/B-BkwIlLUPc8hobU-7HH6Qox6MyA315xgCLcBGAs/s1600/FB%2B01.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="651" data-original-width="319" height="400" src="https://3.bp.blogspot.com/-cy3kp6oY-ZM/WtvsSWNrbKI/AAAAAAAAFP8/B-BkwIlLUPc8hobU-7HH6Qox6MyA315xgCLcBGAs/s400/FB%2B01.png" width="195" /></a></div>
Facebook will allow you to download the eight years worth of interactions. This is pretty easy. Log into Facebook and click on the "down" triangle on the top menu. Select the Settings option.<br />
<br />
Within Settings, click on "Download a copy of your Facebook data." Follow the instructions. It will take some time to compile. You'll see why in a minute.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-dzhNQTM3G7E/WtvsdW01xpI/AAAAAAAAFQA/Cvf1GE8MY_4N_AcHh2t58ny0qD8J9vwYgCLcBGAs/s1600/FB%2B02.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="461" data-original-width="686" height="215" src="https://3.bp.blogspot.com/-dzhNQTM3G7E/WtvsdW01xpI/AAAAAAAAFQA/Cvf1GE8MY_4N_AcHh2t58ny0qD8J9vwYgCLcBGAs/s320/FB%2B02.png" width="320" /></a></div>
<br />
You'll receive an email with a link to download a zipped file.<br />
<br />
Make sure you have enough disc space available. Do not do this on your phone! Use on a computer with enough free disc space. My zip file was 440 MB. It expands into a set of folders with an index.htm file. Very nicely done.<br />
<br />
Once you download the file, it will have a name ending with .ZIP. If you double-click on that ZIP file, you an see the insides. If you right-click on the ZIP file you can extract all the contents. That will give you a set of folders, organized into different kinds of contents (such as photos and messages). In my case, the un-zipped data was about 1.1 GB of data.<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-eL6ZQX6syVA/Wtvs3t_ISwI/AAAAAAAAFQU/30K81uW5POM9i8A1MjmmQ2ce2L_TBwUugCLcBGAs/s1600/FB04.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="224" data-original-width="644" height="138" src="https://4.bp.blogspot.com/-eL6ZQX6syVA/Wtvs3t_ISwI/AAAAAAAAFQU/30K81uW5POM9i8A1MjmmQ2ce2L_TBwUugCLcBGAs/s400/FB04.png" width="400" /></a></div>
There's one file with an internet browser icon called <b>index.htm</b>. If you double-click on that, it will open in your browser and will give you a web-looking view of the contents.<br />
<br />
- - - - -<br />
<br />
Okay. Now you have your data. Let's just assume every bit of this has been sold or stolen. So it's out there somewhere. There's nothing you can do about that. But you may want to clean things up a bit so they can't be stolen again!<br />
<br />
<b>Second: Clean Up Your Data</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-thERVwZB6FI/Wtvt4vmajsI/AAAAAAAAFQo/q5T5aPHQtNkoX0t4p1rNFkTbV1ZAx1ASQCLcBGAs/s1600/FB%2BTimeline.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="408" data-original-width="500" height="261" src="https://3.bp.blogspot.com/-thERVwZB6FI/Wtvt4vmajsI/AAAAAAAAFQo/q5T5aPHQtNkoX0t4p1rNFkTbV1ZAx1ASQCLcBGAs/s320/FB%2BTimeline.png" width="320" /></a></div>
As you browse through all of your past postings and communications, you may find things that you really don't want your friends, co-workers, or children seeing. If nothing else, you'll see that there's a lot of stuff here that you don't really want to broadcast too widely, such as you cell phone number or home address.<br />
<br />
Spend some time looking through postings and messages. If there's anything there that you want to remove from Facebook (or change from public to private), you should be able to find it easily. As you browse through content, everything is labeled with the exact time and date it was posted.<br />
<br />
- - - - -<br />
<br />
<b>Third: Now Change Your Habits</b><br />
<br />
After you've cleaned things up, you need to decide how "public" you want everything to be from now on. So go back to the Settings area in Facebook and consciously choose the level of privacy you want for various features.<br />
<br />
Personally, I keep everything open to everyone. And then I make a point to never post anything I would feel embarrassed about later. When someone posts inappropriate things on my timeline, or in messaging, I make sure to delete it right away. This is very rare, but it definitely does happen.<br />
<br />
I know you've heard people say that things live forever online. It's absolutely true. And you can be good about changing your passwords. But on ALL social media, you need to manage what you put up on your "wall" and what you let others associate with you.<br />
<br />
Here's the big lesson from the recent breach with Facebook: You can be as safe as you want, but the data can still be stolen from inside the firewall. So just be diligent. If you want privacy, you need to enforce that yourself by simply not posting things.<br />
<br />
Assume that everything you post on social media will one day be stolen, indexed, and reposted somewhere else. That's been good advice for about ten years. Now it's reality.<br />
<br />
As Sergeant Phil Esterhaus used to say on Hill Street Blues: "Let's be careful out there."<br />
<br />
:-)<br />
<br />
<div>
<br /></div>
</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-15442446391574580192017-11-28T01:00:00.000-08:002017-11-28T01:00:30.429-08:00IoT - "Internet of Things" Basics for Small Business<div dir="ltr" style="text-align: left;" trbidi="on">
OK. You've heard the term IoT or Internet of Things. First, what the heck is that? And second, why do you care?<br />
<br />
This is yet another example of technology industries making things more complicated than they need to be. Basically, the Internet of Things is just a generic term for all the "stuff" that you use that's connected to some network. Here are some examples you might have in your home or office:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-D5ROpSZhB10/Whh-tEYd6wI/AAAAAAAAFGQ/HjdQrloQXZI7q4AxiZatu2XUoMyI2NYPACLcBGAs/s1600/Devices.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="555" data-original-width="640" height="277" src="https://4.bp.blogspot.com/-D5ROpSZhB10/Whh-tEYd6wI/AAAAAAAAFGQ/HjdQrloQXZI7q4AxiZatu2XUoMyI2NYPACLcBGAs/s320/Devices.png" width="320" /></a></div>
<br />
- Your wireless-connected television<br />
<br />
- LED light bulbs you control with your phone or Alexa<br />
<br />
- Your "smart" thermostat<br />
<br />
- Your wireless front doorbell/video monitor<br />
<br />
- Your baby monitor<br />
<br />
- The tracking chip you put in your luggage<br />
<br />
- The digital camera that sends photos to your computer or the cloud<br />
<br />
- The door lock you control with your phone<br />
<br />
- Everything connected to Alexa, Amazon Echo, Google Assistant, Siri, etc.<br />
<br />
- Remote controlled window shades, coffee makers, washing machines, vacuums, and more<br />
<br />
So now the question is, <b>what do you need to know </b>about all that stuff? Luckily, you only need to know a few things. But you need to take those few things very seriously. Here's the sad truth:<br />
<br />
<br />
<b>The Internet of Things is Insecure by Default</b><br />
<br />
What does that mean? Well, the average household will soon have a dozen IoT devices. But in just a few years it will have hundreds. And across the country there are currently hundreds of billions of devices. Soon it will be hundreds of trillions.<br />
<br />
Most of these devices ship with a default password that you are not required to change upon setup. And, not surprisingly, the username is often "admin" and the password is often the same. In other words, anyone can guess the passwords to millions of devices as a time.<br />
<br />
There has rarely been a better opportunity for hackers to break into insecure networks!<br />
<br />
Fortunately, it is EASY to secure your network. Having said that, you might want to get some help to do this right. Here's what I recommend:<br />
<br />
<br />
<b>Step One - Change Passwords!</b><br />
<br />
This seems obvious. But we've already seen major attacks. Hackers use these devices to create massive <b>denial of service </b>attacks. Less common are attempts to break into secured networks. But if these devices are using default settings, they could be used to monitor network traffic - including your username and password.<br />
<br />
The easiest first step: Change Your Password. This is literally like not leaving your car keys in the ignition.<br />
<br />
<br />
<b>Step Two - Create a Separate Network</b><br />
<br />
You might think this is expensive, but it's not. First, consider what you just spent on a devices. If you're buying thermostat and lighting systems for several thousand dollars, you should spend a few hundred to keep them secure.<br />
<br />
Consider three networks:<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://3.bp.blogspot.com/-OqxOvALxSuQ/Whh5ozRXIII/AAAAAAAAFGA/RcgAeCFNyw0uWfU5sOfUUsXNjPoaIuTjgCLcBGAs/s1600/3%2BNetworks.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="504" data-original-width="990" height="201" src="https://3.bp.blogspot.com/-OqxOvALxSuQ/Whh5ozRXIII/AAAAAAAAFGA/RcgAeCFNyw0uWfU5sOfUUsXNjPoaIuTjgCLcBGAs/s400/3%2BNetworks.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Click to Enlarge</td></tr>
</tbody></table>
<br />
<br />
NOTE: This is just a sample network "map." There are many options. A network professional can help you set up something different. For example, you might add a secure "segment" off of the business firewall. Ask a professional to look at your network and desired outcome.<br />
<br />
<br />
I hope your business network is properly protected with a business-class firewall. Your wireless network (at business or home) should also have a firewall. This does not mean the Internet router. That might technically have a firewall, but it's not intended to replace a real firewall.<br />
<br />
And if you have a wireless network, I hope it is properly secured.<br />
<br />
I am recommending that you create a third network (or network segment) to isolate all your IoT devices. That way, no matter what happens with door locks, cameras, TVs, thermostats, etc., you business is absolutely secure.<br />
<br />
You've seen all the ransomware attacks in the last year. Essentially, all of these attacks take place by finding microscopic holes in networks. Unpatched software and operating systems provide these holes. Remember: the Internet of Things is inherently insecure. It's basically a <b>network of holes</b>!<br />
<br />
Keep that away from your business network.<br />
<br />
<br />
<b>Step Three - Document It!</b><br />
<br />
One of the greatest weaknesses of technology today is that it is "easy" to get things working. Yes, you might spend a few hours fiddling with it. You might call tech support. But eventually, you get it going.<br />
<br />
And then you start using it and forget one critical step: Documentation.<br />
<br />
It's important that you file away all the paperwork for you network-connected devices where you can find it. And it's even more important that you write down configuration settings. This starts with usernames and passwords. But it should also include a network map (diagram) and any important settings that make the system work.<br />
<br />
<br />
<b>Ask a Pro</b><br />
<br />
As always, I encourage you to get help from a professional. Yes, you might be able to make it "work" at some level. But you may create a slow network that could be much faster. Or you might accidentally bypass the secure firewall and expose your network. In the end, a professional will help you get the most out of your IoT devices . . . without putting your secure data at risk.<br />
<br />
And, no, I'm not available to help you. You can't afford me.<br />
<br />
But if you're looking for someone, drop me an email and I might be able to help you find someone in your city.<br />
<br />
:-)</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-5318152267746980442017-05-03T11:56:00.000-07:002017-05-03T11:56:40.410-07:00Questions You Need to Ask About Your Cloud Storage and Backups<div dir="ltr" style="text-align: left;" trbidi="on">
"The Cloud" is a wonderful concept. You buy technology services as needed and they promise essentially zero downtime. Unfortunately, you have to be a lot more vigilant about keeping track of your data. In the old days, with a server, your company data was in that box in the other room. You might need to hire someone to make it useful, but at least you knew where it was: In that box in the other room.<br />
<br />
The good news about cloud services is very good.Your data <b>can be </b>far more secure than on your own server. And if you get the right service, it <b>can have </b>zero downtime. The bad news about cloud services is that you need to make sure you've got the right setup. You cannot assume it's safe, secure, or even backed up.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/--Y70tTb1d7U/WQoml13DohI/AAAAAAAAE20/dzDeWIp7VmAA8bd1GebimQT5O9Uw_ksTQCLcB/s1600/hands-hold-cloud-network500.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="234" src="https://4.bp.blogspot.com/--Y70tTb1d7U/WQoml13DohI/AAAAAAAAE20/dzDeWIp7VmAA8bd1GebimQT5O9Uw_ksTQCLcB/s320/hands-hold-cloud-network500.jpg" width="320" /></a></div>
<br />
Let's look at the basic challenges and what you need to know.<br />
<br />
<b>1. Where is your data? </b>This question has two components. First, where is your data supposed to be? And second, where is it that it's not supposed to be?<br />
<br />
If you have your data stored in the cloud, keeping track of it is simple - but you have to do it! At some point, this knowledge becomes a "black box" of information. You might not understand it if I tell you that you are accessing data on Amazon Web Services via Jungledisk and backed up to a storage archive on Azure. But you should have a document that describes this setup - with administrative information, user names, and passwords.<br />
<br />
This document should be prepared by you technology consultant and stored in a very safe place. If your data is in the cloud and you don't have the information to retrieve it if something happens to you I.T. professional, your business could be in very deep trouble.<br />
<br />
The second concern is equally important: Are you sure your data isn't being spread all over the place? I see too many businesses that let employees email company information to their home email, or put a bunch of it up on a "free" DropBox account.<br />
<br />
In addition to DropBox, there are hundreds (maybe thousands) of sites that will give you free storage space. Generally speaking, if these sites are free, they are insecure and make no promises to keep your data safe. They certainly don't back it up.<br />
<br />
This is a problem because you might have employees and contractors using ten different free accounts, plus non-company email, etc. Lots of your secure information could be spread across several insecure sites. And while secure cloud services are more secure than your personal server, insecure cloud sites are extremely insecure.<br />
<br />
Controlling this data flow can be accomplished (to some degree) by blocking these services with your firewall. Some can be stopped by attaching additional security to individual files. But for the most part, you will be most effective in stopping this leakage by creating a written policy and educating your employees.<br />
<br />
<br />
<b>2. How are your data backed up?</b><br />
<br />
Strangely enough, most people assume that everything in the Cloud is redundant and backed up. This is absolutely not true. If you want your email backed up, you need to make arrangements for that. If you want your files backed up, you need to make arrangements for that. If you want a "disaster recovery" option that gets you back in business super fast, you need to make arrangements for that.<br />
<br />
It is extremely rare for these backup services to be ON by default. Why? That's easy: It costs money to provide these services. Therefore, it costs you extra money to have the services.<br />
<br />
You may decide you don't want a backup. Or there may be a variety of backup options at different price points. But you should ASK and you should decide on what you want. As with the storage services themselves, your I.T. Pro should provide you with documentation, including user names and passwords.<br />
<br />
You may not know how to access a backup, restore lost email, or rebuild your storage. But a competent I.T. person will be able to do all those things -- IF they know where the backup is and have credentials to get in.<br />
<br />
<br />
<b>You Have to Play A Role</b><br />
<br />
I always find it odd when I hear a business owner tell me that they lost control of their domain name and are not sure what to do. If you lost control of your domain name, that really means you never had control. Your domain name was not being "managed" by you or anyone else. And then it expired and it's just gone.<br />
<br />
We are entering an era in which I expect to hear similar stories about companies losing all their data - Not because of a disaster, but because no one wrote down where it was or how it was managed. The data will live in the cloud forever after you forget where it is. But you'll never be able to access it.<br />
<br />
As with so many things in technology, security ultimately comes down to good documentation. Your I.T. Professional should help you with this and give you a high level of confidence that your data is safe . . . and you can get it back if you need it.<br />
<br />
<br />
<b>Action Steps:</b><br />
<br />
1. Ask your I.T. Professional to create a description of where your data are located, including all information needed to back it up and gain access to it. You don't personally have to understand all of this, but it should be in a form that other I.T Pros will understand.<br />
<br />
2. Create a written policy for your employees and contractors that defines where your data should be and should not be stored. In most cases, you will want to explicitly prohibit the use of free services and personal storage areas on the Internet.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com1tag:blogger.com,1999:blog-1220835097862778056.post-18709758849427456522017-04-21T16:51:00.001-07:002017-04-21T16:51:41.248-07:00Do You Need a Private Browsing Tool to Keep Your Data Safe from Your ISP?<div dir="ltr" style="text-align: left;" trbidi="on">
Do you need to worry about the recent government decision to allow your ISP to sell your browsing history? Maybe. Just remember to keep it in perspective.<br />
<br />
First, consider the data that might be sold. There are two very different types. The first is personal data. This links you personally to the internet browsing you do. For example, you visited the following ten sites today and went to these specific pages. Or you Googled a certain product or service.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-dNQzx_BRqH0/WPqapHVnpOI/AAAAAAAAE2k/p4JwCTspu60gRTN94LtN3boSLG967a5-wCLcB/s1600/encryption%2Bkey.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="250" src="https://2.bp.blogspot.com/-dNQzx_BRqH0/WPqapHVnpOI/AAAAAAAAE2k/p4JwCTspu60gRTN94LtN3boSLG967a5-wCLcB/s320/encryption%2Bkey.jpg" width="320" /></a></div>
<br />
The second kind of data is "meta" data. That's aggregated data divided by demographics. Males over fifty in your neighborhood tend to go to certain sites and shop for specific things.<br />
<br />
Note: Lots of your browsing is already tracked by Google, Facebook, YouTube, and many other sites. Have you ever shopped for something on Amazon and then immediately started seeing related ads on Facebook? That's because your browsing has instantly been sold in what are called "remarketing" campaigns.<br />
<br />
That's a little creepy, but most of us are not too worried about it.<br />
<br />
Search engines have been blasting you with advertising since the earliest days of the Internet. And they've been selling both personalized and meta data in addition to that. Now your ISP (Internet service provider) want to do the same thing.<br />
<br />
Many people are upset that this is just another place where all your information can be stored and therefore stolen. That's not much of a legitimate concern in this case, however. This data will all be related to Internet browsing habits and NOT personal data such as birthday, address, and Social Security Number.<br />
<br />
<br />
<b>What Can You Do (without being a techie)?</b><br />
<br />
<b>Option One: Nothing. </b>We're not talking about truly personal data here. This is really just one more kind of company selling detailed browsing information. If you haven't got a good anti-virus, spam filter, and backup, please take care of those first. If you still want to "anonymize" your browsing, read on.<br />
<br />
<b>Option Two: Use a "VPN" Product. </b>PC Magazine put together a review of VPN (virtual private network) or Private browsing tools recently. Check it out at <a href="http://www.pcmag.com/article2/0,2817,2403388,00.asp" target="_blank">http://www.pcmag.com/article2/0,2817,2403388,00.asp</a>. That page has information on nine different products.<br />
<br />
One very odd note: Several of these products have a "free" option and advertising. This makes no sense to me whatsoever. If you get the free option with ads, all you've really done is pay a company to use your meta data to serve you ads instead of letting the ISP serve you ads.<br />
<br />
Free never is. So don't choose that option.<br />
<br />
You probably have to be a little technical to install a VPN product, configure it, and use it. For most of these products, you have to enable it when you want it - you are not automatically protected just because you installed it!<br />
<br />
<b>Best Option: Get Professional Advice.</b> Talk to your technology consultant and see what they recommend. If you've picked a product, have them figure it out and show you how to configure and use it. They may not have seen it before, but a good I.T. consultant will be able to figure it out quickly. And they'll know what all those crazy security acronyms mean.<br />
<br />
Good Luck!<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-85790184124852242212017-02-27T08:40:00.000-08:002017-02-27T08:40:16.563-08:00Protect Yourself Before Your Phone is Lost or Stolen<div dir="ltr" style="text-align: left;" trbidi="on">
We take lots of technology for granted today. And one major piece of technology we just "assume will be there" is our smartphone. We use it for email, texting, Facebook, SnapChat, fetching a ride, settling an argument, playing games, and a hundred other things. It contains all of our contacts and LOTS of really important photos.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-3U6A27KjGBA/WLRWCodLUZI/AAAAAAAAEzc/3DQ5uqxe39oWTvxLJPkXIb29tSEtF5eVwCLcB/s1600/touch-screen-mobile-phone_zydaz5ru.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="257" src="https://1.bp.blogspot.com/-3U6A27KjGBA/WLRWCodLUZI/AAAAAAAAEzc/3DQ5uqxe39oWTvxLJPkXIb29tSEtF5eVwCLcB/s320/touch-screen-mobile-phone_zydaz5ru.jpg" width="320" /></a></div>
So it can be unnerving when our phone is lost. There are really three kinds of "lost."<br />
<br />
First there's <b>misplaced</b>. It's really between the seat cushions or you left it in the car. But for the moment it's lost. We're not going to discuss this kind of lost.<br />
<br />
Second there's <b>broken</b>. A broken phone is a sad thing because you can hold it in your hand and know all your data is there somewhere. You just can get it. The obvious first thought is to find someone who can retrieve your data. When that happens, it almost doesn't matter what it costs.<br />
<br />
Finally, there's <b>gone</b>. A phone is gone when it's stolen, dropped down a canyon, etc. In other words, you know for a fact you'll never see it again. But in this case, someone else might find that phone. With your contacts, your pictures, you banking app, and all your other data. If you've connected it to work data, then they might have access to that as well.<br />
<br />
Here are some tips for protecting yourself and your phone.<br />
<br />
<b>1. Back it up!</b><br />
<br />
As far as I know, every phone and every cell service provider has a way to back up your data. Use that tool! Don't delay. Don't forget. Don't make excuses about why you're not doing it. Do it.<br />
<br />
If you want a better tool, or you want help doing this, contact your technology consultant. They tend to have really good options for backup and data recovery. After all, the one that comes free with the phone is free for a reason.<br />
<br />
<b>2. Document it.</b><br />
<br />
This seems like overkill - until your phone is lost or stolen. Just as you should have a list of all the cards in your wallet so you can report them missing, you should have a list of all the accounts accessed by your phone without a password. If you save passwords, someone might be able to use your phone to access your bank accounts, PayPal, company email, and lots of other stuff. Take inventory. If you lose your phone, you'll be in a high stress situation and you probably won't remember all the accounts accessible from that phone.<br />
<br />
<b>3. Brick it.</b><br />
<br />
Any good technology consultant can help you set up a system to "brick" your phone. Some call it a "remote wipe" of the phone. Basically, it means they can push a button and delete all the data on the phone. Yes, your pictures are gone forever, but so is your unencrypted password list, you company email, and all the other secure information on that phone.<br />
<br />
Sometimes, remote wipe capability is already built into your email service. For example, this is often enabled if you have a hosted Microsoft Exchange mailbox. If nothing else, have a conversation with your technology consultant and see what you have and what you can get.<br />
<br />
<b>4. Manage it.</b><br />
<br />
Many technology consultants offer something called Mobile Device Management. They may be able to track your phone, verify that it is protected from viruses, back it up every day, and perform a remote wipe if necessary. This is usually a super cheap option.<br />
<br />
The bottom line: You never have to panic if your phone dies, or is lost or stolen. With a little preparation, you can feel confident that all your pictures and data are save, and that your bank accounts and company emails are safe as well. Yes, it's still a hassle. But it's a lot LESS of a hassle if you take a few extra steps.<br />
<br />
Think of these things as a type of "insurance" for the data on your phone.<br />
<br />
Ask you technology consultant what you already have and what they recommend going forward.<br />
<br />
:-)</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-63757223673752548082017-02-14T10:02:00.001-08:002017-02-14T10:02:50.329-08:00Electricity is Your Friend - Until It's Not<div dir="ltr" style="text-align: left;" trbidi="on">
One of the best things your computer consultant can do for your business is to protect your power. Here's what you need to know.<br />
<br />
First: Assess the <b>reliability of your power</b>. If your power goes out on a regular basis, you are probably very aware of it. Luckily, that's not a common scenario. But "brown outs" and power fluctuations can go unnoticed by people. Unfortunately, they don't go unnoticed by electronic equipment (computers, network equipment, printers, etc.).<br />
<br />
A "smart" battery backup (UPS or Uninterruptible Power Supply) will have a readout so you can see the measurement of electricity moving into your building and the amount being used by whatever's plugged into the UPS. With the right software (normally included for free), you can track voltage spikes and sags.<br />
<br />
If electronic equipment doesn't last as long as you expect it to, it might be because the power to your building is irregular. And that may be easily fixed! It might be the line from the utility company that needs to be fixed.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-k8X3bWkYiB4/WKNGGkF-UrI/AAAAAAAAEzI/rcWY7bONBsM3Ny2QcjJ10kY5LWe2MeW0wCLcB/s1600/UPS550.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="210" src="https://4.bp.blogspot.com/-k8X3bWkYiB4/WKNGGkF-UrI/AAAAAAAAEzI/rcWY7bONBsM3Ny2QcjJ10kY5LWe2MeW0wCLcB/s320/UPS550.jpg" width="320" /></a></div>
<br />
Some areas just never have sustainably reliable power. That makes having a UPS a requirement.<br />
<br />
But even if you have the most reliable power, a UPS is still a good idea.<br />
<br />
So the first thing you should do is to assess the reliability of your power. The second is to <b>verify that all of your important equipment is plugged into a working UPS</b>.<br />
<br />
There are two pieces to that puzzle: 1) You need a UPS. 2) It should be working.<br />
<br />
Too many people buy equipment and then assume it will work forever. It won't. The most reliable thing a UPS will do is provide <b>surge protection</b>. That means it will protect you from electrical spikes that can come any time, even with most reliable power from your utility.<br />
<br />
The second thing a UPS does it to provide actual <b>"conditioned" power</b>. That means that the power supplied to your electronic equipment is stable. There are no spikes or sags that can blow out the electronics. The UPS does this in part through it's circuitry and in part because of the third thing it provides: <b>a battery</b>.<br />
<br />
Electricity flows into the UPS and charges the battery. The electricity might spike up and down, but the system reliably charges the battery. Power flowing out of the UPS flows through the battery. So the output is always consistent. Even if the electricity from your utility goes out altogether, the UPS continues to power equipment from the battery. Nice and even and reliable.<br />
<br />
. . . Unless the battery's dead. If the battery can not longer hold a charge, then you basically have a very heavy surge protector.<br />
<br />
UPS batteries normally last about three years. You can always test one by plugging in a piece of equipment (I recommend a lamp, not a computer) and unplugging the UPS. If the equipment goes out immediately, your battery needs to be replaced. You computer consultant will probably be able to order one, unless the battery is super old.<br />
<br />
If you have a "smart" UPS, you should be able to get a readout that tells how how many minutes your UPS will stay up when the power goes out. This readout is notoriously wrong. A stress test will tell you the correct answer. With a stress test, you unplug the UPS and watch how long in actually takes for the battery to die. Your consultant can do this safely without causing problems with your computers.<br />
<br />
<br />
<b>What Should be Plugged Into a UPS?</b><br />
<br />
You want to plug "electronics" into a UPS. That means computers, servers, network equipment, phone systems, and all the things that have those annoying plugs with rectangular boxes on one end or the other. Generally speaking, those things all have circuits inside that can be fried.<br />
<br />
Here's a list in descending order of importance (From my point of view. Your IT guy may put these in a different order.):<br />
<br />
- Your Server<br />
- Desktop and laptop computers<br />
- Monitors<br />
- Storage arrays, NAS, SAN<br />
- Switches<br />
- Router<br />
- Firewall<br />
- Phone system<br />
- Voice mail system<br />
- Wireless access points<br />
- Scanners<br />
- Other network connected equipment such as backup device, spam filter, etc.<br />
- Specialty equipment<br />
- Televisions<br />
- Stereo/music systems<br />
<br />
<br />
And here's a list of things that <b>should NOT be plugged into a UPS</b>. These things generally draw a lot of electricity, are less fragile, and can damage your UPS:<br />
<br />
- Heaters<br />
- Fans<br />
- Anything with a motor (e.g., electronic desk controls)<br />
- Printers (unless you have a specialty UPS designed for this)<br />
- Large all-in-one business machines<br />
- Refrigerators<br />
- Lamps<br />
- Electric staplers<br />
- Power tools, including battery chargers<br />
<br />
<br />
One time we had a large client (about 75 users) who had all kinds of stuff plugged into the UPSs, so we went through the office and put green electrical tape on the end of any cord that COULD be plugged into a UPS. If we ever found anything else plugged in, we were authorized to unplug it and work with the employee to find a safe place to plug it in.<br />
<br />
<br />
A few notes to remember:<br />
<br />
1) A power strip is not a surge protector unless it says it's a surge protector<br />
<br />
2) A surge protector is not a UPS (battery backup). When the electricity goes out, it's dead.<br />
<br />
3) A good, brand name UPS can save you thousands of dollars. But they need to be maintained. Batteries need to be replaced. And they need to be tested from time to time.<br />
<br />
<br />
<b>This Costs Money</b><br />
<br />
I get very frustrated with business owners who think they can buy something once and never put money into it again. You can't do that with anything in your life or business. Stuff gets old. It wears out.<br />
<br />
UPSs for every desktop cost a little money now. Consider a good UPS to be a three-year insurance policy for electrical problems. Depending on what you buy, that might be $100-$150 per desktop. For that you get uninterrupted work, no electrical spikes, and protection for unforeseen electrical problems. Plus you don't have to buy a new PC or monitor for that workstation due to electrical problems.<br />
<br />
It's rare to have a major electric problem. But they happen to SOMEONE every day. If you lost every piece of computer equipment in your office right now, how disruptive and expensive would that be?<br />
<br />
Talk to your computer consultant about tuning up your UPSs today.<br />
<div>
<br /></div>
</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-70359018600811437632016-08-20T14:48:00.000-07:002016-08-20T14:49:03.907-07:00The Three Biggest Mistakes Non-IT People Make When They Plug Things In<div dir="ltr" style="text-align: left;" trbidi="on">
This might sound silly at first, but it's not. If you're not an IT Professional, you may be plugging some things in wrong - costing yourself money.<br />
<br />
Please note: I am not suggesting that non-I.T. can't do the stuff I talk about here. But we see clients doing certain things over and over. So we know that these problems are out there and we know to keep an eye out for them.<br />
<br />
There are three primary areas where things get "plugged in" incorrectly: 1) Things plugged into the wrong slot on PCs/Servers; 2) Network cables and equipment; 3) Electrical.<br />
<br />
<br />
<b>PCs/Servers</b><br />
<br />
There are lots of places to plug things into your laptop, desktop, or server. And as odd as it sounds, sometimes things fit into slots even though they shouldn't be plugged in there. This is totally the fault of the hardware manufacturers and the industry standards. Even if you're not an I.T. pro you might be amazed at how many interfaces we've created that can use wrong!<br />
<br />
The biggest current example is the USB slot. If you have really old computers, they might have USB 1.1 slots. Those devices transfer data at 12 Megabits per second. That's slow!<br />
<br />
Most computers today have both USB 2.0 and USB 3.0 slots. USB 2.0 transfers data at about 480 MBits/second. Obviously, a hard drive plugged into this slot is going to be a lot faster than a 1.0 slot. On older machines, with USB slots in both the front and back of the computer, the slots in the front were normally 1.0 while the slots in the back were 2.0. I have no idea why this is, but some devices will only work if plugged into the back of the machine!<br />
<br />
USB 3.0 can operate at 5,120 MBits/second (5GB). That's a LOT more than the 2.0 generation. But you need really good cables for this. You can't plug in old cheap cables and get that kind of speed. But wait! there's more.<br />
<br />
The USB 3.0 slot will not work until an operating system is loaded. So, for example, if you plug a keyboard into the 3.0 slot and you need to press a key during boot-up, you won't be able to . . . because the operating system hasn't loaded yet. Only the 2.0 devices will work at that point. So things like keyboards and battery backups need to be plugged into the 2.0 slots.<br />
<br />
Lesson: Just because it fits and appears to "work" doesn't mean it's the right configuration!<br />
<br />
<br />
<b>Network Cables</b><br />
<br />
The most common problem we find with networks that we come across is that they are operating a LOT slower than they could be. Sometimes this is because one piece of equipment needs to be faster. But very often it's because things are just plugged into the wrong places.<br />
<br />
Again, the standard network interface plugs in the same no matter how fast or slow the wiring is. The jack is called an RJ-45 and it looks like a telephone jack, only a bit bigger. If you have the right equipment and the right cables, this might operating at 10 MB per second, 100 MP per second, or 1,000 MB per second (1 GB).<br />
<br />
Please take a look at this diagram. Don't worry, we won't get too technical. Just remember: Every device and every cable in this diagram might operate at a different speed.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-97Yov6TZ8Ws/V7jPCOJXRBI/AAAAAAAAEpM/yLnPxvBgYzUqaDFWj_llC8PbWEmmw7w2wCLcB/s1600/basic%2Bnetwork.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="241" src="https://1.bp.blogspot.com/-97Yov6TZ8Ws/V7jPCOJXRBI/AAAAAAAAEpM/yLnPxvBgYzUqaDFWj_llC8PbWEmmw7w2wCLcB/s400/basic%2Bnetwork.png" width="400" /></a></div>
<br />
<br />
Because bandwidth has exploded from 128K lines to 1 MB, 10 MB, and 100 MB, the world is filled with old equipment that just can't take advantage of the faster speeds! Most desktop PCs and servers have 1 GB network cards. That means that they can move (theoretically) ten times faster than a two year old 100 MB switch.<br />
<br />
Also, many devices have one or two really fast ports and the rest operate a little slower. So you might have a 1 GB port on your firewall. But if the network cable is plugged into a slower port, then you're not using all the bandwidth you could. The same is true on the switch, the server, etc. You might be able to get MUCH faster speeds by simply plugging things into different ports!<br />
<br />
Lesson: Just because it fits and appears to "work" doesn't mean it's the right configuration!<br />
<br />
<br />
<b>Electrical</b><br />
<br />
Electrical issues are a little different. For the most part, plugging things into the wrong place won't cost you any extra money. It just reduces safety and the security of data. There are two common ways that things are plugged in "wrong."<br />
<br />
First, some things are just not safe. UPS battery backups should not be chained together. It's unsafe at a minimum - and it's a fire hazard. The same goes for power strips, extension cords, etc. This is one I know you know. But we see it all the time.<br />
<br />
Another unsafe configuration we see is to have fans and heaters plugged into UPS battery backups. Those things should be plugged into the wall directly. The UPSs are not rated for heaters or spinning motors. This is a true, imminently dangerous thing to do.<br />
<br />
You should also never plug a laser printer into a normal UPS battery backup. There are industrial strength UPSs designed for printers but unless your printers are mission critical during a power outage, you probably haven't bought one of these.<br />
<br />
Second, we see a lot of things plugged into the wrong outlets on the UPS. Very often, the UPS battery backup will have two sets of outlet. One set is just a surge protector. Things you plug in here will go OFF when the electricity goes out. So it's okay to plug your speakers and electric stapler in here, but not you computer and monitor.<br />
<br />
The other set of outlets have surge protection plus battery power. So they will stay ON when the electricity goes you. You should plug you PC and Monitor into these - and nothing else!!! This will maximize the up-time you will experience should the lights actually go out.<br />
<br />
<br />
Again, I don't want this to come across as arrogant. These things seem simple enough. You can plug things in and make them "work." But that's not the same as having them work as well as they could.<br />
<br />
I have a theory I call <b>The Paradox of Simplicity</b>. The Paradox of Simplicity is this: Technology becomes easier over time until the non-expert can perform the technical task well enough to get by, but not well enough to rely on for business purposes. For example, I can buy Adobe Photoshop and make "OKAY" graphics. But I'm not a graphics pro and never will be, no matter how good the tool is.<br />
<br />
Things are easy "enough" that anyone can make a computer work, make a network connect, or plug in the equipment. But the result might not be as fast, secure, and safe as it could be. You've all heard the saying: Good enough isn't.<br />
<br />
It's just one more reason why you should rely on a successful network professional to help you set up and maintain your office!<br />
<br />
:-)<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com2tag:blogger.com,1999:blog-1220835097862778056.post-76087754690751883582016-06-12T01:00:00.000-07:002016-06-12T10:13:56.225-07:00Signs Your IT "Guy" is an Amateur<div dir="ltr" style="text-align: left;" trbidi="on">
Strangely enough, no one has ever asked me why I called this blog "Consultant or Amateur?" So I'll tell you!<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-oCLQwnGjmLk/V1mxsSR7atI/AAAAAAAAEhI/nDfefx1Gtko1-hSmUtRWVeceoz6roO3CACLcB/s1600/network%2Bguy.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://1.bp.blogspot.com/-oCLQwnGjmLk/V1mxsSR7atI/AAAAAAAAEhI/nDfefx1Gtko1-hSmUtRWVeceoz6roO3CACLcB/s320/network%2Bguy.jpg" width="213" /></a></div>
I came from a professional I.T. background. I managed large-scale computer systems across several states. I managed large teams of people. I managed the outsourced resources that made several different companies successful.<br />
<br />
So when I started my own technology consulting company, I put a premium on being professional. At first I thought that meant dressing professionally, having standard offerings, and delivering what we promised. But as I met more and more small business owners, I realized that my so-called competition was in a completely different league when it comes to professionalism.<br />
<br />
Time and time again I met business owners who had been ripped off and mistreated by the IT "Guy" before me. Here are a few examples:<br />
<br />
<b>The Untrained</b><br />
- One computer consultant recommended that a client uninstall the brand new operating system from her brand new computers and install the previous version because it was more stable.<br />
<br />
What that really means: 1) This guy is too lazy to learn the new operating system. 2) This guy wanted to drum up thousands of dollars in billable labor to "fix" perfectly working machines and turn them into last-generation technology. 3) This guy cared more about his own pocket book than about the client's experience or business.<br />
<br />
<b>The Thief</b><br />
- Many (too many) IT consultants sell used equipment as new. They buy illegal software and sell it for full price. They bill for work they didn't do. Basically, people like this are scratching and clawing to make a little money any way they can.<br />
<br />
This is bad enough. But it's also a sure sign that these people do not have the connections to get good equipment, replacement parts, warranty service, etc. It's also a good indicator that they'll be out of business and gone when something important breaks.<br />
<br />
<b>Secret-Keepers</b><br />
- These folks never document anything. Or at least they don't share the documentation with the client. So business owners don't know the passwords to their server, router, firewall, email provider, Internet service provider, etc. This is a HUGE PET PEEVE of mine. I wrote a book on documentation and I made a huge point of encouraging people to share this information with the business owner - because it's their network.<br />
<br />
There's some strange belief among secret-keepers that they have more job security if they don't share any information. They don't know how wrong they are! Unfortunately, I've made a LOT of money figuring out how to give new clients access to their own equipment and servers after they fire the secret-keeper!<br />
<br />
<b>The Mine-Mine-Miners</b><br />
- I don't know what else to call them. If I knew WHY these people do what they do, I'd have a better name for them. These people put everything in their own name. I have one client whose Internet connection is in the name of an IT guy they hired for three months - 18 years ago! They can't change it except to just switch to a new ISP. It's ridiculous.<br />
<br />
These people register the server, the network equipment, and all the software in their own name instead of the business name or even the business owner's name. Again, maybe they think this is some kind of job security. But when these people are gone and you try to get control of your own equipment - which you paid for - it can be a huge hassle. And, again, I've made a lot of money helping people take control of something that should have been under their name in the first place.<br />
<br />
This includes Internet Domain Names. I've seen cases where the IT Guy registered domain names in his own name and then would not transfer them to the rightful owner - even though the small business owner paid him for the registration! In more than one case, the domain expired and the rightful owner could not renew it or transfer it because the IT Guy had it in his own name and he disappeared.<br />
<br />
<b>The Old-Timers (of any age)</b><br />
- These folks just can't bring themselves to learn new stuff. They don't sell the latest equipment because clients aren't asking for it. Well, it's not the client's job to know what's new and ask for it. It's the IT professional's job to know what's new and recommend it. These people also perpetuate fear about things like Cloud Services. When I hear that "the cloud" is unsafe, un-tested technology I'm reminded of when people used to say that the Internet was just a fad.<br />
<br />
<b>The Un-Safe</b><br />
- Un-safe technicians tell you stupid stuff like you don't need a firewall. Or you don't need a backup. Or you don't need an anti-virus program.<br />
<br />
Let's turn this around. If your business has any value whatsoever, then you need to protect it. If your programs and data help you make money, then you need to back them up. If it would be a bad thing for someone else to get all your information, then you need a firewall. And if someone really has to convince you to get anti-virus, then maybe you're the amateur as well as your IT Guy.<br />
<br />
We have a saying in our company: We can't care more about the client's business than they do. If you care about your business, you do the basic things to protect it. You lock the front door at night, you have insurance, you have a firewall and AV program, and you back up your data.<br />
<br />
YES - It is possible to overspend. But most businesses underspend. And that's why lots of them go out of business after a disaster. 99.9% of all IT-related disasters are both preventable and easy to recover from - IF you've spend a little time and money preparing for a disaster. It's not difficult or expensive to have true business continuity or disaster recovery.<br />
<br />
<b>What to Look For</b><br />
<br />
Here's a simple way to look for a professional IT consultant.<br />
<br />
- Ask about their trainings and certifications. Training and experience are more important than certifications.<br />
<br />
- Ask them about their SOPs - Standard Operating Procedures - for selling hardware, software, and service.<br />
<br />
- Ask them about their SOPs for documenting your network.<br />
<br />
- Ask them to describe their preferred network security and disaster recovery options.<br />
<br />
- Ask them about what they sell and what they expect to sell in the next three years.<br />
<br />
A professional technology consultant should be able to discuss each of these and sound confident and knowledgeable. You should also not hear any red flags like, "We prefer the old system," or "We're not recommending new technology yet."<br />
<br />
It can be hard to hire an IT professional when you're not a professional in IT. But if you put out a little extra effort now, you can avoid a lot of grief in the future!<br />
<br />
:-)<br />
<div>
<br /></div>
</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com5tag:blogger.com,1999:blog-1220835097862778056.post-40121643320453024282016-06-04T11:01:00.001-07:002016-06-04T11:01:53.246-07:00Reusing Passwords Will Kill Your Business<div dir="ltr" style="text-align: left;" trbidi="on">
Do you reuse passwords? If so, it's just a matter of time before the bad guys break into your network, your laptop, your bank account, and your business.<br />
<br />
Since computers were invented, we have had to balance use-ability with security. And business owners have always hated passwords. I can't tell you how many times I've been told that I should make a password easy to remember.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-tLFhf94dBp0/V1MWdB75LYI/AAAAAAAAEfo/KhTIwokq_vY-i2TLIJ_3gzSKLT8uaa5qQCLcB/s1600/safe_MJSzvBq_.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="247" src="https://3.bp.blogspot.com/-tLFhf94dBp0/V1MWdB75LYI/AAAAAAAAEfo/KhTIwokq_vY-i2TLIJ_3gzSKLT8uaa5qQCLcB/s320/safe_MJSzvBq_.jpg" width="320" /></a></div>
I'm sorry to tell you: Those days are long gone.<br />
<br />
There are now literally millions of bad guys hacking and cracking into everything they can find. People with poor security habits have all kinds of juicy information on their computers (Social Security numbers, birthdays, credit card numbers, and of course password lists!).<br />
<br />
Some of this information is used to break into accounts. Some is used to open new credit card accounts or redirect your tax return to a new address. Lots of it is sold in bulk to organized crime syndicates in other countries. And then the aggregated data is sold again and again to bad guys who want to generate fake profiles, credit cards, and more.<br />
<br />
As you read about break-ins for large companies like Target, just remember that that are thousands of breaches that never make the news for every single breach that does. Most are never reported because it's not required. In fact, most are not reported even if it is required because there's no real enforcement.<br />
<br />
Here are the most obvious things you can do:<br />
<br />
<b>1) Have good passwords. </b><br />
That means they are long(ish) and complex. Complex means that standard stuff you hear about all the time: Upper and lowercase letters, symbols, and at least 8-12 characters.<br />
<br />
<b>2) Never use a password that exists on any list anywhere. </b><br />
For example, if you use a single word that is found in a dictionary, it takes only a few milliseconds for a computer to guess your password because the computer has it's own "dictionary" that includes all the words in all dictionaries for all languages. It also includes all lists of all passwords that it has ever come across.<br />
<br />
<b>3) Change your passwords from time to time!</b><br />
You don't necessarily have to change your password every 30 days - but it doesn't hurt. But you should change all your important passwords (bank, payroll, work) at least once every three months.<br />
<br />
And here's one more thing that most people don't think about:<br />
<br />
<b>4) Don't reuse passwords. </b><br />
<br />
Consider this: You probably have passwords on dozens if not hundreds of web sites. I use a password manager that stores about 800 of my passwords. With that many accounts out there, it's almost guaranteed that one of those accounts will get hacked this year. So my username and password combination will now be out in the wild for the bad guys to buy.<br />
<br />
Why is that valuable? Well . . . If I reuse passwords (as most people do), then that username/password combination will be guaranteed to work somewhere else. So now the bad guys have lists of all the passwords out in the wild, but they also have some known-good combinations.<br />
<br />
Social media accounts are always under attack. Most recently, MySpace and Tumblr were hacked. If you have one of those accounts and use the same password for Facebook, LinkedIn, etc. then the bad guys have those passwords as well.<br />
<br />
<br />
<b>The bottom line: </b>Some account you have somewhere will be hacked. With luck, it will be an unimportant account. And if you don't have the same password everywhere, then the damage will be isolated to that one account. But if you reuse one password all over the place, then the chances that other accounts will be hacked goes up significantly.<br />
<br />
<br />
<b>Action Steps:</b><br />
<br />
- Contact your I.T. consultant and find out what they recommend for password policies and password management.<br />
<br />
- Change your most important passwords right now - and make them all different!<br />
<br />
<br />
<b>Additional Resources</b><br />
<br />
Here is a <a href="https://www.google.com/search?q=password+manager" target="_blank">Google search for Password Managers</a>. I use an off-line password manager so that it's not hosted somewhere and the focus of targeted attacks.<br />
<br />
Here is a <a href="https://www.betterbuys.com/estimating-password-cracking-times/" target="_blank">password testing tool</a>. Set the year to 2020 and see how quickly your passwords can be cracked.<br />
<br />
Just remember: Even if this password can't be cracked in a million years, a list of passwords that includes this one might not be as secure!<br />
<br />
Finally, here are the 100 most popular passwords in the last year, in alphabetical order. You can be guaranteed that these will be cracked in less than one second.<br />
<br />
1111<br />
1234<br />
2000<br />
6969<br />
12345<br />
111111<br />
121212<br />
123123<br />
123456<br />
654321<br />
666666<br />
696969<br />
1234567<br />
12345678<br />
123456789<br />
abc123<br />
access<br />
amanda<br />
andrew<br />
asdfgh<br />
ashley<br />
asshole<br />
austin<br />
baseball<br />
batman<br />
bigdog<br />
biteme<br />
buster<br />
charlie<br />
cheese<br />
chelsea<br />
computer<br />
corvette<br />
cowboy<br />
dallas<br />
daniel<br />
diamond<br />
dragon<br />
football<br />
freedom<br />
fuck<br />
fucker<br />
fuckme<br />
fuckyou<br />
george<br />
ginger<br />
golfer<br />
hammer<br />
harley<br />
heather<br />
hello<br />
hockey<br />
hunter<br />
jennifer<br />
jessica<br />
jordan<br />
joshua<br />
killer<br />
letmein<br />
love<br />
maggie<br />
martin<br />
master<br />
matthew<br />
merlin<br />
michael<br />
michelle<br />
monkey<br />
mustang<br />
nicole<br />
orange<br />
pass<br />
password<br />
patrick<br />
pepper<br />
princess<br />
pussy<br />
qwerty<br />
ranger<br />
richard<br />
robert<br />
secret<br />
sexy<br />
shadow<br />
silver<br />
soccer<br />
sparky<br />
starwars<br />
summer<br />
sunshine<br />
superman<br />
taylor<br />
test<br />
thomas<br />
thunder<br />
tigger<br />
trustno1<br />
william<br />
yankees<br />
yellow<br />
<br />
Source: <a href="http://www.passwordrandom.com/most-popular-passwords" target="_blank">http://www.passwordrandom.com/most-popular-passwords</a><br />
<br />
Let's be safe out there!<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com2tag:blogger.com,1999:blog-1220835097862778056.post-85505734941122836482016-02-18T14:11:00.000-08:002016-02-18T14:27:38.294-08:00Don't Go Phishing - An Email Safety Tip<div dir="ltr" style="text-align: left;" trbidi="on">
I am preparing a training for my clients on how to avoid problems that show up in email. Whether it's work email or home email, certain "bad" emails will always get through. If you have a good anti-virus program and a good spam filter, you shouldn't get viruses in your inbox.<br />
<br />
But "phishing" is another program. Phishing is pretty much what it sounds like - bad guys are fishing to see who will bite. Here's a great example of a phishing email:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-mtR1DSGLkLM/VsY73fj6BZI/AAAAAAAAEXw/pnyjljVtNA0/s1600/fake%2Bca%2Bcovered%2Bemail.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="1" height="640" src="https://2.bp.blogspot.com/-mtR1DSGLkLM/VsY73fj6BZI/AAAAAAAAEXw/pnyjljVtNA0/s640/fake%2Bca%2Bcovered%2Bemail.png" width="522" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
Notice the popup that says "http://s522558593... ." We'll come back to that.<br />
<br />
When you get any email that includes links, do not click on anything unless you are 100% sure that it's real. For example, if you receive a regular newsletter, those links are probably safe. <br />
<br />
Here are some quick tips for dealing with phishing emails.<br />
<br />
<b>First, be suspicious</b>. Phishing emails often look very real. They will frequently have a "scare" tactic to get you to click without thinking. For example, a letter was returned undeliverable. Make sure we have the right address.<br />
<br />
Well, wait a minute. Do you even use this product or service? Do you care if a letter went missing? Is this your bank?<br />
<br />
<b>Second, never click on the links </b>in an email unless you asked this person to send you this email. If your bank has an urgent message for you, then open a browser and log into your bank. That way you'll know YOU initiated the contact and that it's really your bank. If there's an urgent message for you, it will be there.<br />
<br />
If you want to see where the link is really going, <b>float your mouse over it</b>. See the example above. The "link" looks like it's going to CoveredCA.com, but if you click it will really go to that long link instead. In this case, that link is to a server with a reputation for sending massive amounts of spam email. If you click anything, you verify that your email works and they can sell it again.<br />
<br />
I did not click on the link because 1) I don't use CoveredCA, and 2) I floated my mouse over it and the address was different.<br />
<br />
But if I had clicked, I bet it's a site that looks very much like the "real" CoveredCA web site. But when you put in your information, if fails. In reality, you have just given the bad guys your username and password!<br />
<br />
That's what they're fishing for.<br />
<br />
The bad guys convince people to let their guard down. You need to have some hard, fast rules that you never break. And remember that the government will never initiate contact with you. And neither will most large businesses!<br />
<br />
And here's a bonus tip: If you receive an email with an attachment, <b>never open the attachment unless you asked that person to send you that email</b>.<br />
<br />
In general, click less and slow down. When you go fast, the bad guys can trick you into clicking when you should be deleting!<br />
<br />
:-)<br />
<br />
<br />
<br />
<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com1tag:blogger.com,1999:blog-1220835097862778056.post-37645311968235717162016-02-06T09:52:00.001-08:002016-02-06T09:52:33.139-08:00Beware Budget Bifurcation<div dir="ltr" style="text-align: left;" trbidi="on">
Humans have an amazing capacity to isolate various pieces of our lives and treat each independently. Perhaps we have to do this in order to make decisions at all and not be overwhelmed with data.<br />
<br />
But sometimes we know very clearly that two things are directly related and choose to ignore this relationship anyway. This is called <b>bifurcation</b>.<br />
<br />
The best example of bifurcated thinking is the government budget process. In the spring, Congress passes all kinds of laws with almost no attention to costs. Policy is all that matters. Then, in the Fall, they look at the costs of all those programs and start cutting and trimming costs - without regard to the policies.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-M0L6iiu-AwE/VrYvtrLXVDI/AAAAAAAAEWc/QnMwhi-zTTk/s1600/big%2Bmoney%2Blittle%2Bmoney.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="288" src="https://1.bp.blogspot.com/-M0L6iiu-AwE/VrYvtrLXVDI/AAAAAAAAEWc/QnMwhi-zTTk/s320/big%2Bmoney%2Blittle%2Bmoney.jpg" width="320" /></a></div>
Yes, the government always manages to overspend. But there is a budget process. And the most common compromise is the very simple and predictable: Split the difference. In other words, the House and Senate meet halfway in the middle - without regard to the policy differences.<br />
<br />
What's this got to do with Small Business? Unfortunately, A Lot!!!<br />
<br />
Business owners are also tempted to use bifurcated thinking when they budget as well. But unlike Congress, you can't go over budget without feeling the pain - and you <b>can </b>go out of business.<br />
<br />
The most common example of bifurcated thinking in small business involves saving money in the wrong way. I call this "Saving the wrong pennies." Here's a great example.<br />
<br />
Last year, one of my clients bought a new laptop. They only needed it for a few simple tasks, so they bought a low-end $300 machine instead of the business class machine I recommended for $600. It looks like they saved $300, right? Wrong - by a long shot.<br />
<br />
Super basic, low-end equipment almost never saves money. That extra $300 was saved somewhere by the manufacturer. As a result, setting up the machine to work on a network was slower. Since that's billable labor, the client paid more for the setup right off the bat.<br />
<br />
Then they started using it and found that it is noticeably slower than other machines in the office. "That's okay," they said, "We just need it once in awhile for low-end needs."<br />
<br />
But right away they were disappointed because the new laptop printed very slowly and the printouts were often grainy, especially with photos. That's because the machine has almost no video memory, and almost no processor cache. Those are "specs" that almost no one compares, and they are very important for good performance.<br />
<br />
And you know what happened next. They hired a new employee and that laptop is now used as a desktop computer every day. It is super slow and doesn't do the most important thing a computer should do: <b>Make the user more productive!</b><br />
<b><br /></b>
So the client asked if we can upgrade the graphics card. But of course they can't. On a nicer laptop they might be able to upgrade the graphics - but they wouldn't need to because it would already have a better graphics card.<br />
<br />
Now that they feel the pain, they see that the laptop is really only good for a few tasks and they'll pay whatever it takes to get something that performs well. This reminds me of a twist on an old saying: "<b>We don't have money to do it right, but we have plenty of money to do it over.</b>"<br />
<br />
Bifurcation Warning: You can always make decisions on price alone, but don't be surprised if that becomes a powerful, expensive decision in the long run.<br />
<br />
The solution to this is surprisingly simple: Find a technology consultant who will give you good, honest advice and help you with <b>long-term planning</b>. A good consultant will help you create some kind of technology budget instead of just reacting to situations as they arise. Very often, the answer will be to save money in the short run as well as the long run!<br />
<br />
Ideally, you have an ongoing maintenance contract and hold quarterly "roadmap" meetings to discuss your technology needs going forward. Once your I.T. consultant knows about your plans for the months (and years) ahead, they can help you make wise long term decisions.<br />
<br />
For example, I recently had a client with some minor but annoying problems on a desktop PC. Knowing that the machine was scheduled to be replaced in two months, I asked her how much time I should spend on it. This reminded her about our earlier "roadmap" discussions and she said to limit my time to one hour.<br />
<br />
Your I.T. consultant should be a consultant. That is, they should give you good advice that serves you well in the long run.<br />
<br />
Be of one mind. Stop the bifurcated thinking!<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-9854191815748748812015-12-01T06:48:00.000-08:002015-12-01T07:46:41.224-08:00If You Get Viruses, Fire Your Technician - Or Yourself<div dir="ltr" style="text-align: left;" trbidi="on">
There's a simple formula for avoiding viruses on your computers. I am extremely frustrated when I go to professional conferences hear people talking about Cryptolocker and other viruses.<br />
<br />
<b>There is no excuse for letting your computer get viruses today. Really. Zero.</b><br />
<br />
Twenty years ago a client asked me if computer consultants created viruses so they could stay employed. I said no, we don't have to because the bad guys are creating enough. That's still true.<br />
<br />
BUT I have met a lot of consultants recently who do not do the best job they can of patching systems . . . because they want your computer to break. In my opinion, these are amateurs at best and incompetent technicians at worst.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-yDXTaip0aI8/Vl2yhptqqII/AAAAAAAAERQ/2pBc1u_e_tg/s1600/virus450.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="http://4.bp.blogspot.com/-yDXTaip0aI8/Vl2yhptqqII/AAAAAAAAERQ/2pBc1u_e_tg/s320/virus450.png" width="320" /></a></div>
<br />
<h3 style="text-align: left;">
How We Get Viruses Today</h3>
<br />
Virtually every virus today requires YOU to install it. Something pops up on your screen and you click YES. When that happens, you are to blame and you should pay for the cleanup.<br />
<br />
Virus manufacturers try to trick you into clicking in many ways. The most common are<br />
<br />
1) A fake virus scanner pops up and says your system is infected. You click to "clean" your machine, but you're really installing a virus.<br />
<br />
2) Fake web sites look like the real thing, so you start clicking on stuff. Again, at some point a program wants permission to install something and you say yes.<br />
<br />
3) You receive emails with fake lures. For example, your bank needs you to read a notice or says your deposit did not go through. You panic and click. And infect.<br />
<br />
4) You receive an email with an attachment, often with a fake extension. You open it and infect your machine.<br />
<br />
<br />
<h3 style="text-align: left;">
Five Simple Steps to Zero Viruses</h3>
<br />
It is extremely easy to stop getting viruses ever again. But you have to do all five. If you do less than five, then you will get viruses. Note: You computer consultant should recommend these steps to you and pressure you to do them. This is worth paying for because it's cheaper than cleaning up one nasty virus.<br />
<br />
<b>Step One: Have a good, current anti-virus program. </b>In addition, know what it is! Open it. Look around. See how the quarantine looks. Be comfortable with it. That way, when something pops up and says you have an infection, you will know that it's NOT your anti-virus program and you can close it without clicking.<br />
<br />
<b>Step Two: You need a good patch management system. </b>This will cost a little money every month, but it guarantees that your operating system and all your software is up to day. There's a big buzz every week about Microsoft updates. Of course you ignore it because it's not your job. But those updates (as well as updates from Adobe, QuickBooks, Sage, and others) are critical to the health of your computers.<br />
<br />
Very often, these updates do not install automatically (even when set to) and sometimes fail to install for weeks or months. That's why you need a managed system. Your computer consultant should be making sure all these patches are applied. On rare occasions, a patch should NOT be applied because it causes problems. Your computer consultant should manage that as well.<br />
<br />
<b>Step Three: No one in your company should have "administrative rights" on your computers. </b>As soon as you take away admin rights, programs cannot be installed. Viruses are programs. They need admin rights to install and infect your computer. Once you take this away, 99% of all viruses are stopped dead in their tracks.<br />
<br />
WHINE: I always hear the argument that it's a pain in the neck to contact the computer guy every time we need to install something. A) No it's not. B) Here's another thing you can do.<br />
<br />
Have your computer consultant create a special Administrative account on your computer. Call it something like AdminX with a password that's easy to remember. This doesn't have to be a super secure password if you have a properly set up and secured network. Now, when a program asks for Administrative credentials in order to install a program, you can put in the AdminX username and password. Ideally, that will slow you down, make you think, and NOT install viruses.<br />
<br />
If you do install a virus, you'll know instantly that you did it yourself and you can give up the lame excuse that you browsed to a web site and magically got a virus.<br />
<br />
<b>Step Four: You need a good firewall with an anti-virus module installed. </b>That means you can't use a crappy $39 router any more. You need a real firewall with a real anti-virus module - and a subscription to keep that up to date. Yes it costs money. But it costs less than fixing one nasty virus.<br />
<br />
<b>Step Five: You need good habits. </b>As you read above, YOU are the cause of all viruses. So change that, educate your people. And stop clicking on everything on the Internet!!! Here are a few rules. Follow these and you life will be good:<br />
<br />
1) If you have any doubt whatsoever, do not click. For example, if your bank has a message for you, close the email and log on to your bank site. Since you initiated the connection, you'll know you are at the real bank site. If there's a message, it will be there.<br />
<br />
2) Do not open email from someone you don't know. Just delete it. Really. The world will keep spinning.<br />
<br />
3) Do not open any email attachments unless you asked that person to send you that file. Even if it looks like it came from your mother or best friend. Send them an email and ask them if they sent you something. If they say no, delete it.<br />
<br />
4) Have your computer consultant enable "view extensions" on your computer. That way, you can look for files with two extensions and you can delete them without opening. These files have names like: FILE.DOC.EXE or FILE.PDF.JS.<br />
<br />
<br />
In the 21st Century, I believe it is unscrupulous for computer consultants to let their clients get viruses and lose data. It costs the client a lot of money and is completely avoidable.<br />
<br />
At the same time, business owners who are not willing to pay for a good firewall, good anti-virus software, and a patch management program are just asking for trouble. It costs money to run your business the right way. If you don't buy a managed service contract and you don't invest in basic security, then please don't complain when you have to pay money to clean up a virus or two. Or three.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com7tag:blogger.com,1999:blog-1220835097862778056.post-62531539548905383692015-09-29T07:11:00.000-07:002015-09-29T07:11:01.951-07:00DropBox is Not Your Friend<div dir="ltr" style="text-align: left;" trbidi="on">
Let me start out by saying that DropBox CAN be the perfect solution for many small businesses - IF it's the solution to the right problem!<br />
<br />
There's an old saying among people who work with their hands: <b>Use the right tool for the right job</b>.<br />
<br />
When you use the wrong tool, either you injure yourself or you do a really crumby job. Either way, more than likely, it shows. Note also that you have to do the right job. That means even the best tool can be used the wrong way.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-cFQvRCqjLns/VgqauuPfX_I/AAAAAAAAEPw/8zRAlf3zKY8/s1600/Work%2Bstuff.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="400" src="http://1.bp.blogspot.com/-cFQvRCqjLns/VgqauuPfX_I/AAAAAAAAEPw/8zRAlf3zKY8/s400/Work%2Bstuff.png" width="342" /></a></div>
As we tip-toe into "cloud" services, a lot of companies are finding out that employees (or owners and managers) are grabbing whatever tool they can find to make their job easier. One of the most common examples of this is cloud-based storage. Time and time again, we see clients who are throwing important company data up on free accounts. Some people even brag about having 5 GB accounts on several different providers - all free!<br />
<br />
<b>Free is great when free is appropriate. </b><br />
<br />
Free means, in the end, you have ZERO guarantees that anyone is responsible for your stuff. Even if everything was lost by a freak accident and you were paid one million times what you paid for the service, you will still get ZERO. If you're not paying for it, assume it's not as secure as when you are. Assume it's not as private as it could be.<br />
<br />
Just because a little lock shows up in your browser and the web connection is "encrypted" doesn't mean that you have any level of real security. Most free accounts (I would say ALL, but I don't actually have proof of that . . . But certainly every free account I've ever seen . . .) is NOT compliant with requirements such as HIPAA or PCI.<br />
<br />
What does that mean? In a nutshell, it means that these free accounts aren't good enough for use with data that 1) Is important in any way, and 2) You don't want to lose. If your industry is regulated in any way, YOU are responsible for the security of you data and being compliant with regulations.<br />
<br />
When you hire a professional technology consultant, they will make sure that your data is secure - in a way that protects you and has your best interest in mind. For example . . .<br />
<br />
- It's good to say your data are encrypted. What does that mean? To be truly secure, you need to be in control of that encryption. That means some system you control needs to do the encrypting and decrypting. The service that stores your data should never be able to look inside your encrypted files. Your consultant can show you how this works with the systems they sell you.<br />
<br />
- It means that you need a complete system designed for speed, security, and data recovery. All of that needs to be <b>designed intentionally </b>and <b>documented thoroughly</b>. In a disaster, where are your data? Which accounts and emails and passwords are used for everything? Who knows this stuff? Where is it documented?<br />
<br />
Cloud services absolutely CAN be secure and keep you inside the law. But that doesn't happen by accident. You can't just put your important company data anywhere you want and assume someone is taking care of it.<br />
<br />
The real irony is that good, secure, cloud-based systems are now VERY affordable. That means low-price, not free. But to save a few dollars every month, people choose to do whatever they think is "easy." We all know the free version of games are crippled in some way. We all know the free version of software has key features disabled. We all know that free means you're not getting the whole thing.<br />
<br />
What's missing in your free cloud storage?<br />
<br />
PLEASE talk to your technology consultant and make sure you have a data storage system that makes sense and was created specifically to meet your needs.<br />
<br />
DropBox might be your friend. But only if it's part of an overall system designed to meet your needs and fulfill the requirements of your business.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-27277797123699837202015-06-07T11:52:00.001-07:002015-06-07T11:52:48.999-07:00Windows 10 Strategic Deployment Advice<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="MsoNormal">
Memo to Businesses about Windows 10:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
On June 1st, Microsoft announced that Windows 10 will be
released July 29<sup>th</sup>. Whether you like it not, this affects you. Here are a few points to consider regarding deployment of this operating system.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Executive Summary:<o:p></o:p></b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
1) After July 29<sup>th</sup>, Windows 10 will be the only
version of Windows available.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
2) Machines with Windows 7 or 8 can upgrade for free to
Windows 10 for the next year.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
3) I recommend that you work with you IT Consultant to schedule an upgrade to Windows 10 on
any W8 machines. It’s a much more usable interface and will give you an idea of
what the upgrade process will be like for other machines. Labor for this is probably billable.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
4) I recommend that you keep Windows 7 machines <b>as is </b>until
you decide on a good time to switch over. You do not ever “have to” make the
switch. But there's no cost for the software for the next year.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Some Details:<o:p></o:p></b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Unlike most Windows updates from the past, this one is quite
significant. It means that very shortly Windows 10 will be the only version of
Windows available.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Here’s why: Microsoft has always allowed people to legally
use the <b>current version </b>of Windows purchased, or the <b>previous version</b>. That’s
why Windows XP was allowed to stay around so long. Some folks didn’t like
Windows Vista, so they bought machines with XP.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Well, the current version is Windows 8.x, even though no one
likes it. <o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
When Windows 10 is released, the “previous” version will be
Windows 8. Manufacturers will be allowed to ship machines with Windows 10 or
Windows 8. Since they are all currently shipping Windows 8 “downgraded” to
Windows 7, you know they’re not going to ship Windows 8.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Therefore, the only real option after July 29<sup>th</sup>
will be Windows 10.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
ALL versions of Windows 7 and Windows 8 will be eligible for
FREE updates to Windows 10.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Note: If you have Home versions of Windows 7 or 8, they will
be upgraded as part of the regular Windows Updates. When this happens, you will
lose Windows Media Center, all desktop gadgets, and certain Microsoft games.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Work with your IT Consultant or Managed Service Provider<o:p></o:p></b></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.microsoft.com/en-us/windows/windows-10-faq" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="222" src="http://1.bp.blogspot.com/-JuAkga0hTdQ/VXSQfV-6PhI/AAAAAAAAEGk/LyXUMty7OPQ/s320/w10upgradewidget.jpg" width="320" /></a></div>
<div class="MsoNormal">
It's always best to work with your Managed Service Provider (MSP) to coordinate these upgrades. In this case, it's particularly important.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
With an "unmanaged" computer, the Windows Updates are probably set to automatic. If that's true, then all Windows 7.1 and Windows 8.x machines will soon see a new icon in the lower right-hand corner.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
If you click it, you'll install Windows 10. You can't undo this.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Managed computers go through an upgrade vetting process. That means that only approved patches and fixes are installed. So, your Managed Service Provider can stop the installation of the Windows 10 Upgrade App.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
That gives you time to decide <b>when </b>and <b>whether </b>you want the upgrade.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>Mixed Environments</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
If you have a few machines with Windows 8, that's probably good for you. You'll definitely want to upgrade those to Windows 10. Once that happens, you'll see how much better it is than W8. And you can decide whether you want to run a "mixed" environment of W7 and W10 of just upgrade all the W7 machines.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Our general advice is that you should plan to keep business class computers for three years and then get newer machines AND you should always get machines with the latest operating system. So, for most people, we advice that you leave the Windows 7 machines alone unless you have a need for some feature of Windows 10 that you don't get with Windows 7.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Once again, the good news is that your Managed Service Provider will help you figure out a reasonable schedule for upgrade to make sure that all of your hardware and software works properly with Windows 10. </div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
It's fine for Microsoft to release a new operating system and assume everyone should just get it. But you need to make good decisions about your business.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
This is a great time to rely a professional IT consultant to make sure you have a smooth transition.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
- - - - -</div>
<div class="MsoNormal">
Microsoft has a nice FAQ on this upgrade process from their perspective:</div>
<div class="MsoNormal">
<a href="http://www.microsoft.com/en-us/windows/windows-10-faq" target="_blank">http://www.microsoft.com/en-us/windows/windows-10-faq</a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
:-)</div>
<br />
<div class="MsoNormal">
<br /></div>
</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-4593276261181034832015-03-24T10:04:00.000-07:002015-03-24T10:04:22.643-07:00It's Surprisingly Easy to Opt Out of Ad Tracking<div dir="ltr" style="text-align: left;" trbidi="on">
One of the "truths" of modern life is that advertisers track everything you do on the Internet. But you can easily take back some control.<br />
<br />
You've seen this tracking. If might even have freaked you out a bit. You might have searched for a product at the Staples or Office Depot web site. Then you hop on Facebook . . . and instantly see advertisements for the product you were browsing. Yikes! How do they do that?<br />
<br />
Well . . . a number of advertisers have joined together to improve YOUR browsing experience and THEIR sales. When you visit a site, they put a "cookie" on your browser. Then when you go to the next site, it reads that cookie and accesses your browsing profile.<br />
<br />
<br />
<b>Don't Freak Out</b><br />
<br />
To be honest, there are hundreds of millions of people browsing these sites at any given time. No one is trying to tie all this information together an get to know you personally. But they ARE trying collect a massive and growing amount of information about you as a unique web surfer. It might be a little scary if they actually connected up all that info and added your personal information.<br />
<br />
But no one other than the NSA is really doing that.<br />
<br />
So you need to be prudent, but don't get too worried.<br />
<br />
Here's how to be prudent.<br />
<br />
Visit the Digital Advertising Alliance's consumer choice page at <a href="http://www.aboutads.info/choices" target="_blank">http://www.aboutads.info/choices</a>. There you'll find over a hundred companies who have put a premium on addressing your privacy rights with regard to advertising. As they say on that page,<br />
<br />
"Some of the ads you receive on Web pages are customized based on predictions about your interests generated from your visits to different Web sites. This type of ad customization is sometimes called 'online behavioral' or 'interest-based' advertising. Such online advertising helps support the free content, products and services you get online. The DAA Principles apply to interest-based advertising and other applicable uses of Web viewing data collected from a particular computer or device over time and across unaffiliated Web sites."<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-cbQh-ChesmI/VRGYcNVALqI/AAAAAAAAD_Y/-pzyraeznKg/s1600/DAA.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://2.bp.blogspot.com/-cbQh-ChesmI/VRGYcNVALqI/AAAAAAAAD_Y/-pzyraeznKg/s1600/DAA.png" height="262" width="400" /></a></div>
When you click on the "Choice" icon, the browser will look at all the member advertisers who have cookies on your browser. Then you can check boxes and opt out of their advertising.<br />
<br />
In addition, the site is a great educational source about advertising, privacy, and industry ethics. Take a look around!<br />
<br />
<br />
<b>The Bad News</b><br />
<br />
Yeah! Enjoy your freedom. But just be aware that this is browser specific. Here's what that means.<br />
<br />
- If you use more than one browser, you need to do this for each browser (Chrome, Internet Explorer, etc.)<br />
- If you use more than one computer, you need to do this on each computer (and each browser)<br />
- If you browse the Internet on a "device" such as an iPad, Kindle, cell phone, etc., you need to do this on each of those<br />
<br />
In other words, it's nice to have the ability to opt out - but you might have a lot of work ahead of you.<br />
<br />
Have fun!<br />
<br />
:-)</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-59548366643588665512015-01-02T11:33:00.002-08:002015-01-02T11:33:25.361-08:00NOW is a Great Time to Change Your Passwords!<div dir="ltr" style="text-align: left;" trbidi="on">
Guess what time it is?<br />
<br />
It's password time!<br />
<br />
Whether you like it or not, you need to change passwords - a lot.<br />
<br />
In the last year there have been thousands of stories about passwords being stolen and accounts being compromised. That's not an exaggeration.<br />
<br />
Here's an easy two-step process to improving your security this year:<br />
<br />
<b>1) Get a password vault.</b><br />
That's a kind of software that allows you to store your passwords in an encrypted file. Keeping them in Word or Excel is NOT good enough - especially if you store them on your laptop.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-Heh5ialnEqw/VKbrxr7y2yI/AAAAAAAADx8/craWELj-BmM/s1600/TK8%2BSafe.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://1.bp.blogspot.com/-Heh5ialnEqw/VKbrxr7y2yI/AAAAAAAADx8/craWELj-BmM/s1600/TK8%2BSafe.jpg" height="320" width="240" /></a></div>
I use a product called TK8Safe (<a href="http://www.tk8safe.com/" target="_blank">www.tk8safe.com</a>). It's 256-bit encrypten, which is good. And it's cheap. Like $20.<br />
<br />
There are online password vaults, but there are several things I don't like about that. First, if the bad buys get your file, then can download it and proceed to work on it until they break in. No matter how secure it is, it will eventually be cracked.<br />
<br />
Second, if you have problems getting to the Internet, you can't access your password vault. So if you choose a cloud-based system, make sure there's a local version as well.<br />
<br />
Anyway, search for "Password Vault" - or ask your technology consultant what they prefer - and use it!<br />
<br />
<b>2) Change Your Passwords on a Schedule.</b><br />
There are some passwords you should change a lot and others you only need to change from time to time.<br />
<br />
The beginning of the year is a great time to change passwords. Just make it part of your day for the next few days.<br />
<br />
Every time you're asked for a password in the next week, finish logging in, then <b>change your password</b>. As you go through your normal day, this virtually guarantees that you'll be changing the most important passwords you use every day.<br />
<br />
After that, you should change some passwords every month or so. Super-unimportant passwords you might only change once per month. <b>Note: If any account is connected to your bank or your credit cards, that password should be changed every month.</b><br />
<br />
<br />
<h3 style="text-align: left;">
Three Levels of Passwords</h3>
I recommend (and use) three levels of passwords: Low, High, and Critical.<br />
<br />
At the <b>low level </b>of security are things like Pandora, online stupid games, and sights that give me free things. And I reuse passwords a lot at this level. Think about it: If someone guessed my Pandora password, the worst thing that could happen is that I have to listen to music I don't like. That's it. Period. End of crisis.<br />
<br />
Beware: Anything that touches your money or personal information should NOT be on the "Low Level" list.<br />
<br />
In my opinion, you can change these passwords once per year. At the low level, it is perfectly acceptable to use the same 1-5 passwords over and over again. Each should still be a decent password (8-12 characters), but it doesn't have to be a 28-character phrase with every possible variable.<br />
<br />
These sites either never ask for money, or they require that you put in your payment information each time. So if someone breaks in, they can spend their money but not yours.<br />
<br />
At the <b>high level </b>of security are those things that do cost money and can cost you a lot more if someone breaks in. This includes your Amazon account with the stored credit card. And your favorite store account where your account credit is on the line.
At the high level, you can still reuse a few passwords, but they should <b>very good </b>passwords, and you should change them monthly.<br />
<br />
Here's one approach: When a bank asks you to change your password, that's a good time to change your password on your other bank accounts, your QuickBooks account, etc. That way you can keep your passwords in synch and still change them regularly.<br />
<br />
A high-level password should be long and complicated. In a perfect world, it will be random characters - like this: <b>2Zb)Em!7mT#9V3b</b><br />
<br />
Most password vaults include random password generators, like this:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-VISyLBhQac8/VKbw6XkYXDI/AAAAAAAADyM/LqGMpSU2M9s/s1600/pw%2Bgen.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-VISyLBhQac8/VKbw6XkYXDI/AAAAAAAADyM/LqGMpSU2M9s/s1600/pw%2Bgen.png" height="244" width="320" /></a></div>
<br />
You can also come up with screwy fake sentences, like: <b>Y0uW1llL0v3Thi5!</b><br />
<br />
But remember that bad guy computers know you're doing this, so they are programmed to crack passwords like that. Having said that, really long passwords are less likely to be broken, no matter what they look like.<br />
<br />
At the <b>critical level </b>are services that can really cost you a lot of money. For example, I put the payroll service in this category. I use a password there that is not used anywhere else. And it's a great, long, random password. And it changes every 30 days.<br />
<br />
The reason is simple: A hacked payroll could wipe out my operations bank account and get me in trouble with both the state and federal government all at once. You only have a few critical passwords. The main thing you need to do is to change them on a regular basis.<br />
<br />
<br />
I think the three tiers make sense. We all know that Netflix is not as important as your stock portfolio account. But the bad guys are getting better and faster. So you need to take this seriously.<br />
<br />
If all of this is just confusing, talk to you I.T. consultant! Schedule a time to get trained on modern best practices.<br />
<br />
And have a safe year!<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com2tag:blogger.com,1999:blog-1220835097862778056.post-42283598709083023682014-02-15T06:00:00.000-08:002014-02-18T08:06:38.286-08:00Super Easy SEO Test for Your LinkedIn Profile, Web Pages, Blogs, and More<div dir="ltr" style="text-align: left;" trbidi="on">
No matter what you do on the Internet, you need to be very aware of how search engines will see your content. This is true of your web pages and blogs, but it is also true of your social media. My friend Penny Pearl (see her on LinkedIn at <a href="http://www.linkedin.com/in/pennypearl" target="_blank">http://www.linkedin.com/in/pennypearl</a>) showed me a cool tool she uses to check how her content is seen by search engines.<br />
<br />
The tool is called <a href="http://wordle.net/" target="_blank">Wordle.net</a>. You can copy and paste text into it, or enter a URL and let it browse the page. In either case, you will get a pictorial "tag cloud" with all of the keywords. The most prominent words on your page will be the most prominent words on the tag cloud graphic.<br />
<br />
Note that there is a difference between the word content of a specific post and the content of the web URL. Here's what I mean. This graphic was generated by copying and pasting the text of a specific blog post (<a href="http://blog.smallbizthoughts.com/2014/02/sop-friday-paid-time-off-paid-holidays.html" target="_blank">http://blog.smallbizthoughts.com/2014/02/sop-friday-paid-time-off-paid-holidays.html</a>): <br />
<a href="http://1.bp.blogspot.com/-MOMRGYwTUqE/Uv6AwtVFvoI/AAAAAAAACYw/O446Iwm0V7I/s1600/wordle+copy+paste+post.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://1.bp.blogspot.com/-MOMRGYwTUqE/Uv6AwtVFvoI/AAAAAAAACYw/O446Iwm0V7I/s1600/wordle+copy+paste+post.png" height="400" width="277" /></a><a href="http://1.bp.blogspot.com/-MOMRGYwTUqE/Uv6AwtVFvoI/AAAAAAAACYw/O446Iwm0V7I/s1600/wordle+copy+paste+post.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><br />
<br />
Notice the prominence of<br />
<br />
<br />
- Time<br />
- PTO<br />
- Hours<br />
- Paid<br />
- People<br />
<br />
and everything else is smaller. A search engine such as Google is going to see these key words as the most important words on the page. A sophisticated search engine (such as Google) will also use the rest of the words to determine the larger context of the page.<br />
<br />
Now consider the next graphic, generated from the same blog post. In this case, I plugged the URL into Wordle and let it browse the web site to determine which words were most important.<br />
<br />
<a href="http://1.bp.blogspot.com/-zLGWGrs5mUE/Uv6CtnU7aVI/AAAAAAAACY8/jU_9AcRtUfA/s1600/wordle+pase+URL+of+post.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://1.bp.blogspot.com/-zLGWGrs5mUE/Uv6CtnU7aVI/AAAAAAAACY8/jU_9AcRtUfA/s1600/wordle+pase+URL+of+post.png" height="400" width="258" /></a><br />
Of course there are some similarities. From this tag cloud I would say the most prominent words are:<br />
<br />
- Time<br />
- Information<br />
- Business<br />
- Hours<br />
- Need<br />
- Paid<br />
- PTO<br />
<br />
and everything else is smaller. And really, once you get past Time, the rest of these words all use the same size font. The difference is that the URL contains all kinds of information that is not necessarily related to this specific blog post.<br />
<br />
<br />
<b>How Do You Use This Tool?</b><br />
<br />
Obviously, you could use this tool to generate a cool tag cloud to post on a web site or out on Wordle so other people might wander onto your web site. But Penny argues that there's a much better use for this tool: <b>Fine tune your writing</b>!<br />
<br />
Let's say you're putting together a blog post or a press release. You can copy and paste the text into Wordle to see if it is appealing to search engines in the way you intended. Sometimes a few changes here and there can make quite a difference.<br />
<br />
After all, if you want to show up when people search of a specific word or phrase, you need to write a post that features those words!<br />
<br />
Penny uses this tool to verify that LinkedIn profiles target the right audience.<br />
<br />
Check it out and see if your press releases, blog posts, and LinkedIn profiles are targeting the right audience!<br />
<br />
:-)</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com12tag:blogger.com,1999:blog-1220835097862778056.post-4867156963006783902013-11-27T07:00:00.000-08:002013-11-27T07:00:00.669-08:00Take Backups Seriously<div dir="ltr" style="text-align: left;" trbidi="on">
We do many things to support our clients. The most important thing we do is to test backups. Here's why:<br />
<br />
All service requests have to be prioritized. For us the priorities are critical, high, medium, and low. Luckily, there are almost no critical issues. "Critical" means the entire company is affected. You're losing money and some or all systems are down company-wide.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-w7ZuT9bQSgs/UpV224LnJsI/AAAAAAAAB3g/DfrP41tnuWE/s1600/ball-63527_640.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="225" src="http://3.bp.blogspot.com/-w7ZuT9bQSgs/UpV224LnJsI/AAAAAAAAB3g/DfrP41tnuWE/s320/ball-63527_640.jpg" width="320" /></a></div>
The most important "critical" event is a disaster recovery. That means we need to completely rebuild the server - or sometimes all the technology in the office. Disaster recovery happens when a hard drive crashes, the office is flooded, the office is burned down, etc. Disaster recovery means restoring everything because you lost everything!<br />
<br />
There's only one way that's possible: <b>You need a perfectly working backup system. </b>That's no exaggeration: If it's less than perfect, then you can't restore everything.<br />
<br />
Luckily, there are many ways to achieve a perfectly working backup system. You might use tape, hard drives, cloud backups, "backup and disaster recovery" devices, fail-over systems, and more. In many cases, your perfect backup will include a combination of these.<br />
<br />
<b>Your perfect backup has to be designed by a qualified technician. </b>That's not you, unless you're a technician and you are qualified. If you're very good at what you do, then you understand what it means to hire someone who knows what they're doing.<br />
<br />
If you're in business long enough you will experience a catastrophic data loss. That's not a variable. It's just a matter of time. The real question is, how long can your company survive when you have no server or none of you systems are working?<br />
<br />
You need to take this very seriously.<br />
<br />
Here's a quick way to determine how much data you need to backup:<br />
<br />
1) What do you want to recover if your office burns down?<br />
<br />
2) Back that up.<br />
<br />
Another way to look at this is based on the <b>amount of data you are willing to recreate. </b>Here's how it works. Let's say you just completed a full backup and your server crashes fifteen minutes later. You will need to re-create fifteen minutes worth of data (fifteen minutes worth of the history of your company).<br />
<br />
If you backup every hour, you will need to recreate an hour's worth of data. If you backup every day, you will need to recreate a day's worth of data. If you backup once a week, you will need to recreate a week's worth of data.<br />
<br />
You get the picture.<br />
<br />
Everyone says they don't want to lose anything. Ever. That used to be nearly impossible. It was very difficult and very expensive. Today it is very possible and not extremely expensive. But it has to be designed right, implemented properly, and tested regularly.<br />
<br />
<b>The testing part is the most important. </b>If you don't restore from you backup then you cannot guarantee that you actually have a working backup. Your technology consultant should be documenting your backup AND performing test restores at least once a month. You should receive a notice that the backup has been properly tested.<br />
<br />
Here's a scary statistic for you: Exactly half - 50% - of all companies we take on as new clients have NO working backup. A few of them know this. Most believe that their backup is working, but it isn't.<br />
<br />
Unfortunately, some people only discover this when they call us and their hard drive has crashed. They call us and we have to tell them that they have no backup. They we have to start an extremely expensive process for recovering data from a failed hard drive. Don't be that company!<br />
<br />
<b>Here's your to-do list:</b><br />
<br />
- Hire a professional<br />
<br />
- Test your backup system<br />
<br />
- Update your backup system if necessary<br />
<br />
- Test your backup monthly<br />
<br />
:-)</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-25678690853525752122013-08-01T07:15:00.000-07:002015-12-01T07:11:08.987-08:00Windows XP: Do Not Resuscitate<div dir="ltr" style="text-align: left;" trbidi="on">
I am writing a book and working on a chapter about "Nuking and Paving" desktop computers. That's when you totally flatten a computer and rebuild from scratch. This may be done for a variety of reasons, including some super nasty virus attacks.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-KTMK8gDvnjw/UfpshBfEuNI/AAAAAAAABgc/dO1BSMx3Z-I/s1600/Do+No+Resuscitate.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="http://2.bp.blogspot.com/-KTMK8gDvnjw/UfpshBfEuNI/AAAAAAAABgc/dO1BSMx3Z-I/s320/Do+No+Resuscitate.jpg" width="278" /></a></div>
One of the important decisions you need to make is whether the computer is worth the effort. On more than one occasion we've had a client say: "I don't want to spend more than a couple hundred dollars to fix that machine."<br />
<br />
Think about the machines in your office. Some are new and mission critical. They are obviously worth some time (and money) to rebuild. But others are old and crappy and barely do what they're supposed to do.<br />
<br />
This is a financial decision, not a technical decision. If you have an old, slow PC running an old operating system, and it has a monster virus, you probably won't spend ten hours of labor trying to fix it. Your computer consultant can't work for free and you don't want to pay $1,500 to fix a ten year old computer.<br />
<br />
There are exceptions. It might be the only machine in the office with a true RS-232 port that can control a welding machine or other equipment. Or it might be the payroll computer the day before payroll. Or the last machine in the office that runs a critical piece of software.<br />
<br />
For the average "old piece of junk" computer, nuking and paving can take 3-4 hours. But if you have a really old operating system like Windows XP, the updates and security patches can take another 3-4 hours. Let's say you pay $150/hour for tech support. Six to eight hours is $900 - $1,200. A new business class computer computer will cost you about $900 - $1,000.<br />
<br />
Remember: A machine that's three years old is about half the speed of a new machine. Another three years older and it's half of that. So downloading and updating can become extremely expensive just because the machine is so slow. Most Windows XP machines are very old. Yes they work. But rebuilding them can take five times as long as a one year old computer.<br />
<br />
It’s very important that you have this discussion with your computer tech <b>before the machine dies</b> (or is infected). It can be hard to make this decision at the last minute. It's much easier if you can just draft a policy and execute when the time comes.<br />
<br />
Think about it like a "Do Not Resuscitate" order for terminally ill patients.<br />
<br />
Go through your office and look at each computer. How much would you be willing to spend on each machine? If the answer is "nothing" or very little, then just put a DNR label on that machine. Then, if something happens, you don't have to make a decision. You just have to execute the decision you've already made.<br />
<br />
Decisions made before the disaster are often more rational and can be a good starting point when there IS a problem.<br />
<br />
Compare this to repairing an old car. Very often old computer repairs look simple. You commit to $500. Then something else goes wrong. You need to update this software program. And now the price goes up. That old network card doesn't have drivers. So the price goes up again. Your $500 job is now a $750 job. Did you mean to spend that much?<br />
<br />
An easy way to avoid this is to simply post DNR notices on the oldest machines.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-68541002850565851792013-07-04T08:58:00.000-07:002013-07-04T14:07:22.307-07:00An Easy Way to Hack Into Your Web Site<div dir="ltr" style="text-align: left;" trbidi="on">
<h3 style="text-align: left;">
How vulnerable is is your web site?</h3>
<br />
You hear news stories all the time about sites being "hacked" - But what does that mean? And are you in danger?<br />
<br />
First, let's look at hacking. "Hacking" can mean just about anything that involves breaking into your computer systems. Think of it like hacking down a door with an axe to gain entry. After someone has access to your systems, the Hacker can then do a variety things ranging from looking at sensitive information to stealing information, and even destroying information.<br />
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="http://3.bp.blogspot.com/-HrmnvEzqaec/UdV34r-Tw7I/AAAAAAAABck/Rf96c8hPVQo/s622/web1.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="400" src="http://3.bp.blogspot.com/-HrmnvEzqaec/UdV34r-Tw7I/AAAAAAAABck/Rf96c8hPVQo/s400/web1.jpg" width="225" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Illustration One</td></tr>
</tbody></table>
Each computer on the Internet can do many things. For example, one machine might store files, serve up email, and host your web site. The web portal (port 80) is the <b>most attacked port on the Internet</b>. That's why we HIGHLY recommend that your web site be hosted somewhere other than at your office.<br />
<br />
On the left you can see that a hacker can come in from the internet, break into your web server, and then attack your other computers. This includes other servers and even desktop machines.<br />
<br />
See Illustration One.<br />
<br />
It takes some effort to break in like this, but the bad guys work at it full time. Sometimes they just want to be destructive, and breaking into your web server is just the first step to destroying your entire network.<br />
<br />
Sometimes hackers are looking for sensitive information such as credit cards, password files, or financial data. They have programs that will scour your entire network and forward information back to the bad guys.<br />
<br />
I hope you see why we don't want you to have your web server in your office!<br />
<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://3.bp.blogspot.com/-BKVSUn9VD-k/UdWVHzjWUAI/AAAAAAAABc0/sLA9bH3lO8c/s598/web2.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="320" src="http://3.bp.blogspot.com/-BKVSUn9VD-k/UdWVHzjWUAI/AAAAAAAABc0/sLA9bH3lO8c/s320/web2.jpg" width="187" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Illustration Two</td></tr>
</tbody></table>
Now look at Illustration Two. When your web site is located at a hosted site, there's really nothing there to break into except a bunch of web servers. One is yours, and all the others belong to someone else.<br />
<br />
With a hosted web server, hackers might be able to break into your web server, but there's no way they can get to your other company servers - because they're not connected in any way.<br />
<br />
With a hosted web server, you need to have a <b>great backup</b> in case your server is hacked. For 99% of all small business web sites, restoring a web server is fast and easy - if you have a good, recent backup that's tested.<br />
<br />
<br />
<h3 style="text-align: left;">
A Quick and Easy Method For Breaking Into Your Web Site</h3>
Many web sites are very secure, like your car. But you can't leave the keys in the ignition and think you're safe! If you or your programmer has ever forgotten the password to your web server, you may have had to "crack" that password with tool built just for that purpose.<br />
<br />
It is extremely important that you delete any cracking tools from your server as soon as you gain access to it. If you leave them lying around, someone will eventually find them. One very common way that low-tech hackers break into web sites is to look for these tools.<br />
<br />
For example, WordPress is a very common platform for web sites. And it has a well-known password reset routine. When the password reset code is in place, you can browse to <b>www.yourdomain.com/emergency.php</b>.<br />
<br />
If you delete the program emergency.php as soon as the password is reset, then you're safe.<br />
<br />
Bad guys pick web sites at random and try to access the /emergency.php program. If it's there, the bad guys are in! They don't have to hack and crack and work hard. They just have to browse to that address. If that code exists for any reason, they can use it.<br />
<br />
In addition to testing your site, you should also just take a minute and ask your computer consultant to verify that the most basic holes in your security are plugged. If you're worried, it's probably a good idea to pay for a security analysis once a year.<br />
<br />
<h3 style="text-align: left;">
Hire Professionals - Please</h3>
Many people who know "something" about computers go into consulting because they think it looks easy. But if they don't have training and experience, they don't know about little tricks like this.<br />
<br />
And the really bad news is that there are a thousand tricks like this!<br />
<br />
That's why it's important to hire a real consultant and not an amateur. <b>What have you got to lose? Everything!</b><br />
<br />
:-)</div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com1tag:blogger.com,1999:blog-1220835097862778056.post-70027440173933955402013-06-17T08:12:00.001-07:002013-06-17T08:12:47.031-07:00What is Managed Services, Exactly?<div dir="ltr" style="text-align: left;" trbidi="on">
Somewhere out of the blue, "computer consultants" started calling themselves "managed service providers." Managed Services are now offered all over the place.<br />
<br />
<b>What is Managed Services?</b><br />
<br />
<b>Are all Managed Services the same?</b><br />
<br />
<b>How do big, national corporations like Best Buy and Staples differ from the small I.T. consultants I've always dealt with?</b><br />
<br />
These are great questions. Here's a little advice to help you navigate the modern world of computer consulting.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-i1y9M2dtr8A/Ub8mz7ZCasI/AAAAAAAABTQ/5ZhMELvUgNU/s1600/computers.JPG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="212" src="http://1.bp.blogspot.com/-i1y9M2dtr8A/Ub8mz7ZCasI/AAAAAAAABTQ/5ZhMELvUgNU/s320/computers.JPG" width="320" /></a></div>
<br />
<h3 style="text-align: left;">
What is Managed Services?</h3>
<br />
As a blogger and author in my field, I've been helping to define this topic for about seven years. (I am the author of ten books and thousands of blog posts on managed services.) Precise definitions vary, but here's my take:<br />
<br />
- Managed Service covers the maintenance of your technology for a set monthly fee.<br />
- The health of your computers is monitored and alerts are sent automatically when something goes wrong.<br />
- It normally includes applying all critical patches, fixes, and updates to your computer systems automatically.<br />
- It provides preventive maintenance for your computers and networks.<br />
- In many cases, work is performed remotely, so you don't have to wait until someone can come out to your office.<br />
<br />
- Most managed service providers also use a "Ticketing" system so that they can keep track of all work. With this, you can be sure that your issue is never lost or forgotten. The MSP (managed service provider) can track hundreds or even thousands of requests at once and none is ever forgotten.<br />
<br />
You might wonder why preventive maintenance is so much better than the old way of delivering service. Here it is in a nutshell: Less Downtime.<br />
<br />
When you or I call tech support, the first question you are likely to get is "What version are your running?" This is true of all computer systems. Next, you'll be asked to update everything to the latest version. In fact, some places will say to update to the latest version and call back if the problem persists.<br />
<br />
The reason you apply all these updates is that they actually fix things! With very few exceptions, modern computers work best when everything is updated to the latest version. SO . . . Managed Services guarantees that your computers are UP more of the time because all the patches are applied in a timely manner.<br />
<br />
<br />
<h3 style="text-align: left;">
Monitoring is the Key to Preventive Maintenance</h3>
<br />
In addition to just keeping your systems up to date, a Managed Service Provider will monitor your computers and receive alerts when something is wrong - or about to go wrong. In the old days, we checked systems once a month to make sure everything was good and computers were not failing. Now we have tools that can monitor critical functions 24 hours a day, 7 days a week.<br />
<br />
Automated monitoring can then create Service Requests. A technician receives an alert and goes to work. We often know you have a problem before you do.<br />
<br />
It is no exaggeration: A good MSP will often find issues, create a service request, and fix the issue before you know there's a (potential) problem!<br />
<br />
<br />
<h3 style="text-align: left;">
Managed Services Means Predictable Expenses</h3>
<br />
One of the key features of a Managed Service Agreement is that the maintenance of your systems is provided for a flat monthly fee. You still pay for Adds, Moves, and Changes. But maintenance is included.<br />
<br />
For example, installing new software is billable. But as soon as the software is installed and working, then it is covered.<br />
<br />
If anything was working and stops working, you MSP will fix it for no additional charge. This makes your I.T. budget very stable and predictable.<br />
<br />
* Note: The specifics of managed services vary widely, so check with your MSP.<br />
<br />
<br />
<h3 style="text-align: left;">
Picking a Computer Consultant in the 21st Century</h3>
<br />
So what do you look for in a Managed Service Provider? Here are a few things to start with.<br />
<br />
1) They should monitor and patch all of your equipment.<br />
<br />
2) They should provide reporting that makes sense to you. You probably don't need and wouldn't read a 200 page report every month. But you should at least get an email that tells you the health of you backup system, your servers, etc.<br />
<br />
3) They should have a ticketing system. They might have another name for it, but it's a way to create a service request so that you can track how they're doing to address your problems. Great systems automatically create service requests and allow you to create them by sending an email to a specific address, or by using an online portal.<br />
<br />
4) They should have a strong emphasis on backup and disaster recovery. With some of the natural disasters we've seen lately (e.g., Super Storm Sandy), millions of businesses were without power for weeks. Will your business survive that? BDR (backup and disaster recovery) is critical.<br />
<br />
5) They should have a standard contract and you should be able to review it.<br />
<br />
6) At least one person on their team should be able to talk business talk as well as computer geek-speak. Every specialty, including your business, has its own language. Someone needs to translate.<br />
<br />
7) You should feel comfortable with the person you're dealing with. You should never feel like a stranger. In small business, business is about people. In any business, we work with people we know, like, and trust.<br />
<br />
<br />
<b>What About the Big Corporations?</b><br />
<br />
In the last five years or so, many large corporations have realized that there's a lot of money to be made helping small businesses. So many of them have jumped into the market.<br />
<br />
Large corporations have an experience that most small businesses do not have: They believe that they can do anything if they throw enough money at it. So they believe they can jump into managed services by simply offering up their services and hiring a massive phone bank of sales people to bring in the customers.<br />
<br />
But providing the service is another story.<br />
<br />
As large corporations, these "big boys" don't really know how to provide the kind of individual attention that small businesses enjoy. They are good at selling products, but challenged when it comes to services. Here is a very common pattern:<br />
<br />
- Jump into the business. Advertise a lot.<br />
<br />
- Sign up clients<br />
<br />
- Realize it's a lot tougher and less profitable than they thought to provide individual service<br />
<br />
- Standardize their processes<br />
<br />
- Cut staff and other expenses to increase profit<br />
<br />
- Drop the service altogether because it did not reach the desired income targets<br />
<br />
<br />
When I talk to managed service providers at conferences about big corporations getting into managed services, the reaction is pretty universal: "Bring it on." We like it because these companies introduce more businesses to the concept of managed services. Then they fail to deliver and we now have a larger pool of potential clients who know the (potential) value of managed services.<br />
<br />
I appreciate your feedback.<br />
<br />
If you want to know anything else about this topic, please post a comment or email me.<br />
<br />
- - - - -<br />
<br />
Disclaimer: There are many flavors of Managed Services. Interview your local MSP about the specifics of the programs they offer.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com5tag:blogger.com,1999:blog-1220835097862778056.post-65265595611703284372013-04-24T06:47:00.000-07:002013-06-17T08:29:51.770-07:00A Dishwasher that "Technically" Works<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Have you ever had an appliance that didn't quite work right? I had an experience once with a dishwasher that just didn't clean very well. It seemed to work. It went through all the cycles. Things got pretty clean. But sometimes dishes had to go through twice and glasses only got really clean when placed in certain locations.<br />
<br />
So I called the repair shop and they sent someone out. He poked and prodded, opened up the insides, and generally gave it a once-over. He even checked the motherboard (they have motherboards, apparently). Everything was fine.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-b__wpdmKBDg/UXfhsKZxHbI/AAAAAAAABMA/L72AQ5AhjIo/s1600/dishwasher.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="318" src="http://4.bp.blogspot.com/-b__wpdmKBDg/UXfhsKZxHbI/AAAAAAAABMA/L72AQ5AhjIo/s320/dishwasher.jpg" width="320" /></a></div>
"Everything is working," he told me. "I can't fix it because nothing's wrong."<br />
<br />
Hmmmm. Well, something's wrong.<br />
<br />
Nothing is "technically" wrong. But something is wrong.<br />
<br />
"True," he said, <b>"But it's as fixed as it can get."</b><br />
<br />
Okay. Now we're getting somewhere. The machine works. It works as well as it can. Nothing doesn't work - technically. It's just not performing as well as I'd like, or as well as I know a dishwasher CAN perform.<br />
<br />
Maybe I can make this old machine work better, but it would involve replacing every part - even though it's not broken - with a brand new part. And if I spend enough money, I can probably get that old dishwasher to work 80% as well as it did when it was new.<br />
<br />
But it will never be as good as a new machine, even if I spend more money than it costs to get a new machine.<br />
<br />
<br />
<h4 style="text-align: left;">
Sometimes Your Computers "Technically" Work</h4>
<br />
Your computers are similar to this.<br />
<br />
When a computer gets to be old, there's a limit to how well it can work. The hard drive is old. The fans are old. The chip sets are old. The operating system is old.<br />
<br />
Even when a computer "works" technically, that doesn't mean it works well or that you should expect it to be as fast as when it was new. Yes: It boots up. The lights come on. The hard drive spins. The screen works. The keyboard works. It "works" - as well as it can.<br />
<br />
You probably spent more on that computer than you would spend on a new computer. That's the way computers are. My first computer cost $3,500 and had a 10 megabyte hard drive. That's tiny. My second computer cost $2,500 and had a 20 megabyte hard drive. That's also tiny.<br />
<br />
Today a good business computer can be had in the range of $800-$1,000 with gargantuan hard drives. If you need more, you can certainly spend twice that. But most businesses run Word, Excel, Outlook and a web browser. You probably don't need a monster machine.<br />
<br />
Your crappy old computer might technically work for the next ten years. That doesn't stop it from being a crappy old computer.<br />
<br />
I'm sorry you paid a bunch of money for your old computer, but it's no different than a car. A ten year old car is still ten years old, no matter how much you care for it. You can love it and care for it, but it will still be a little more rattly and a little more dusty than when it was new.<br />
<br />
Bottom Line: You need to buy new computers from time to time. We recommend every three years. I can get by with four. But five years is too long. A five year old computer is three generations old. The rest of the world has moved on and you are far less productive if you're still using that old computer just because the light still comes on.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com0tag:blogger.com,1999:blog-1220835097862778056.post-82877661216995492362013-04-12T07:17:00.000-07:002013-04-12T07:17:45.257-07:00Do Not Install Every Windows Update<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
As a Managed Service Provider (MSP), we manage our client's computers. One of the most important things we do is to make sure that patches, fixes, and updates are installed. But that's a bit more complicated than it sounds.<br />
<br />
For example, Microsoft released an update three days ago that is now causing many machines to fail.Today we see this headline:<br />
<br />
<br />
<h3 style="text-align: left;">
Microsoft Tells Windows 7 Users to Uninstall Update - PCs Can Fail to Restart</h3>
<br />
<br />
<a href="http://4.bp.blogspot.com/-zdcNalPpN54/UWgQjgMcW4I/AAAAAAAABK4/VuBJEDS9pHI/s1600/logo_windows_7.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="309" src="http://4.bp.blogspot.com/-zdcNalPpN54/UWgQjgMcW4I/AAAAAAAABK4/VuBJEDS9pHI/s320/logo_windows_7.png" width="320" /></a>Please see "The Problem" at the end of this blog post. The bottom line is: An <b>automatic update</b> applied to all machines on Tuesday is making some machines fail and others to display false messages about licensing.<br />
<br />
Now Microsoft is recommending that you un-install this patch and wait for a patched patch that doesn't have the problem.<br />
<br />
<br />
<h3 style="text-align: left;">
Lesson: Do Not Install Every Update!</h3>
Okay. So you should not install every update. Or at least you need a system to determine which updates <b>should</b> and which <b>should not</b> be installed.<br />
<br />
A good computer consultant (managed service provider) will have a process for patching machines. It looks something like this:<br />
<br />
- Microsoft releases patch<br />
<br />
- Patch is tested by a third party to verify that there are no problems<br />
<br />
- If blacklisted, patch is not deployed to client machines<br />
<br />
- If whitelisted, patch is deployed to client machines<br />
<br />
A good computer consultant will use a Remote Monitoring and Management tool to deploy patches. That way, everyone gets them at once. But they only get the ones that are safe! That's one of the reasons we call it managed services. We manage your machines.<br />
<br />
You might think this service costs extra money. But most MSPs simply include it as part of their regular support. After all, the computer consultant has to spend less time fixing machines if the "patches" are all safe and whitelisted. And you, the client, can keep working without interruption.<br />
<br />
In a perfect world, you should never have to know that a patch was released and failed. You should just keep working. Your consultant should help you avoid these issues altogether. Your consultant should NOT be charging you to uninstall patches like this simply because he doesn't have a system to avoid them in the first place.<br />
<br />
If you don't have a managed service agreement, of course you'll need to pay someone to uninstall this patch. But if you do have a managed service agreement for your computers, then this is just another beautiful Spring day where you can worry about what YOU do for a living and not about your technology.<br />
<br />
<br />
<h3 style="text-align: left;">
Lesson: Hire The Right Consultant</h3>
<br />
Before you hire a technician or consultant, ask about the <b>patch management</b> system they use.<br />
<br />
If they stare at you, then blink, and say that they rely on Microsoft's "Automatic Updates," you need to keep interviewing. Automatic Updates put your machine at risk. Yes, they're safe 99.9% of the time. But if you just spent three days trying to figure out why your machines won't start, then that .1% becomes very expensive.<br />
<br />
In the 21st Century, every computer consultant should be using an automated patch management (remote monitoring and management) system. If your I.T. person doesn't even know what that is, you should step up to more professional support.<br />
<br />
It's guaranteed to cost you less money because you'll have fewer problems and more UP-Time for your computers.<br />
<br />
<br />
<h4 style="text-align: left;">
The Problem</h4>
Here's what's going on.<br />
<br />
1) Microsoft tried to fix a potential security problem. See Microsoft Security Bulletin MS13-036. The "fix" was release in Microsoft Update 2823324. See the <a href="http://support.microsoft.com/kb/2823324" target="_blank">Knowledge Base article on Microsoft Update 2823324</a>.<br />
<br />
2) Some machines (Windows 7 as far as I can tell from the reports) do not restart after the patch is applied.<br />
<br />
3) Some machines give false reports that software licenses are not valid.<br />
<br />
4) Now Microsoft is recommending that you uninstall that patch while they work on patching the patch.<br />
<br />
Microsoft maintains a blog for talking about these things. See the <a href="http://blogs.technet.com/b/msrc/archive/2013/04/11/kb2839011-released-to-address-security-bulletin-update-issue.aspx" target="_blank">Microsoft Security Center Response</a> blog. Here's what they say about the issue:<br />
<br />
<blockquote class="tr_bq">
"We are aware that some of our customers may be experiencing difficulties after applying security update 2823324, which we provided in security bulletin MS13-036 on Tuesday, April 9. We’ve determined that the update, when paired with certain third-party software, can cause system errors. As a precaution, we stopped pushing 2823324 as an update when we began investigating the error reports, and have since removed it from the download center."</blockquote>
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com9tag:blogger.com,1999:blog-1220835097862778056.post-69379577964364353652013-04-05T10:32:00.000-07:002013-04-05T10:32:15.770-07:00Don't Panic - and Don't Click!<div dir="ltr" style="text-align: left;" trbidi="on">
Every once in awhile, the evil people who run phishing scams and spread viruses figure out a way to get an email past your spam filter and into your InBox. They can be very tricky and scary. For example, look at this email:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-LKaYNryAzp4/UV8EW7H9AFI/AAAAAAAABJs/3ReWZ0WNb70/s1600/Capture.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="640" src="http://2.bp.blogspot.com/-LKaYNryAzp4/UV8EW7H9AFI/AAAAAAAABJs/3ReWZ0WNb70/s640/Capture.PNG" width="592" /></a></div>
<br />
It's confusing. Did someone just take $760 from my PayPal account? It sure looks like it.<br />
<br />
Note: I didn't click on anything here, so I don't know if this is a <b>virus attack</b>, a <b>phishing scam</b>, or something else.<br />
<br />
<h3 style="text-align: left;">
Virus Emails</h3>
If it's a virus attack, clicking on anything in this email will execute code that says "You have my permission to install nasty stuff on my computer." You need to take those words very seriously. Assuming you have a decent virus scanner installed, viruses cannot attack your computer unless you <b>give them permission</b> to do so. When you Yes or No or an email link or <b>anything</b>, you give them permission.<br />
<br />
So when this kind of thing shows up, there's only one thing you should do: Delete it. Move it to the deleted items folder and then empty that folder from time to time. Never click on anything like this.<br />
<br />
<br />
<h3 style="text-align: left;">
Phishing Emails</h3>
Phishing scams work this way: You get an email like this and your first response is, "I didn't authorize that." So you want to log into PayPal and check it out. You click on the link, enter your username and password. Now the bad guys have your PayPal account information!<br />
<br />
At that point, one or two things happen most commonly. One is that you are redirected to your real PayPal account and logged on with the credentials you just gave. The other is that you get an error message. The kind you normally ignore. That might prompt you to go log into PayPal, which you do successfully. You don't realize that you've just given away your credentials.<br />
<br />
<br />
<h3 style="text-align: left;">
Checking Fake Links</h3>
There's an easy way to check fake links. Just hold your mouse cursor over the link. The geeky computer code link will pop up. It will look something like this:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-zdqu8ddx-IE/UV8H9Ew1H6I/AAAAAAAABJ0/9BTiSICRz5k/s1600/real+address.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://4.bp.blogspot.com/-zdqu8ddx-IE/UV8H9Ew1H6I/AAAAAAAABJ0/9BTiSICRz5k/s1600/real+address.png" /></a></div>
<br />
Notice that domain name: <span style="color: #660000;">http://danieldurand.perso.sfr.fr</span> - I don't know what this is, but it's NOT PayPal.<br />
<br />
Don't click it. Don't be curious. Don't even get angry. Just delete it.<br />
<br />
<br />
<h3 style="text-align: left;">
Don't Infect Yourself - It Costs Money</h3>
One of the common questions we IT Consultants ask each other is "Do you charge managed service clients to fix viruses?" (Managed service means you pay a flat monthly fee for the maintenance of your computer systems. It can't include everything, but it normally includes almost everything.)<br />
<br />
My answer is: We will fix one for free. But if the same person infects her machine three times, then she's not really trying very hard to avoid viruses.<br />
<br />
Technically, by clicking on that link, you give the bad guys permission to attack your computer. Once you know that and continue to do it, then fixing your computer becomes a billable event. So in addition to costing you downtime, give access to your PayPal account, and potentially opening a security hole in your entire network, you might get a bill from your tech support people.<br />
<br />
<br />
All in all, it is very easy to avoid these scams. Just make sure everyone in your office knows what to do.<br />
<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com3tag:blogger.com,1999:blog-1220835097862778056.post-18556162410386074802013-04-02T01:00:00.000-07:002013-04-02T01:00:03.291-07:00Does I.T. Certification Matter?<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr" style="text-align: left;" trbidi="on">
You may have wondered whether certifications matter with computer consultants. From time to time you might hear a technician say something like . . .<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
- "Certifications don't mean anything."<br />
<br />
- "I know technicians with no certifications that can outperform 90% of the people in this business."<br />
<br />
- "I know a guy who has lots of certifications and he's the worst technician you'll ever find."<br />
<br />
<br />
So what really matters? What role does a certification really play? Here's my two cents.</div>
<br />
<table bgcolor="#cfe2f3"><tbody>
<tr><td><br />
Disclaimer:<br />
<br />
In 1995 I was hired as the Site Manager for PC Software Support at HP's Roseville plant. That means I led a team of 25 people who supported all the operating systems and software on 7,000 computers for 5,000 employees. Every person on my team was required to be certified in Windows 3.1.<br />
<br />
I was not required to be certified even though I was the technical lead. But I decided that I would get the same certification required of my employees. It just seemed like the right thing to do.<br />
<br />
I'd been using Windows 3.0/3.1 for a few years, so I thought I must know pretty much everything I needed to know. I could click, I could drag and drop, and I had a rock solid process for making it operate in a special way so it would work on the Internet. So without studying, I took the exam.<br />
<br />
I failed.<br />
<br />
Miserably.<br />
<br />
I didn't know what I didn't know.<br />
<br />
The exam covered amazing details about different ways to set up Windows, configure it on complex networks, and troubleshoot it. There were five areas of knowledge. I passed one!<br />
<br />
Of course I studied and studied and studied. I bought a book and exam practice software. I studied until I could consistently pass the practice exam. Then I passed the real thing.<br />
<br />
I'm not sure how many Microsoft (and other) exams I've passed since then. But it's a lot. Maybe close to 20. And I studied very, very hard for every one.<br />
<br /></td></tr>
</tbody></table>
<br />
The point of all that is this: Exams cover lots and lots of information that no one can get simply using a product (hardware, software, or operating system). The process of studying for an exam is a huge educational undertaking.<br />
<br />
If a technician studies for an exam to the point where he is absolutely sure he'll pass, then it doesn't matter whether he takes the exam. It's not the certification that matters. It's the training and preparation that matters. Big companies like HP require certifications because they guarantee that someone trained enough to know enough to pass the exam. If they had another way to guarantee that, they would use it.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-xwLHnK8R120/UVWeigeXEXI/AAAAAAAABIw/4hny1f0jfo0/s1600/cert.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="http://3.bp.blogspot.com/-xwLHnK8R120/UVWeigeXEXI/AAAAAAAABIw/4hny1f0jfo0/s320/cert.jpg" width="296" /></a></div>
<br />
Yes, morons do sometimes pass exams.<br />
<br />
Here's the secret about nerds: We're 99% left brained. Success in our society is based on left brain abilities. For example, <b>we know how to pass tests</b>! So we can get certified and know a lot less than someone who's not quite so left-brained.<br />
<br />
But even with that, the process of certification puts knowledge and experience into our heads. And someday we might just access that. If we never study for the exams, we might never be exposed to that knowledge.<br />
<br />
<br />
<h3 style="text-align: left;">
Summary:</h3>
<br />
<b>Point #1</b>: When a Fortune 10 company takes something seriously, it probably has value.<br />
<br />
<b>Point #2</b>: When people say that someone knows as much without certification as someone else with certification, they probably don't know what they don't know.<br />
<br />
<b>Point #3</b>: Studying for certification is where all the value lives. But how will you know if someone studied enough if she never passed the exam?<br />
<br />
<br />
<h3 style="text-align: left;">
What Does All This Mean To You?</h3>
<br />
I think certifications matter. And I think current certifications matter. They don't guarantee that someone is competent. (Trust me. I have stories.) But they do mean that the person has been exposed to a great deal of information that others probably haven't - no matter how good they are.<br />
<br />
Knowledge accumulates. The deeper and wider your level of knowledge is, the more problems you'll be able to solve.<br />
<br />
If you have a choice between someone who is certified and someone who is not, I think it is wise to choose the certified technician. Even in the small business space, knowledge brings value to the job.<br />
<br />
:-)<br />
<br /></div>
Karl W. Palachukhttp://www.blogger.com/profile/10854725002875547297noreply@blogger.com7