Email Demands Two-Way Vigilance

Hackers are not always the brightest bulbs in the box. Their success depends more on you making mistakes than almost anything else. When they hack or spoof an email account, you’re dependent on your friends and associates to tip you off. Then, it’s up to you to resolve the problem as soon as you can. Here’s how our client handled their issue and how we handled one of our own.

Our client’s hack of their Comcast email started off simply enough. Hackers got their address book and sent an email to everyone asking if they used Amazon. That’s a normal start to a scam. Our client and spouse got tipped off when both got text messages from recipients – and the spouse got emails – suggesting that one of their email accounts might have been hacked.

Both of them were out of the house when they got word of the problem, but one of them was able to get home and start looking into the problem. The first thing they did was to change the password and the secondary email address used for notifications from Comcast. They also set up two-factor authentication (2FA) to the client’s cell phone number and changed the password again.

Those were two good steps to take, but there were two more surprises. First, they discovered that the hackers had set up an email address that they tied to the Comcast account. Our clients checked through all their accounts but didn’t see an email address that corresponded to the one set up by the hackers. They thought they were in the clear, but they hadn’t found the second surprise.

Later in the day, the client noticed they hadn’t been getting any emails on their Comcast account. They could send messages. Suspecting that a forwarding rule had been inserted by the hackers, they contacted Xfinity by telephone and after a few branches on the phone tree, they were able to speak to a security specialist. After an exhaustive security check, the specialist was able to remove the forwarding rule, securing the account.

They were fortunate that no emails involved responding to financial or healthcare websites. Had that happened, they could have been compromised. They did the right thing by changing the password, setting up 2FA, resetting the secondary email address and changing the password a second time. Those are things you can do immediately. They should have contacted Xfinity immediately after to see about any other changes and had them resolved right then and there.

Those are steps you can take if your email is hacked.

Our hack involved our QuickBooks address, and it’s typical of the problems small businesses can face. I noticed an email that looked like junk mail, so I didn’t pay much attention to it. But soon after, I took a closer look because the email address was [email protected]. It still didn’t seem that urgent, but it began to bother me.

So, I called QuickBooks (remember, we always urge people to pick up the phone if a problem seems bad enough) and explained what was going on. We have a merchant account. They said that hackers had set up an invalid account using the bogus email and an invalid tax ID number. It was a bare, basic account, but it was enough to raise a white-risk flag at QuickBooks. Our phone call put it on their radar screen.

This story should be on your radar screen, too. As small businesses – and even as consumers – we constantly get emails that we’ve been “approved” for something or other. We also get a lot of fake invoices that look like they’re coming from companies we do business with.

We need to be on guard against these. It’s easy to impersonate a business, and if the recipient isn’t careful, they might make a real payment to a real bank account that’s not tied to the legitimate vendor account they thought it was. As a business owner, we likely have no responsibilities or liabilities to the company or person that paid the fake invoice. HOWEVER, this is not a discussion I want to have with anybody.

At the end of the day, small businesses remain a huge target for hackers and cyber thieves. We need to depend on our own vigilance and the help of people we do business with to monitor anything that seems out of the ordinary and let someone know. I want you to let me know you got something odd from me – just like our client was tipped off about the bogus email. Any of these breaches can have serious consequences.

If you’ve been hacked in some way, take immediate steps to secure your accounts, including multiple password changes built around other security measures that you can take. Then, you can call us – 973-433-6676 – to let us know about the breach. We can help you investigate if any further damage was done and help mitigate the consequences as best as possible. If you have security questions, you can call or email us to discuss them.

New Company, Old Stuff…Old Company, New Solutions

A recent acquisition of a company by one of our clients illustrates the problems you can face with old software as well as old hardware. And our onboarding of a new client illustrates the problems that compound each other after neglect and poor shortcuts. Here’s how we tackled them together.

The software issue, which involved an old, old version of QuickBooks, drove home the benefits of keeping applications up to date. Our client, an accounting firm, recently acquired another firm, and we knew the technology had lapsed, and we even developed a budget number to bring it all up to date. Our question was whether to implement our project now or wait until after the upcoming tax season.

Wanting to do it right, we decided to move forward. Based on the problems we encountered, we made the right decision – because it was not a simple file conversion process. The old version of QuickBooks was from 2008; 2019 is the current version. There was an interim version is 2012. As with Microsoft Windows updates, we had to go through numerous updates because each update was built on a previous update.

In addition to the QuickBooks updates, we had to work with various versions of Windows and aged computers that couldn’t run Windows 10 and the current QuickBooks. Complications arose when people didn’t know the administrative emails and passwords required to set codes and perform updates. We tried numerous combinations, but the problem was solved by talking to the owner of the acquired company, who recalled a Hotmail account for QuickBooks. We had to work through additional emails and passwords – and inconsistencies on security questions.

We finally got it all done after several extra hours of time and another access issue. Our client is set for tax season, but we can’t help but wonder about the cost difference between software updates and the time and expense of the extra work.

Similarly, with old and new, we recently added a client who had been disenchanted with the managed services (monthly fee) program of their previous IT provider. We bid against another company that also offered managed services.

We don’t offer managed services because we believe it shortchanges clients. They pay a monthly fee but never know what the provider is doing for them. When we bill for the hours we work, we always provide a detailed description of our services.

We also don’t like to scare new clients into buying and installing new equipment, such as a server, until we take a deep dive into their systems and their needs. The bidder said the client needed a new one ASAP, which was logical because the server was eight years old. But when we talked to people there and learned how they work, they hadn’t been using the server, which had an old firewall that had never been registered. We registered the firewall and upgraded the software, putting off their need for a new server, which they were using to scan files to send to their printer.

Going forward, we’ll show them a different way of doing things without a server, and it should save them several thousand dollars.

We pride ourselves on being trustworthy, and we build our business on that trait. If you know a company or individual who’s looking for a new IT service provider, we hope you’ll refer us. And if you need a look at your systems, you can rely on us for an assessment that will show you the most cost-effective options. Contact us by phone – 973-433-6676 – or email to set up an appointment for you or a referral.

Updating Your Cloud Strategy

We hear all about the cloud without end. For large corporations and individuals, using the cloud is a nearly flawless solution for storing and accessing apps and data from anywhere. But for small businesses, exclusive reliance on the cloud may not be the best solution. Here are some decision-making factors.

First, for all their differences in size, a huge corporation and an individual have a few things in common. Individuals and corporate employees can travel anywhere in the world and need to access apps and data wherever they are. The cloud works really well for this.

Although they operate on totally different levels, subscription-based apps such as Office 365 work really well for individuals and large corporations. Individuals can share the cost over a large user base, enabling each to benefit from constant upgrades that app publishers can update from central locations. Large corporations essentially do the same thing within their communities. They spread their cost over many users, and their tech teams control the software-update process to keep operations running as smoothly as possible.

A small business is different in one significant way. It’s essentially a self-contained community of users who use the same apps and data in one location. Yes, that business may have employees who log in ‘from remote locations, and yes, it may benefit from subscription-based application software. But we are likely talking about 10 to 100 people who are working with the same apps and data in a “bubble” known as the office. While small businesses combine to form a huge user base, each has its own specific needs, and our clients rely on us to customize systems to meet specific needs.

Therefore, the cloud may not be the solution, especially if you are a small business still working with a combination of a Windows 7 operating system and a Windows 2008 server, either in your office or in the cloud. We’re approaching a perfect storm with that combination because by January 2020, Windows will no longer support that OS and server platform. They’re too old and expensive for Microsoft to develop performance upgrades and security patches. You are being brought to a decision point.

We recommend that small businesses look at a cost/benefit analysis that covers five years to determine whether you upgrade your OS and server or migrate to the cloud. Five years is a good projected lifetime for a server and OS, it makes it easier to compare their cost with setting up and using a cloud-based system.

Setting up a server on the cloud involves costs, including the cost of server space and the cost to set it up to meet your needs. Once that’s done, your maintenance cost should be minimal. If your business runs Office 365, you already have a cloud presence through Azure, Microsoft’s cloud system. And while Azure automatically updates its server, it’s still a maintenance operation. All cloud servers need maintenance, and it’s something you pay for as part of your agreement.

Of course, using a cloud-based server requires access to a good internet connection, one with sufficient bandwidth for your needs and virtually perfect reliability. If you don’t have the bandwidth, your business won’t operate at its desired level. If your service goes down, you’re out of business until it’s restored.

If your computing needs are largely internal, you might be better served with your own server on a strong internal network, which can be hard-wired for better performance and security than a Wi-Fi network. You’ll incur purchase and set-up costs for your server, and you’ll need to install all updates in a timely manner. But your maintenance expenses should be relatively low once you’re up and running.

By setting up computers as terminals on a server and hard-wiring the network, you won’t need a router system or a big pipeline to the internet. You’ll also have fewer internet access points to secure, and that could help keep out intruders. Finally, depending on your employees, they’ll likely be less likely to wander off to other things on the internet.

Whichever way you go, you will have the most up-to-date servers, application software and security technology available at the time of installation. Cloud systems will update automatically, but your internal system can be configured to download and install updates.

With a January 2020 deadline, you have time to analyze your options and start moving along your chosen migration plan. We can help you analyze your business’s needs over the next five years and put a plan into action so you don’t miss a deadline or a beat. Call us – 973-433-6676 – or email us for an appointment.

Personally Improving Tech Service

As I’ve said many times before, the greatest value of going to conferences is talking to people. We continuously develop better networks among colleagues and voice concerns to the many techies who man the booths at expos.

One of my crusades for this year’s Ignite conference, Microsoft’s annual tech extravaganza, was to talk with the engineers from the hardware and software companies we do business with on your behalf and my IT colleagues. We get together annually and stay in touch all year long. My specific beef this year was documentation.

In one instance, I had an error message on of our clients’ system. Trying to find the resolution through the manufacturer’s documentation had me going in circles. Then, I remembered a conversation I had with one of my Ignite colleagues about a major issue he had with a piece of HP equipment. It seems that a low battery problem showed up as a “not installed” message, which left me dumbfounded because all the installation steps checked out. Resolving the battery issue resolved the “not installed” error message but having accurate documentation would have resolved the problem much faster.

I talked to Microsoft engineers about documentation for setting up encryption through Office 365. Encryption is a hassle for computer users, but it can play a key role in protecting the security of information. They admitted that documentation was a problem, and my reaction was, “What am I supposed to tell my clients?”

I’m hoping that being able to talk to engineers personally about the issues we face as IT professionals will be addressed. And with many former IT independents in my network going to work for hardware and software companies, my personal connections might help my colleagues and me get better resolutions to the issues we face. Those personal contacts will go a long way to providing you with better service.

The personal connections may prove to be even more valuable as Microsoft rolls out its new Windows 10 updates, version 1809. It has extensive updates and changes that may require tweaking for some clients, and our goal is to make your transition as seamless as possible.

If you need help with installing or tweaking new hardware and software, be sure to call us – 973-433-6676 – or email us for help. It’s likely we’ve picked up a trick or two that the documentation doesn’t cover or make clear.

Refreshing Devices Re-Energizes Them – Up to a Point

Refreshing your computers, peripherals and devices requires you to take a long pause, but in the end, it still might leave you thirsting for better results. If you’re hanging onto old equipment, Tech Data reports a few facts that might make you change your mind.

First of all, the report says, some 46 million small and medium-size businesses rely on devices dating back to 2014. That’s approaching five years, and that can be a lifetime in technology. Second, repair costs for equipment four years old or more can be 1.5 times the cost of repairing newer technology. Finally, PCs older than four years can be less than half as productive – costing an average loss of productivity rate of $1,260, according to an internal study by Microsoft.

Microsoft, which is phasing out Windows 7 because of its increasing inefficiency (Windows 7 Support Ends in January 2020), certainly has an interest in seeing you buy new computers with their operating systems. But they also know that the more efficient and productive their customers are, the more likely they’ll continue to use Microsoft software.

So, with that last point out there, what are your considerations for refreshing or replacing a computer? If you’re running Windows 7, we see replacement as a no-brainer. One client engagement illustrates how extreme it can get. We were tasked with refreshing a 10-year-old computer to get it to run better, which we did at a cost of $200 or so – after we advised our client to replace it. Refreshing, in this case, meant reinstalling software and updating it as much as possible. A 10-year-old computer cannot run the latest versions of Windows or any application software, and you cannot install the latest, most secure browser software. If we had installed a new hard drive and added licensing fees and our setup time, it would have been about $570. A new computer would have been around $800 plus some setup time to properly install the operating system and applications and transfer some data files.

With that as background, let’s delve more into a cost-benefit analysis.

Performance: Older PCs, according to Tech Data, can only run approximately five applications simultaneously without performance degradation, while newer PCs can easily run eight or more, according to a 2016 study. On the other hand, new Windows 10 Pro devices with 7th and 8th generation Intel® vPro™ processors keep users more productive with up to 25 percent more time efficiency. They are also up to 28 percent faster for startup on average compared to Windows 7. Batteries can last up to three times longer on newer Windows devices.

Repairs: We mentioned early on that repairs can cost 1.5 times more for older computers than for newer computers. Some of that extra cost can come from more time to find parts. Generally speaking, older parts are scarcer and more expensive.

Security: We’ve harped on security, and here’s something to add: More than 50 percent of smaller businesses have suffered a data breach or cyberattack with the cost averaging more than $84,000 per breach. Older Windows devices are likelier to lack the latest hardware and software security features, putting data at risk. When you factor in the fact that small-business customers are prime targets for security breaches, you can be looking at costly recovery.   Upgrading to a computer that can run Windows 10 Pro will give you more built-in defenses and increased support for the lifetime of your device.

To translate all this into an action plan, we recommend refreshing and some component replacement for computers three years old or younger. For older computers, especially those running Windows 7, we recommend replacement. Business users will benefit from improved performance and security, and home users will benefit from better security. Call us – 973-433-6676 – or email us to discuss your refresh/replacement needs.

Reboot Your Thinking About Restarts

Restarting your Windows-based computer clears out a lot of electronic junk and improves performance. The only problem is that you may not be restarting – or rebooting – your computer when think you are. We had one client go 73 days without performing an actual restart on a computer, which meant we needed a lot of time to clear out all the junk and reset the system.

One of the most common misconceptions we’ve found about restarting is that people think that simply turning on a computer after it’s been sleeping is a restart. To human logic, that makes good sense. To a modern computer, it’s all wrong. When you select the “sleep” option to close a session at your computer, you’re putting it into a state of hibernation. Your PC will seem like it’s completely off, but it saves a hibernation file to boot back to where you were before going to sleep.

When you tap your keyboard to wake up your computer, you’re using Microsoft’s “fast startup” feature to launch the hibernation file that essentially restores your system to where it was before going to sleep. The combination of sleep and fast startup get you up and running faster to use your computer, and it also helps various software and hardware vendors update your system while it’s not in use. Whatever electronic junk your computer has been holding is still there.

Fast startup also helps your computer get up and running faster from a complete shutdown. In a sense, shutting down your computer puts it into a stage of hibernation if fast startup is enabled, so you’re not getting a complete restart, which is necessary for clearing out the electronic junk. In our experience, fast startup is the root of all evil in a lot of problems we’re finding that can be solved by a restart.

All of this leaves you with two options. The first is simple: restart your computer once a week. It’s sort of like flossing your teeth; it’s another thing to remember, and it’s time-consuming. But it will keep your system clean and maintain a higher level of performance. To restart make sure you have saved all work files and application settings by properly closing out of everything. Then, just click the Windows icon at the bottom of your screen, click the power icon and click Restart.

The other option is to disable fast start. You can do that by doing a search for Control Panel, and then clicking on Power Options. On the left side of your screen, click on “Choose what the power buttons do.” Then, uncheck “Turn on fast startup.” Doing that will give you a complete restart when you power up from a shutdown. It can also be helpful when working with a speedy solid-state drive (SSD).

Along with restarts from a shutdown, we’ve found that clients using a laptop as a second computer have another set of problems. When their computers are out of action for an extended period of time, the startup routine when they power on induces a search for all sorts of system and application updates. In the case of Windows updates, the computer looks at when the last update was installed and then initiates a sequence of consecutive updates. That’s necessary because unless Microsoft issues a Service Pack that consolidates several updates, the latest update is typically an addition to a previous update. If you missed three updates, for example, your computer goes back to the first of that sequence and goes through three update procedures.

That entire process can take up a lot of time, and we usually get a call in the middle of it all because it seems like the computer isn’t functioning properly. The easiest way to solve that problem is to turn a computer once a week. It will look for updates as part of its boot-up, and the need to download and install only one Windows update or just a few recent updates for apps will get your second computer operational faster.

Just remember, though, if you’ve turned off the “fast startup” feature for a computer that’s been powered down, you’ll need to make sure you check for updates.

If you have any questions about restarts and power-ups, call us – 973-433-6676 – or email us. We can walk you through the process to set up the options that will be best for you or work with you remotely to set them up.

Reasons to Reboot

We get a lot of calls and emails about computers not performing as expected. It’s amazing what a good reboot can do – if you really do it.

Rebooting cleans up a lot of the electronic junk that builds up as you go in and out of applications, open and close files and content from the Internet. Like anything else that piles up, all the electronic junk blocks access to your disk space and RAM (random access memory) for applications, files, email and Internet browsing. After two or three weeks of keeping email programs, applications and files and websites open, you’ve essentially clogged your system’s electronic arteries.

A reboot flushes all that stuff out of your RAM. One way to characterize RAM is that it’s like a pad of notepaper. When you run out, you need to erase some information on the pad or get another pad. Rebooting is like erasing the paper in the notepad. It lets your computer start with a fresh, clean slate when you restart, and in most cases, that solves a lot of performance issues.

We always ask our clients with performance problems if they’ve rebooted their computers, and they invariably say they have. When we get into their systems through remote access, we see something different. When we get into conversations, some people with laptops think that they have rebooted their systems just by closing the lid for a few seconds and then opening it back up. Others, with desktop computers, think that shutting off the monitor reboots the computer.

Unfortunately, neither of those actions will reboot a computer. Here’s what you need to do. First, save all open files and emails and bookmark web pages if you want to retain easy access to them. Then, close all applications. You should do the same with phones and tablets before rebooting them.

For a PC or Windows-based computer running Windows 10, click the Windows icon on the task bar on the lower left side of your monitor and then click on the “start” icon on the left. You’ll have the option to restart the computer, which will reboot it.

For Windows 8, point your mouse to the lower-right corner of the screen, move it up and click Settings. Click Power and then click Restart.

For a Mac, you can follow this simple, 3-step process:

  1. Press the power button (or press Control+Eject) and, when a dialog box appears, click the Restart button.
  2. Choose the Apple key and then click Restart.
  3. Press Control+Command+Eject (or Control+Command+Power button).

For phones and tablets, you can power off the device for 10 to 30 seconds and then power them back on.

For all computers, you can hold the power button until the unit shuts itself off. We consider this a last resort because it stops the system with an electronic jolt. But if nothing else works, this will do it. Let it stay off for 10 to 30 seconds and then restart it.

Sometimes, restarting in “Safe Mode” allows your computer to perform some diagnostics and verify basic systems are in good working order. With a Windows7 computer, press the F8 key when you turn on the computer, and then use the Arrow keys to navigate to “Safe Mode” and hit enter.

Windows 10 is more involved, but it’s not that hard once you get into the routine. Follow these steps:

  1. Click or tap the Start button, and then the Power button. You’ll see a Restart button. Hold down the Shift key when you select Restart
  2. When you get the full-screen menu with six options, select Troubleshoot>Advanced options>Startup Settings.
  3. Click the Restart to begin the reboot. You’ll get to a Startup Settings option.
  4. Use the Arrow key to navigate to Enable Safe Mode or Enable Safe Mode With Networking

For a Mac, immediately press and hold the Shift key. The white Apple logo will appear on your display. Release the shift key when you see the login window.

Because “Safe Mode” limits your computer’s capabilities, we recommend restarting in your regular mode once you see everything is functioning properly.

We recommend you reboot your systems no less than once a week as a preventive measure. It shouldn’t be much of an inconvenience. We still remember when we had to reboot computers several times a day. If your system is still sluggish after a reboot, contact us by phone – 973-433-6676 – or email for a remote diagnostics session.

How Does Your IT Consultant Handle Your Info?

Today’s interconnected world is an interdependent world. No matter how many precautions you take to protect your data’s security, technology has forced you to depend on other people’s diligence to share your passion for protection. You don’t have a lot of control over the weakest link in your online chain. But asking how your IT consultant handles your information can help you gain better control where it’s possible.

So, here’s the question you need to ask: How do you handle my information, including your access to my systems?

And, here’s the discussion that needs to follow:

Your IT consultant must follow the strictest protocols available to protect all the information you provide. This includes access to your servers, routers (including repeaters or boosters for Wi-Fi networks) and computers that store your information or have access to wherever you store information.

An individual provider, such as Sterling Rose, can handle your data security differently from a large support organization. It’s not that one type of provider is better for a particular client; it’s more a matter of tailoring protection procedures to meet real-world needs and being diligent about following them.

We can keep all of our clients’ information in one place that can be accessed by only one person, and that helps us build a strong wall around (and roof over) the user names and passwords for your systems. With the ability to securely access the information from a desktop computer or mobile device, we can service a client from anywhere.

We protect that information in a number of ways. These are just a few of them:

  • We regularly use two-factor authentication, which requires more than just a password. Every two-factor system has its own set of additional requirements, but the net result is that a hacker or robotic system cannot provide the necessary response. (We’re sure somebody is hard at work to defeat two-factor authentication, but right now, it works.)
  • We use long, complex passwords with upper- and lower-case letters, numbers and special characters. Those are always impossible to crack using the latest available algorithms – at least for now.
  • We use systems that require us to re-log in every 14 days and change our passwords and authentication information. It’s a major inconvenience for us, but it’s much more convenient than having to explain why we need to react to a security breach.

A larger IT service provider with multiple technicians available to service a client can also store information securely in one place, but all the technicians need to access it. Some questions you should ask include:

  • Where do you store my information?
  • How do technicians access my information?
  • What protocols do you follow for user names, passwords and other authentication?
  • Are you notified when my information is accessed, and are you able to track who accessed it?

Your IT consultant must be able to advise you on the best security measures to take within your own organization. They should be able to help you design and install a set of procedures for any point at which information is accessed, such as:

  • Accessing specific files or categories of files from within your office or offices that are stored on your own server or on a server hosted by a third party (a cloud provider)
  • Accessing that information from a remote location, such as a home office, where you can install and monitor security measures
  • Accessing that information from a remote location, such as a customer’s place of business or a public place, such as a coffee shop or airport, where you cannot verify the security of a network.

You may also need to set up encrypted email, which we did for an insurance business. Our client reasoned that while they can control exchanges with their clients, they cannot control what happens when their clients communicate with others. Our client needed to be able to show that their security measures would stand up to an outside audit.

If you have any questions about how we handle your information, feel free to contact us at any time by email or phone – 973-433-6676. We would be more than happy to review our policies and procedures in general and for your information in particular. We can also help you develop and implement a security program for your business – or home – system.

Windows 7 Pain Management

Windows 7 is still a viable operating system for many businesses, but as more users and software application publishers migrate to Windows 10, using the older system can be very painful. Managing that pain isn’t easy, especially when you have a large, highly customized application package that simply can’t be upgraded to work with Windows 10.

The problem comes when you need to reinstall your Windows 7 operating system. There is just no easy way for this OS, which is 11 years old. In technology terms, that’s more than just a ripe old age. In real-time terms, that old age creates a lot of problems.

The re-installation problem requires you to follow these steps:

  1. Install Windows 7 using your valid installation disk. That’s pretty easy, but don’t get overconfident.
  2. The installation process will ask – really, require – you to download and install Service Pack 1. It’s the only service pack that Windows ever issued for Windows 7. Nor has Microsoft ever released a “roll-up,” which would be a compilation of all updates since Service Pack 1.
  3. So, after you have downloaded and installed Service Pack 1, you’ll need to run Windows Update to get all the critical security upgrades and patches.

Windows Update has more than 200 important updates. You need to start the sequence, and then, you need to pay attention. There are numerous points along the way where you need to reboot your computer to complete the installation of an update. Then, you need to continue Windows Update.

We have reinstalled Windows 7, and it has taken us two to three hours with a fast Internet connection. If you have a slow connection, it can be like riding a bicycle on the New Jersey Turnpike.

If a re-installation is something you must do, we can walk you through the steps. However, you must be asking why all of your application software can’t just run on Windows 10?

For highly customized software, such as a Sage accounting program that one of our clients uses, there is a compatibility issue as well as a financial consideration. Windows 10 has a number of security features that will not work with a Windows 7-based application program. They are not issues you can solve simply by not using all the features. The application software must be compatible with the OS. The financial consideration is that an upgrade to the accounting package would be $15,000. The cost of the time to reinstall Windows 7 is nowhere near that, and that’s probably the pain-management equivalent of taking aspirin until the pain goes away.

If you are fortunate to have some planning time, you can manage the pain more effectively by talking with the app publisher about updates. Those are always difficult for the app publisher because customized programs take a lot more of their time. They need to write the upgrades into their basic package and then to several steps farther to add your customization. Customized software packages have a lot of moving parts.

Some other factors to consider as you migrate is how much you need to keep everyone together. If you have a senior executive moving to Windows 10 ahead of most of the people in the department, how will that affect everyone’s ability to use the same applications. Windows 10 and Windows 7 versions may be quite different.

In addition to the application aspects of the software, will there be major security gaps between the older and newer versions? As we are harping, security is extremely critical in today’s business-computing world. When you leave certain doors open to get the work done, you may leave an opening for an outsider to come in and compromise your system’s integrity.

If you see your business coming to a crossroads, contact us as early as possible by email or telephone – 973-433-6676. The more time we have to look at your options, the better your probability of having the best possible outcome in managing the pain of transitioning your OS and application software to a more stable, efficient and secure system.

The BYOD Hangover

Some businesses got drunk on BYOD – Bring Your Own Device. They bought heavily into the idea that they could cut costs and get more work out of employees by letting them use their own mobile devices and computers. Now we’re starting to see more problems for businesses, individuals and everyone they touch electronically.

Ten years ago, the benefits were clearly present for businesses and their owners/partners and employees. As the first generation of smartphones, mostly Blackberry, took hold, busy people and small businesses found they could untether themselves from office systems. Tablets, starting with iPad, increased their freedom because their bigger screens and keyboards made it easier to read spreadsheets, written documents and email and update files or respond to email.

  • Salespeople could access pricing lists, customer records and just about any critical information they needed to provide better service.
  • Everyone with a smartphone – and soon after, a tablet – could respond with increasing capabilities.
  • Busy parents could stay in touch with the office, giving them more flexibility to manage their lives.

In our business, IT professionals could respond to client or corporate information management needs from anyplace that had cellular service.

As Wi-Fi and all forms of communications networks grew and more smartphones and tablets came to the market, along with various carriers, the ways to stay connected lost all technical limits. And because everyone wanted to have their own personal technology – smartphone, tablet, laptop or desktop computer – to use on their own time, businesses of all sizes met the demand. Employees no longer needed to have specific products. IT managers were able to incorporate everyone’s devices, and employers were happy to give everyone 24/7/365 work capability.

It was intoxicating for everybody. Now, it’s intoxicating for hackers and cybercriminals; everyone else is having a big, bad hangover. The problem is security.

Here are some sobering concerns:

  • While we can help our business and professional services clients secure their networks and access to the data on their corporate servers, we need to educate employees about programs to control security. A business really needs to depend on its employees to keep their individual devices and computers secure. One hole can be an entry point to sensitive data anywhere.
  • Mobile phones and tablets are becoming more vulnerable to security problems. Why? That’s where the money is. With people conveniently accessing critical data over cellular and Wi-Fi networks all the time, hackers are finding more ways to penetrate security measures. Everyone needs to make sure they know that anybody in the world can take a peek at their business on any unsecured public network – like one in a coffee shop, hotel lobby or airport.
  • Even if you take every available security step in your corporate and personal systems – strong passwords, strong firewalls, up-to-date and active anti-virus and malware software – anyone with access to your system who doesn’t follow the same precautions puts you at risk.
  • The convenience of publicly accessible storage sites, such as Dropbox, can lead to the loss of privacy of your data. When you give someone the ability to download files from a storage site onto their own computers or tablets, you effectively give them ownership of that data. That means an employee can “own” client lists, financial information, etc.

With the horses already out of the barn and out on the open range, you can’t corral them and bring them back. But there a number of steps you can take:

  • Educate everyone in your organization about the need for security and what they need to do:
    • Have strong passwords and change them often
    • Be aware of when they are on unsecured public networks
    • Keep their own personal technology protected with up-to-date, activated anti-virus and malware programs
    • Understand that any holes in their own security systems can open holes for hackers to get into your business’s system and the systems of anyone or any organization they’ve ever contacted over the Internet – and that it can go viral from there
  • Require strong passwords (combination of upper and lower case letters, numbers and special characters) to access your data files wherever they are
  • Require frequent password changes
  • Determine which files need to stay on a secure server that you control
  • Backup data securely and often
  • Monitor your backup

We can help you with all of these steps:

  • Lunch ‘n’ Learn programs about security
  • Audits of your system’s security
  • Monitored backup services

Contact us by phone – 973-433-6676 – or email to keep your data clean and your systems sober in the BYOD environment.