In your outlook inbox, they look something like this:

The purpose of legitimate notifications is to inform the sender that a message they tried to send did not go through. The danger here is that these look exactly like the real thing. People are clicking the link to see what message they sent that got bounced back and the link executes virus code that infects the machine.

Centrend’s clients are protected with Antivirus/Antispyware software that will block the threat even if the user does click the link. However, even with the best protection possible, the safest practice is to never open an email message if you don’t recognize the sender and/or if you don’t know why you are receiving it.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

Here is the part we invariably skip over when installing a new program on our PC: Nobody wants to read endless pages of legal banter when anxious to get the newly purchased program up and running. Whether you have paid for the software, or you have been legally granted free use of it by the developer, chances are you had to acknowledge that you are in agreement with the terms of its legal use, you are disclaiming liability for the developer, and promising that you will not copy or distribute the program to any machines or users other than what are included in the agreement.

The software companies are serious about the amount of money they are potentially losing due to software piracy. Microsoft and others have been spending millions to enhance their programs to be able to detect unauthorized installs, and shut them down. In some cases law suits emerge, presumably to make an example of those who willing or unwittingly circumvent their main source of revenue: the paid use of the product. There is not really any good defense when an unauthorized installation of a program is residing on a PC.

Sometimes an organization may not even realize that it is a software pirate. There are many different types of software licenses. The aforementioned software license agreements can be quite complex, and could be for a different type model than what you may think. There are volume licenses, leases and subscriptions, as well as concurrent user licenses, per PC licenses, upgrade, OEM, and the list goes on. For example, with a per PC license agreement, if you have 100 PCs running a particular program, then you must have 100 licenses for that software.

In defense, a business cannot successfully claim that it was not aware of the licensing violations, if it is the company which owns the machines. Each individual or business entity is responsible for the software which is installed on its computers. The actions of the employees of the organization represent the company, and any unauthorized copies of software in use by its employees could result in a problem for the employer. This happens often, and it’s either without the employer’s knowledge, or without the employer’s concern.

Some organizations utilize third parties, such as an IT Outsourcing company, to manage their networks and PCs. In this case, it is still the ultimate responsibility of the client organization, not the IT provider, to make sure that the software installed on its computers is up to date and legally licensed to the organization. Ignorance of the actions of your IT provider is not a sufficient defense. It is best to utilize an IT company that you know is above board, and can readily prove to you that you are in legal compliance with all license agreements, and that all the software installed on your systems is valid.

What is your organization’s acceptable use policy regarding employees and computers? Does it include wording about the installation of software by employees, and possible disciplinary actions resulting from a policy breach? Many companies do not take this seriously enough, and some have found that the worst-case scenario legal costs can be crippling.

Actions that you should take now include a software evaluation of all your systems, and a policy review. If you discover a problem with unauthorized installs, there are controlling measures available to you. Further action can include assigning administrator credentials to key personnel, and restricting user access to disallow administrator privileges on PCs, which will control the majority of installations. However, this requires some thoughtful planning, and is best done by skilled IT professionals. If you need help with this, contact your professional IT provider, and be certain that the company that you’ve hired is qualified, and has policies of their own which uphold your organization’s best interests.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

Unified Communications (UC) is a technological architecture that enables us to have “transparent presence". For you to be truly transparent in your presence, your communication methods must be streamlined and free of device dependence. The beginnings of this concept can be traced to Voice over Internet Protocol (VoIP) technology, and what was referred to as “Unified Messaging", where you could retrieve your phone messages from your e-mail. But, UC enables functionality far beyond messaging.

Phone calls, e-mail messages, Instant Messaging, video, Internet, and other content delivery methods traditionally require specific devices to work. For example, you need a telephone to make a phone call, and the person you are calling needs one too. The phone that you call is the one that they answer. However, in a UC environment, our goal is device independence.

When looking at the phone call example, on a UC platform, we would just think of the phone call simply as a communication, and it’s not limited to just being a phone call, it could be an Instant Message, or anything else, and the device that is used is whatever is most convenient. So, when we free up our dependence on specific devices, and consider our availability to others as our “presence", then we are able to communicate on a much higher level of efficiency, with greater ease of use, and at a reduced overall cost.

For the business, Unified Communications often translates into better customer service, increased competitive advantage, and reduced communication latency. Real-time collaboration can exist when previously, there was a lag. Service organizations, such as financial institutions, healthcare and insurance companies are the first to embrace and adopt the technologies that enable Unified Communications. Providing a universal presence to your customers enables opportunities for excellent service delivery and faster results.

On a well thought out and functioning UC platform, the communications problems often experienced with having a distributed workforce practically go away. Whether it is home-workers, road warriors or branch offices, the architecture provides for highly efficient work-flow, with all functioning together over a seamlessly inter-woven combination of methods and devices.

Adopting this concept at your business will undoubtedly require a technology investment. The underlying foundation to enable Unified Communications is primarily your computer network and the Internet. The devices that you use are highly dependent on your business purpose and personal choices, and some will be better than others for you. Workflow efficiency, customer turnaround times, energy use, and travel expenses are all good places to begin an evaluation of Unified Communications for your business.

If you have any questions, please don’t hesitate to contact me.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 ext 135
bbowman @ centrend . com

Now let’s say that you are out for a walk and pass by a home that has a swimming pool in the back yard. The people who live there have a gate, but it’s left wide open. Not only that, but there is a sign next to the gate that reads, “POOL", with an arrow pointing in its direction. It’s the hottest day of the year, and because it’s so hot, you happen to be wearing your swim suit while out for your walk. Is it immoral for you to enter their yard, without permission, and have a swim in the cool water? No one appears to be home, there is no one to ask for permission, would you think about it?

Does it make a difference WHERE an unsecured wireless connection is broadcast?

If your neighbor built their swimming pool in YOUR yard, then you probably would not think it’s immoral for you to have a swim whenever it pleases you, right? So, let’s say your neighbor’s unsecured wireless access point broadcasts all the way into your house … you didn’t ask for this, but there it is … is it wrong for you to take advantage of their Internet connection? After all, they are sending it right to you.

Myself, the moral implications are mainly what keep me from using my neighbor’s Internet access, and I do have other reasons. But, what about the moral implications, and what are to be the legal implications which will eventually follow?

It is illegal to gain access to someone else’s network to commit theft or malice. Does using someone’s bandwidth constitute theft? Since we must pay for the use of the Internet, and bandwidth is sold in increments, costing more as we utilize more, then one could say that tapping into someone else’s Internet connection without permission is, in effect, stealing their bandwidth, which is valuable.

I don’t like the idea of using my neighbor’s Internet access because it could be interpreted by them as an invasion by me, and I have no control over the state of the network, or the availability and reliability of the connection. Then there is the moral and potential legal argument that I would be stealing a valuable resource from them…the bandwidth allocated to them by their ISP, which they have paid to use.

Now, if you are friendly enough with your neighbors, you could approach them and ask if they want to share the resource and split the cost. In this case, just remember that if the connection goes down, do you really want a call from your neighbor at 2-AM because they want to finish watching “Family Guy” on hulu?

We can’t forget to think about the select few who really don’t mind if you tap into their wireless access point. Some people want to share their Internet connection, and purposely set up their wireless access unsecured, for free access by anyone. This is fine and noble, but these generous souls are definitely exposing themselves to a certain degree of risk. Criminals are looking for these openings. In this case, professionally configured and maintained network protection is an excellent idea.

One of my favorite authors, Robert Frost, once wrote, “Good fences make good neighbors.” So, if you want to be a good neighbor, then I recommend obtaining your very own Internet connection, and if you’re going wireless, securing it with wireless access protection and encryption, so that your neighbors will be good, too.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

Take a step back and consider the business purpose driving each of your IT strategies. IT planning should always support your business initiatives, hand-in-hand.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

In response to the security flaws discovered and reported on March 9, 2010, as well as other cumulative fixes for nine other severe vulnerabilities, Microsoft has issued a critical security update for all supported versions of Internet Explorer. This includes IE 5, IE 6, IE 7 and IE 8. If you are using Internet Explorer, Centrend recommends that you make sure that you have run this important update.

[Cumulative Security Update for Internet Explorer (980182)]

As always, if you have any questions, please contact us for help!

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

You probably have a long list of computer passwords, for when starting up your PC, to accessing your bank account online, or perhaps when checking your e-mail. Passwords are an important barrier to accessing private, sensitive or proprietary information. An electronic password is much like a key, in the physical world, that unlocks a file cabinet. Whoever possesses the key to that cabinet will have unhindered access to its contents. But, what are the situations where computer passwords are just not secure enough?

With the physical key and file cabinet, the concerns we have are that the key could be misplaced or stolen and fall into the wrong hands. It could be surreptitiously duplicated and distributed to unauthorized people. The lock on the cabinet itself can be tampered with or simply broken with brute force. All of these concerns are the same as what we have for computer passwords. All of these scenarios do occur, even with electronic data protected with passwords that are considered strong, and therefore not easily figured out.

Once access to the file cabinet has been achieved, all the information the key was protecting is exposed. But, what if there were a way, even if the lock were to be broken open, to make it so that the contents would be worthless? It would be great if the person who breaks into the file cabinet only finds a mass of unrecognizable shredded up paper. In effect, that is what encryption helps you achieve for your protected electronic data.

Encryption is nothing new, having been around since the ancient Egyptian times in the form of non-standard hieroglyphs, which was a method of symbolic substitution for words and phrases. With encryption, there is a key which enables the data to be deciphered. Modern electronic encryption is capable of encoding data in such a way that it renders it completely unrecognizable, and there are different levels of encryption available to suit the security demand. Encryption technology today also provides us with strong key methods that make unauthenticated use of keys impossible.

So, unlike password protection, an encrypted data file has been altered, so that the key is required not only to access it, but to make it readable as well. This is very important for data that rests on a portable device, such as a laptop computer or smart phone, and media such as CD-ROMs, or plug-in USB drives, because these devices and media can be easily lost or stolen. According to the Federal Trade Commission, 49% of all reported unauthorized data breaches were the result of lost laptops or other devices.

For the protection of its residents, the Commonwealth of Massachusetts has now made it mandatory that portable devices and media are protected with data encryption technology, when personal information is present. Other requirements are that we safeguard and protect our passwords. The keys to the encrypted files, or any other protected files, still must be of adequate strength, kept safe and not duplicated, distributed or left out in the open. For most organizations, encryption technology is a matter of policy for the sensitive, personal or proprietary data that requires the greatest degree of protection.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

Consumer devices continually become available that would traditionally be handled by the IT experts. Once high-end devices affordable only to businesses are now lower in cost, simpler to use, and owned by individual consumers. However, sometimes a little availability can be dangerous. The underlying reasons for not allowing a device onto your network may be lost in the anticipation of the increased productivity.

For example, a worker’s personal smart phone may give him the ability to answer e-mails on the run, while this technology may have been considered by the business decision-makers to be too risky or expensive to deploy company-wide. When making this decision about whether to relinquish control, the business leaders of the organization must consider the risk factors. Let’s say, for continuing the example, that the aforementioned business is a mortgage company, and the user of the smart phone receives confidential e-mail referencing the personal financial information of his customers. What is the risk if the smart phone were to be lost or stolen? Is the device handled with proper security methodology in order to prevent a data breach?

Personal laptop computers and netbooks are wildly popular and more and more workers wish to use them for working on business projects, connecting with business services and checking and keeping e-mail, contacts and other data. Not all businesses can afford to issue netbooks to its staff. Some employees will go so far as to bring in and install their own wireless access points off the company network to use their own laptop computer. All of this presents security risks, not only for data protection, but for controlling access by outsiders to your business network.

Very common is the case of the home-worker. In years past, it was not only most likely the office workstation would provide the best productivity, but it was the only workstation available that could run whatever business productivity software was in use at the time. However, today it’s not uncommon for a home computer to be newer and faster than the machine the worker has on his desktop in the office, and he has a business productivity suite, like Microsoft Office, that equals the one in the office.

Once the business has allowed its data to be taken off of its own network, all control is lost. Of course, technology is available to make remote workstations safer and more secure to a business. The deployment of Virtual Private Networks (VPN) has greatly increased over the years to accommodate the growing number of home workers. A VPN is a secure Internet connection to a remote location, where the remote user has access to the Local Area Network (LAN) as if they are right there in the same physical location. There are still issues of data use control that can’t be resolved even with a secure connection. The employee must be trusted.

Not all businesses are safeguarding personal information, and not all business need complete control over the devices used by the employees. The approach that many organizations could take is one that allows for opportunistic advantage. Embrace the idea that some of these devices may improve productivity, and then decidedly take control of their usage. Simply issue a list of approved devices to the employees. Before creating the list, examine the risk factors of the various hardware and software that workers wish to bring in to enhance their productivity and user experience. Does it pose a security risk? Will it jeopardize data integrity? Does is compromise any regulatory compliance guidelines? Only choose the devices or software that would be approved and could be controlled by your IT staff or provider.

Make the list of approved devices available to the employees, along with policies for registration and use. If you currently have devices in use in your organization that you are unsure about, consult an IT expert like Centrend.

- Bill
 
***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135
 

If you visit a site that has been infected with the malicious code, your computer can be caused to crash (freeze requiring reboot but fail to restart) or a program of any nature can be downloaded and run on your computer.

Microsoft is testing patches right now and a fix will be available soon. Meanwhile, if you are running Internet Explorer 7 on any platform besides Windows 7, you are vulnerable.

Actions you could take:

1. Upgrade your Internet Explorer to Version 8x
2. Upgrade your computer to Windows 7
3. Browse very conservatively for the next couple days.

If you’re concerned about how to keep your computer up to date and whether you are computing as safely as you can be, please contact us for a free security audit of your environment.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

More often than not, in our experience, huge benefits are realized by the sharing of data. Keeping each team within an organization responsible for their own contribution to the data “warehouse” avoids conflict and problems between staff and systems. On the other hand, separate “silos” of information within an organization can lead to sudden issues that hinder decision-making.

For example, when operating under separate silos of data, an operations department may be compiling data all month long, and the accounting department is also, but at the end of the month, the two departments come up with conflicting reports. Had their been one central data location, such as an ERP system’s database, then both departments would be working harmoniously from the same data set, which would lead to appropriate corrective action throughout the month instead of reacting to it at the end of the month. It’s like steering your ship along the way, instead waiting until your already at the wrong spot - when it’s already too late to make course corrections.

Find out more about ERP systems by attending one of the free web sessions presented by Paul LaFlamme.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

Coincidentally, he had just ordered something online earlier that very morning. He was in a hurry to get to a meeting when he saw the message came in so without hardly giving it a thought, he opened the message and infected his system.

While virus scanning and spyware prevention programs prevent many types of malicious code from running on your computer, when the user deliberately clicks and executes something it’s almost like a temporary override occurs. In an instant, your system is infected. One of the first things this particular bug did was disable his Antivirus program’s resident shield.

It’s the resident shield’s job to monitor system activity and quarantine infected files and stop bad code from running. With the resident shield down, the virus “invited in all it’s friends” and proceeded to make a mess of the system in a short time before he even realized he’d been had.

I’m pleased to report we were able to act quickly to clean out the virus, plus we took extra steps to help protect the computer even further. Techniques such as seperate Malware protection such as from Malwarebytes.org, and AVG Internet Security which provides a local firewall in addition to virus scanning are a couple of the strategies we use in higher-risk applications.

If you’re concerned about virus protection, spyware or security in general, contact Bill Bowman (Senior Technology Advisor) or I for a free System Vulnerability and Risk assessment of your computing environment.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.

508-347-9550 x115

In larger enterprises, tape is still an effective technology for backing up large volumes of data where multiple versions of the same data need to be stored in different locations. Even this application however, is somewhat obsoleted by NAS (Network Area Storage Systems) implementations that replicate volumes of data to different locations in real time or near real time. Still, it’s good to have this data offline and in generations of copies. Consider for example, how a virus could infect ALL copies of the data if all the data is online at once. The NAS protects from site failures but not from malicious code.

The other concern with tape is that it wears out. Most larger enterprises know this and cycle the tapes frequently enough that they replace them before failure. SMBs (Small/Medium businesses) have less time and resources to pay attention to these types of things [if they aren’t already Centrend customers that is ] Unfortunately sometimes when they need to restore data, the tape ends up looking like the one pictured at the right.

As an alternative to tape backup we are typically recommending online backup for offsite/disaster recovery purposes, while maintaining a local disk based backup for rapid recovery in the event of a total loss of disk. The benefits of this strategy are:

• Fully Automated - no tape rotation
• The cost of a tape backup system is a much larger investment. Tape drives are expensive and the media are expensive
• No risk of data corruption by virus (online encrypted backup is locked down)
• Disk restores are MUCH faster than even the fastest tape drives
• A hard drive based backup system lasts much longer than tape
• The server O/S can monitor the quality of the backup drive and notify when replacement is needed
Please contact me for a free assessment of your backup strategy and let us help you reduce costs and increase your piece of mind.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

The problem stems from a pre year-2000 based method of calculating valid leap years. There is a nice description of the problem if you CLICK HERE that is not too technical.

Some users of the PS3 are being extremely critical of Sony with statements such as “They should fire the programmers!” and “We should get free games for the inconvenience!” The users don’t realize that Sony did everything that can be expected of a responsible manufacturer in that situation: They quickly acknowledged the problem, they communicated when resolution was expected, they advised users what to do in the meantime, and ultimately delivered the solution within the promised time frame.

Though this bug happened in a gaming platform, there are some important lessons to be learned from it that apply to our business users:

• Even high tech devices (like the state of the art PS3) can be effected by Y2k glitches
• An application can never be tested too much
• No matter how thoroughly an application is tested, glitches can and will occur
• When bugs do arise in our systems, we need to measure the developers more on the timeliness of their communication and resolution, not in the fact that a bug was allowed to occur

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

Encryption of data can be done with simple desktop tools available now, the software is easy to use and doesn’t really necessitate much of a change in how you use your computer. Once encrypted, data cannot be read by anyone, even if a hacker were to bypass your password protection.

This prompts some additional questions that will be addressed in future blog entries…

› What is the difference between password protection and encryption?
› Isn’t encryption software expensive to deploy?
› Do I really need it?

If you need answers right away, Centrend is helping businesses with answers to these questions. Each business is different, so I’m inviting you to contact me directly for answers to questions about encryption for your unique situation.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135
bbowman@centrend.com

At 8 pm EST, yesterday, Sony confirmed the problem and said the are working to resolve the issue. Resolution should come some time this evening, if Sony can keep their promise.

Another PS3 Trophy error appearing is “Registration of the trophy information could not be completed. The game will now quit.”

Some independent blog sites are recommending you dismantle your PS3 and disconnect the battery momentarily to clear the issue. Unless you are extremely technical and have a couple hours to spare (at least) I strongly encourage you not to do this as you could completely break the system. My recommendation is to wait out the problem while Sony’s engineers resolve it.

Exactly what the resolution will be, it’s hard to say. Since the PS3 can’t connect to the Play Station Network at all, it might be necessary for Sony to either send out media that the PS3 can use to read a patch from, or to even recall the units. It’s not clear at this time what the corrective action will be to get these PS3 systems working again.

Users of the new PS3 (Slim model) are not experiencing this problem as it seems to be glitch in the system clock firmware that only occurs in the older (Thick model) systems.

For the latest updates of this issue, follow my blog here, or visit the playstation blog by clicking here.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

 
The new law has taken effect today, so every business leader must now be certain that the information that the Commonwealth of Mass defines as personal information flows through their organization under specific guidelines.

The deadline for compliance with the new data protection laws in Massachusetts was extended at the end of 2008, and then it was extended again in 2009. There will be no further extensions. Whether you are ready or not, on March 1, 2010, you will be required by Massachusetts law to take very specific and proactive steps to secure all forms of personal information you collect and store about Massachusetts residents, whether they may be customers, employees or contractors.

The Office of Consumer Affairs and Business Regulations drafted and then refined the regulations (MA 201 CMR 17.00) in response to feedback from the business populace. The regulations mandate that every organization and individual take more responsibility for the active protection of personal data, as defined by the Commonwealth of Massachusetts.

All legal entities will now be required to create and maintain a Written Information Security Plan (WISP). Your organization’s WISP will cover newly required organizational precautions, as well as technological safeguards. With the regulations to be enforced by the Attorney General’s office, the Commonwealth of Massachusetts will take into consideration the size of your organization and the scope of whatever personal information is recorded.

Most of the technical concerns we are now hearing about are regarding portable media and laptop computers. The new data regulations will require all portable devices and storage media containing personal information be secured by encryption technology.

Business leaders needing help determining their own level of compliance should consult an Information Technology expert, and Centrend has scheduled a free online compliance workshop. Each plan must be documented and employees must be trained on how to safely work with both physical and electronic records.

Centrend is offering help and free guidance to any organization challenged by this initiative.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

I have encountered this a few times in visits to my customers. Users will put an email into the trash, but say, “Well, I‘ll just leave it in there until I am sure I don’t need it,” or, “I’m going to go through all of these and clean them out, because there are some in there I might want to keep!” Think of the rationale here and apply it to your real trash at work or at home. You wouldn’t put anything in the garbage and say, “Boy, I just might need that later; I’ll just put in the trash here!” People do this all the time with their email, thinking that they will get back to it, but in a world of today’s busy lifestyles this is probably not a reality. There are many ways of curing you from this bad habit. We are going to specifically talk about Microsoft Outlook here, but this could apply to webmail as well.

Creating folders under the Inbox – This is probably the easiest method. You need to keep email received from Fred? Create a folder called ‘Fred’ and put it in there. This will keep you organized and on task, and even if think you may want to get rid of it, it’s in there and you can delete it later.

Archive mail – Done with your email from 2006, but you may want to refer back to it? You can archive this email, and this will have a couple of great benefits. Once again you can refer to that folder very quickly, but you can also take some of the file strain off your Outlook by creating an archive. You can even create the archive on you server ready for backup (if applicable).

Auto Archive – Outlook has a great feature to Auto Archive your email for you. It will set up to clean out your inbox all by itself, sending the email to an archive. I have mine set to clean out every 14 days. This will take the cleanup out of your hands, you can even set it to delete emails that are X months old, but dealing with the core that this is geared to, you would probably rather have root canal that delete old emails!

Create an “almost trash” folder - This is really the same as creating a folder, but it is specific to this issue. It’s an “I’m not sure I will need it - and I don’t think I do - but let’s put it here for now” folder. This is not ideal, but will keep you in better habits. You could archive this folder as well, taking the weight off of the bulging email file ready to burst!

Empty deleted items folder upon exiting Outlook – I know scary…right? After we have done all the things we can to organize and streamline our email, we want to get rid of that trash every time you exit Outlook. Some users also think that when they put items in the Deleted Items or once they hit delete that is it gone…not true. The Deleted Items is merely just a folder waiting for you to empty it. If we turn the switch on for emptying Deleted Items, it will prompt you every time you exit Outlook!

With older Outlook clients users are restricted to 2 gigs worth of space. It sounds like a lot, but if you are one of the many email hoarders of the world, and are not using some of the practices above, this will add up quicker than you think, especially with email with loads of attachments. Once its goes past this 2 gig mark, you are putting yourself in a position to lose some or all of your email.

Still not sure how to do all this? If you have any questions, at Centrend we are always willing to help…just let us know.

- Hank
 
***
Hank Lockwood
Technical Consultant
Centrend, Inc.
508-347-9550
 

A Written Information Security Plan or “WISP", is required by new regulations of the Commonwealth of Massachusetts, effective March 1, 2010. Any individual or entity which receives, handles, stores or transfers personal information about Massachusetts residents must have one.

If you or your organization hasn’t already started the security plan, the best place to begin is with a determination of what personal data is collected throughout the organization, and by whom, where, when, how and why. Make a comprehensive list of all points within the organization where personal data will enter or exit, and where it is sent, noting also the amount and frequency. It’s important to document not only who collects or handles the data, but also everyone who may have access to it.

All of this is related to MA 201 CMR 17.00 - Information Protection, and Centrend is offering help and free guidance to any organization challenged by this government mandate.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

I’ve been following the technology for a few years and the improvements made in this current version of the software really creates a powerful racing experience. When you watch the race on TV, you have to listen to the announcers to see what is going on. They may or may not talk about your favorite drivers and they focus their commentary usually on the top 10 positions of the race because that’s where the camera is mostly focused. With Nascar Raceview I can watch any driver at any time and from any perspective I choose. For example, I can see the birds-eye view like in the large image above, the rear view to see what cars need to be passed (image at right), and flip the camera around with the click of the mouse and see who’s coming up from behind! (see image below, right.)

With the Raceview technology, you can choose to watch the race from the perspective of any driver at any time. You can also click to hear in-car radio communications between any driver and his crew chief streamed in real-time! Nascar promotes Raceview to those that aren’t watching the race live on TV, but it’s fun to use the tool while watching the race or to keep up during commercials. Hearing the drivers rant after they’ve been involved in a wreck or watching the telemetry of the car from someone toward the back that is now running faster laps than the current race leader really gives you insight that it seems even the announcers don’t have!

One thing you can’t do is see the live action crashes, blown engines, etc. You still need the TV for that but you don’t really watch the race for the crashes, DO YOU!?!?

As defined by the Massachusetts Office of Consumer Affairs and Business Regulations, personal data is the combination of a person’s first name and last name, or first initial and last name; along with a social security number, driver’s license number, state issued identification card number, financial account number, credit card or debit card number. Personal information under new Commonwealth of Mass. Regulations does not include information that can be lawfully obtained from publicly available sources.

This information is related to MA 201 CMR 17.00 - Information Protection, and Centrend is offering help and free guidance to any organization challenged by this government mandate.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

The Massachusetts Office of Consumer Affairs and Business Regulations has issued a compliance date of March 1, 2010 for the new regulations, MA 201 CMR 17.00 - Information Protection.

Over the last year, Centrend has been conducting compliance audits and participating in various panel discussions and will continue to lead workshops on compliance. Although the new regulations are more widely known by business leaders, we are still observing a large number of organizations that need to take action for compliance. Whether the concerns are administrative or technical, these organizations need to formulate action plans now.

This is important. In addition to holding ourselves responsible for protecting the personal information of potentially millions of citizens, organizations will face heavy fines for non-compliance.

Centrend is offering help and free guidance to any organization challenged by this initiative. Click here for more details and to register for a free webinar on compliance presented by Centrend. Additional dates and times will be added as needed.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

——————————————————————————————-
Add to: del.icio.us, Digg, Furl, reddit, Spurl, BlogMarks, Ning

Let me share with you a recent case study one of our customers experienced this past week. The events are true; only the names have been changed to protect the not-so-innocent.
———-
One of our clients had been planning an office move for months. It is a small office in the Worcester area being relocated to a small suburb outside of Boston. The project manager called me about 6 weeks prior to the move and told us what they were planning. I explained to him the process of getting the phones and data circuit up and running and tested prior to the move so they would experience no downtime. I encouraged him to call his communication provider, which I’ll refer to in this article as None-Comm, which he promptly did.

A smooth, reliable turn-up needs about 4 to 5 weeks to plan and install so there should have been time to get everything in place and tested prior to the move-in date.

The problems started when the vendor missed the original date and did not quickly return calls to advise of a new date. Bear in mind that the office is moving out of their old location so there are lease contracts that have to be held. None-Comm finally called back with a new promise date, a full week past the original date.

The project manager and the Centrend Technician began asking for the technical details of the circuit such as the IP address, so we could get their equipment preconfigured and ready to quickly slide in place when the circuit was finally turned up. It’s now up to None-Comm to provision the equipment.

It wasn’t until the day after the rescheduled date, the very same day our Centrend technician was scheduled to arrive, that None-Comm finally called back and blamed Verizon for not putting the circuit in until late the previous day. Because it was so late in the day, None-Comm did not have a chance to place their equipment yet. Without None-Comm’s equipment in place, the project is at a standstill.
———

Communications vendors need to be held accountable for how much their failure to execute a planned installation causes major problems for their customers:

• Our customer is hurt because they can’t move in on time and violate their lease termination agreements.
• The customer potentially experiences down time because their old circuit is still terminated on schedule.
• Centrend’s technician loses a productivity day because of the canceled appointment, and the schedule has to be shifted quickly to fit the equipment configuration back into their schedule without breaking other customer commitments.

Come on providers, get it together and service your customers! If we can find a communication company that can smoothly turn up phone and data services on schedule, I promise you’ll have our loyalty forever!

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

If you are wondering about whether or not the new operating system would be right choice for your business environment, let Centrend help you decide. There are many factors to consider, and your Centrend Technical Consultant will help you uncover the benefits as well as explain any challenges to an upgrade.

Bill

***
Bill Bowman
Senior Technology Advisor
508-347-9550 x135

- Was I around someone sick?
- Have I been taking my Vitamin C?
- Have I been using hand sanitizer for extra protection?

Well the same goes for computer viruses. Retrace your steps and ask yourself these questions…

- Does someone else have a virus that I got through email?
- Do I have antivirus software and is it updated?
- Am I using other protection like spam filters and updated patches?

When you look back, you may have an “aha!” moment, and figure out what was most likely where you got the cold. The same with the computer virus. There will also be times where you say “I’ve done all the right things not to get sick, and here I am in misery!” Well just like the cold you may do all the right things to keep yourself protected from a nasty computer virus and yet you still get one. This is occasionally going to happen, even if you have taken the best of precautions. Sometimes the virus will be brand new or sometimes you will open an email from a friend that is infected and now you have it. This is where the professionals at Centrend can help. We’ll make sure you are taking all the precautions and doing everything you should to avoid a virus in the first place. When you do find yourself afflicted, Centrend’s IT staff can step in and help you getting back to, well …feeling better again!

Call me or any one of our qualified support staff anytime you have Virus questions or concerns at 508-347-9550 X201. We’re always ready to help.

-Hank

***
Hank Lockwood
Technical Consultant

Some words of CAUTION: When shopping for a smart phone try not to be overly “wowed” by the great sale price, consider your total cost of ownership.

The portable device itself is one cost, and the network subscription is another cost. Smart phones, such as the Blackberry, iPhone, Palm, all require data services from the cell phone network provider to work. So, your $99 iPhone could end up costing $1,500 per year on your cell phone bill.

I was speaking with Nikilette Walker of T-Mobile the other day, and she agreed with me, but also recommends that you consider replacement cost of the device as well. When you buy a smart phone for $99, typically you will be under contract with the service provider for two years. If that phone is damaged, lost or stolen during that time, your replacement cost is going to be in the hundreds of dollars. An insurance plan from the provider for a few dollars per month is a good investment in most situations.

When choosing a smart phone, look at the network service available for it, and choose accordingly. Is it going to be used primarily for business or personal? Decide what features and functions are most important to you, like MS Exchange integration and international roaming for example, and choose the rate plan that comes with the phone that best suits your situation. It may be a good idea to shop for the rate plan… then choose a device that works with that plan’s provider.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.

888-558-9550 x135

That’s right, computer processing time translates into energy use. Do you have applications storing and retreiving data? How about manufacturing, production, or even Point of Sale, inventory or CRM? Older applications and older operating systems can be using more energy, and affecting other environmental factors. Maybe it’s not by much, or maybe it’s just enough to make a difference to you and your business over an extended period, like a year or more.

An enterprise application upgrade resulting in improved overall data processing speed or network efficiency could reduce energy use, and invoke other environmental benefits. Wide-scale deployment of solutions improving processing time will reduce energy used by the machines, which in turn produces less heat, in turn requiring less ventilation, lowering electrical load, and reducing the load on HVAC systems, reducing carbon emissions, and requiring smaller ductwork, improving the usable space, utilizing leaner building materials… well, you get the idea.

Energy efficiency carries some weight in today’s businesses when costing upgrades. Many organizations by themselves are too small to witness a measurable effect, but wide-scale adoption of energy-saving policies by many organizations is considered environmental stewardship…which is a topic for a completely different blog, right?

- Bill

***

Bill Bowman
Senior Technology Advisor
Centrend, Inc.
888-558-9550 ext. 135

Many of our small manufacturing contacts have been asking some good questions about ERP systems, and whether or not this type of software platform would increase competitive advantage while still being cost-effective.

The answer is: maybe (of course!)

If you have been wondering what is an ERP System (Enterprise Resource Planning), or just want to find out more them, now’s your chance to have a look at what this can mean for your organization.

Centrend is presenting a webinar hosted by Passport Software. One excellent example of a small manufacturing software platform. The webinar will be a live and interactive demo, running once a week for five weeks on Thursdays. It’s not intended to be “sales-ee", but rather it is geared toward addressing your questions (so, don’t be afraid to ask!). View the schedule by visiting the link below.

Go to: http://www.centrend.com/passport

Please pass this invitation on to anyone you know who may be interested…there is no charge to attend.

***

Bill Bowman
Senior Technology Advisor

1-888-558-9550 x135

-Bill

***

Bill Bowman
Senior Technology Advisor
508-347-9550 ext. 135

Beginning Wednesday, there have been reports of CA’s antivirus program mis-identifying legitimate Windows system files as harmful malware, and therfore treating the files like a virus. Cnet News is reporting that the problem is mainly affecting Windows XP users.

If you are experiencing problems with any of your PC’s operating systems, unsure about the files your antivirus program installations have quarantined, or have any other questions about virus protection, contact Centrend for assistance.

-Bill

***

Bill Bowman
Senior Technology Advisor
508-347-9550 ext. 135

Centrend Regulatory Compliance for Information Protection workshops will be announced soon.

***

-Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

The Office of Consumer Affairs and Business Regulations has extended the deadline for the last time for new regulations (201 CMR 17.00) which become effective January 1, 2010. The regulations mandate that everyone take more responsibility for the active protection of personal data.

It’s now a matter of who is going to be ready and who is not, and what’s the next step for your organization?

-Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

Because the file was over 30 megabytes, the best way to get it to them was to burn it on a CD and drop it in the mail. Before I burned the file to the CD however, I had encrypted the data file with PGP Desktop to form a Self Decrypting Archive. This means that the data itself becomes scrambled, and no one in the world (including even most major governments!!) will be able to unscramble it unless they have the “key”. When my CPA’s office received the CD, they would enter a password (the “key”), that we previously agreed to verbally, and would then be able to unscramble and save the file into a format Quickbooks will understand. This method of data protection is far beyond merely password protecting the opening of a file, and is extremely secure.

Now for the lesson: What are the chances, but wouldn’t you know it got lost in the mail and never made it to their office!?! This is a true story. Thankfully, I had the file encrypted.

Remember folks, this was my entire accounting system file and had all my customers, vendors and employees information in it. Much of this data, such as credit card numbers, bank account numbers, social security numbers, and other personnel data is deemed personal information and controlled by MA 201 CMR 17.00 is contained in the file!

Wouldn’t you cringe if this happened to you and the file you sent was NOT encrypted?

Remember, even though a Quickbooks file may be password protected it can still be opened by anyone by simply accessing Google.com and searching for a Password Cracker for Quickbooks. Also, even if the password is not determined, the personal information could easily be extracted by even a novice hacker.

Fortunately, all my customers, vendors, and employees can REST EASY. How safe are you keeping your stakeholder’s data? Do you have CDs or USB drives or even tape backups lying around unencrypted?

For more information, contact Bill Bowman or me about a free network security risk assessment and MA 201 CMR 17.00 compliance assessment to help you keep your customers, vendors and employees data safe and sound.
-Paul

***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 (LiveCall:508-347-9550) x115

The ‘Conficker B’ version of the virus spread rapidly and by February had infected an estimated 12 million Windows PCs world-wide. So, there is potential for an even more widespread infection with the latest variant that has already infected an unknown number of PCs, and is expected to change its activity on April first. Conficker has the ability to create its own peer to peer network, so it communicates from one PC to another across many kinds of connectivity or through portable media, such as USB drives and CD-ROMs. Anyone who has questions or is unsure about whether or not their PC is infected or vulnerable to the Conficker virus should contact Centrend for assistance.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc
508-347-9550 x 135

Technology Results within a CEO’s Timeframe

The act of sending an Email message without the prior consent of the recipient is considered offensive. The sender of any Email message must have a prior established relationship with the recipient (they should at least know who you are), or the recipient’s express permission to be included on your e-mail list (maybe they don’t know who you are, but for some reason, they don’t mind getting e-mail from you).

Always ask permission to add a contact to your e-mail list. Allow the recipients of your e-mail to safely remove themselves from your list. Immediately remove anyone from your list who asks to be removed, and remove them without question.

-Bill

***

Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

You had a vision of having a great web site…what went wrong? Most often the problem is due to one of these reasons:

1. Original site was non professionally designed – (the son of a neighbor who just completed an HTML class for example)
2. There was never an action plan to keep the site up to date
3. Those responsible for contributing content “pass the buck” and don’t provide your developer with the materials
4. You provide your web developer and web maintenance provider with materials but the information doesn’t get posted timely
5. The nature of your business requires that your site changes often and you literally can’t keep up with the changes.

In recent years, and thanks to some wonderful open-source solutions, it’s never been more cost effective to create a web site that you (and your staff) can maintain yourself! With minimal training and with little more knowledge than using a word processing program such as Microsoft Word, you’ll be able to make immediate changes to your site in REALTIME.

In recent years, Centrend has been building Content Management Systems for customers to solve the problem of keeping their site up to date and helping them realize these benefits:

• - In smaller companies, owners or operations managers maintain the site directly. Owners love the ability to make immediate changes to their site.
• - In larger organizations, responsibility for maintaining the web site is handed down to department managers. Owners and business managers can then hold each department accountable for their area of the site.
• - The CMS systems work great for internal only sites too such as company intranets and project management and tracking-oriented sites.
• - Because Content is so easily added, you end up with a larger website which adds value for your visitors and makes you site more useful for search engines as well.

Please contact me if I can be of any help getting your web site strategy back on track!

-Paul
***
Paul LaFlamme
President & CEO

The naming of Internet “spam” has not so much to do with the luncheon meat, produced by Hormel Foods, as it does with a television skit recorded by Monty Python’s Flying Circus. In the skit, a restaurant patron found that everything in the restaurant was served with SPAM, whether the customer wanted it or not. The proprietor and the other patrons couldn’t believe their ears when the customer claimed he didn’t want any SPAM. A chorus of, “SPAM…SPAM…SPAM…SPAM…” then eliminated all other conversation.

The earliest form of Unsolicited Commercial Email (UCE) was actually unsolicited advertising on message boards. In the early 1990’s the Usenet (newsgroups) was a relatively pristine environment for giving and receiving ideas and information on thousands of topics open for discussion. That is, until some individuals figured out that it’s also a great place to send cheap bulk advertising to millions of people at once.

Although posting irrelevant messages to message boards is considered taboo and annoying, offenders began to realize the potential return on investment was huge. Vast numbers of postings of unwanted messages being downloaded to local PCs was unstoppable, and soon became known as “spam", in reference to the famous Monty Python skit.

Hormel Foods, Inc.’s official position on the subject is that the company doesn’t mind if you call it “spam", just remember that the real SPAM is a registered trademark. The people at Hormel Foods believe that the use of “spam” as a slang term will not hurt their product marketing. However, the company does not allow the use of its product’s likeness in reference to UCE.

We do not object to use of this slang term to describe UCE, although we do object to the use of the word “spam” as a trademark and to the use of our product image in association with that term. Also, if the term is to be used, it should be used in all lower-case letters to distinguish it from our trademark SPAM, which should be used with all uppercase letters.

- Hormel Foods Corporation

In my next blog posting we’ll discuss E-mail best practices - things you should know.

-Bill

***

Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

The technical reason is that Outlook and Outlook Express store email in an indexed format. If the file stores get too large, the indexing system fails causing your Outlook to stop working. You will not be able to send and receive email. The recovery process is different for Outlook Express and Outlook but the prognosis is not good. You will lose some data if the crash is allowed to occur. There is no warning.

A good backup system will reduce the risk but if the internal system pointers are allowed to corrupt, going to a backup that is a few days old may not be enough to recover the data.

At Centrend, we believe in preventing problems from occurring to begin with. Here’s how you can find out the size of your data file. Follow the instructions in the appropriate section for your system.

For Outlook Express Users:

Part 1: Locate the store folder.

1. Start Outlook Express
2. Click Tools, and then click Options.
3. On the Maintenance tab, click Store Folder.
4. In the Store Location dialog box, copy the store location. It’s long and you’ll probably have to scroll in the window to make sure you have the entire path to the files.

Part 2. Determine Total size of store folders

1. Click Start Run and paste in (or type in) the string from Part 1, step 4.
2. Click OK
3. Right click on each folder and choose properties in the menu that pops up. This will give you the size of each folder. The sizes added together must not be allowed to exceed 2gb

For Outlook Users:
Part 1: Locate the store folder.

1. Start Outlook
2. Right-click on Personal Folders. Click on Properties. (Make sure the Tree View is enabled you won’t be able to see “Personal Folders")
3. Click on the advanced button
4. Under Filename: you will see the path and name of your personal file folder. Copy the filename so you can refer to it in Part 2, below.

Part 2: Find out the size of your store folder

1. Click Start Run and paste in (or type in) the string from Part 1, step 4. Backspace to the “\” to erase the actual PST filename.
2. Click OK
3. Right click the PST filename you will see in the folder. Usually this file is called outlook.pst or personal.pst but the one you are using is the one identified in Part 1, step 4, above. If this file is approaching 2gb, you are dangerously close to an email crash!
4. If there is an archive.pst file in that same folder, make sure it doesn’t exceed 2gb either.

I’ve tried to make these instructions as complete as possible without being too long. If you find these instructions too difficult, or have any questions at all about how to reduce the size of the files and avoid a crash, please contact me and one of our technicians will walk you through.

Special Note for users running in an environment with Microsoft Exchange: if you are running MS Exchange on your business network, you can still run into problems if your local copy of email gets too large. If you’re MS Exchange administrator is following best practices, they have an email policy programmed on the Exchange server that will make sure you are warned well in advance of this problem.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

Centrend has helped customers decide and implement many of these and other solutions. It’s a very important, strategic decision that you can’t afford to get wrong. Whatever solution you choose, make sure it meets the following criteria for YOUR needs. Here are a few important considerations:

1. What information needs to be stored?
2. How will the information be used? Telemarketing, traditional direct mail, email blasts?
3. From where does the data need to be accessed? Will you need these contacts in your cell phone while on the road?
4. Will the contacts be shared? If so, what are the security considerations? Read only, full read/write, completely private?
5. How long will the system serve your needs? This is important if you’re looking for a new system and/or if you have a system that you are outgrowing.

My best piece of advice regarding contact management: always keep in mind what your objective is and keep only the data you need.

With some analyis, Centrend can help you figure out what the best solution is for you to optimize your contact management and maximize your sales efforts. Please contact Bill or I for a free consultation.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 (LiveCall:508-347-9550) x115

He titles the post “Resistance to Change.” No doubt, resistance to change; the idea that the individuals within an organization resist the changing of business processes and technology, is an obstacle that must be overcome for any project to be successfully implemented.

However: Prior to deciding whether to change a business process or implement a new technology, resistance to change is GOOD if you don’t have GOOD reasons for the implementation.

So in my response to Rick, I explained that there are a whole lot of questions to ask before a decision like this should be made. Here are the few I game him as an example to get started with in considering whether to switch his blog:

1. What is the objective of switching?
2. Are there personal benefits?
3. Are there career/business benefits?
4. From a search engine ranking perspective, you and Dave and others he hosts from his site benefit from being able to link and refer to each other. Will switching hurt either of your search traffic?
5. Unless the existing blog can be imported to the new space, you are losing a lot of archived articles that are valuable to your readers.

To apply this to your own projects, first determine what are the business reasons for switching. Then ask, what are the possible negative outcomes. All too often, those attempting change will run form blinders for the negative ramifcations of a project. Plan for the worst so you an expect the best.

Here are the take away messages I want to leave you with…

When considering technology changes: Don’t implement technology for the sake of implementing technology. Have strategic business reasons justifying the technoology change or system upgrade. Don’t change simply because it looks good on a resume or because it’s the lastest trend in technology.

When considering business process changes: Don’t change for the sake of change - for the sake of owning a business process. Business process changes that are not strategic, well thought out, and well implemented and trained with everyone’s buy-in will only leave you owning a headache.

Please be sure to reach out to me if you need help determining the true value of a project.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

That gives us all more time to help get everyone up to speed on what the new regulations are all about, and what needs to be done for compliance. The new regulations, aimed at protecting the personal information of every resident of the Commonwealth of Massachusetts, is said to be the strictest in the nation, and will require every legal entity to have a Written Information Security Plan.

Centrend is currently offering free compliance interviews to help local businesses determine how they stand in relation to compliance today.

-Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
888-558-9550 ext. 135

If you are the sender:

Try sending the message again as plain text. You may have to look in your email client’s documentation or online help to find out exactly what you must do. For example, in MS Outlook 2007, start a new message and click Options. Then select Plain Text for the message format. Sending in plain text will erase any formatting such as bold or underline that you have used in the email message, but it should also cure the recipient’s problem of recieving your message as a WINMAIL.DAT.

If you are the recipient:
Perhaps you’ve received a legitimate message from someone that you couldn’t open. This problem can occur if you are using Outlook from Office XP or earlier or Netscape Navigator (Mozilla/Firefox) and other systems including Linux-based or MAC operating systems. Updating your system is one option. Asking the sender to send the message as plain text (as described above) is another option.

Sometimes of course, it may not be practical or possible to ask the sender to send the message as plain Text. In this case, you can download and install a free program called Winmail.dat. What you need to do is download and install a program called Winmail. Just save the message file (winmail.dat) to your hard drive, then open it with this program after you have installed it. Here’s a link to the program.

Sending and recieving email between different systems and platforms does not have to be such a headache. Contact me for a free consultation on how Centrend can help you better streamline the integration between your information systems and that of your valued customers and vendors.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

You can tune into Facebook, Plaxo, Twitter, LinkedIn, MerchantCircle, and a many other places online to find out almost anything about your business associates, and your associates are openly sharing more and more personal information about themselves and their relationships.

Traditionally, business networking involved going to noisy bars and local Chamber of Commerce events in hopes of rubbing elbows with the key players. This would involve listening to clever stories and engaging in small talk. Today’s online social networking takes all that, and stuffs it into Hugh Hefner’s lounging pajamas with a cocktail in one hand, and a planning calendar in the other.

I come from the “old school", and I have seen some awesome changes in business networking in just the last few years. Now, thanks to technology, I can network from my office, living room, or bathtub for that matter, and the stories are interesting, personal and come at me with Internet speed.

I learn more about my business friends in five minutes online, than I would in five months of haunting the Chamber of Commerce. Many of my online contacts are sharing personal data, family pictures, conversations with other friends and more. Is there such a thing as too much information? Not so much anymore.

The whole experience is social by design, and personal by nature.

Is this helpful for marketing your business? That’s a question the “old school” will continue to debate while the younger generation knows no other way. As for me, I think it’s like getting to know your co-workers at the company picnic while having a few beers … it usually doesn’t hurt unless you drink too much or stay too long.

-Bill

***

Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

Under Mass. Gen. Laws - Ch. 93H, the new regulations require most individuals and businesses to make immediate organizational and computer system changes, which includes maintaining a Written Information Security Plan, due on May 1, 2009.

This doesn’t have to be a daunting task, and it doesn’t have to kill your budget for 2009. When evaluating whether or not you are in compliance with the regulations, the Commonwealth of Massachusetts is taking into account the following:

a. the size, scope and type of business
b. the amount of resources available
c. the amount of stored data
d. the need for security and confidentiality of both consumer and employee information

To provide assistance to local small businesses, Centrend is currently scheduling Compliance Interviews at no charge. If you need help, contact Centrend for more information.

People who feel secure while web browsing and enjoy the ease of use and functionality found on the social websites have become a favorite target of Internet criminals. In the Twitter attack, it appears that the criminals used a phishing scam to gain personal login and password information for the site. For the president-elect, this resulted in the loss of control over his account on Twitter.

Your first line of defense is learning to recognize phishing scams.

• Often the criminals will copy a legitimate web site’s logos and design.
• They will also use web addresses designed to fool you into thinking that you are dealing with the real organization.
• Suspect foul play if the look and feel of the browser window appears different than usual
• Because the criminals don’t have your personal information yet, they will address you as “dear customer” when the legitimate organization would call you by your name.
• Phishing messages will often ask you to verify your account.
• Phishing links will often look legitimate, but when you view the actual address where the link points, it will be different than what was shown.

Centrend helps its business clients by maintaining the most up-to-date Internet security, anti-malware and anti-spyware solutions available. We also help develop acceptable use policies, provide monitoring and take extra care to educate our clients’ users about both the benefits and the risks of online social networking.

-Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
888-558-9550 ext. 135

After some initial study, we believe that it will cost many small businesses much less.

Let’s also consider the upside to compliance. Protecting the personal information of millions of Massachusetts residents with a consistent set of industry accepted policies and procedures across the board for all persons responsible for handling the data. Now, you know that every business you engage with already does everything possible to protect your personal identity, right?

-Bill

***

Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

When it comes to staffing or production, you have no tolerance for ineffectiveness, delays or insubordination. But, maybe you are advised on how to keep things running by someone who knows something about computers, and this works well enough. Place you in front of your computer keyboard, and you’ll either fight back or you’ll find a way to “work around” any problem.

Do you continuously attempt to work with issues that you know can negatively impact your business performance?

Yes, there are those who will simply not tolerate interruptions, slow-downs and ineffectiveness from their technology solutions, because they have made a commitment to technology performance. But, the majority of business leaders have come to expect that their information system efficiency will decline and “glitches” are a part of business. It just seems to be expected…and acceptable! These executives operate with a technology cost-center, watch as their systems depreciate over time until a new solution investment is mandatory, and a new cycle begins.

Often an objection to the proposed cost of an IT staff member, or the investment in an IT outsourcing firm like Centrend, freezes the organization, and keeps it from achieving top performance. But, consider this: when IT investments are planned properly to achieve specific results, it’s easy to justify the predictable costs of maintenance, troubleshooting and repair of technology purchases. So, when IT plans are thoughtfully aligned with the business plan, you’re working with the information system, and not fighting with it.

-Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

By starting your password protection and encryption project now, you’ll have more time to completely evaluate where password protection is insufficient, and where data encryption will be necessary. Once data is collected about what information exists where, and who has access to it, stategic decisions can be made that will minimize the negative effects poorly implemented security initiatives have on an organization.

As an alternative to conducting a detailed analysis of what data exists where and who needs access to it (though Centrend believes this is a good business practice even for all data sets, not just those covered by this regulation) it is also possible to encrypt and password protect everything. You will still need to practice due dillegence to take care that users have access only to the information that they need, but it does save the some work if all data everywhere is password protected or encrypted.

Some of the negative consequences of poorly implemented security you’ll want to avoid are:

1. Users are too constricted in what they can get to
2. It’s difficult or even impossible to recover from lost passwords
3. Encryption deployed on weak platforms can slow the flow of information to a crawl
4. Data that should be protected by passwords and/or encryption is missed while data that is not considered PI (private information) is not secured

The result of these negative consequences is quite severe. At best, users will experience lower productivity because of “password roadblocks” and at worst, confidential information becoming exposed in the form of a data security breach. When a data protection initiative is ineffective or incomplete, not only is your data still vulnerable, but the poor strategy makes it harder for everyone to get their jobs done.

The consequences of a bad implementation of security best practices is severe and does not have to be your experience. Contact me for a free consultation on how Centrend can help you protect your company’s private information without crippling your team’s ability to get their job done.

We find that most organizations migrate gradually as the older monitors become troublesome, workstations are being added or existing ones are upgraded with newer PCs.

In any event, upgrading your old CRT Monitor to a new LCD monitor will result in saving power.

Old CRTs (Cathode Ray Tube) require more than twice the energy than an LCD screen… even if you take advantage of power control options, while the CRT “sleeps” it will use nearly twice the amount of energy that an LCD (Liquid Crystal Display) would use in “sleep” mode.

While the bottom line cost of ownership of an LCD monitor is lower than that of a CRT over its lifetime (longer life, lower power consumption), other benefits from an LCD monitor include better contrast ratios (good for word processing and reading print online), less eyestrain, a smaller footprint, lighter weight and less heat generated.

Watch out: if you are upgrading your monitor, make sure your PC’s graphics card is suited to the new device. Changing from a CRT to an LCD, and even going from one size LCD to another size LCD can require a different graphics interface.

Do you have a technology plan for reducing energy use? We’d love to hear about it. If you have any questions or comments about this or any other IT subject, please do not hesitate to contact Centrend.

-Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

I had him update and run his McAfee software to try to find and clean the problem but it turned up nothing. I then had him download a free program called Super Antispyware which can often find things that many of the mainstream virus and spyware cleaners can’t. It found a few minor things, but still, the problem persisted.

I told him to let me meet up with him and work on the machine for a couple hours and I can take care of the problem. He plans to have me do that but because the problem doesn’t occur all the time, it’s more of a nuisance that he can live with in the short term until it’s a less busy time for him and he can surrender the machine for a couple hours.

His million-dollar question was, “How at risk is my data (and my customers personal information) to keep using the machine like it is?” Note: he’s in the mortgage business and has a lot of sensitive, personal information conveyed to him on a regular basis. I told him his risks can be quite high.

The worms, spyware and viruses that are around nowadays are very tricky. They have the potential to watch for patterns in the flow of information in your computer to identify anything that looks like a bank account number or social security number. When it sees something like that, it begins a capture script and sends the forthcoming information to a server (or bank of servers) that are waiting to receive, process, and distribute it to crackers and thieves. Often these servers are out of the country and because of international laws, it’s nearly impossible to find and stop these criminals.

Do you have “mysterious occurrences” happening your computer? Don’t take a chance with it.
Send us a message and we’ll take a look.
-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 x115

However, if you are in the market for technology for your home or business this holiday season, I urge you to carefully consider specifications and requirements before making a rash purchasing decision and immediately buying something just because it looks like a good deal. While the items being sold are indeed often at considerable savings over the original list price, the particular model you are buying may be discontinued by the manufacturer or becoming obsolete.

Let’s look at digital cameras for example. The specials in this past weekend’s flyers show high-quality, brand name digital cameras capable of 7 or 8 megapixels at 50% off their normal retail price. That sounds great and it might be a good fit for your teenager’s first camera, but if you’re taking a carribean cruise in January and not planning to use a traditional film camera at all, you’ll want to reconsider your choice. Current technology allows for 10, 12 or sometimes higher megapixel resolution and you might find a much better, modern camera at a more modest 15 or 20% discount instead.

Also, be very careful of the ol’ bait-and-switch. Picture the scene. You rush in to get that 50% off laptop a store is advertising. When you get to the store however, the clerk (if you can find one) is likely to tell you that they sold out of them and won’t get any more in until after the holiday (and after the sale). However, he informs you, you can buy an even better model for just “a little” more money.

Business users need to be particularly careful about their purchase because real money is at risk. If you buy the wrong technology, the worker could end up less efficient than with what they were using! It’s possible that the technology won’t work well on your existing business network and/or won’t run the applications your worker needs to get their job done.

So remember: “buyer beware!” and if that’s not enough, contact me for help with your sourcing dilemmas. You won’t pay more and I guarantee you’ll be buying right.

-Paul
***
Paul LaFlamme
President & CEO
Centrend, Inc.
508-347-9550 (LiveCall:508-347-9550) x115