Business E-mail, Part 1: What’s in a name?

For years, I’ve urged every business I’ve met to swap their free e-mail for a domain-based account. It’s a small investment in time and money, but ultimately well worth it.

But why would you stop using a free e-mail account and change to something you’d pay for?

Well…what’s in a name?

How would your customers and prospects respond to a message from ilovecutekittens@verizon.net?

or a message from your doctor’s office from drluuuuuv@gmail.uk?

Picture the difference getting an appointment reminder from

service@charlandtech.com
vs
geekytechdood@aol.com

1. Generic domains (like verizon.net, charter.com, yahoo.com, gmail.com, and especially aol.com) are more likely to get caught in SPAM filters. Seriously, or junk mail folders are full of crud from hijacked yahoo, gmail, aol, hotmail, verizon, comcast, and Rodgers accounts. Many of your recipients don’t know how to find and whitelist you even if they realized they missed your mail.

2. Service-based addresses (like verizon.com, comcast,net, etc) generally won’t transfer after you terminate service. If you business moves from a Comcast city to a Charter town, you need to change addresses quickly.

3. Free addresses beg the question, “You can’t afford/can’t figure out/can’t hire someone to set up” your own domain?

And then there’s security….but that’s another story.

Tech Tuesday: #13: What Plants vs Zombies Can Teach You About Small-business Security

It’s time for Tech Tuesday, where we answer reader questions!

We’re going to take a break from the questions this time, and talk about Internet Security for your small business.

Most everyone has played (or at least heard of) Plants vs. Zombies. It’s a fun game from PopCap Software. Go check it out if you haven’t yet. We’ll still be here when you’re done.

You’re welcome.

So, PvZ is a defense game. You place plants with different abilities on a game field and zombies come. If all goes well your plants will stop the zombies before they get to your home.

What does this have to do with business security? Plenty. Think about the game for a moment, in the screenshot above.

As soon as a zombie appears he gets pelted with peas.
If a zombie survives the peas he’ll run into a chomper.
Then he continues to get hit with peas.
If he survives that he’ll end up dealing with another Chomper.
If that Chomper is full and he gets to the end, there’s a lawnmower that’ll spring to life and run him over.

That’s how network security works in an ideal world. We’ve seen failures every step along the way.

To put it in another perspective,

It a bad guy wants to break into your office he’ll see the alarm company sticker and your security lights.
Then there’s the doorknob lock.
And the deadbolt.
If he gets through that then either door, motion, or glass-break sensors start the alarm.
After several minutes of sound and fury the police are contacted.
Meanwhile, the really valuable stuff is kept in locked cabinets.

And if all else fails you’ve got theft insurance on the really valuable stuff.

So it’s a layered approach. Like an onion

or a parfait.

Of course we’ve got antivirus. Massachusetts law says we need this.
And we’ve got a Unified Threat Management device, a business-grade firewall that can detect threats in all types of traffic.
And we have automatic operating system updates.
And our users work with limited accounts wherever possible.
And we have monitoring and intrusion detection on the firewalls and servers.
And we have users who know what their systems should look like and who to call when something looks suspicious.
And encryption and limited access on the really confidential stuff.

And we recommend cyberfraud insurance for our clients. Just in case all of these measures fail….because they can.

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

(And FYI, you can make the gorgeous-looking parfait yourself at LowFat Vegan Cooking…)

New laptop pregame: 2013 edition

I stumbled across an article by Dawn Altnam the other day, Laptop pregame: What to do to your company laptops before you give them to employees. Complete with stock photo of snarky guy holding a laptop.

“Pregame” calls to mind a football metaphor…but after reading the article I got the sense that it could have been written in 2003. Remove all references to “spyware” and “cloud” and it could have appeared in Inc or Forbes magazine in 1993.

In football terms that’s going back to the days of the “flying wedge” and no helmets.

Is this how you’d equip your team in 2013 and beyond?

Of course not.

So what can we do better today for notebook prep?

Security: Virus protection needs to be a closed loop. Most small business owners don’t know the difference between benign reports like toolbars/plugins and the nasty stuff like rootkits, much less how to properly assess and respond to a detection alert.

What does your sales manager do when she sees this?

99% of ‘em click “allow” or “allow always.” Which could possibly load the trojan which starts to scan their e-mails and files for account numbers. Most tech service providers offer ongoing services to handle these alerts consistently and affordably.

And today, we have web filtering to limit users’ exposure (and company liability) to non-business stuff like porn, pirated software, hate speech, etc.

Firewall: The Windows 7 firewall is generally regarded as business-grade and up to the task of protecting a typical computer, even in a coffee shop or  other shared connection.

In the Physical Protection section the author drops the ball. At the very least every corporate computer, external disk, etc should have an asset tag. These start at about 50 cents per label.

Beyond that every business should consider a system like Absolute Computrace or Awareness Technologies’ LaptopCop. These solutions allow us to locate and track a lost or stolen computer. And recover the latest versions of files from the hard drive, then securely erase the disk.

Every business should have a “lost device response plan” in place before handing out a single laptop. It may be as simple as “Call Charland Tech and advise them of the lost device.” (Which means that WE need a response plan for each client with remote devices. If you’re our client you should ask to see it. If you’re not our client you may still ask to see it.)

And don’t forget Compliance and Data Loss Protection…software designed to prevent problems like

• Copying your customer list to a notebook or flash drive
• e-mailing social security or account numbers
• flagging messages containing certain words for management review before sending

And another thought: Businesses also need to develop a plan regarding remote access to company resources. Most offices have a collection of “stuff” inside the office, with other stuff in cloud services. Do they have a desktop in-house to remote into through GotoMyPC or Logmein? Is there a Small Business Server to provide Remote Web Access?

Answer these questions before running out to Best Buy and buying shiny things.

Ms. Altnam’s post ultimately points out why professional technology service providers continue to exist in today’s era of iPads and self-service cloud apps. Because anybody can do it but not everyone does things right.

Tech Tuesday #12? What’s up with Java?

It’s time for Tech Tuesday, where we answer reader questions!

Chris from Devens asks….

I saw a report on the news about disabling Java before hackers steal all my info. What’s up with that?

Thanks, Chris

There’s a lot of panic about Java right now. Headlines abound that the US Department of Homeland Security is recommending that all computer users disable java until this cyber-storm blows over. The media, has naturally jumped on this. Is it because “Department of Homeland Security” sounds more impressive than “Computer Emergency Readiness Team at Carnegie-Mellon University?”

Partly, I’m sure. And partly because we love to panic about our computers. Let’s start with the basics…but first this important message.

I don’t think any of these posts explain clearly WHAT Java is. So…What is Java?

Java is a web programming language. It allows websites to run programs on your computer. Similar to Adobe Flash and Microsoft ActiveX.

Allowing websites to run “stuff” on your computer sounds scary..and there are scary elements to it, but it’s also a powerful thing:

• Want to use web-based remote control like GotoMyPC or Logmein? You need to run a Java, Flash, or ActiveX program on your computer.
• Want to play Angry Birds, Texas Hold’Em or Bejeweled? The game runs a program on your computer.
• Want to use web-based e-mail? You need several of these web-based programs to do that.
• On a site like Facebook…the ticker, chat, and scrolling page updates are all implemented in these programming languages.

There are a number of flaws, recently revealed, that make it easy for someone to trick you into visiting a page that launches code that can take over your computer.

This can be “weaponized” by sending you e-mail that claims to be from the IRS, Quickbooks, the lottery, or your bank. Click on the link in the e-mail…and your computer is compromised.

This also can be brought to bear by compromising other websites and forcing them to host the bad code. This can be a problem for smaller websites without full-time monitoring and support staff.

It’s important to remember…any time you visit a website or load a program on your computer you are trusting the author of that program and the keeper of that website.

For example, if you want to play the online game Pirate Galaxy, you’re exposed to whatever code the developer (Splitscreen games seems pretty trustworthy) has decided to put in the game. You’re also exposed to whatever the host of the game publishes (Kongregate is also legit).

If the chain of trust ended there we’d be in decent shape. However, that’s not the case.

The ads in most pages are not necessarily vetted on a regular basis. It’s entirely possible for a rogue ad to link to a compromised site that looks like the game you want to play.

So for now I think it makes sense to disable java unless you find an important site that absolutely will not work without it. Don’t like those instructions? Try these.

Another way to go is to disable Java, Flash, etc in your primary browser…and use another one ONLY for trusted websites that require running code.

Of course, Java 7 Release 11 fixes the most glaring and commonly-exploited security issues, and adds a major new concept…that the user needs to actively click to let a java program (called an “applet”) run.

We’ll discuss best practices for business Internet safety later this week.

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

Tech Tuesday #11: Are We Business-Grade?

Another Tech Tuesday, where we answer reader questions!

Cathie from Rindge asks….

My new technology company says I need to replace my router…or firewall…not sure which. The sales guy said my D-Link is not made for business. Is he just trying to sell me a more expensive one?

Thanks, Cathie…most small businesses have a single device that acts as both a router (moves traffic between networks) and a firewall (inspects each  packet of traffic and allows/blocks based on a set of rules). Many small-business techies use the words interchangeably now, but you’ve almost certainly got a single device that does both.

Here’s a nifty older picture (despite the mid-90′s iMacs the theory still works)

But the bigger question is….

Is it “professional grade?”

The simple answer? It depends. Many businesses can get by with less-expensive, consumer-grade networking gear. It’s 2013 and nearly any firewall/router you can buy will give a few years of trouble-free connection to the internet.

Take this one, for instance. It’s a TrendNet N150 Router. This is a typical $40 consumer-grade router.

A basic Internet and Wireless connection! Who could ask for anything more?

Well… Looking at the specifications…this is a router that does not claim to have a Stateful Packet Inspection Firewall.

It might be nice to set up a second wireless network for guest access.

And, setting up more than a few connections at the same time the lil TrendNet will start to lag….

and what happens if something doesn’t work? Send an e-mail to Trendnet support and hope for the best?

Level up!

So we can consider an entry-level business firewall…like the Netgear FVS300.

These cost around $200. For the extra money we get:

• Better network speed
• Real SPI firewall
• Phone or chat support
• VPN connections (limited)

What could be better?

Well…

“I want to block job hunting/porn/shopping websites, except on my computer… or at break time.”

“We use voice over IP phones, how do we make sure that gets priority?”

“We need a reliable connection between our two buildings…”

“Our regulations say we need to monitor for unauthorized access…”

“Can I get a report of what websites employees are going to?”

“Can this system collect evidence in case of an attack?”

This is a job for a Sonicwall! (Or Cisco ASA, or WatchGuard, or Meraki, or Fortinet)

Here’s where we leave the “router/firewall” and enter the “Unified Threat Management” systems. These devices have:

• Comprehensive router/firewall systems designed for setup by a professional technician
• Additional services like Intrusion Detection, Web filtering, Remote administration, and incident logging
• Secure wireless systems that offers segmented guest access
• Reliable, highly-secure VPNs for remote and site-to-site connections
• 3G/4G wireless backup connections

What are YOU using for a firewall? Drop a post in the comments!

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

Tech Tuesday #10: 2013 Predictions!

Another Tech Tuesday, where we answer reader questions!

Joan from Athol asks….What are your tech predictions for 2013?

I’ve got a few thoughts, in no particular order:

1. Windows 8 will fail. Miserably. Sure, Microsoft will make it sound like it’s been accepted in the market, and will use accounting tricks to make it look like money has been made (they count new systems with Windows 7 that include Win8 “upgrade” disks as net sales, for example)
   
   It will be so bad that Windows 2014 (they’ll change naming conventions again) will come out in December, 2013. Look for 2014 to be like Windows 8 desktop-mode, with a visible Start button and…well…stuff to click.
   Microsoft Surface and Windows Phones will continue to sell to dyed-in-the-wool Microsoft fans. Exclusively.
2. There will be a new iPhone and iPad. Apple will make them sound magical and revolutionary even though they’re not. They’ll add some nice features and cost a lot of money. Millions will be sold, mainly to Apple fans who are upgrading from their iPhone 5′s.
   
   Apple stock will continue to rise for the foreseeable future. I still wouldn’t buy it.
3. As many i-Devices as Apple sells…Samsung will sell twice as many of their not-yet-announced Galaxy S4s (this is a link to a concept video, not even “good” rumor yet.) Still a couple more years before these win the coolness war, though. Here’s a link to a more realistic look at what the actual 2013 S4 could be like. A lot of those will be to Galaxy S3 fans who have gone all cult-like over their phones…becoming every bit as ugly as the i-Fans they hate.
   
4. There will be a major outage and/or security breach involving Quickbooks Online. Intuit hasn’t shown the management wherewithal or the development muscle to keep QBO running as a stable, truly redundant architecture. Many of the promised changes after the last several outages are still in the early planning stages.
   
5. Speaking of big companies sucking really badly, I predict outage-prone Microsoft Office 365 will re-brand their service to distance from the current name. Maybe something like Office Anywhere… despite the name change there will be lawsuits from customers who will lose substantial data. Heads will roll, which at Microsoft means several Directors and VPs will make lateral moves to other divisions.
   
6. Seems everyone is talking about BYOD (bring-your-own-device) right now. That’ll turn out to be a fad that no one will be talking about this time next year. It sounds good, ’til you think about what will really happen: We’ll “save” the cost of a $1,200 laptop by having Joe co-opt his kids’ computer, or do everything on an iPad. We’ve been hooking up new employees’ phones to the mail server and key resources for year. Add one clause in the employment agreement that says,
   “Employee consents to installation of Company geolocation and monitoring software on employee-owned mobile devices; if such device is lost, stolen, or employment terminated the Company will securely erase all information contained on the device. Employee agrees that personal information on the device will be erased in this operation and holds Company and its agents harmless regarding deletion of such information.” (You should obviously ask you lawyer before you go sticking clauses in your employee handbook!)
   There are some places where BYOD desktop etc strategy can work, and we’re ready to support it there, but it’s just a buzzword that’s going to go away.
   
7. We’ll talk about Gesture Control as a next big thing. It won’t go anywhere. I won’t care ’til I can have my own J.A.R.V.I.S. (Y’know, Ironman’s house computer):

   

8. This will be the year of the Linux Deskt……HAHAHAHAHAHAHAHA!
   Even IF a good linux-based accounting system came out, and despite the confluence of Windows 8 sucking, Apple being evil, and mobile devices being too hard to actually do work on…it still wouldn’t be enough for a linux desktop to take hold.
   

I guarantee that at least four of these predictions will be completely wrong and that we’ll laugh about them (hopefully together) in 2014.

Happy New Year!

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

Thoughts on Newtown, CT 12/14/2012

A few thoughts.

Our thoughts and prayers go out to the victims and responders in Connecticut. It is an unimaginable tragedy that we’ll never fully understand.

But remember, 49 million other kids went to school today and came home safe and sound. As did yours and mine. Remember that over the past few years more kids have died in school bus accidents (which is also very, very, very few!) than from school shootings.

We need to let our kids explore, grow up, and live. Bad things can happen. We need to focus on things we CAN control (car seats/seat belts, safe driving, cutting smoking, keeping our homes fire-safe).

We also need to remember that there are places in the world where mass killings are an everyday occurance. Where people can’t travel alone, ever. Where there ARE no polce and first responders to start helping 100 seconds after something bad happens.

We live in age where everyone in the world can know about this bad news within minutes…and we miss the millions and millions of really good things that happened today.

Take a moment and hug your kids, for sure. Not because you’re afraid to lose them, but because you’re glad they’re here. Never forget the difference.

Tech Tuesday #9: Oh, crap!

Another Tech Tuesday, where we answer reader questions!

Sharon from Lunenburg asks….

Q: Oh, crap!

Which is not really a question per se. So we followed up.

Q: My work computer won’t start!

A: Still not a question. We press on.

Q: My system doesn’t start. It comes up with a black screen that says, “BOOT DEVICE MISSING.” What’s wrong? And by the way, I last backed up about three months ago.

A. It could be something simple, like a flash drive plugged in or a DVD left in a drive. Make sure there are no usb connectors hooked up, and no discs in a drive.

If that’s not the case, there’s a small chance there’s a configuration problem keeping the computer from recognizing the hard drive. Sometimes we can attach the drive to another system to fix data errors. Ideally the hard drive will just attach and Windows will identify and correct file system damage.

Less-than-ideally the hard drive will attach, Windows will say something witty, like, “The disk in drive G: is not formatted. Do you want to format it now?”

Don’t format it. We have tools that can often recover files even if Windows can’t see them. We have had good results with Runtime’s GetDataBack recovery products.

On the other hand, there are some drives you just can’t get to. Either they won’t show up at all…or they’ll make a tell-tale sound of hard drive death

Bzzzzzzt
Bzzzzzzt
Tick-click
Tick-click
Tick-click
Bzzzzzzzt

Many “tech guys” will tell you it’s toast and there’s no possible way to save files from a disk that’s dead. They’re not entirely correct. It’s often possible to recover stuff from a disk that’s physically damaged or failing.

If your hard drive is making clicking or grinding sounds, using software MAY be able to retrieve some files but will reduce the chance of successful professional recovery.

For that we’ll need a cleanroom.

No, not THAT kind of clean.

That’s better. A professional service company like Kroll/Ontrack, DriveSavers, or Gillware will take apart your hard drive in a dust-free environment, replace broken pieces, and copy the data onto another disk.

Cost varies from around $500 to over $2,000 depending on:

• How quickly it gets done
• How big your disk is
• If there’s anything special like encryption, it’s linux, mac, etc
• Which provider you use

For that kind of money it’s usually not worth recovering the kids’ school projects. But for a master’s thesis…the only copy of your Quickbooks file…wedding pictures….the external hard drive that has 15 years’ worth of family pictures…

it just might be worth it.

Remember, though, that all of this could have been avoided with a simple backup.

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

Tech Tuesday #8: Buying Safely Online

Tech Tuesdays. It’s your chance to send in your tech questions, and we’ll answer one per week for everyone. To ask a question, just message us. They can be on any topic from security to cloud computing, or anything in between. And we’re featuring Media Mondays over on the CT Media sister page. Be sure to fan us over there, too!

Jeanne from Fitchburg asks, “How do I buy stuff online without getting scammed?”

There’s one absolutely foolproof way to NOT get scammed with a purchase: Don’t buy anything.

Failing that, there are a few quick and easy tips:

1. Use a credit card, NOT a debit card (or PayPal, etc). Even when playing with well-known vendors it’s always best to play with someone else’s money. If you buy something that isn’t as advertised (or a big company charges you twice for that new platinum-plated toaster oven), it’s a world of difference. The debit card holder sees their money taken immediately…calls the merchant, calls the bank, and after a couple days the errant money finds its way back into its proper place. The credit card holder calls the bank, fills out a form, and the problem goes away. I’m not a big fan of credit cards and consumer debt, but this is why credit cards are essential in 2012.
   
2. Use only well-know vendors or stores. Yes, google shopping says that joesplatinumtoasters.com has the same toaster for 20% less than anywhere else, but is it worth it? If anything in this post is news to you….stick with Amazon, buy.com, and other stores where you can return online purchases in-store.

   

3. Factor in shipping costs. You can buy an aftermarket front bumper cover for a 2006 Subaru from Amazon.com for $81. The tiny print below says, “+ $70.01 shipping.” One can buy the same bumper from a local auto parts store for $92 including tax
   .
4. There’s more to this than money, though. If you know what you want, it only makes sense to buy online from a reputable vendor and save money. There are times when we don’t really KNOW what we want/need. Perfect opportunity to get into “buy local” mode and go to a store to take advantage of their knowledge…and buy something! It is pretty lame to get the info from a local expert then go home and order from Amazon to save 5%.
   
5. Make sure your computer is updated, with antivirus software, and stop to think before clicking the “Buy Now” button.

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

Tech Tuesday #7: Mobile Printing

Tech Tuesdays. It’s your chance to send in your tech questions, and we’ll answer one per week for everyone. To ask a question, just message us. They can be on any topic from security to cloud computing, or anything in between. And we’re featuring Media Mondays over on the CT Media sister page. Be sure to fan us over there, too!

Debbie from Gardner asks, “How do I print from my iPad?”

I’ll extend the question to include iPad, iPhone, Android phone (including my current Samsung Galaxy S3), android tablet (including my current favorite Kindle Fire HD).

If you’re just using Apple iDevices along with computers…it makes sense to look for a printer that supports Apple’s AirPrint standard. AirPrint simplifies printing by automating discovery and driver loading for these devices. Most new wireless printers and all-in-one devices are AirPrint-ready.

Second choice, search the App Store for your printer. Many printer manufacturers like Brother, HP, and Epson have apps that will let you print pictures and other content to your printer.

If you don’t want to buy a new printer, or your printer doesn’t support wireless, try Collobos’ FingerPrint. This program runs on your Windows or Mac computer and shares your printer for your iDevices. Make sure to run the trial before paying the $20 to buy it. There’s a great step-by-step guide on how-to geek for setting this up.

For Android devices things are a little more complicated. Android doesn’t have a built-in print handler like AirPrint. There is the Google Cloud Print program and app…there are about a dozen models of printer that will  automatically connect to the Google service,  Otherwise install the Cloud Print server to your computer and use the mobile-enabled service to print to your printer.

For business use, a nice choice is EFI PrintMe/PrintMe Mobile. This solution turns a computer into an AirPrint print server, similar to FingerPrint, but also offers an Android app to facilitate printing from other devices.

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.