Category Archives: Business

Tech Tuesday Special: Windows XP End Of Support

It’s time for Tech Tuesday, where we answer reader questions!

TechTuesdays from Charland Technology

We’ve been asked a lot lately…What does the “End of Windows XP” mean?

The End Is Near with Grumpy Cat

As Microsoft announced some time ago, support for Windows XP stops on April 8, 2014. By all means hit the link for the official Microsoft countdown clock.

What’s the official Microsoft stance?

Simply, that Microsoft will not be working on any more Windows XP security updates after April 8. And if Microsoft isn’t fixing XP problems, no one else will be either.

But what does that mean?

For some people, it’s not a big deal. The sun will rise, the computer will start, and the world will go on.

If you use your computer in business it’s not so simple.

A major part of any security standard includes running a supported, up-to-date operating system.

PCI-DSS, HIPAA, Sarbanes-Oxley, and Mass 201 CMR 17.00 all mandate that your computer systems must be running supported operating systems with reasonably current security updates.

If you can’t update the operating system you can’t be in compliance.

The safest advice at this time:

  • If your business stores health care or patient information on your computers;
  • If your business processes credit cards using computers;
  • If your business is a publicly-traded entity that’s subject to SEC or other government oversight;
  • If you process or store account information concerning Massachusetts residents;

Then you are obligated to be compliant.

It’s early March…a bit late to get into a large-scale shift, but there’s still time for most smaller businesses to act. And starting to do something, even if you miss the “deadline” by a few weeks, is better than doing nothing.

What to do?

There are several approaches:

  • You can buy new computers that run a supported system like Windows 7 or Windows 8.
  • If your computers are relatively new (2010 or later) they may be able to upgrade to Windows 7 (or 8).
  • If you have a large number of older computers, we can install a Windows MultiPoint Server or Windows Terminal Server, and reload your desktop computers as “thin clients” that only are able to initiate a connection to your server.
  • You may be able to devise policies that restrict credit card entry, etc to certain computers.

It’s time to think about this, and act soon.

 

Windows XP sunset

Windows XP sunset

Advertisements

New laptop pregame: 2013 edition

I stumbled across an article by Dawn Altnam the other day, Laptop pregame: What to do to your company laptops before you give them to employees. Complete with stock photo of snarky guy holding a laptop.

“Pregame” calls to mind a football metaphor…but after reading the article I got the sense that it could have been written in 2003. Remove all references to “spyware” and “cloud” and it could have appeared in Inc or Forbes magazine in 1993.

In football terms that’s going back to the days of the “flying wedge” and no helmets.

Is this how you’d equip your team in 2013 and beyond?

Of course not.

So what can we do better today for notebook prep?

Security: Virus protection needs to be a closed loop. Most small business owners don’t know the difference between benign reports like toolbars/plugins and the nasty stuff like rootkits, much less how to properly assess and respond to a detection alert.

What does your sales manager do when she sees this?

99% of ’em click “allow” or “allow always.” Which could possibly load the trojan which starts to scan their e-mails and files for account numbers. Most tech service providers offer ongoing services to handle these alerts consistently and affordably.

And today, we have web filtering to limit users’ exposure (and company liability) to non-business stuff like porn, pirated software, hate speech, etc.

Firewall: The Windows 7 firewall is generally regarded as business-grade and up to the task of protecting a typical computer, even in a coffee shop or  other shared connection.

In the Physical Protection section the author drops the ball. At the very least every corporate computer, external disk, etc should have an asset tag. These start at about 50 cents per label.

Beyond that every business should consider a system like Absolute Computrace or Awareness Technologies’ LaptopCop. These solutions allow us to locate and track a lost or stolen computer. And recover the latest versions of files from the hard drive, then securely erase the disk.

Every business should have a “lost device response plan” in place before handing out a single laptop. It may be as simple as “Call Charland Tech and advise them of the lost device.” (Which means that WE need a response plan for each client with remote devices. If you’re our client you should ask to see it. If you’re not our client you may still ask to see it.)

And don’t forget Compliance and Data Loss Protection…software designed to prevent problems like

  • Copying your customer list to a notebook or flash drive
  • e-mailing social security or account numbers
  • flagging messages containing certain words for management review before sending

And another thought: Businesses also need to develop a plan regarding remote access to company resources. Most offices have a collection of “stuff” inside the office, with other stuff in cloud services. Do they have a desktop in-house to remote into through GotoMyPC or Logmein? Is there a Small Business Server to provide Remote Web Access?

Answer these questions before running out to Best Buy and buying shiny things.

Ms. Altnam’s post ultimately points out why professional technology service providers continue to exist in today’s era of iPads and self-service cloud apps. Because anybody can do it but not everyone does things right.

Tech Tuesday #12? What’s up with Java?

It’s time for Tech Tuesday, where we answer reader questions!

TechTuesdays from Charland Technology

Chris from Devens asks….

I saw a report on the news about disabling Java before hackers steal all my info. What’s up with that?

Thanks, Chris

There’s a lot of panic about Java right now. Headlines abound that the US Department of Homeland Security is recommending that all computer users disable java until this cyber-storm blows over. The media, has naturally jumped on this. Is it because “Department of Homeland Security” sounds more impressive than “Computer Emergency Readiness Team at Carnegie-Mellon University?”

Partly, I’m sure. And partly because we love to panic about our computers. Let’s start with the basics…but first this important message.

I don’t think any of these posts explain clearly WHAT Java is. So…What is Java?

Java is a web programming language. It allows websites to run programs on your computer. Similar to Adobe Flash and Microsoft ActiveX.

Allowing websites to run “stuff” on your computer sounds scary..and there are scary elements to it, but it’s also a powerful thing:

  • Want to use web-based remote control like GotoMyPC or Logmein? You need to run a Java, Flash, or ActiveX program on your computer.
  • Want to play Angry Birds, Texas Hold’Em or Bejeweled? The game runs a program on your computer.
  • Want to use web-based e-mail? You need several of these web-based programs to do that.
  • On a site like Facebook…the ticker, chat, and scrolling page updates are all implemented in these programming languages.

There are a number of flaws, recently revealed, that make it easy for someone to trick you into visiting a page that launches code that can take over your computer.

This can be “weaponized” by sending you e-mail that claims to be from the IRS, Quickbooks, the lottery, or your bank. Click on the link in the e-mail…and your computer is compromised.

This also can be brought to bear by compromising other websites and forcing them to host the bad code. This can be a problem for smaller websites without full-time monitoring and support staff.

It’s important to remember…any time you visit a website or load a program on your computer you are trusting the author of that program and the keeper of that website.

For example, if you want to play the online game Pirate Galaxy, you’re exposed to whatever code the developer (Splitscreen games seems pretty trustworthy) has decided to put in the game. You’re also exposed to whatever the host of the game publishes (Kongregate is also legit).

If the chain of trust ended there we’d be in decent shape. However, that’s not the case.

The ads in most pages are not necessarily vetted on a regular basis. It’s entirely possible for a rogue ad to link to a compromised site that looks like the game you want to play.

So for now I think it makes sense to disable java unless you find an important site that absolutely will not work without it. Don’t like those instructions? Try these.

Another way to go is to disable Java, Flash, etc in your primary browser…and use another one ONLY for trusted websites that require running code.

Of course, Java 7 Release 11 fixes the most glaring and commonly-exploited security issues, and adds a major new concept…that the user needs to actively click to let a java program (called an “applet”) run.

We’ll discuss best practices for business Internet safety later this week.

Got questions? Send them to CharlandTech via Facebook, post as a comment on this article, Tweet ‘em to @gregc00 or @CharlandTech, or find another creative way to get them to us.

Business Lesson: Reaching Out

The postcard came in the mail a couple weeks ago:

  • Single-stream recycling
  • $7 off per month for a year
  • Award-winning customer service
  • New rolling trash carts

Not this one, but similar:

So I called and signed up for a new trash service. Easy enough.

Then I called my old trash service to cancel.
“We offer that too…”
“I can match that price…”
“You should have told us you needed a new cover for your cart…” (this was an issue that annoyed me every week, but didn’t upset me enough to call and complain.

For a moment I felt bad about cancelling my service without letting them match the other offer and solve my problems.

But then I re-framed things in the context of my business.

Sometimes my clients say, “I didn’t know you offered phones…

Or, “I didn’t know you could take care of my internet service…”

Or, “I found a cheaper tech guy!”

After a few minutes of mulling things over, I asked myself a few questions.

  • Who lets my company’s clients know what services and products we offer?
  • How would I know if there were underlying problems annoying them?

In the years I used the old trash company, I don’t remember getting a single communication that

  • thanked me for my patronage
  • introduced a new service or better pricing
  • wanted to make sure I was happy. that there were no lingering issues that made me unhappy.

So when WAS the last time you checked in with your customers? (By the way, we can help with systems to track that…but that’s another story)