Buying A New Printer? Here’s What To Look For

Printers are essential in day-to-day office use. Whether one is needed to create fillable forms or prepare handouts for a presentation, a printer is a valuable tool in general productivity and collaborative projects.

As such, the investment in a new printer is a big deal, and here are some of the most important things to consider when choosing one.

Black vs. Color
Monochrome printers that just use black ink or toner are usually cheaper and may be sufficient for office needs. Full color printers, however, can be used in creating eye-catching booklets, brochures, or flyers, but these are often more expensive for the initial purchase and upkeep.

Functions
Printing isn’t the only thing a printer can do. There are a host of other functions available from copying to faxing to scanning. Review what other office equipment is on hand, and that may narrow the functions needed. For instance, if the office already has a copier, then that function really isn’t necessary in a new printer.

Paper Handling Characteristics
A printer’s paper handling encompasses more than one thing. It refers to how much paper it can hold, which can be crucial for busy office settings, and also the sizes of paper it can handle. The ability to do double-sided printing or presence of an automatic document feeder are other things to consider.

Type of Connectivity
There are three primary modes of connectivity for printers – USB, Ethernet, and wireless – and a printer could have just one or all three. Nowadays, nearly all printers have USB connectivity, but Ethernet connectivity is important for wired office networks. If you want to reduce cords and use it on your wireless network, wireless connectivity is a must.

Replacement Toner/Ink Cost
The total cost of a new printer does not end with the initial purchase; the toner or ink will need periodic replacement. Often, toner and ink are far more expensive than the printer itself, so getting a good deal on the device doesn’t necessarily translate into a good deal for the long run.

It only takes a few moments to check the price of replacement toner and ink, and this can save the company a lot of money in the future.

Leasing vs Buying IT Equipment: Which is Better?

When you plan to upgrade or replace computer equipment, there are two ways to do it: Either leasing or buying the necessary IT equipment. As there is no hard and fast rule as to which alternative is better; it heavily depends on your business’ unique situation and needs. Here is an overview of each alternative’s pros and cons to help you decide between the two options:

When you lease IT equipment, the upfront costs are low, which allows a business to set aside moneys for more pressing needs.

There will be a set monthly payment with no surprises, and your business can keep up with the Joneses when it comes to having the most cutting-edge technology. If some new tech system pops up in a year or two that could help your business operations, upgrading is simple to do when leasing.

There are, however, downsides to leasing. Over the long term, you may pay more for the equipment your business uses. With a lease, there’s also the issue of having a contract that usually requires the business to rent the IT equipment for a set length of time.

This means that – even if your business opts to stop using that equipment or it becomes obsolete – the payments still must be made.

When you purchase your business’ IT equipment outright, there is only a single, albeit large, hit to the budget, and there’s no complicated paperwork to fill out or built-in caveats in the contract to look out for. It belongs to the business and decisions regarding maintenance and method of use are entirely up to those within the company instead of being governed by an outside entity. The purchased equipment can even be deducted from the business’ taxes.

On the other hand, putting a lot of money at once into a company’s IT needs may draw too much money out of other divisions’ budgets, such as marketing, for example. This can negatively impact the business’ bottom line. Another consideration is how often technology equipment should be updated. With buying such equipment, it’s far harder to upgrade to the latest technologies, which could require waiting for your recently purchased items to sell before making a fresh IT equipment purchase.

For Pete’s Sake, Back Up Your Data Folks!

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

I’ve been supporting small business computers and network systems for more than 25 years, and believe me when I say, the number one thing that still boggles my mind is the lack of sound backup systems and procedures.

It is a topic we cover a lot in our newsletters, and for good reason: Not a month goes by where we aren’t witness to some sort of catastrophic file loss or system/server failure.

If you’ve ever lost an hour of work on your PC because it locked up in the middle of writing a proposal, you know the grief it causes. Now imagine if you lost days or weeks of work – or imagine losing your client database, financial records, and all of the work files your company has ever produced or compiled.

Or what if a major storm, flood, or fire destroyed your office and all of your files? It’s raining as I write this, perhaps the twentieth day of rain in the last 30, and we’re under a flood watch yet again. [Read more…]

Does Your Company Need An Internet Usage Policy?

Scott Blake is a Senior Network Engineer with Tech Experts.

With the growth and expansion of the Internet, it is important to make sure that your business has a policy in place to protect its assets.

Depending on your business, an Internet Usage Policy (IUP) can be long and drawn out or short and to the point.

An IUP will provide your employees with guidelines on what is acceptable use of the Internet and company network. IUPs not only protect the company, but also the employee.

Employees are informed and aware of what is acceptable when it comes to websites and downloading files or programs from the Internet.

When employees know there will be serious consequences for breaking the IUP, such as suspension or termination of employment, companies tend to notice a decrease in security risks due to employee carelessness.

You will need to make sure your IUP covers not only company equipment and your network, but also employee-owned devices such as smart phones and tablets. You may be surprised at the number of employees that feel they do not have to follow the IUP because they are using their own device to surf or download from the Internet.

Make sure you address proper usage of company-owned mobile devices. Your business may have satellite employees or a traveling sales force. Even when they are away, they need to be aware they are still representatives of the business and must follow the business IUP.

After all, it would not go over well if your sales staff was giving a presentation to a prospective client and suddenly, “adult content” ads popped-up on the screen because one of your employees was careless in their web habits.

The downloading of files and programs is a security risk in itself. Private, internal company documents and correspondence downloaded from your company’s network can become public, causing unrepairable damage.

On the same thought, employees downloading from the Internet open your company’s network up to malware attacks and infections.

There are a lot of hackers that prey upon the absent-minded employee downloading a video or song file by hiding a piece of malware within the download. Once the malware makes it into your network, there’s no telling what damage it can cause.

As for non-work related use of the company network and Internet, make sure your employees know there is no expectation of personal privacy when using the company’s network and Internet connection.

Make it well-known that the network and Internet are in place to be used for work purposes only. Improper use of the network can reduce bandwidth throughout the company network.

This includes all mobile devices owned by the company. This way, your employees know that no matter where they are they still must follow the guidelines of the IUP.

Make sure all of your employees sign the IUP and fully understand what it is they are signing. Make sure you answer any and all questions they may have.

This will help clear up any confusion your employees may have. This way, there can be no excuses as to why the IUP was broken.

Whenever you update the IUP, make sure you have all of your employees sign and understand the new additions and/or changes to the IUP. It may seem like overkill, but you’ll be glad you did if you ever run into any violations of your company’s IUP.

For assistance in creating Internet Usage Policies or if you have any questions, call the experts at Tech Experts: (734) 457-5000.

Should Your Company Install The Windows 10 Preview?

In short, no. While the Windows 10 Technical Preview is free of charge, there are too many dangers in downloading what is essentially the Beta release of Microsoft’s newest operating system.

There’s a reason why the preview is available, and it’s not to generate excitement about its coming release this fall. The preview exists for Microsoft to discover bugs and glitches that are present in this version, so they can fix them before Windows 10 officially hits the market. Unless you just enjoy being part of that process, it’s best to leave the testing to others.

It is especially important to wait for the official Windows 10 release if you only have one PC or mobile device.

Since all the kinks have not yet been worked out, you could find yourself unable to use accessories like printers or scanners if you make the premature jump into the new operating system. You also can’t be assured that the Windows 10 preview is safe for your devices, and it’s simply not worth the risk of incurring problems that can not only be costly moneywise but in the ill use of your time trying to correct any damage.

Furthermore, the technical preview isn’t complete. The features you’re looking forward to may not be included. The Spartan web browser and Holograph feature are missing from the Windows 10 preview.

So, even if the test version of the operating system functions seamlessly, you’re apt to be disappointed. Although you may be chomping at the bit to get rid of your old operating system, the wise thing to do is wait until Microsoft perfects Windows 10 and then fully explore it when it’s finally released, making sure it is compatible with your business applications.

The Basics Of HIPAA Compliance

Michael Menor is Vice President of Support Services for Tech Experts.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is federal legislation that created national standards to protect the privacy of patients’ medical records (including electronic records) and other personal health information.

The legislation makes organizations and individuals who collect and manage personal healthcare data legally liable for its security, including health care providers, health plans, health clearinghouses and business associated with any of these. Consequences of negligence and misuse of private information can include civil and criminal penalties.

As a result of HIPAA, the Department of Health and Human Services created specific regulations for the handling of Protected Health Information (PHI), including electronic or digital forms (ePHI). HIPAA has two main sets of requirements related to privacy and security.

The HIPAA Privacy Rule governs the saving, accessing and sharing of health-related and other personal information, either oral or written.

This rule defines the guidelines safeguarding the confidentiality of PHI. Standards for identifying and authenticating people and organizations requesting PHI are outlined in this rule.
The HIPAA Security Rule more specifically outlines national security standards to protect health data created, received, maintained or transmitted electronically.

This rule primarily focuses on the technological measures used to enforce policies keeping ePHI out of the wrong hands. Failing to comply with these rules can result in penalties for not only organizations, but for the responsible individuals.

Any entity that deals with protected health information must make sure that all the required measures are established and continuously observed — physical (actual data center server access), network, and process security (audits, policies and staff training).

While the legislation is clear on the privacy, security, and accessibility requirements for organizations, over 91,000 violations were recorded between April 2003 and January 2013. These resulted in 22,000 enforcement actions (which included settlements and fines) with 521 referred to the US Department of Justice for criminal investigation.

HIPAA Compliant Best Practices
1. Review and evolve your policies and procedures. HIPAA is not a “set and forget” proposition; compliance must be a living, changing process that is regularly audited for effectiveness and legality. A lot has changed since 1996 and organizations’ policies must reflect those changes.

2. Accessibility rights are as important as rights to privacy. HIPAA gives patients certain control over their healthcare information, including the right to access it on demand and the right to revoke authorization to store their data. Organizations must act quickly when patients ask for their PHI.

3. If you store your data with a third party hosting provider, make sure that they are HIPAA compliant. The Security Rule hands down many stringent administrative, physical and technical requirements for such providers. Make sure that a full-scale risk assessment of the provider is performed on a regular basis and that a process is in place for monitoring compliance.

Apply common sense to your technology platforms. Shut down computer programs and servers containing patient information when not in use, and don’t share passwords among staff members.

The US Department of Health and Human Services has found that storing patients’ information in a HIPAA compliant cloud server can be safer than using a localized server or paper documents, so consider this option for increased security.

A HIPAA violation can be as small as a health care worker discussing a patient’s private health information in the elevator or as large as a $1.2 million fine for not erasing PHI from photocopier hard drives before returning them to the leasing agent.

More than ever, common sense and sound corporate governance must be applied to the technologies and processes that manage confidential data. Protecting that data will protect clients and the organization as well.

Data Breaches And The Building Blocks Of Cyber Security

Michael Menor is Vice President of Support Services for Tech Experts.

The data breaches at Target, Home Depot, Staples, Michaels, Anthem, and Sony Pictures Entertainment are just the tip of the iceberg and the stakes are very high. They’re costly for both businesses and customers and once the breach is announced, customers often terminate their relationship with that business.

You may ask, “What constitutes a data breach?” It is an event in which an individual’s information, including name, Social Security number, medical record and/or financial record or debit card is potentially put at risk. This can be in either electronic or paper format. The data set forth in this article is based on Ponemon Institute’s “2014 Cost of Data Breach Study.” Ponemon conducts independent research on privacy, data protection and information security policy.

New methodologies developed by the National Institute of Standards and Technology (NIST) and other industry standards bodies, such as the Department of Health and Human Services (HHS), are being implemented by many organizations, but best practices for addressing cyber security threats remain vague.

So what can be done to minimize cyber security threats? An effective starting point is to focus on the following essential building blocks of any cyber threat defense strategy.

Most organizations rely on tools like vulnerability management and fraud and data loss prevention to gather security data. This creates an endless and complex high-volume stream of data feeds that must be analyzed and prioritized. Unfortunately, relying on manual processes to comb through these logs is one of the main reasons that critical issues are not being addressed in a timely fashion.

Implementing continuous monitoring, as recommended by NIST Special Publication 800-137, only adds to the security problem as a higher frequency of scans and reporting exponentially increases the data volume. Data risk management software can assist organizations in combining the different data sources, leading to reduced costs by merging solutions, streamlining processes, and creating situational awareness to expose exploits and threats in a timely manner.

One of the most efficient ways to identify impending threats to an organization is to create a visual representation of its IT architecture and associated risks.

This approach provides security operations teams with interactive views of the relationships between systems and their components, systems and other systems, and components and other components. It enables security practitioners to rapidly distinguish the criticality of risks to the affected systems and components. This allows organizations to focus mitigation actions on the most sensitive, at-risk business components.

Effective prioritization of vulnerabilities and incidents is essential to staying ahead of attackers. Information security decision-making should be based on prioritized information derived from the security monitoring logs. To achieve this, security data needs to be correlated with its risk to the organization. Without a risk-based approach to security, organizations can waste valuable IT resources mitigating vulnerabilities that, in reality, pose little or no threat to the business.

Lastly, closed-loop, risk-based remediation uses a continuous review of assets, people, processes, potential risks, and possible threats. Organizations can dramatically increase operational efficiency. This enables security efforts to be measured and made tangible (e.g., time to resolution, investment into security operations personnel, purchases of additional security tools).

By focusing on these four cyber security building blocks, organizations can not only fulfill their requirements for measurable risk reporting that spans all business operations, but also serve their business units’ need to neutralize the impact of cyber-attacks.

These methodologies can also help improve time-to-remediation and increase visibility of risks.

Risks When Employees Use Their Own Mobile Devices

Michael Menor is Vice President of Support Services for Tech Experts.

BYOD (Bring Your Own Device) is an exciting development for increasingly mobile and interconnected employees, but also a new challenge for IT security teams.

Gone are the days where security professionals can lock down a finite set of machines and facilities; instead, they must manage an ever-growing, ever-changing landscape of employees, devices and applications, many of which have access to information that needs to be protected.

According to an article on eWeek, a survey was done on organizations with mobile devices connecting to their networks: only 33 percent have any official BYOD policy governing the use of personal portable devices, 67 percent do not.

The security risks are inherent in BYOD between viruses, hacking, improper security, and more. Flat-out thefts of smartphones, laptops, and tablets are also an issue.

In New York City alone, police data show that Apple products were stolen in a total of 11,447 incidents in the first nine months of 2012. That is an increase of 40 percent compared to the previous year.

Of course, employee education and awareness are important as informed users are more likely to act responsibly and take fewer risks with company data. Unfortunately, employees can be careless and criminals crafty, which is why network security defenses and policies are so critical.

Although implementing a restrictive device policy may feel like the most secure approach for your company, it can easily backfire.

Your craftiest employees are going to find a way to connect their devices to your network no matter what. And employees who do obey your “no iPhones” message will probably resent the policy and experience lower productivity.

Bring Your Own Device conceptToday’s workers expect to have 24/7 access to their information. They want to be able to catch up on emails on the evening train ride home or access information while away from the office.

BYOD lets IT staffs eliminate the hassle and expense of provisioning, distributing, and maintaining hundreds of corporate-owned mobile devices.

But setting up a BYOD program isn’t without its challenges. For starters, when you give employees free rein to bring in their own devices, you put your corporate documents and data at the mercy of the native security on these devices.

When you consider that many of your employees probably have “1234” as the PIN on their iPhones, that’s a pretty sobering thought.

Another major concern is your network. When you allow today’s increasingly powerful smartphones and tablets to request resources from your network, you really put your infrastructure to the test.

Are you ready to serve data instantly to hundreds of increasingly powerful hand-held mobile devices?

What if your mobile employees want to watch training videos, play back webinars, or listen to conference call recordings on their devices – can you deliver this kind of bandwidth?

Like most things, there are upsides and downsides, but a decision should be made on what best suits you, your employees, and your business.

When it comes down to it, BYOD isn’t a completely ridiculous idea. In fact, the benefits of BYOD may be worth the extra security precautions required to implement it.

(Image Source: iCLIPART)

Remote Employees And Network Connections

Scott Blake is a Senior Network Engineer with Tech Experts.

As businesses begin to downsize their ecological footprint, the need for remote or satellite employees grows. Business leaders and owners are now faced with the daunting question on how to allow remote employees access to their existing network without compromising network security.

One of the best ways to accomplish this is through the use of VPN.

VPNs allow secure access to business resources by creating encrypted pass-throughs via the Internet. The Internet, combined with present-day VPN technology, allows businesses a low cost and secure means to extend their networks to their remote employees.

The two most common methods in which to set up remote access are IPsec (IP Security) or SSL (Secure Sockets Layer). Both methods work well and both have their advantages depending on the needs and size of your business.

VPNs created using SSL technology provide remote-access connection from almost any Internet-enabled location or device using a web browser interface.

No special client software needs to be preinstalled on either device. This makes SSL VPNs a true “anytime, anywhere” connection to company-managed desktops.

There are two different SSL VPN connections to choose from: clientless and full network access.

Clientless requires no special software. All traffic is transmitted and delivered through a web browser.

There is no need to install or download any unique software to establish the connection. With clientless access, only web-enabled programs and apps are able to be accessed, such as email, network file servers and local intranet sites.

Even with such limited access to network resources, this style of connection is well-suited for most businesses.c868266_m

Additionally, because there is no need for special software to be supported by the IT department, businesses can cut down on managed overhead.

A full network access VPN allows access to almost any program, application, network server, and resource connected to your business network. Unlike clientless access, full network access connection is made through the use of VPN client software. Because the client access software is dynamically downloaded and updated, it requires little or no desktop support.

As with clientless access, you have the ability to customize each connection based on employee access privileges. If your remote employees require the full functionality of installed programs and applications as if they were sitting inside the office building, utilizing a full network VPN connection is the obvious choice.

IPsec based VPNs are the staple of remote-access connection technology. IPsec VPN connections are created by using installed VPN client software on the user’s workstation and connecting device.

Client software allows for greater customizability by modifying the VPN client software. Businesses are able to configure and maintain the appearance and function of the VPN client, which allows for easier implementation for connections with other desktops, kiosks, and other special need cases.

Many businesses find that IPsec connections meet their requirements for the users, but the advantages of self-updating desktop software, accessibility from non-company managed devices, and customizable user access make SSL VPNs a front runner for remote-access connections to your office.

If you have any questions or would like more information about how a VPN can help your company, you can reach Tech Experts at (734) 457-5000.

(Image Source: iCLIPART)

Tips For Your Next Tablet Purchase

Now that tablets have become ingrained in the techie lifestyle, it’s hard to believe the first Apple iPad arrived on the scene just four years ago. In the time that has passed since then, tablet sales and development have skyrocketed.

Consequently, there is a much larger variety to choose from today than just a single brand and its incarnations.

For those looking to upgrade their tablet or try one out for the first time, navigating the sea of tablet possibilities can be a daunting prospect. Here are a few tips to demystify your purchase choices:

Choose the right operating system for you: Apple’s iOS gets the most attention by far, likely due to its length of time on the market, general ease of use, and plethora of applications available for download.

Android’s OS is also competitive in the availability of apps, and it merges seamlessly with all of Google’s applications.c332562_m

Finally, the Windows OS is growing in popularity with users looking for a PC-like experience and aren’t as concerned about installing various applications.

Get enough storage and a screen size you can work with: Just as if you were PC shopping, a huge concern is having enough space to store your files and a screen that is easy to read.

After all, it’s no fun squinting to decypher text or choosing which applications to keep or ditch due to insufficient storage space.

Also, consider the screen resolution when choosing between models – it can be equivalent to the difference between a regular television screen and HD.

Decide if a WiFi only or cellular version fits your needs: There are two ways you can get online with a tablet – connecting via WiFi networks around you or using cellular service to gain entry.

WiFi only versions are typically cheaper, and you always have to option of turning your smartphone into a hotspot for on-the-fly connections. A cellular version is a tad pricier and requires additional service fees, but the advantaage is you will always be able to get online wherever you go.

(Image Source: iCLIPART)