TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Tips

Got Compliance? Simplifying HIPAA And PCI Requirements

By Tech Experts Staff
Many of our clients from health care providers to any business that accepts credit cards via in house applications have compliance standards they must meet.

The health care industry in particular has to be compliant with HIPAA and possibly PCI as well. So, with compliance being such an important issue what are some ways businesses can be sure they are in compliance?

At Tech Experts we offer many different services that are designed to help your business be more compliant with the strict standards in place by HIPAA and PCI.

HIPAA was established in 1996 at a time when the health care industry was starting to move away from paper and rely on computerized documentation for day to day operations. With this new technology being used brought more security risks that needed to be addressed as a whole; this is what brought about HIPAA.

While new technology is great in improving productivity businesses have to learn to adapt to the new security risks that come into play when using these production increasing technologies.

One of the first services we offer to clients is our Email Hosting services. We have various offerings with email based off of POP email and Exchange email. For compliance we offer archiving services with both one year and ten year retention policies.

We also offer solutions that are encrypted so the traffic cannot be easily captured and read which protects the information you send by email.

The second service we offer to clients needing to meet compliance standards is our offsite backup system.

Our offsite backups send your important data over encrypted connections just like the email system protecting your data from theft as it travels from your location to the safety of our datacenters.

Depending on your ability to function in the event of a disaster/outage we also offer disaster recovery options to help your business continue to function should your primary server go down.

The third service we offer is managed services. With managed services you can be sure that your computer always has an up to date, high end, antivirus installed. We monitor the antivirus that is installed on all of our managed service clients workstations and servers to ensure they are safe and secure.

While an antivirus does not guarantee you will not get an infection (because no antivirus can guarantee this) having a good one does ensure that the likelihood of being infected is greatly reduced.

With our managed services offering, we also monitor failed login attempts to see if there are any brute force attacks targeting your network. This lets us quickly address a problem before it becomes a network breach. Patch management is another feature of managed services that helps with compliance.

Patch Management ensures that your computers are kept up to date with the latest security patches.

Our managed services plans also include remote service and support. We offer a robust remote support feature that allows us to troubleshoot and correct almost any issue remotely.

The ability to offer such a comprehensive remote support tool means that we can more quickly address issues you run into without having to actually come out to your location.

Another component we offer to make your business more compliant is our server and workstation packages. Any server we offer can be programmed to make your business more compliant.

From enforcing regular password changes, account lockout policies, to hardware or software restriction policies, our servers are sure to improve your current network configuration.

With all of our services bundled a business can vastly improve their security and become more compliant than they were previously.

If your curious how compliant your business is, give us a call. We can setup a security evaluation based on the requirements for your industry. We can then offer some suggestions to improve your network’s security and compliance.

Has Your Company’s Facebook Page Converted To Timeline? Here are Some Must Know Tips

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

If you follow social media at all (and you should be!) you know that the landscape changes almost on a daily basis. One place this is very evident is Facebook.

Facebook is constantly working to “improve” your experience and now they’ve done it again with Timeline – not only for our personal pages but for our business pages as well.

Many business owners fought the changes and waited until they were forced to accept the upgrade to Timeline. Now that it’s been switched over, they’re complaining that it’s cumbersome, unattractive and difficult to navigate.

But the Facebook juggernaut is unstoppable – the new layout is here to stay. So, here are a few tips to make the most out of your company’s Facebook page, and dealing with Timeline a little easier.

• Create a cover photo: this is a great way to use Facebook to further build brand recognition.

The options are virtually endless when it comes to this image as long as you remember that you can use a brand or logo but you can’t offer a coupon or discount (no “%” off sales or coupons or similar ploys), no contact information (that’s what your “About” section is for) and no calls to action (that’s what your status updates are for).

• You can get private messages from fans through your business page: this is a new feature and very useful. Before, if your fans wanted to send a message to you through Facebook, it had to be through your personal page.

Now they can contact you directly through your business page. This one may be a little difficult getting used to, so make sure you check those messages – you don’t want to alienate a potential customer!

• Highlighted post option: you can now select a post to be highlighted (this can be those discount, sales or calls to action that you can’t put in your cover image). Highlighted posts simply means your post can take up both sides of the page.

These are just a few of the useful changes that Facebook Timeline brings to your business page. Don’t worry – the new timeline may not fit well with your thoughts about change but it’s all in our best interest. Don’t panic and go with the flow.

Stay Productive (And Sane) While Working From Home

More and more, working from home has become the norm for many people. Whether you’re freelancing or telecommuting from a full-time job, you really can be just as productive, if not more, than a cubicle dweller. Just remember this advice for succeeding on the home front:

• Start your day off right. You may not have to work a rigid 9-to-5 schedule when working at home, but take your job seriously: “Report” to your desk, wherever it is, at an appropriate time ready to work. Some experts recommend showering and dressing as if you’re going to the office to get into the right frame of mind.

• Understand what your organization needs. Working from home means you won’t get as much direct feedback and instruction from your boss throughout the day. Get clear expectations from your manager so you’ll be working on the right tasks and the right schedule. Set short-term and long-range goals that align with your organization’s objectives.

• Establish firm boundaries. Family members and friends should know when you’re working and realize that you can’t be interrupted for trivial reasons. Keep your door closed (if you have one), and let the answering machine pick up the phone if your spouse or child doesn’t get to it. You’ll find out about emergencies soon enough; don’t get distracted by irrelevant chitchat.

• Stay connected with people. Don’t let them forget you back at HQ. Check in frequently with emails and phone calls to let people know you’re on top of things. Visit the office when you can, and maintain your friendships with co-workers. You want to be thought of as a full member of the team, wherever you are.

• Take breaks when you need to. Don’t work yourself to exhaustion trying to prove you’re just as productive at home as you would be in a cubicle. Although you shouldn’t start a home renovation project in the middle of writing a report, there’s nothing wrong with spending a few minutes emptying the dishwasher or putting laundry away to clear your mind and relax a little.

• Evaluate your progress regularly. Keep track of your workload and your goals so you can review how much you’re getting done and whether you need to make any adjustments. As your own supervisor, you’ll need to keep an eye on what you’re accomplishing so you don’t fall behind.

Open Your Mind To Solve Problems Creatively

Everyday problems usually respond to tried-and-true solutions. But sometimes you need to go beyond the obvious. Try these tactics when you need to take a more creative approach to problem-solving:

• Do some extra research. Don’t assume you have all the facts you need. Before trying to solve the problem, dig deep into the background and the issues surrounding it. You may uncover something new that will lead to a fresh approach when nothing else has worked.

• Set up the problem correctly. In your rush to find a solution, you might treat the symptoms and not the underlying cause. Seek perspectives from other people, and keep an open mind about what’s really going on.

• Consider the impact. Who else does the problem affect? You may gain valuable insight by including others in your analysis and solution. You’ll also build support for your solution by drawing in your co-workers and other interested parties to help you implement it.

• Try a lot of solutions. Instead of zeroing in on one approach and hoping it works, experiment with as many different options as you can. Keep track of what you’re doing so you can identify what worked or combine promising aspects of different attempts.

Server Maintenance: Why We Do What We Do

By Tech Experts Staff
Most small businesses have onsite servers, which is a change from years past when small businesses didn’t see the benefit of having a server in place and instead depended on sharing within a workgroup.

With the great benefits of having a server in-place comes some additional costs to make sure your investment continues to be beneficial.

Many businesses that put a server in place are always defensive about having server maintenances done within a month after putting a server in place.

The number one phrase we hear after putting a new server in is “Are you sure that needs done, we just put that server in?”

The problem with taking this approach with your new server is that you already put a substantial investment in your new hardware and want it to run great for a long time.

Neglecting the server, even if it is for a short period of time, or even if it was “just put in,” is dangerous.There are items that can go bad or cause problems if not addressed, even on a new server.

The first item and most arguably one of the most important are the server updates. Servers have to be kept up to date especially since they physically host your important data.

Allowing a server to become outdated is highly risky and potentially allows hackers access to your server via security exploits in the operating system, Internet Explorer, Adobe, etc. If these items go without their security updates you run risk of data breach.

The second item that is one of the most important items that we check is the health of your RAID disks.

Most servers (at least the ones we install) have a RAID configuration of some sort configured to help protect your server in the event of a hard disk failure.

Hard disk failure is not a matter of if it will happen but rather when it will happen.

Since this is the case we generally set our clients up on a RAID 5 configuration which allows up to two RAID disks to fail at different times.

The redundancy provided by RAID 5 configurations allows for a large amount of protection from data loss but does not guarantee it. If a business’s server was not having regular maintenances done it is very possible to have the RAID disks fail and lose all the data because it was not caught.

We have had clients bring in computers that are brand new with failed hard drives so it can and does happen at any time, even when they are brand new.

During our maintenance we also go through the logs on the system carefully combing over the entries looking for any instances that could potentially indicate a problem or an upcoming problem if let go.

If this is not done your server could be showing that it is starting to have problems but you would never know it until it is too late.

One of the logs, the Security Log, allows us the ability to see whether or not your server has had unauthorized attempts to login to it. Yes, we mean hackers trying to get in your sever and to your private data.

These are just three of the numerous areas we check with the server maintenances to ensure that your server, whether new or old, is running properly and continues to do so for years to come.

If a server is not properly maintained, it can degrade quickly into an almost useless piece of equipment and the investment you put into becomes a waste as well – not to mention the potential data loss.

Don’t waste your company’s hard earned money! Invest in systems maintenances, every month. This is the only way to prevent major issues with your server and avoid data loss or compromise.

Social Media Strategies Are Different For Every Business

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

“One size fits all” doesn’t work as a strategy for managing your company’s social media presence.

Social media – the big three, Facebook, Twitter and LinkedIn – has become an increasingly more complex space the last few years.

Constant change
There’s a lot of activity and change across all three sites. Keeping up with the changes in policies and process, while at the same time updating your site and status, can be overwhelming.

The right way to use social media for your business depends on a number of variables, including the size of your company, the type of business you’re in, your target audience, and whether you’re a B2B (business to business) or B2C (business to consumer) company.

Many business owners don’t understand this. They think that you need to use every possible social media tactic and tool that’s available, but usually that leads to confusion and distraction with little measureable result.

Choose carefully
Not every social media promotion method works for every company.

Some businesses are successful using social media to hold contests and encourage check-ins by fans and followers.

It’s a great way to raise awareness and engage prospects and clients for a local B2C business, but probably doesn’t make sense for a B2B professional services firm.

Just because other businesses are doing it and finding success, it doesn’t mean that the tactic will work for your company.

Have a plan
Many business owners make the mistake of jumping into social media without a solid strategy, figuring it out as they go.

Just as you need a business plan, you also need a social media plan. Failure to strategize leads to poor decisions, wasted time, and confused clients and prospects.

The plan doesn’t need to be complex – one page that outlines your goals and the steps you need to take to get there will work. Once your plan is outlined, it’s time to execute!

Who’s responsible
The most important decision you’ll make when it comes to your company’s social media strategy is who will be responsible for managing it.

For smaller companies, this usually will be the owner. But for even the smallest business, a well thought out plan can be delegated to a staff member. Make sure you hold them accountable, and that you measure your results.

Not just for sales
Strategic posts on your company’s social media sites can help with customer service and public relations, too. Don’t narrow your social media focus just to sales and marketing.

Your end goal with social media should be to get clients and prospects to take an action: Visit your website or blog, ask for more information, or promote your company and brand to their friends and followers. Tracking the results of your social media strategy is the only way you’ll know what’s working, and what needs changed.

Taking Your Business Online Can Increase Profits

by Jeremy Miller, Technician
Most if not all businesses can benefit from having an online-presence. Going on-line for a business can be a low-cost marketing solution.

Your online presence can help give customer’s quick access to information about you and your business, all the way to having automated inventory alerts that let clients know about new products and stock levels.

When getting started online, you’ll want to get a domain that represents your business. You’ll want to pick something that’s easy to remember, and easy to spell and type.

You don’t want a domain name that you have to spell out for clients – that makes it very hard to use in advertising.

There are many domain registrars to choose from, including Tech Experts.

After you have your domain name, you’ll need website hosting services. Most web hosts, including Tech Experts, include company email with the service.

Most hosting plans are very affordable. Our basic hosting plan starts at $9.99 per month.

If you want to take it a step further, you can set up an online store. There are a lot of options, depending on how involved you want the store to be.

Accepting credit cards online can be a hassle, especially with the new security and compliance regulations. If you expect to do a large volume of business in your store, it makes sense to set up a secure site and contract for the credit card processing services.

For smaller web stores, PayPal offers a checkout service that is fully PCI DSS compliant. Their basic service is free (less the processing costs).

Setting up a website is not enough to make your business drastically improve. You have to find a way to get customers to your website.

There are many ways to do this. An inexpensive and effective way to get your website noticed is to start a blog.

Blogs will show a human side to the business and search engines crawl blogs easily. Easy places to do this are popular websites such as Facebook, Twitter, LinkedIn and Google Plus.

This helps improve your ranking in a search on search engines. There are other ways to improve your ranking as well. In fact there is a periodic table guide to Search Engine Optimization (SEO).

By looking at the periodic table, you can see exactly on a point scale what increases and decreases your SEO ranking.

There are companies that specialize in SEO Optimization. The fees range from very reasonable to exorbitant. SEO is as much black art as science, and it pays to have professional help.

There are tools that track how users are using your website. Google Analytics tracks how much time is spent on your website, and where visitors are going.

This can be useful for you to optimize your site for ease-of-use. You want to make it easy for your users to find what they are looking for and browse easily as well.

Another tool that can be useful is Google AdSense, which places targeted ads on your site – and everytime someone clicks on ad, Google will pay you a small amount.

The last thing to think about is the mobile version of your site. More users browse the Internet than ever before with their smart phones and tablets, so you’ll want to have a mobile site for these visitors.

This can be a little more tedious due to the fact that this technology is still emerging.

A lot of web sites require a mouse for them to function; an example of this would be a site with a menu bar at the top with a “mouse over” function to see the drop-down menu.

So having a site that detects the type of device and browser that the user is using and directs them to the correct site is important.

Can Employers Ask For Your Facebook Login Info?

A current case that is attempting to define privacy in the era of social media deals with the question of whether your social media account should be visible to current and prospective employers.

The next time you’re asked the typical “name your greatest weakness” interview question, remember it could be much worse: Job seekers applying to Maryland’s Department of Corrections were asked for their Facebook logins and passwords.

Savvy employers already check an applicant’s “digital footprint.” Some companies, like the Maryland Department of Corrections, have gone even further, requesting or even demanding individuals’ social media passwords to look at data not open to the public. Whether this practice is legal remains unclear.

The ACLU filed a written protest in the Maryland case, and the corrections department stopped asking for the information. They then had job candidates log into their Facebook accounts while the hiring manager looked over their shoulder at the Facebook content hidden behind privacy filters.

The officials at the Maryland Department of Corrections said that they did this to make sure job candidates didn’t have any gang affiliations.

The agency told the ACLU it had reviewed the social media accounts of 2,689 applicants and denied employment to seven because of items found on their pages.

One state is banning the practice, and at least 10 other states have bills that have been introduced. A few courts have ruled that such requests violate the federal Stored Communications Act, but the US Supreme Court has not addressed this issue. This legal uncertainty leaves many workers on shaky legal ground.

It’s always good advice to carefully manage the public information posted to your social media sites. For anyone looking to change careers, a review of your privacy settings and friends list is also good advice.

Ensure any sensitive things are limited to your friends (or even a group of just very close friends). It might make sense to have only your basic contact information available to non-friends.

Employers will undoubtedly rely more and more on Internet searches and social networking sites to screen job seekers.

Senators Charles Schumer (New York) and Richard Blumenthal (Connecticut), are planning to ask the Department of Justice to investigate whether employers demanding access to Facebook accounts are violating the law.

In the meantime, review your privacy settings, update so that only the things you want to be available can be seen by the general public.

PC Too Noisy?

No one enjoys having a loud computer, but cooling fans to keep components operating at safe temperatures can make the whole system as loud as a blow-dryer. In the workplace, noise from computers may not be an issue, but in the home a quiet computer can be essential in order to avoid interfering with the enjoyment of movies or music.

The good news is that there are ways to make the computer be a little less noisy. One method is to use noise/vibration isolators, which can be applied to a computer system to reduce the overall noise quite dramatically. For example, rubber feet for the bottom of the computer are available to replace the usual
hard plastic versions.

Another good example is silicon gaskets, which can be installed between a fan or power supply and the computer case to lower vibration as well as cut down on noise.

Will Your Internet Stop Working In July?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

You’ve probably read in the paper or saw on the news that hundreds of thousands of computers might lose Internet access after July 9. I’ve had several clients ask, “Is this true? How serious is it?”

The short answer is, you’re probably fine. If you use Tech Experts for your anti-spyware, anti-virus, and anti-malware services, we have you covered.

Don’t get me wrong, this is a serious threat. If you happen to be one of the people with an infected computer, then yes – there’s a good chance you could wake up on July 9 to no Internet.

What’s This All About?
In a word, malware.

Last year, malware infected over half a million computers worldwide. This nasty virus modified the process your computer uses to translate domain names – like “MyTechExperts.com” – into IP addresses – like 209.151.164.50. It’s the IP address that locates the actual physical server that houses the website.

To perform that translation, computers are programmed with translators – DNS servers – that answer questions like, “What’s the IP address for www.google.com?” DNS servers are automatically provided by your Internet provider when you connect to the Internet.

When this “DNS Changer” malware infected a computer, it altered the translation server that the computer would use. Rather than a legitimate DNS server, PCs were silently reconfigured to use a bogus one.

The problem is, this new bogus server sometimes lies.

False DNS Responses
Rather than answering the question, “What’s the IP address for google.com?” with the correct answer, the fake DNS server would return a different IP address: the address of a malicious server that was configured to look like Google, but that is really a server run by identity theives.

As long as the malicious server looked enough like Google, the computer user wouldn’t know until it was too late that something was wrong. They’d be tricked into thinking it was Google.

The bogus site (which could be any site the hackers chose, not just Google) could itself install more malware, display additional advertising, or do just about anything that a malicious website could do. All without warning.

What Happens In July
In November, the hackers were caught. But hundreds of thousands of infected machines were left with their DNS settings pointing to the fake DNS servers.

So, rather than removing the fake DNS servers from the Internet, the agencies that caught the hackers changed them to be legitimate ones. The government is spending about $10,000 per month to maintain these servers.

While this meant that people with infected PCs would be able to surf the net more safely, it didn’t change the fact that their computers were, fundamentally, still infected.

On July 9th, the government is shutting down the temporary DNS servers. Anyone whose computer is still infected, and is using those servers to get DNS answers, won’t get an answer at all.

Without a working translator – DNS server – your computer can’t answer the “What’s the IP address of xyz.com” for any site on the Internet. For those people with infected computers, the Internet will simply stop working.

Let me be clear: the Internet will stop working only if your machine is infected. It’s easy to find out if you’re infected. Visit the DNS Changer Working Group at http://www.dcwg.org/ and click the green button labeled “Detect.”

This will examine whether or not your computer is affected by the DNS Changer malware. If you’re not, you’re done. July 9 will be a non-event for you.

What To Do If You’re Infected
If DCWG indicates that you’re affected, the page should also include information on what to do to clean the infection from your system.

The good news is that there are many free tools that are listed as resolving the issue – free tools from most of the major anti-malware utility vendors.

Specifically, Windows Defender Offline (formerly Microsoft Standalone System Sweeper) is listed, and it would probably be the tool I’d reach for first.

After cleaning DNS Changer off of your machine, I would also seriously review the anti-malware tools that you’re currently using. Put simply, it should have been caught by now.