TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Data Management: From Storage To Security

One of the most important aspects of maintaining a smooth running safe and secure network comes down to data management.

How you or your company manages its data is important because if managed improperly, or not managed at all, you risk losing years of important confidential data due to failed hardware or even worse, theft.

Data management needs to begin with an audit of your various assets and how they should be managed properly.

This is the first step because you need to know what you have to manage and more importantly how it needs to be managed (can you use a simple flash drive backup, do you need a NAS, how secure does the data needs to be, should data be encrypted, etc.)

An audit should take place at the beginning of your data management plan as well as at the end which will be touched on later.

During your data management audit you need to first lay out what data is being used, when it is in use, when your slow periods are, and how securely you need to store this data.

For example client credit card data requires much more security than say your pictures from the company party.

After establishing what data you have as stated above you need to separate it into its various classes.

Generally people will store all of their data together so if that is your plan, you need to plan your security based on your most important and confidential data sets.

Some people may have a very large amount of data and smaller data sets that need more extreme security.

In these cases backup sets can be separated to allow less confidential data to be backed up to a less secure and much cheaper backup device while you could have a more secure setup for your confidential data.

One major consideration when it comes to backing up your  data is encryption.

The stronger the encryption on data the longer it will take to recover in the event of a data loss.

Encryption is one of the best methods to store data, determined by level of security – it can be high or low.

Again the amount of encryption contributes greatly to recovery time. Data can be managed and stored in many different manners.

Some of the various storage solutions are; a network drive to another computer, a NAS, a flash drive, an external hard drive, data drives and tapes, offsite backups, etc.

Depending on your needs and the amount of recovery time needed, your choices can vary.

For instance, if you have 1 TB of data you are backing up chances are you would be doing an onsite backup rather than offsite to decrease down time in the event of a crash.

A terabyte of data in an offsite backup is going to take a very long period of time to download to your server if your only recover option is to download from the Internet.

A much better solution for this amount of data would be a data drive like a “REV” drive. A REV drive in combination with good backup software offers plenty of space to backup and encrypt your data.

Backups via tapes or data drives should have at least the previous night’s copy taken offsite each night to ensure that you keep one data set safe at all times. It is a horrible idea to store all data onsite.

After you have a plan in place, run through the audit again once things seem to be running smooth to see what is in place, how its running, how secure it is in the event that a data set is stolen, and is the backup time/recovery time acceptable.

If the answer to any of these questions makes you feel your backup solution may be inadequate, it may be a good idea to try something different.

Even though it would cost more money to change data management solutions, it will save you money and hassle in the long run if you find it does not meet your company’s needs.

For a full data management audit give us a call today and we can happily sit down and discuss with you possibilities for your backups and data management as this only touch on a very small portion of data management.

Your data is very important and generally people do not realize just how important it is until they’ve either lost it or had it stolen due to poor management practices.

Feature Article Written By:
Tech Experts

How Strategic Business Continuity Planning Can Prevent Losing Money And Customers

The concept of business continuity planning is nothing new to conscientious business owners.

Without a doubt, the ability of an enterprise, large or small, to recover from catastrophic events and continue to provide an acceptable level of service to its customers  while maintaining a satisfactory level of profits is a basic requirement of good business practice.

Although such awareness has always been a feature of good management, the startling events of September 11 2001 has brought the world into a heightened state of preparedness for disaster.

Why the need for continuity and disaster planning?

Increasingly, natural disasters continue to surface in one place after another.

Consider recent major floods, earthquakes, tsunamis, hurricanes, corporate crimes and malicious attacks upon computer systems in nation after nation and you will sense the pressing need for sound business continuity planning to avoid disruptions due to technology and other failure.

Another factor which contributes to this need is the changing business climate in view of the expansion and increasing accessibility of the Internet over the past decade.

So organizations which formerly rendered services to their customers during fixed hours of business, now find themselves offering their services on an extended schedule, even 24 hours a day, seven days a week.

This means that customers have grown accustomed to this ready access to their suppliers and vendors. And now the reality is that consumers have become less and less tolerant of interruptions in a company’s service and availability.

Business continuity planning – is it just for big business?

Business continuity planning now takes on an increasingly important role, not just for larger enterprises, but for small businesses alike.

In fact for small businesses it is even more critical to be ready to respond to the needs of its customers.

Customers expect this and have no problem locating alternate suppliers who stand ready to take your place in the market!

This is true whether you are in the manufacturing or service business, marketing and sales or any other facet of business.

Your network – a key  component in business continuity 

Nowadays a company’s IT System with its network of computers has become the backbone of many businesses.

Vital functions such as Data Processing, inventory and  payroll management, Internet based operations including online sales, human resource and training systems, project management and an almost endless variety of other business functions are critically dependent on the efficacy of your computer system.

Clearly then, any technology disruption can have disastrous consequences.

Therefore business continuity planning often deals  extensively with maintaining a dependable IT system.

This brings into focus not only the hardware components of the system and its application programs, but also the data contained in the system.

Ways to ensure continuity

Some of the key components that determine system reliability include Data Storage Devices, UPS systems, power generator systems and so on.

And nowadays, Cloud Computing is being relied upon to extend the reliability of Computer Systems and ensure business  continuity in the event of major failure.

There seems to be a tendency to use the expressions ‘business disaster recovery’, and ‘business continuity’ interchangeably.

However upon closer examination it becomes clear that the two concepts are quite distinct.

Continuity of service is the desired state we want to maintain while recovering from any unexpected calamity whether an extended power outage, Computer System failure or other problem.

Such continued operation calls for a comprehensive plan that covers the most probable occurrences.

From this information it can be seen that ensuring business continuity calls for a strategy regardless of the size of the business.

As disasters continue to increase in frequency and magnitude, more and more careful thought must be given to your company’s preparedness to respond in the event of any business threat.

The increasingly prominent role of computers in business calls for highly reliable data backups, hardware redundancy, and keen, effective planning as a way to ensure business continuity in the event of any catastrophe.

Take A Smart Approach To Social Networking For Kids

You can’t escape social networking these days: Facebook, LinkedIn, Google Plus, and all their online cousins are everywhere. If you’ve got kids, chances are they’re eager to join all their friends in cyberspace.

Worrying about their safety is natural, but hoping social networks will go away isn’t very realistic.

You’re better off working with your children so they don’t hide their online activities from you. Take these steps to help them enjoy social networking safely:

• Start with kid-friendly sites. Facebook is far from the only place for people to go. A quick Internet search will help you locate lots of sites just for children. You’ll want to investigate them thoroughly, of course, but they can serve as a good introduction for your children to the world of online networking.

• Talk about privacy. Have a serious discussion with your kids about guarding their personal information online. They should understand that data like their full names, address, phone number, school, and birth date should be kept private for their own protection.

Emphasize that once something is posted online (a message or a photo), they can’t remove it entirely even if they delete the information from their profile.

• Choose a secure password. A password that your child can remember easily may be simple for a hacker to guess. Come up with a password that includes a mix of letters, numbers, and capitalization so it’s less vulnerable to attack.

• Encourage children to talk to you. Tell your children to let you know if someone online does anything to make them feel uncomfortable. If necessary, report the person to your site’s administrator. At the same time, talk about the need for your children to treat everyone with respect, online as well as in the real world.

Does VOIP Phone Service Make Sense For Your Business?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.
When we moved our office last month, part of the process included reviewing things like our telephone and Internet services.

Voice-over-Internet Protocol (VoIP) telephone service is basically technology that allows you to make and receive calls over data networks.

Instead of traditional phone services which channel analog signals such as the sound of your voice over copper wires, VoIP converts these sounds to digital form first—so that they can be sliced, diced, packaged, and routed over a digital network.

Because VoIP technology uses the same ideas behind data networking, and allows the use of the same networks used by computers, voice traffic can also be routed through the Internet as well.

Suddenly you can now dramatically reduce the cost of voice communications, as well as achieve creative combinations of both services to create new applications for use.

VOIP (voice over IP) services have really evolved over the past few years. In the past, I’ve been hesitant to use it because the service could be flaky – and since 90%+ of our business comes in by telephone, I wasn’t comfortable with something that wasn’t reliable.

Fortunately for small business owners, that’s changed. The service is now as reliable as service from the phone  company. And with the ubiquity of high speed Internet service, call quality has improved to the point of being indistinguishable from the old telephone network.

Our switch to VOIP provided two significant improvements over the service we used before.

First, we increased our telephone line capacity and coverage. We’ve added telephone numbers for our client’s in Toledo, Dundee, and the downriver area to be able to call us locally.

Second – and perhaps more importantly – we’ve cut our  telephone costs in half.

Cost and coverage were my primary concerns when looking at a move to VoIP services. Here are a few reasons you may want  to consider switching to VoIP for your office:

You can make and receive calls from multiple devices – for instance, on a dedicated phone, your PC via a software-based phone, or even a mobile phone with VoIP capabilities.

It’s easier to add extensions to your phone. You can provide a local number or extension for all your staff without  additional costs or cabling.

VoIP allows your employees to be more productive and  efficient by giving them the ability to receive and make  calls anywhere with a data connection.

You can use VoIP as a tool for real-time collaboration along with video conferencing, screen sharing, and digital white boarding.

You can potentially unify your communication channels,  streamlining communications and information management—for instance, marrying email with fax and voice in one inbox.

You can employ presence technologies that come standard with VoIP phones and VoIP communication systems. This technology can tell colleagues about your presence or give you info on the status and whereabouts of your staff.

Saying Goodbye To An Old Friend… Would A New Workstation Boost Your Productivity?

Many people find it hard to let go of that old workstation that seems to be “working just fine.” But, ask yourself: Is it really?

Most people recognize that, as their machine ages, it seems to get slower and slower.

A fresh install of Windows generally makes the computer speed back up to it’s “like new” speed.

But as we rely more and more on our computers, laptops, phones, and tablets to be productive in our work, does working at that original speed still make sense?

If it isn’t broken, don’t fix it?
Why is it a bad idea to have the “if it isn’t broken, don’t fix it” mentality when it comes to your computer?

For starters, you’re wasting your money doing so. If a computer is past its normal lifecycle then it really doesn’t make any sense spending the money to continuously bring it back to a like new state as far as the software goes because the hardware is still very outdated.

In general a desktop computer’s useful life span is roughly three to five years providing you purchased a mid-range computer and not the bottom of the line model.

For laptops you get slightly less useful life span out of them due to the fact that a mid-range laptop is generally not as good of hardware as a mid-range desktop.

The other reason a laptop doesn’t tend to last as long is the fact that it is constantly being moved around.

This constant movement, shaking, vibrating, dropping, etc. causes a lot more stress on the hardware in comparison to a desktop.

Due to the different factors involved in a laptop’s life cycle, a laptop’s useful life is roughly two to three years – perhaps slightly longer if it is well cared for.

Software updates may require PC upgrades
Another reason to think about workstation replacement has to do with the software you run on your machine.

Many different software companies offer updates to their software.

Some updates offer fixes to problems or security issues, but many updates also offer new features or updates to old features.

These updates sometimes include a better graphical interface that makes a program easier to use.

Generally, these types of updates have higher computing and speed requirements. Many industry specific software companies put out these types of updates, and they’re great!

Who wouldn’t want a more attractive user interface that functions better and offers more options?

The problem: Updating/upgrading software requires more system resources almost one hundred percent of the time.

If you’re the kind of person that likes to hold on to your workstation forever and never update it, but wants those nice software updates, you might see performance problems.

While your software is updating it needs more RAM, more CPU power, and in some cases, more graphical capacity to run to the new software properly. A lot of times, users don’t realize that with new features come new requirements.

In short, if your computer is over five years old, consider replacing it, particularly if it’s a laptop. A faster workstation will help you with updated software, and keep up with your busy workload.

Feature article written by: Tech Experts

How To Keep Your E-mail Off The “Naughty” List

Someone’s making a list and checking it twice, but it isn’t Santa. Due to rising e-mail abuse and spam, hundreds of servers at various companies now monitor e-mail accounts to make sure those accounts are not sending out mass e-mails.

If that e-mail account is assumed to be sending spam it is put on the “blacklist.”

Once on the blacklist, your e-mail account is virtually SHUT DOWN because your e-mail is blocked by hundreds or thousands of servers and your message can’t be delivered.

Big companies who give out e-mail addresses like AOL, Google, and Comcast, for example, will cut off e-mail service to anyone who sends an e-mail to a large number of people at once.

Because of this, even if you or your employees innocently send a message to 100 of your clients, you could be without e-mail for days or weeks.

So, how do you prevent this costly and frustrating downtime from happening to you?

Read these tips to find out:

Protect Your Server
Spammers LOVE to find e-mail servers that don’t have a proper firewall, anti-virus, and intrusion protection.

They get a high from hacking into these servers and then using them to send out thousands of e-mails. Plus, with no protection in place, tracking and catching these spammers is nearly impossible.

The right protection will also prevent malware from being installed on your server, which can automatically send spam without human interaction.

Don’t Allow Employees To Forward Messages
Unless it is for work –only related purposes, make a policy that no one is to forward messages like jokes, photos, or videos outside the company.

If just four of your employees send out this kind of an e-mail to 30 of their contacts, that’s well over 100 people receiving junk mail on the same day from the same e-mail server. This puts you at high risk of being blacklisted.

Have Your Clients And Prospects “Opt-In”
Sometimes companies end up on the blacklist because someone on your list complained and reported your message as spam.

If you have your clients and prospects agree via an opt-in form that they want to receive communication from you and confirm their permission, then you’ll have better protection against that.

Also make sure you keep good records of these optins. That way, even if you do get blacklisted, you should be back up and running fairly quickly.

Make Sure Your E-mail Is Set-up Properly
In addition to protecting yourself from hackers and invasions with software and firewalls, you also need to be sure that your e-mail is configured correctly and set-up to block outside relays.

If you’ve got the wrong setting in your e-mail account, you could wind up blacklisted, without any e-mail for days or weeks.

Keep Your E-mail List Up-To-Date
If someone asks to be removed from your list and you ontinue to send messages to him, the chances of him reporting your company as a spammer is pretty high.

Avoid this by using in-house lists (instead of purchasing one) and contracting your list to verify the information.

We use and recommend iContact. They’re excellent commericial email service. To sign up for a free trial, or for more information, go to: http://icontact.extole.com/a/clk/37L8x

Beware: Online Banking Phishing Schemes Are On the Rise

Banking online is a convenient and time saving way of managing and keeping track of your company’s finances.

Weak security practices, though, can make it more possible for cyber-thieves and hackers to steal your hard-earned money. It is important to make sure that all possible steps are taken to safeguard your company’s finances.

Online banking is a tool that many businesses utilize because of the ease, efficiency, and convenience it offers.

It’s a great way to manage finances in your day-to-day operations. Unforunately, as more businesses turn to online banking, cyberthieves and hackers who target small companies are becoming more adept at stealing from companies online.

Security experts are urging companies to beef up their security systems to keep them safe from cyber and identity theft.

The more companies rely on the Internet, especially when it comes to managing finances through online banking, the more prudent it is to take steps to prevent that hardearned money from being stolen or diverted to someone else’s account.

One tip experts give is to establish proper protocols for transacting with the bank, such as requiring two people to verify a transaction before it is approved.

This helps create a checks-and-balance system that hackers can’t bypass.

Having a dedicated workstation used for only online financial transactions is also recommended, as this lessens the likelihood of it being infiltrated by Trojans, viruses, spyware, and other malware that may come from the machine being used for other purposes.

Having the right anti-virus and antimalware software – and keeping it updated – also goes a long way in keeping your online banking transactions safe from unfriendly eyes.

Your finances are the lifeblood of your business. If you’re interested in how you can make your online banking experience more safe and secure, we’d be happy to sit down with you to discuss security solutions that are tailor-fit to your specific requirements and needs.

Give us a call at the office, (734) 457-5001.

Top 5 Reasons To Be Thankful For Technology

When you’re looking back over the last year at what helped make for a good year, technology will definitely make the list!

Giving credit where credit is due, here are the top 5 reasons why we should be thankful for all the new technology we used this past year:

1. It allows us all to be more “earth-friendly.”
Thanks to e-mail and the Internet, as well as document imaging, we can all communicate with each other without having to waste paper and ink, not to mention stamps!

2. We can instantly access information on practically any topic we want, whenever we want.
If you need to find a Mexican restaurant within a mile of your location, you can not only find one, but also check out the menu and order online so your food is waiting for you when you get there!

3. It keeps us in touch.
Although it can easily be argued we’ve gone too far in this department, cell phones, blackberries, and even online forums (blogs, Facebook, MySpace) have enabled us to find and stay in touch with more people more frequently.

4. It saves us time and money.
Nothing has done more for the consumer than the Internet. In minutes, you can search and compare various products and services without having to make a phone call or get in your car. Plus, you can order just about anything online and have it shipped to your door.

5. It’s a great scapegoat for any number of mistakes you’ve made.
Missed an appointment? Blame your system being down. Don’t want to talk to someone? Use the old, “I have no bars in this area,” excuse. Overlooked an important client’s request? Just tell them you never got the email!

What are WE most grateful for? Those of you that trust us to make all the computers and gadgets work the way they are supposed to!

Thank you for a fantastic 2011 – here’s wishing you and your family the very best for 2012!

For Small Businesses, Smartphone Security Is As Important As PC Security

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Although there aren’t any prevalent security attacks or threat mechanisms associated with smartphones in the market today, security vendors and analysts are urging mobile device users to use security best practices on them, just as they would with their computers.

With recent advancements around mobile devices and technologies, particularly smartphone devices, more and more people are staying connected both in the home and office environments.

Analysts at Forrester Research, a leading authority on security in the small business IT space, say the new breed of smartphones, such as Android and iPhone-based devices, are built on operating systems that are “fairly-well locked down.”

However, although they said using these types of devices are generally safer than PCs because malware can’t run on them (yet), there are still privacy and data risks to be aware of.

GPS hacking is just one concern – a rogue phone application sending your location to an outside service without your permission.

Privacy-related issues will emerge as third-party “fake” applications access more of your personal data.

These would be apps that look legitimate, but are designed to steal your personal information.

Fixing this type of issue will be simpler than a PC, though: The operators of the “app stores,” (Apple and Google) can find the offenders and remove them from the sites in a matter of minutes.

Security and privacy are a concern especially for users who bring and work with their personal devices in and out of the workplace.

The safety of the data on those devices becomes an even larger issue.

Smartphones allow business owners and employees to be more connected with each other. Users are sending information via e-mails and through attachments, all of which are susceptible to loss or theft.

Smartphones that are used for business communication should be treated like office PCs when it comes to data protection. The security threat is there – you have to protect the data that’s on the device.

One of the biggest security mistakes customers make with their mobile devices today is that they fail to use even the most basic security protection methods such as passwords.

Most users don’t set up passwords on their mobile device because they think of their smartphone as just a phone.

But really, it’s a small, low-power computer that happens to let you make phone calls, too.

For small business, it’s time to start thinking of smartphones as another entry into your business’ data. If they’re used for business communication, they need to be monitored, protected and updated just like a PC on your network that attaches to your server and financial data.

Industry Standard Security Best Practices

Network security is a must in any network, but when it comes to a business network, there are a number of security standards and best practices that ensure you have control over your network.

Businesses in certain industries secure. Many different companies require different security standards; one organization for instance is the PCI (Payment Card Industry). The payment card industry has very a strict network security standard.

The below practices are fairly strict and will offer you a great deal of control and protection against data theft and network intrusion.

Modem
We will start from the outside edge of your connection of your network and work our way in from your modem on into client workstations.

The modem is probably the simplest device on the network – you can’t really secure it (beyond performing regular updates), but some ISP’s feature a built in firewall in the modem. This can be turned on or off to work in conjunction with your company’s firewall.

Firewall
The next item to take a look at is your router/firewall. Generally you would have a router that offers several ports you can connect to via a direct Ethernet connection as well as WiFi access.

This firewall will add another layer of protection for when your network connects to the Internet. When configured properly, you would block all unauthorized network connections. As far as protecting the WiFi goes you are best to enable MAC filtering.

Each piece of network hardware has a unique identifying numerical code, called a MAC address. Filtering by MAC lets you set up WiFi so that only devices you explicitly define are allowed to connect to your network.

Once you have MAC filtering in place, you can also encrypt network traffic and use a long secure password. Since the clients on the network will not need to type this password in all the time, it is best to make a complex password containing both capital and lower case letters, numbers, and symbols.

Another option to further increase security when it comes to WiFi connections is to set the access point to not broadcast it’s SSID. This will make it look to the normal person as if there is no wireless connection available.

Server
There are a lot of features that can be enabled at the server to further improve network security. The first item to review is the group policy. Group policy is part of the server operating systems that allows you to centrally manage what your client workstations have access to and how.

Group policies can be created to allow or deny access to various locations on your users’ desktops. You can get as granular as defining a group policy that sets standards on user passwords.

By default, Windows Server 2008’s password policy requires users to have passwords with a minimum of 6 characters and meet certain complexity requirements.

While these settings are the defaults, generally 8-10 characters is recommended as well as mixing upper and lower case letters, numbers, and special symbols. An example of a complex password might be @fF1n!ty (Affinity). This password would meet all complexity requirements and is fairly easy to remember. Passwords should also be forced to reset every so many days. A good time period is roughly 30 days.

One other possible option is to have firewall software installed on the server itself to regulate traffic in and out of the server.

The nice thing about having a firewall on the server itself is that you have the ability to log failed connections to the server itself as well as what that connections is and where it was coming from.

This feature alone gives you a lot more control over the network. For example if you noticed in the firewall logs on the server that a connection you didn’t want getting through was making it to the server you can go back and edit policies on the router/firewall to attempt to further lock down your network from that point as well as blocking it at the server.

One final quick thought on server security is physical security.

Generally it is a good practice to have the server physically locked in a room that only specific people have access to. If you really wanted more control as well you can have the server locked using a system that logs who comes in and out of a room via a digital keypad and their own passwords.

When it comes to your workstations, employees should only be logging into the workstation via their domain login and not using the local admin login.

This will allow you to centrally control via group policy what they can access like stated above. You can also configure roaming profiles so that if someone was to steal a physical workstation they would not have access to any company information as it would all be stored on the server and not that workstation – which is another great reason to have your server locked up.

Employee logins to workstations should also have account lockout policies in place so that if a user attempts to login too many times with an incorrect password, the server would lock them out on that workstation for a time period set by the administrator. One other item you could have in place for various employees is specific time periods their credentials will allow them to log into the systems.

One final step in network security is having good antivirus software installed on your workstations and your server. A compromised machine can be giving your passwords and information away to hackers making it possible for them to waltz right into your network undetected.

You are best protected by having as many of the above security steps configured and working properly on your network.

Determine what your network needs, evaluate the practice after it has been in place for a month and make the proper adjustments to ensure your network is safe. You should also preform regular security audits.

If you would like to see how secure or unsecure your network is give us a call and we can perform a network security audit for you and let you know where you stand!

Featured Article Written By:
Tech Experts