Are You Leaving The Backdoor Open For Cybercriminals?

Are You Leaving The Backdoor Open For Cybercriminals?

We’re becoming connected like never before. With our mobile devices, we can control just about everything with a swipe and a tap of our finger.

And we like it that way.

Smart homes and smart buildings are allowing us to control everything from our heating, lighting, and air conditioning, to our most sensitive customer data. All with nothing more than standard Internet access.

A recent survey showed that almost half of connected things in our homes are based on smart technology.

It all has a “coolness” factor to it. To be able to control anything from anywhere, it makes our lives easier. Unfortunately, few of us consider the potential cybersecurity risks that come along with it.

Imagine for a moment, a cybercriminal gaining control over the device that controls your building’s data center temperatures. Fans shut down. Servers overheat. The climate within the building becomes unbearable.

Bad, right? But it gets worse.

From there, they may also have a backdoor into your company data. They gain access to client files, sensitive data, financial records and more.

We understand it’s important to password protect our computers at work, the mobile devices we carry with us every day. But if a cybercriminal can bypass all of that easily and enters through an app controlling the lighting of your building with just a click of a button, your risks increase substantially.

There is no easy way to patch a system already in existence. To reduce vulnerabilities and create a smart building security plan involves thought and action on every level. Basic steps include:

Employing secure engineering and coding practices from the beginning with every system you build or third party program you buy into.

Scanning the application regularly to identify flaws as they are being used.

Implement IP address restrictions that allow building automation through standard mobile devices.

Stronger network security rules to be applied and used on all devices used within your company, including on location and remote employees.

Cutting Through The Jargon Of The IT World

Cutting Through The Jargon Of The IT World

The influence of the Internet on the world of business continues to change on a daily basis. In fact, it sometimes changes so fast, it’s difficult to keep up with the pace.

New concepts are always being developed. Acronyms and buzzwords are now a normal part of most conversations.

Yet with it all brings an abundance of confusing, misunderstood, or sometimes just not understood ideas. And that can be frustrating if you’re not speaking the same language as those around you. If you ask for one thing and receive another, all because of misinterpretation of what a buzzword really means, that’s a breakdown in moving a business forward.

APIs are one of many examples. API – application programming interface – are tools for building software and applications. They provide the interface between software and other applications that allow third-party programs to access the data and use it in a way that maintains its own internal integrity, and remains highly functional together.

A good example would be using the Google Maps API. In fact, you may use it already on your own site. It allows businesses to layer data (maps, reviews, ratings) on top of Google’s location-based information, and combine it with your own data for ease of use for your visitors and customers.

Cloud computing can also be misunderstood. Cloud computing is a general term used for the delivery of hosted services. It essentially has enabled companies to consume Internet and computer resources as a utility, paying for the ability to use the service rather than having to purchase the entire program or part. It gives businesses the ability to pay per use, buying resources only when you need them most.

Cloud services should be on-demand, accessible anytime and from anywhere. They are resources that can be used to serve many customers, often with rapid scaling of capabilities depending on the services you purchase.

Within the cloud computing world, you’ll find delivery comes through as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).

Software as a Service (SaaS) – think of it as on-demand software. It’s a software licensing and delivery model in which software is delivered on a subscription basis and is centrally hosted.

Platform as a Service (PaaS) – it provides a platform that allows customers to develop, run and manage applications without having to build or maintain the infrastructure associated with developing and launching an app.

Infrastructure as a Service (IaaS) – is a third party provider that hosts hardware, software, servers, storage and other infrastructure components on behalf of its users. They host users’ applications and handle tasks including system maintenance, backup, and resiliency planning.

As computer systems become faster, more powerful and more intelligent, you’ll find more artificial intelligence systems (AI) capable of answering questions you provide it. AI systems today are cognitive by nature because they use existing knowledge to develop new knowledge.

You may have become intrigued with AI technology after Watson won the quiz show Jeopardy! several years ago. But that’s just the tip of the iceberg of what AI can do. You’ll find AI assisting you in everyday applications, just ask Siri. AI is transforming health care as we know it. AI can even laugh at your jokes and be a friend.

And this is just the beginning. How are you incorporating technology into your business?

What Being Cloud Based Means For Data Recovery

This was the year you made the switch. With a lot of effort, you switched your entire structure to a cloud based system. And things are running smooth.

You are happy with a cloud based business model. The benefits are many. No longer do you have to worry about servers being in your office. Your data is virtual and distributed.

Unfortunately, a lot of managers fall into the trap of thinking out of sight, out of mind. Once a cloud provider is chosen, the upkeep is in the provider’s hands. No more worries on your part. What could possibly go wrong?

While moving to a cloud based system brings a number of advantages to your business, keep in mind that many cloud based systems offer no guarantees of availability or recoverability. Clouds can go down, data can be lost, connections between applications can be broken. It’s technology.

Instead, the cloud merely changes your approach to data recovery. You had a data recovery plan in place with your traditional, on-site system. That need won’t change as you switch to a cloud based system. Without a cloud based recovery plan in place, it’s not a matter of if, but when a disaster will occur.

Ask most business managers what their greatest risk of having to activate a data recovery plan is and you’ll most likely see natural disasters at the top of the list. Yet reality tells a different tale.

Hardware failures cause the biggest problems, occurring in about 55 percent of all downtime events. Human error is next at about 22 percent. Compare that to natural disasters occurring only about 5 percent of the time.

Before cloud computing, creating a data recovery plan usually meant backing up to either tape or disk. And while it worked for the times, there were obvious drawbacks. It’s difficult to set up, difficult to keep up to date, and may be difficult to recover entire distributed multi-site workloads. And disks aren’t necessarily secure.

The cloud has changed everything. Through virtualization, the entire server can be captured and copied or backed up to an offsite data center within minutes. This includes the operating system, applications, and all data in one convenient package. You can take it and store it multiple places, anywhere. And because it is encapsulated into one bundle, recovery times can be improved drastically over load times of more conventional approaches.

Sounds easy? It can be. But only if you create the plan before you have the need, and make sure you implement it and keep the process active on a continual basis.

With a little bit of work and advanced planning, you can be protected against almost anything that can deter you from running your business efficiently in the cloud. Not sure how to set it up? That’s where we can help.

Does your company have a cloud based data recovery plan?

The Internet of Things: How It Impacts Your Business

The perfect storm is brewing. It’s building no matter where you live or what you do. Geography no longer matters.

Instead, the perfect storm is being created by anything that has an on or off switch. If it can be connected to the Internet, or connected to something else, it has an impact. Cell phones, tablets, televisions, garage door openers, furnaces and coffee makers all make the list. So do jet engines, automobiles and cash registers.

When connected, it produces an estimated 26 billion links around the world.

Yes, that’s how you define the Internet of Things. A vast network of connected “things” that provides an ever-growing connection of people to people, things to things, and people to things. And it’s growing smarter every day.

There are many instances of how this looks in our lives:

  • Your FitBit talks with your smartphone to track your daily activity
  • Your tablet controls your thermostat, alarm system and lights

Even if you haven’t graduated to using this type of technology yet, you will in the coming months and years. And it’s going to change the way we do business in a big way.

Products will become smarter

No longer is a product just a standalone product. Companies will have to incorporate technology into everything to make it all work together. Sports equipment, for example, will track every movement you make, and provide you with data on how well you did and how to improve your performance.

Smarter products will lead to smarter decisions

As sensors become smaller and can be attached to more things, it will allow businesses to track at deeper levels to make better decisions. Imagine being able to connect sensors to all high-level pieces of equipment, being able to detect malfunctions from the moment they occur. Not only can this add to the longevity of the equipment by being able to fix and replace on a faster timetable, but it can also thwart significant problems in things like jet engines, preventing dangerous and life-threatening hazards in the process.

Smarter decisions will change business models forever

As businesses adjust to new levels of connectivity, they will find their business models changing before their eyes. What if a heart surgeon suddenly finds wearables make his patients more aware of their conditions and better able to control their own health? Would he move from solving problems after they occur into a business model where he helps teach heart wellness instead?

Other similar business models are sure to emerge. And as one thing changes, the impact behind it will surely change tenfold.

Risks. Rewards. 

The most important thing to do right now when considering how the Internet of Things will impact your business in the coming months and years is to think bigger. The more you understand, the more you can put into place. The more you learn, the better prepared you will be.

The future is coming. Will you be ready?

How Artificial Intelligence Will Impact Business

How Artificial Intelligence Will Impact Business

Steve Wozniak. Elon Musk. Stephen Hawking. The list reads like the Who’s Who of people at the top of their fields.

What do they all have in common? They all have a deep commitment to integrating artificial intelligence safely into our world. They’ve even signed a letter of commitment to prove it.

But what does that mean for us, businesses and consumers that are simply trying to do our jobs as best as possible?

Artificial Intelligence is defined as the simulation of human intelligence processes by machines, especially in computer systems. These processes include a variety of human functions, including learning, reasoning, and self-correction. It’s quickly playing a role in all kinds of activities, from speech recognition, translating, and visual perception. We see it in our everyday lives.

Look no further than your phone to see AI in action. Ever ask Siri on your iPhone for a restaurant nearby? Or ask Cortana on your Android for directions? That’s AI helping you out with your everyday tasks.

At this point, our mobile devices are still primarily being used for status updates, texts, and selfies. But as artificial intelligence continues to become smarter, we see all kinds of ways to put it to use. Siri, for instance, can become your built-in assistant, and become smarter with each request you make. You no longer have to do some of the most repetitious parts of your day. Like copy/paste. Or switch back and forth between platforms to perform basic tasks. If Siri anticipates your moves, she can make them for you, saving you valuable time.

But of course, that’s only the beginning.

Imagine being able to upload an image and having everything about that image be instantly recognizable. Facial features can be analyzed and tagged, so it’s easily transferable to your social sites. And the image can also be analyzed for what is happening in the photo, creating copy that mirrors the actions in the image. It may not be perfect … yet. But AI is adding sophistication to the programming, and it’s only a matter of time before it’s a seamless process that requires little interaction from you, the user.

And of course, this is only the tip of the iceberg. Artificial intelligence doesn’t end with mobile and social media. In fact, it’s being used in every aspect of our lives.

It’s important to remember that AI is only in its infancy; it has many problems that still need to be worked out. Such as the axiom of AI being used for good versus evil. AI currently still acts randomly based on a limited number of predetermined, programmed conditions. But as AI becomes smarter, more opportunistic with the way it thinks, it can fall into many different hands for many different purposes.

Amazon, for instance, uses a machine learning service that analyzes results from data, based on its own internal algorithms, to predict customer spending habits. This concept can be transferred and used in other businesses in a variety of ways. If you can gain better insight into behavior, you can use it to produce AI that will help guide the critical decision-making process.

But what if the not-so-good use that same prediction model to learn your online search behavior, and use it to gain your trust to get access to your most private information?

While AI will continue to grow and be put into use in a variety of ways, it’s the threats that also have to be monitored along the way. When something is developed for good and has the opportunity to improve our lives, there are always threats that exist to use it for bad. Threat modeling, threat prediction, and threat analysis are all ever-growing challenges in the world of IT.

And if you don’t begin to take the necessary steps now to counteract what’s coming, the future may impact your more than you can imagine, sooner than you think.

Shopping For EHR Software

How are you going to improve your practice in the coming year?

Because of how fast technology changes, it is estimated that 30 percent of all current EHR users will be interested in upgrading and replacing their current software as they look for more features, more convenience.

If you fall into that category, where do you begin? After all, everyone has an opinion on what makes EHR software worth the investment.

EHR manufacturers will not have the same opinion as the head of your company. The CIO will not have the same requirements as an office manager. Needs are based on what helps you do your job more effectively, and that runs different from person to person.

Yet purchasing EHR software isn’t the same as downloading the coolest app from iTunes or Google Play. EHR software is expensive. It’s something you may bring into your business and continue using for years to come.

Do you really want to make that selection on a whim?

Instead, the best place to start is with a little guidance. After all, every program can sound amazing when you look at the way marketers write up the sales copy. In the long run, you want the best software for what you do. And that starts by defining your plan of action before you tackle making a decision.

Create a clear plan

Start by clearly defining how the new EHR program will be utilized every day. Make a list of everyone in the office who will access it, what their requirements are, how they will use it, and what would most benefit them. How an office manager uses it will not be the same as how a physician uses it. Make sure you understand the nuances of each.

Include every opinion

Never guess at how people will use a system. Ask them instead. Be sure to include everyone in the decision-making process, verifying all of their user requirements. This means sitting down with each staff member and figuring out what matters most. This can help you avoid the flashy features during the demo phase.

Separate necessities from desires

When you start questioning staff members, it’s easy for them to start dreaming of potential. It’s also easy for some to cover up certain processes that would greatly enhance productivity, yet they are holding back out of fear of the unknown. Be willing to change business processes when better features are available that can aid in both the way the office runs, and also how you communicate with your customers.

Make your essential list early

There are some features that are essential to any EHR software you purchase: HIPAA compliant security, physician and patient scheduling, billing functionality, e-prescribing. There are also non-essential items that can improve productivity: mobile access, patient portals, voice recognition for dictation. Make sure you separate the two and select a program that truly has what the office staff will use most.

Don’t get overwhelmed

Do a quick search and you can easily come up with a dozen or more contenders to add to your list of possibilities. Each highlights something different; each has it’s own way of moving to the top of the list. It’s difficult to stay objective and not become overwhelmed with the bells and whistles. Use simple criteria to eliminate the majority of them as quickly as possible, weeding your list down to a more manageable three or four. Only demo at this level because the features will quickly start blurring together if you look at more.

Also, be sure to have a standardized scorecard for comparing the different products. Look realistically at how each software program handles each individualized task. Don’t get distracted by the flashy features a salesperson may try to sell you on. Instead, put your emphasis on looking for what your staff wants and how you can give them the full package they will use the most.

This can be a difficult process. It’s easy to lose sight of what is truly important. Sometimes having an impartial expert on your side can help you weed through the potentials and help you focus in on the best solution for your office.

That’s what we’re here for; just give us a call.

Is A Remote Wipe Policy Good For Business?

Is A Remote Wipe Policy Good For Business?

It’s a dilemma that faces business managers every day.

When they bring in a new hire, somewhere in the midst of the paperwork is a clause about the internal Bring Your Own Device (BYOD) policy. It gives the company the right to remotely wipe a lost or stolen phone or tablet, or to wipe any company related data at the moment an employee leaves.

But do people really understand the implications of what they are signing? Studies show the answer is no. Personal is personal; business is business. Yet when the two are co-mingled, the rules suddenly change.

As more organizations adopt BYOD policies as employees acquire a wide variety of smartphones and tablets for every day use, stricter guidelines must occur to keep company data safe. Yet for many employees, they worry equally about the personal data that invariably makes its way onto their devices.

Which is where the trouble begins.

As an organization, there are three basic reasons for wanting to remote wipe the contents of a mobile device:

  • The device is lost or stolen
  • The device belongs to an employee who quits or is fired
  • The device contains malware and security issues that are effecting the network

Time is imperative in all situations to keep the company data safe.

Yet when an employee highly values his or her personal data, they may delay telling the IT department of any trouble because they fear the consequences of losing all of their files. These delays cost businesses significantly.

In order to use remote wipes, three options are available.

1. Use your mobile provider

Every phone comes with a factory reset feature that will reset all user settings, delete all third party apps and return the device to its original factory settings. The cellular provider can explain the easiest way to execute this feature.

Most phones also have a feature that allows you to wipe your device even when it is no longer in your presence. If you have an iPhone, for example, you can register it with iCloud and use the Find My Phone app to wipe the device at any time. The key is enabling the feature before it is stolen or misplaced. Not the safest method, but it can be a good starting point to get employees to take ownership of mobile security.

2. Use encryption

IT can install an app that will contain and encrypt all data used for business in a special folder on the device. This can be useful because IT can access the container and make changes as they desire, while leaving the rest of the device content alone. This would give IT the option of wiping the entire contained section as needed, or in the case of an employee moving to a new department, delete and add new content based on requirements. This also provides an extra layer of protection as the device couldn’t be accessed without the proper authentication key in place.

3. Use outside software

There are many outside vendors that offer special programs to help IT manage data and devices, and in many cases are bundled with other services to make remote access easier. For instance, Microsoft Exchange ActiveSync (EAS) has a feature that allows users to request remote wipe to return it to factory condition. The downside of using systems like this is the device has to be connected to the Internet and turned on in order to wipe the data. This can leave the device at risk indefinitely.

No matter which policy is the right solution for your company’s data, the important thing is to keep your employees in the loop. If you stress you will never erase their personal data, they will be more likely to submit problems as they occur. If you stress how valuable the company’s data is, they will be more likely to take action.

What is your company’s remote-wipe policy?