Here on earth, clouds are relatively simple phenomena: visible masses of water vapor making their way across the sky. But in the world of IT, “the cloud” is a bit more complex, referring to technology that allows businesses to take a more hands-off approach to managing their IT resources. And the “hybrid cloud” is rapidly becoming the most popular variety.
Hybrid clouds are a combination of private clouds (where data and applications that require tighter controls are hosted either internally or privately in the cloud space); and public clouds (which are operated externally by third-party providers with the express purpose of reducing a company’s IT infrastructure).
A recent “State of the Cloud” report indicates that 71% of all cloud users are now implementing hybrid cloud solutions, mainly because the ways in which they benefit small- and medium-sized businesses are so numerous. Here we’ve highlighted what we consider to be the 4 most significant benefits of hybrid cloud solutions.
Does your industry go through seasonal workload increases? With a hybrid cloud solution, you’ll be able to easily handle spikes in demand by migrating data from maxed-out on-premise servers to scalable, pay-as-you-go “servers in the sky” whenever needed, without incurring any extra hardware and maintenance costs.
Having the ability to choose between on-site/privately-hosted cloud servers and ones on the public cloud gives you more than just cost flexibility. It also gives you the capacity to pair the right IT solution with the right job, like keeping smaller projects on your local or private cloud, while utilizing the more robust computing resources on offer from the public cloud for your bigger projects.
What exactly does this common IT buzzword mean for your organization? In a nutshell, it means that the hybrid cloud allows you to “scale up” or “scale down” on an as-needed basis. So if there are last-minute demand increases that your hardware can’t support, or if you’re simply planning for future expansion, hybrid cloud solutions allow for on-demand increases or decreases in capacity.
Last, but certainly not least, are the security advantages of a hybrid cloud solution. SMBs are able to host within the private cloud their more sensitive data such as an e-commerce website or HR platform, while using the public cloud space for less sensitive data where it’s more cost effective and there is less likely to be major problems should there ever be a security breach.
SMBs can set up their hybrid cloud model in a few different ways, depending on their precise needs and the types of providers available to them:
- By employing one specialized cloud provider who offers “soup-to-nuts” hybrid solutions
- By integrating the services of a private cloud provider with those of a public cloud provider themselves
- By hosting a private cloud themselves and then adopting a public cloud service which is incorporated into their infrastructure
So as more of our customers’ IT infrastructure moves to the cloud, we’re adapting and developing innovative ways to maintain hybrid cloud environments. What this means for you is we’ve got the know-how to provide outright cloud solutions, or at the very least the expert consultation you need, to ensure that your day-to-day operations transition to a hybrid cloud solution without interruption and in a cost-effective manner. Contact us today to learn more about the benefits that the hybrid cloud can bring to your business.
According to several reports, the volume of malicious cyber attacks has significantly increased recently. And even though our devices have the latest network security systems, hackers have a cunning trick up their sleeves — social engineering. Unlike malware and other viruses, social engineering tricks people into divulging sensitive data to hackers. Unfortunately, businesses are also vulnerable to various social engineering tactics. As a business owner, you should be vigilant of these common scams used by hackers.
Phishing scams are perhaps the most common type of social engineering attack. Usually seen as links embedded in email messages, these scams lead potential victims into seemingly trustworthy web pages, where they are prompted to fill in their name, address, login information, social security number, and credit card number.
Phishing emails often appear to come from reputable sources, which makes the embedded link even more compelling to click on. Sometimes phishing emails masquerade as government agencies urging you to fill up a personal survey, and other times phishing scams pose as false banking sites.
What’s the best way to infiltrate your business? Through your office’s front door, of course! Scam artists can simply befriend an employee near the entrance of the building and ask them to hold the door, thereby gaining access into a restricted area. From here, they can steal valuable company secrets and wreak havoc on your IT infrastructure. Though larger enterprises with sophisticated surveillance systems are prepared for these attacks, small- to mid-sized companies are less so.
Quid pro quo
Similar to phishing, quid pro quo attacks offer appealing services or goods in exchange for highly sensitive information. For example, an attacker may offer potential targets free tickets to attend a sporting event in exchange for their login credentials. Chances are if the offer sounds too good to be true, it probably is.
Pretexting is another form of social engineering whereby an attacker fabricates a scenario to convince a potential victim into providing access to sensitive data and systems. These types of attacks involve scammers who request personal information from their targets in order to verify their identity. Attackers will usually impersonate co-workers, police, tax authorities, or IT auditors in order to gain their targets’ trust and trick them into divulging company secrets.
The unfortunate reality is that fraudsters and their social engineering tactics are becoming more sophisticated. Nevertheless, the best way to avoid these scams is knowing what they are and being critical of every email, pop-up ad, and embedded link that you encounter in the internet.
To find out how you can further protect your business from social engineering attacks, contact us today.
A number of clever, yet common techniques have been the basis for several social engineering attacks we’ve seen lately. Hackers are registering domain names similar to authentic domains in an effort to make the e-mail recipient believe that the sender’s request is legitimate.
These techniques can consist of one or more of the following:
- Homoglyphs – A homoglyph is one or more characters with shapes that appear identical or very similar. For example, a capital O and the number 0, a number 1 and lower-case l, a lower-case g and q, you get the idea. Believe it or not, it’s quite common for someone to mistake these letters for one-another when spoofed and replaced in a domain name. (e.g., ahrconsu1ting.com (yes, that’s a number one in place of the letter l))
- Transposition – Simply put, its swapping letters that are adjacent to one-another. most people won’t notice this in a domain name when quickly glancing at a senders e-mail address. (e.g., ahrconsutling.com)
- Repetition – Repeating one of the letters in the domain name (e.g., ahrconsultting.com)
- Replacement – Replacement of one of the letters in the domain name, usually with a letter in proximity of the original letter on the keyboard (e.g, ahrconsilting.com)
- Omission – Removal of one of the letters from the domain name (e.g., ahrcnsulting.com)
- Insertion – Inserting an extra letter into the domain name (e.g., ahrconsiulting.com)
So how is this used by phishers (read: hackers)?
- A hacker will research a company on any number of corporate information sites (Manta, Spokeo, etc.) to gather data about its structure, owners, website, email addresses, revenue, and any other publicly available information
- They will then privately register a domain similar to the target’s domain using the above techniques
- They will immediately send an e-mail from the CEO or President (or similar) to a mid- or high-level employee, preferably in finance, with an official-looking request
- The e-mail will typically request a money wire transfer or some other type of urgent monetary request be sent to a particular account or recipient
- The request may also have what appears to be an official-looking e-mail signature compiled from the information gathered above
Don’t fall victim to this fairly common attack, be sure to double check authenticity of e-mail name and domain name spellings.
When in doubt, make sure a verbal approval is acquired before doing ANYTHING involving company capital.
To read more about Malicious Social Engineering, see our other blog post: Can you expand a bit more on the threat posed by malicious social engineering?
ESPN recently reported that a laptop containing the medical records of thousands of NFL players was stolen from the car of a Washington Redskins’ trainer. And while the team released a statement saying no health information protected under HIPAA guidelines was at risk, the incident shows that EMRs are vulnerable no matter the size of your company. That’s why you need to have all medical records completely protected no matter where they are being stored.
And while the Redskins’ situation was bad, an NFL spokesperson did state that the NFL EMR system was not compromised and the league believes the thief was unable to gain access to the intercepted computer or its files. However, this does not mean the situation is resolved and the team is now in the process of informing every person who could be affected.
Not only is this embarrassing but the Redskins could also be vulnerable to civil lawsuits from players affected even if no HIPAA protected information was accessed. If this sensitive data had been breached the team would have faced a significant fine from the federal government in addition to these lawsuits.
According to Bloomberg Business News, a Massachusetts hospital was required to pay the federal government $850,000 for HIPAA violations last year after a laptop containing private health information was stolen. This event triggered a system-wide analysis which revealed several other areas of non-compliance. Not only was the hospital required to pay the fine, but it also had to invest heavily to upgrade their technology systems.
These two stories can serve as a valuable learning tool for any organization that stores documents or files that are regulated under HIPAA guidelines. For starters, it is important to understand that while email threats like phishing are very real and dangerous, the easiest way for a person to gain access to medical records is to simply take the device they are physically stored on.
That is why it is absolutely vital to have any device, be it a smartphone, a computer or tablet, password protected and encrypted should it store or transmit medical information of any sort. This, however, is simply the bare minimum and you might want to consider additional security measures such as two-factor authentication to add an extra level of protection to your devices.
Another thing to consider is storing your EMR data in the cloud. When files are stored on the cloud, it means you have complete control over who is able to access these documents and where they can be accessed from. In the case of a missing laptop, once it has been reported as lost, you can immediately block it from retrieving any files and perform a remote wipe which will erase anything currently stored on it.
It is important to remember that every device, even those at companies that use the cloud for document access and storage, still need to have strong passwords and encryption in place. Also, it should be noted that transferring HIPAA-protected data to the cloud is a process that must be handled with care. There are several things which must be addressed to ensure your data is protected in line with all government regulations. Bringing in a cloud service provider who specializes in HIPAA storage can make this process a smooth one for you, your staff, and your patients.
Need help protecting your EMR? Interested in learning more about utilizing the cloud to store your documents? Contact us today. We’re experts in HIPAA-related matters and will guarantee your information remains safe and compliant.
Following the let-down that was Windows 8 and 8.1, Microsoft is keen to impress – so much so that it’s skipped number 9 and jumped right to Windows 10. Now the new operating system’s release has been confirmed for July 29, and Windows-based small businesses are clamoring to try out its impressive new features. Here is the rundown of the things you need to know before you spend your fall upping the ante with Windows 10.
You can get it for free
They say the best things in life are free, and that might just be the case with Windows 10. Microsoft has kept its word about making its newest operating system free to access – at least if you’re currently running an authentic version of Windows 7 or 8.1, its two most recent releases. You’ll enjoy a free lifetime upgrade to Windows 10 provided you make the move within the next year and, better still, it’s an automatic upgrade directly from your existing Windows 7 or 8.1 interface. If you’re running an older version of Windows, you’ll need to make a fresh install and you’ll also need to pay – the various available versions of Windows 10 are expected to retail starting at $119.
It’s being launched in phases
Although the official release date was July 29, in reality Microsoft pushed out Windows 10 in a phased launch. This explains why you might not have been prompted for the Windows 10 on July 29 itself – instead, Microsoft has made the new operating system available to desktop and laptop users first, and only later to mobile and other devices. What’s more, the firm already has its next move in the pipeline. Upgrade and update plans for Windows 10 are anticipated to be on the way in two phases, in June and October 2016. But we are expecting these changes, codenamed Redstone, to come in the form of more minor tweaks to the Windows 10 infrastructure rather than a full overhaul.
It’s the last you’ll see of Windows
Microsoft has made no secret of the fact that it sees Windows 10 as the operating system’s final release. But that’s not quite as ultimate as it sounds – this is not really the end of Windows. Instead, what we’re seeing is the transition of Windows from a product to a service. Microsoft envisions a future where, instead of major new versions of Windows emerging every few years, there are regular improvements and updates – far beyond the Windows Updates that we know at the moment.
It’s likely that version numbers will come to play far less of a role in system updates in the future – in much the same way as mobile apps operate, we’ll instead settle into enjoying a frequently updated service that incorporates the latest features Microsoft has developed. And while some have expressed fears that this could lead to home and business users being tied into a subscription model in order to stay up to date, Microsoft appears committed to ensuring that ongoing upgrades are free.
Ready to make the leap to Windows 10? Want to find out how best to make the transition with minimal disruption to your business? Give us a call and let us walk you through it.
At TECHLINQ, we clearly love technology… but even WE advise you to unplug from the hectic world and leave the gadgets behind while on vacation. Unfortunately, if you’re like most of us, you need to stay connected to some degree.
We’ve compiled a list of good technology practices and safety tips to keep in mind while traveling.
- Don’t bring your laptop! Try to use your smartphone or tablet instead to read emails, browse the internet, and access social media while on vacation. No need for the extra weight and risk of loss or damage. If you must bring your laptop consider the following before you leave on your trip:
• Make sure that your software updates and antivirus settings are up to date
• Back up all of your files and important documents
• Password protect your valuables with complex passwords that are hard to crack
• Encrypt important data
- Create a VPN so you can securely access your home network anywhere you go (this is especially helpful when visiting countries with censorship or internet restrictions).
- Avoid logging in to any public or shared computers and unsecured networks. Don’t let even the swankiest hotel lobby PC fool you! Public computers can be littered with malware so avoid logging into anything that requires you to enter passwords or personal information. To stay on the safer side, see if the hotel offers a WPA¬2 protected wifi network for guests that you can access on your phone or tablet.
- Make sure that your technology and gadgets are equipped with well-fitting protective gear. It helps to bring extra plastic bags to protect your gear in case of sudden downpours or unexpected moisture. There are also countless designs of waterproof cases you can also choose from if you’re going to be spending a lot of time near water.
- Back up your files often throughout your vacation. This will enable you to have enough room for plenty of new photos and ensures that each day’s memories will be safe! Not sure how to back up your files on the go? You can use SD cards, an external hard drive, a USB thumb drive, or if you have internet access, a cloud based service such as Dropbox, OneDrive, iCloud for Apple, or Google+ Auto Backup for Android phones.
- Pack a good quality power strip so you can charge all your devices at once. If you’re going overseas you’ll want to include a universal power adapter.
- Bring a portable cell phone charger. For a lot of us, our phones double as our digital cameras. A portable charger will give you a chance to charge your phone if you don’t have access to an electrical outlet.
- Make use of the countless apps created to make travel easier. There are apps to keep your devices secure with alarms, help you find locations with wifi, or apps that will allow you to explore the land like a local!
- Avoid roaming charges and high rates on your cell phone and use a wifi based calling system such as Skype or WhatsApp.
- This one might be the most important tip of them all. Make the best of your time and memories by opening your eyes to the world around you. After all, those are the moments that add to your life and make your vacation memorable.
When looking for Computer or Networking Support we advise businesses to investigate the “Critical 5”. This is an outline of attributes your IT Support company should possess in order to give you the best level of service and support. We’ve adopted these elements based on the best-practices we’ve seen employed by the most adept, committed technology firms in the industry. We regularly put ourselves to the test to see how we stack up against the “Critical 5”.
- References & Business Structure: Can they provide you with more than five client references? Do they have a strong and reputable business structure?
TECHLINQ is a highly service-centric and overwhelmingly referral based firm. We provide service for many businesses in northern New Jersey, and prefer to rely on our constantly growing client base to communicate their satisfaction with the quality of our services to others. TECHLINQ is also legally structured as an LLC in the state of New Jersey, has an A+ BBB rating, and carries full business and professional liability insurance.
- Longevity & Reliability: How long have they been in business, and what is their typical response time?
TECHLINQ was established in 1989 as a full-service technology consulting firm specializing in computer and networking solutions for small to mid-size businesses. With relentless innovation, we anticipate providing our exceptional proactive systems management well into the future. Typical phone response time for clients under a TECHLINQ plan is less than one hour, with emergency response available 24 x 7 x 365.
- Scope of Service & Process: Can they manage your company’s specific technology requirements, not only now, but moving forward?
TECHLINQ has a clearly defined “Scope of Service” document which outlines all of the hardware, software, and networking technologies with which we have proficiency. Prior to establishing any formal relationship, we conduct a thorough systems and network analysis so we may provide a proposal detailing our assessment and any associated recommendations and estimates. We are process-driven, and pride ourselves on our proactive approach to technology support
- Skills & Experience: What are their technicians’ proficiencies and certifications, and how long have they been in the industry?
TECHLINQ’s technicians all hold multiple industry-recognized certifications, as well as having proficiencies in the technology areas as presented in our “Scope of Service” document. Our founder and Chief Operating Officer has been a professional in the computer industry since 1986, and our technicians have an average of over 10 years of computer and networking experience.
- Authorizations & Affiliations: What manufacturer authorizations do they hold, and what affiliations do they maintain?
TECHLINQ currently holds authorizations from: Microsoft, Hewlett Packard, Lenovo, Dell/SonicWall, Cisco, Digium Switchvox, Symantec, Western Digital, Acer, Adobe, Netopia, D-Link, Intuit, ViewSonic, and many more. We are actively affiliated nationally with the Better Business Bureau (BBB), CompTIA, and the ConnectWise Partner Network, and regionally with the NJBIA, and the Tri-County Chamber of Commerce. Our COO regularly speaks on business technology issues and information security. TECHLINQ also periodically donates refurbished computer systems and peripherals to interested local charities.
If you are having difficulty staying on top of properly maintaining your systems, contact the experts at TECHLINQ to see how we can help ease the burden with an innovative TECHLINQ Support plan.
July 14, 2015 marks a major transition, this is the date Microsoft stops releasing critical patches and officially ends support for Windows Server 2003. While this date may seem distant, now is the time to understand that the end of support and the end of life of Windows Server 2003 means that your business needs to ensure that it has a plan to migrate the applications and workloads currently relying on Windows Server 2003 onto Windows Server 2012 R2.
Just to be clear, End-of-Support for Windows Server 2003 means:
We urge you to start your planning to migrate off of Windows Server 2003 and onto a platform that will provide you the security and reliability that you’ve experienced over the last decade with Windows Server 2003, with the added value of the features now included in Windows Server 2012 R2.
Delaying will only create additional expenses, and ‘rigging’ your environments to detect intrusion, inclusion of more advanced firewalls, network segmentation, and so on, to simply isolate Windows Server 2003 servers will only result in an environment that costs more, and is still out of compliance, and out of date. Not to mention the maintenance costs for aging hardware… you’re just delaying your opportunity to transform.
Now is the time to act.
Contact TECHLINQ to learn how we can help:
Discover and catalog software and workloads running on Windows Server 2003/R2.
Assess your inventory. Categorize and analyze the applications and workloads you cataloged based on factors that will help you make informed choices about priorities and urgency.
Target the right migration destination for each application and workload. Take the opportunity to learn how you can transform your environment with the robust capabilities and services offered in Windows Server 2012 R2. Different workloads and applications logically lead to certain configurations. Your choice will be driven by factors such as speed, ease of migration, cost, and desired functionality.
Migrate. Make a plan and begin to migrate. To help you plan, TECHLINQ will be happy to discuss migration options and how you can transform your environment more efficiently and with minimal disruption.
Please contact us to get more information and set up an appointment today.
This checklist will help you make and keep your PC more secure. Over time, security holes are discovered in all computers’ operating systems and the software that runs on them. These risks need to be patched to keep your system and personal information safe. We’re rolling this list out for the start of 2015, but recommend it be adhered to consistently.
- 1. Make sure your operating system is up to date
We recommend current systems have at least Windows 7 Pro 64-bit, which will be supported until 2020. If you’re running Windows 8.0, we highly recommend that it be upgraded to 8.1 to be sure you have the most secure version.
- 2. Check Windows Update settings
Verify that your computer is set to automatically download and install at least critical updates frequently. Better yet, have your updates managed by TECHLINQ to ensure not only stability, but compatibility and proper application.
- 3. Ensure that you have Endpoint Security software installed
Properly functioning and current antivirus/malware protection is a must for all PCs.
- 4. Check that you have a Security Appliance in place, or at least a firewall on your computer
An edge Security Appliance is the best way to provide comprehensive gateway security for your entire network. In addition, each PC has a built-in software firewall that should be enabled as well. Configuring the intricacy of these security devices and features takes specialized knowledge, can get very complicated, and is typically best left for technology security professionals.
- 5. Check what version of Adobe Flash, Adobe Reader, and Java you have installed
A surprising number of threats are borne from these three add-ins/applications. Always make sure you’re running the latest versions available that are compatible with your systems and applications.
- 6. Update or upgrade your web browser
Your web browser is the window to your Internet world. Maintaining them on the most recent versions is critical to maintaining the security of your systems. The “big three” browsers are Microsoft Internet Explorer, Google Chrome, and Mozilla Firefox. All three will give you similar experiences with minor differences in features, speed, and security profile, so choose what you’re comfortable with.
If you are having difficulty staying on top of properly maintaining your systems, contact the experts at TECHLINQ to see how we can help ease the burden with an innovative TECHLINQ Support plan.
One of the most popular gifts this holiday season is the tablet, and more specifically the Android tablet. Because there are so many different options to choose from, it can be difficult to actually choose the right tablet to give as a gift. To help, we came up with some important factors to consider before you purchase your festive gift.
Consider your budget
The great thing about Android is that there are tablets available for a wide budget range; from the ridiculously affordable, yet highly praised, Amazon Fire HD 6 ($99 on Amazon.com), to the top-of-the-line Samsung Galaxy Tab S ($350-$400 in stores).
Look at reviews online
There are a ton of websites dedicated to reviewing tablets and other mobile devices. Take, for example, the well-known Engadget or Trusted Reviews. Sites like these generally give a good overview of the new and most popular devices out there. Pay close attention to the criteria used though, as some review sites tend to only look at basics such as battery life and design, without going too deep into the actual usability.
It is also important to look at actual user reviews. A great place for this is Amazon.com, as almost all reviews of devices on the site are submitted by users. While some reviews may be overly positive or negative without actually revealing reasons, generally speaking they provide an accurate real-life picture.
What will the tablet be used for?
Many tablets offer special features and functions aimed at different types of users. For example, some offer increased security and encryption that is ideal for the business user, while others may offer features such as pen support which turns the tablet into a drawing pad. If the recipient is likely to be using the tablet for work, then your search should focus on specific, business-oriented devices.
Who will be using the tablet?
Tablets running Android 4.4 (KitKat) and Android 5.0 (Lollipop) have the ability to establish different profiles for different users. So, if you know that the tablet will be used by a variety of people then it would be best to purchase a tablet incorporating either of these versions.
If you know that children will be using the tablet, there are a number of apps with features that set the tablet up for children. For example, some will block the Google Play store and any apps that are deemed unsuitable for children. It might be a big help if you install this beforehand.
What is the technical ability of the user?
It’s true that almost every tablet is designed to make it simple to pick up and figure out, but some tablets are aimed more at specific users than others. Take for example Google’s Nexus line, which is aimed at users who want a tablet with the most up-to-date software. Users with more tech experience generally find the Nexus line more preferable.
Other tablets come with super simple setups and many popular apps pre-installed, which could make them more suited to users who may not know much about Android, or simply just want to pick up their tablet and go.
Look at durability, and features
As with most tech-related purchases, you generally get what you pay for. So, if you want a tablet with top-of-the-line features like a great display, fast processing speeds, and LTE/Data connections, you are likely going to pay more.
A good starting point is to look at the questions you answered above about who will be using the device and what they will be using it for, then look for a tablet with those features and positive reviews. While it may be tempting to stick with brand new tablets only, be sure to look at those released in the past year as well. For example, the terrific Nexus 7 tablet (2013 version) is still a great option for many users, not to mention the fact that it is available at an affordable price. Manufacturers like Samsung also have a number of great tablets available with a wide variety of features.
Almost above all else, the overall durability of the device is important. If you purchase a tablet with flimsy construction, there is a good chance it will break or fall apart easily. Online reviews often focus on the build quality, so these could be a good starting point. Also, going to the store and physically trying the devices can go a long way in helping you choose the best one.
If you are struggling to find the perfect tech gift or Android tablet this holiday season, contact us today to see how our experts can help you find exactly what you need.