Adobe’s PDF Reader is under fire from hackers due to a vulnerability which was detected within the popular software. This “critical vulnerability” has been identified in a limited capacity, and seems to be targeting “high value” computers, which may include financial computers. The effects of the vulnerability could involve simply crashing the program, crashing your computer, or allowing a hacker to completely take over your system.

An emergency patch is expected to be released the week of December 12, so remember to check for an update as soon as one is available from the Adobe website. Not all versions of these Adobe products have the software flaw and the following are the only ones reported to have the vulnerability:

• Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh
• Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh and UNIX
• Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
• Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows and Macintosh

We recommend you look for and download any patches for Adobe products that come about to ensure your version is more secure, even if it is not listed above.

It is always important to download updates for software and computer programs as they are released. These patches and updates are often released to help improve stability, security, and to ensure exploits in the coding are fixed. And regardless of the source, price, or age of the software, downloadable patches are essential to maintaining a secure computer free of malware and viruses.

Microsoft’s Windows Operating Systems constantly releases updates and patches for its software to help keep users secure from hackers and malicious programs. Apple also releases patches for its software, even though Apple is generally known to have fewer vulnerabilities with their software. Even so, many companies with programs on both platforms usually release patches for both.

Most programs these days will prompt you when there is a new update or patch available and some can even be set up to auto-install updates. Windows Updates is a built-in program within Windows which downloads and installs updates for you if you neglect to do so manually. While inconvenient for some to have the computer slow down during the installation, these are often valuable and essential patches that are more beneficial in the long-run. After all, it is better to take some time to install an update and reboot than it is to have to spend hundreds or thousands of dollars on removing the virus, restoring your data, or worse yet having valuable financial information stolen from your computer.

So remember to update and patch as soon as one is available. You never know what you might be allowing to have happen to your system if you don’t.

For those who have our Maintenance Services, the updates have already been applied. We proactively stay on-top of all outstanding issues and rigorously test all patches for stability issues and to ensure they will work for your system. Want to learn more about our Maintenance Services or our other services contact our representative today at: michaelo@onetechllc.com.

Reference: Zero Day Net

One Tech is producing a series of “How-To” videos for our web site to provide help in completing common tasks on your computer. We want to hear what you are interested in learning more about. If we use your suggestion in one of our videos, we will credit you and your company or organization in the video. Send your suggestions or questions to michaelo@onetechllc.com today!

We have all watched with great concern over the past several years as an increasing number of natural disasters continue to strike our fragile environment.  These disasters have caused significant damage and loss of life.  They include flood, earthquake, tornado, lightening and even the death/disability of key staff.  Of course there are many non-natural disasters as well.  These can include fire, terrorism, viruses, hackers, human error, intentional (disgruntled staff), electrical surges and hardware failures.

We have come to rely on our computer systems and the precious data they contain to the extent that if any of these events occurred in our area our livelihoods could be prematurely terminated.  For example, consider the operation of a hard disk drive.  The ‘heads’ that read digital data from the spinning platters actually float above the platters like an air hockey puck on an air hockey table.  The constant operation of the hard disk drive can provide for failures termed a ‘crash’.  This can certainly be a disaster if the critical data contained on the crashed drive cannot be easily recovered.  Consider these stunning statistics:

• Only 6% of companies suffering catastrophic data loss survive, while 43% never reopen and 51% close within two years – Source: University of Texas
• Roughly 70% of all successful attacks on computer networks were carried out by employees and insiders – Source: IDC Market Research
• 42% of attempted recoveries from tape backups in the past year have failed – Source: Microsoft Research
• Over 34% of companies do not test their backups and of those that tested, 77% found their tape backups failed to restore – Source: Storage Magazine
• 71% of all tape restores fail – Source: Gartner Group

Disasters are unpredictable by definition.  They are also self-multiplying – like rabbits.  One disaster frequently leads to another and so on.  The natural types are certainly more prevalent.  According to the World Almanac and Book of Facts, there were twice as many earthquakes in the 80’s and 90’s as the two proceeding decades.  And, the 2004 hurricane season was the 4^th worst in recorded history according to the University of Missouri-Columbia Climatologist.  I suspect the 2005 season will easily be the worst.  The trends in all reported events have more than doubled again just since the year 2000 according to the Centre for Research on the Epidemiology of Disasters.  This is not to mention non-natural disasters which are not tracked but can be just as devastating.  At the heart of these types of disasters are people.  Whether intentional or not, lapses in judgment or just plain human error can create significant stress when data has been destroyed or compromised especially if that data cannot be restored.

In recent years, I have been personally notified on two occasions by organizations I would place a high degree of trust in that my personal information had been compromised.  One incident was the loss of a hard disk in transit by a well-known shipping company and the other by theft of hard disk media.  I can tell you from personal experience the feelings of vulnerability that accompany correspondence like that.  Worse, I would hate to have to send such a letter to my clients.

Another well-known example happened in 2006 as a Providence health care systems analyst left a computer bag in a locked car which was stolen.  The bag contained 10 computer disks and eventually it was discovered that those disks contained more than 365,000 patient records.  That lapse in judgment was costly – in the millions of dollars for Providence health.

The widely publicized Conficker virus is estimated to have infected over 10 million of the world’s computers.  This particular piece of malware allows the hacker to literally view your keystrokes/inputs – go to your bank online and enter your username and password, your keystrokes are mirrored on the hacker’s screen.  The goal of these individuals is to steal your money.  It is estimated that the average income for some of these perpetrators is $30,000 monthly.  Many are celebrated by their communities as shrewd business people who have successfully stolen money from greedy Americans.  And, many write their malware from information published by Microsoft and other software vendors in the form of security bulletins intended to warn and provide correction for discovered security holes in their software.

Recently, news reports have highlighted the problem with hard disks inside of multifunction copy/scan/fax machines that are retired.  With little effort, images of documents stored during the machines use are pulled from these hard disks.  Used machines sell for a few hundred dollars with the real value contained on the internal hard disk.

Of course the best way to plan for a disaster is to avoid it altogether.  You’ve most likely already implemented some processes to avoid potential disasters.  For example, security systems and fire alarms on office buildings, security policies on critical data and backup processes to quickly recover from equipment failure.  In addition, most of the computer hardware prevalent today have facilities for redundancy of critical components like hard disk drives and power supplies.

Hosted vs. Managed

There are two options for accounting firm networks.  Either they can manage all their data processing i.e. purchase and maintain servers or related network equipment/software or they can have these facilities hosted – the so-called application service provider or ASP model.  Many firms are opting for the latter, the advantage being outsourcing of data protection and backup.  The disadvantage to the ASP model is the provider may not offer all the applications the firm needs or may be unwilling or unable to configure the applications they are hosting to the firm’s requirements.

Preparing for potential disaster is often procrastinated. This is a natural human tendency. It’s one of the important but not urgent activities. However, failure to prepare guarantees confusion and chaos if a disaster actually hits.

Consider the cost of un-productive staff for a period of say four days. Let’s say the firm has 21 staff billing at an average of $100 per hour and realizing 50% of that time. (I realize I’m being conservative in my assumptions). So 32 hours of downtime multiplied by $1,050 per hour (21 times $100 times 50%) equals $33,600. The value of that downtime can provide significant prevention resources. Think of how much you’ve paid insurance companies over the years – it’s the same principle. Perhaps you should afford more prevention than you think.

At a very minimum, you should evaluate your processes internally or have an outside security consultant perform an audit on an annual basis. You should also consider how the following techniques are being employed in your firm:

• Encryption – this is the process of scrambling the digital ‘bits’ of data such that they are unreadable by any device that does not have the associated decryption ‘key’. In the Providence example, had those 10 disks that were stolen been encrypted the notification to affected patients would have contained a huge mitigating statement of comfort that the data could not be read because the disks were encrypted.
• Backup – tape which has historically been the backup medium of choice has outlived it usefulness. Your current system should include a disk based backup device which greatly improves reliability and speed. In addition, modern disk based backup systems provide for encrypted backup images or snapshots, the ability to virtualize a backed up server from the image, perform ‘bare metal restores’ to dissimilar hardware and the capability to transfer encrypted backup data to offsite data centers. This removes the human error component of taking data offsite to protect against a facility and/or geo disaster.
• Data destruction – whenever a device is retired, all digital data its hard disks may contain should be systematically wiped by utilities designed to render it unrecoverable.

To begin your preparation for disaster, designate individuals in the firm to represent the rest by evaluating the extent of the exposure and designing a remediation plan.  Think about the types of natural and non-natural disasters that you are subject to and plan for each one in detail.  Take notes as you discuss what your response would be in each disaster scenario and then build your response plan based upon this brainstorming.  Then plan to test your plan with other co-workers.  Remember, a written response plan isn’t really effective unless it’s been tested and kept updated.  In your plan, assign priorities to functions as follows:

• Critical – Full recovery required within 24 hours (example: email communications)
• Urgent – Full recovery required within 72 hours (example: file and WIP/billing access)
• Important – Full recovery required within 30 days (example: employee records)
• Other – Recovery not required or recovery beyond 30 days (example: client files more than 7 years old)

For additional resources, see the following web sites:
Federal Emergency Management Agency – www.fema.gov
US Department of Homeland Security – www.ready.gov
American Red Cross – http://www.redcross.org/portal/site/en/menuitem.d8aaecf214c576bf971e4cfe43181aa0/?vgnextoid=a7c51a53f1c37110VgnVCM1000003481a10aRCRD&vgnextfmt=default
Small Business Administration – http://www.sba.gov/services/disasterassistance/index.html

Like everything else in IT today, cloud computing can be either unnecessary in your business operations – or it could be something you really need. However, a recent survey on the perception of the cloud shows that almost half of small business owners are more or less dismissing it outright.

A recent survey by Newtek’s SB Authority Market Sentiment shows that almost half of small businesses do not see how cloud computing can cut down on costs and help increase their productivity, with an additional 32 percent still unsure about the whole idea.

At the very least, what these results show is that there is a pressing need for a more widespread and comprehensive information campaign about cloud computing. While many companies see the cloud as a mere fad, there’s much more to it than meets the eye, and what it offers can make a definite and concrete difference in the way a business conducts its operations.

What sets cloud computing apart from other hosting services is the way it’s managed and used. Management is handled completely by the service provider, and subscribers can adjust the specific features they use and pay only for those, similar to how on demand IT services work. Cloud computing usually also includes virtual data storage, with most if not all data stored off-site and in the cloud service’s servers.

Of course, the way the cloud impacts each particular organization will vary, and how it will affect your business in the short and long term depends on your needs and requirements – and whether you even need it in the first place. There are pros and cons to any cloud-based service, but at the very least it deserves some serious thought.

If you want to find out more about cloud computing and how it may affect your business, please give us a call and we’ll be happy sit down with you and discuss any issues and concerns you have, and help you determine whether the cloud is right for you.

Having the right kind of email system in place can do wonders for increasing productivity, especially for people on the go. It’s important to note the distinctions and feature differences of the email systems available to you, so you can be sure that what you’re using is the most efficient and cost-effective solution.

Whether you work from an office or are productive while on the go, email most likely plays a big factor in the way you go about your business. Unbeknownst to many, some types of email systems have certain limitations that by extension can also limit the level of productivity of your business, and especially for people in the organization who must also work while out in the field.

One major issue for many people is synchronicity. Many people need their emails to be accessible on their mobile phones, PDAs, or other mobile devices, and they need them to be properly synchronized with their desktop workstations. The need to constantly update conversations and email threads from mobile devices to desktops with certain types of email can prove to be tedious and unproductive– and some email system types don’t include this ability at all.

Depending on the way you use your email, especially when on the go, having full access and full control of your account can define how productive you and others in your organization can be. Besides providing a much better degree of synchronization and integration with mobile devices, certain types of email systems also have features for sharing and collaboration features that allow you to set schedules and share files from your mailbox, as well as central storage for emails that allows you to access your account seamlessly with any mobile device, regardless of where you are located.

Of course, having a full-featured email system might not be best for everyone. The key is to know whether adapting a more bare-bones system is cost-effective for your business (especially in the long run). Sometimes the top of the line may be needed, and sometimes all you need is a bit of tweaking on your less fully featured system. Not sure which is best? Call us and we’ll be glad to sit down with you and assess what kind of email system is best suited for you and your business.

The proliferation of websites and social media tools is making the job of monitoring what’s being said about you online increasingly difficult to do. But you need to somehow make sense of the sea of information available in these online tools, because depending on what’s being said—it can have either a helpful or a damaging effect on your reputation or your business. Here are some tools to help you.

Besides your own eyes and ears, there are plenty of tools—for free or for a price—available to help you monitor your presence online. The simplest of these is your familiar search engines such as Google or Bing. By simply searching online, you can find where your name or your company’s name appears in various websites. With Google in particular, you can set up “alerts” which will email you when a specific word or term appears in their website index.

What words or terms should you use? Start with your name, or your company name, then try the name of your products and/or services, and maybe even the names of your employees, directors, and other stakeholders. It might also be helpful to search for the competition as well. As results come in you can refine your search by expanding or narrowing the scope of terms you would like to search or be alerted on. If you want to be able to search across all different search engines and not just one or two, you can use Monitor This.

Next you can use specialized website or social media monitoring tools to search only specific sites or services as opposed to the entire Internet. One example is Greplin, which allows you to search all of your accounts or accounts that you own. This is very helpful to be able to execute highly filtered searches on specific information in your Facebook, Twitter, or LinkedIn accounts, or your blog. Another option is Rollyo, which allows you to set up your own specialized search engines that cull content from public or open websites of your choosing.

Other more generalized tools include RSS feed readers—which allow you to consume news or information feeds from news sites or blogs. Examples include Newsgator.com, Bloglines.com, Google Reader or Pluck.com. Other generalized tools include those that monitor specific newsgroups or message boards like BoardReader.com, ForumFind.com, Big-Boards.com, BoardTracker.com, iVillage, Yahoo Message Boards, and MSN Money. Still others track changes to content of specific sites (Copernic Tracker, Website Watcher and WatchThatPage.com), as well as their domain information (DomainTools.com and BetterWhois.com).

The really interesting new services actually give you an explicit idea of the status of your reputation—especially if you are a relatively well known name or your business has an established brand. In this category are sites like Amplicate, which monitors general feelings or impressions about brands, businesses, or services; Klout, which tries to measure the influence of individuals based on their social interactions; and SendLove.to, which focuses on celebrities and media personalities.

There are literally dozens more tools you can use to monitor and manage your reputation online. To find out more, a great resource is here at the Duct Tape Marketing blog. If you have any additional suggestions, feel free to let us know!

Interested in setting up your company’s email in the cloud? Here are two options to consider—one from Microsoft, the other from Google. See how they compare.

Google Apps
Google Apps is a service from Google that started in 2006, with the introduction of Gmail—a hosted email service, and which later incorporated other apps such as Google Calendar, Groups, Talk, Docs and Sites. Google Apps allow customers an independently customizable version of these Google products under their own domain name. The entry level option is free, but the package offered for Businesses is a paid service with an annual fee per user and additional storage space.

1. Storage. Gmail, Google Apps’ email service starts with a sizable 7GB of free storage. Business users get 25GB. Bear in mind however that this storage space is shared with any data you have in other Google properties such as Picasa Web Album and Google Docs. Extra space can be bought however starting with USD $5 per year for an extra 20GB of storage. E-mail attachment sizes are limited to 25MB.
2. Calendaring and Task Management. Gmail can be integrated with the overall excellent Google Calendar application. Google Calendar allows you to easily share personal calendars with colleagues, or create shared calendars used by groups of people (such as a calendar to track meeting room reservations, marketing events and others). Google Calendar also offers a built-in, but somewhat underpowered task management tool. Tasks can readily be added with due dates, but not readily shared or cannot be nested or linked with other tasks.
3. Spam filtering, security and reliability. Gmail’s spam filtering features a community-driven system. Email tagged as spam by users help identifies similar messages as Spam for all other Gmail users. Generally the system works well, although some have complained that it can get over aggressive in its filters. In terms of security and reliability—Gmail has been criticized in the past with showing ads in its free Gmail service that display based on key words in the user’s messages—potentially violating their privacy. Its paid service offers however the option of disable these ads. Reliability is generally good with very few, but widely publicized disruptions in service.
4. Usability. Gmail offers a host of unique usability enhancements that make it different from most other mail services. For one for a web app it loads really fast, as Google has been known to studiously optimize web page loading performance for their products. Another is that it offers a threaded view of messages by default. It also uses a starring/labeling system to tag and segregate messages instead of using folders. Another interesting enhancement done recently is the ability to sort messages by “importance” where it learns based on your usage over time what email messages it thinks you think are important.
5. Mobile access. Gmail offers a version optimized for mobile devices, as well as support for a variety of devices for their native mail applications such as iOS and Android.

Overall Gmail is a solid mature choice if you are thinking of moving email to the cloud and are not afraid of being on the bleeding edge of cloud services and technology.

Microsoft Office 365
Microsoft Office 365, like Google Apps, offers a host of applications such as online versions of productivity tools which we all already know and use such as Word, Excel and PowerPoint. Most however work best when they are used in conjunction with your desktop-installed Office applications. Focusing on email, Office 365 offers a Hosted Exchange service, which transforms the mature, business-proven on-premise application to an on-demand service. Compared to Google Apps, it is quite new—being introduced only last June this year, although its suite of products in an alternate form has been around for much earlier.

1. Storage. Microsoft’s Hosted Exchange email service gives users 25GB of storage. Attachment file sizes are limited to 35MB. Additional storage can be purchased for $2.5 per GB per user per month.
2. Calendaring and Task Management. Exchange integrates a mature feature set for personal productivity including calendaring, resource management, and task management. As an example tasks can be grouped, color coded and easily sorted. Emails can be converted as tasks and so on.
3. Spam filtering, security and reliability. This is an area where perhaps Microsoft easily outshines Google with Exchange’s roots as an enterprise-class application. It offers spam protection, antivirus and others via Microsoft’s Forefore Online Protection for Exchange technology. It offers other features such as more full features user management, identity access management, mail archiving, etc. If you are in a highly regulated industry like financial services or healthcare these features may be essential for your business.
4. Usability. While the web apps of Office 365 is not as fast loading or as slick as Google, it does offer familiarity. Modeled after their desktop brethren, or directly integrating with them—they offer a smoother migration experience for users specially if they have been weaned on Outlook.
5. Mobile access. Like Gmail Microsoft made sure to support a variety of devices on launch, as well as integration with a variety of devices—specially enterprise stalwarts like Blackberry mobile phones.

Overall Office 365 is a solid choice if you are thinking of moving email to the cloud but may be hesitant with changing the apps your users already know and use. Also if you are a business with strict policies related to security and compliance—this service may be something your auditors and IT people may be more comfortable with.

Interested in learning more? Can’t decide which to try? Let us know and find out how we can help get you the right balance between your existing IT systems and infrastructure and the cloud.

It’s the dilemma of many smaller businesses lacking the budget for advertising that many of their bigger competitors have to be able to establish a better presence in a specific market. However, the rise of the use of social networks now allows these smaller firms to reach thousands to millions of people – at a fraction of the cost of traditional advertising and marketing.

One of the most difficult challenges smaller businesses face is having a bigger presence in the market. While many of these companies offer good, quality services at much more affordable rates, they are many times overshadowed by larger firms that have bigger budgets to spend on marketing, advertising, and the like.

Things have changed, though, with the advent of social networking. What was once a simple, social, get-to-know-each-other tool between people on the internet has now evolved into a tool that small businesses can take advantage of in order to get their voices heard.

The gist of social networking for business is the simple concept of reaching potentially millions of people at a mere fraction of what is normally spent on advertising and traditional marketing. The wide reach of social media allows businesses to find their voices and showcase what they can do. The playing field then moves from an unfair balance of advertising budgets to a battle of service quality and value for money, as it should be – and many smaller firms can compete effectively in this arena.

There are many ways to tap into the social networking phenomenon to boost your online presence and aid in your marketing. If you are interested in knowing more about this, please contact us and we’ll be glad to assist you in developing strategies that fit your specific requirements and needs.

While it is the concern of every business to be as cost-effective as possible, it is not a good idea to skimp on your investment in a proper and solid security system for your business data and information. For instance, cost-cutting on your router/firewall might seem like a good idea at the start, but in the long term, it’s a risk you cannot afford to take.

In business, protecting important information and data is paramount. This is why it is recommended for any sort of business to invest in a security system that will prevent any cyber-attacks that might be launched against you.

Unfortunately, though, it’s lost on many that a security system is not just made up of one single thing – software, better staff, better hardware, et cetera. A good and solid security system is composed of several factors working together to create a virtual chain that envelops your business and keeps it safe.

And one of the most underestimated links in this chain is the router/firewall. Many businesses are content using the most basic and cheapest option available on the market, without realizing that their security chain is only as strong as its weakest link. And if you make do with a cheap router/firewall, odds are you’ll get what you pay for – not much.

While basic routers might work fine for homes or individual users, it is a much different scenario when it comes to business operations where basic just doesn’t cut it. Plus, there’s more at stake with business data, so why take the risk with cheap routers that lack the proper security features?

With viruses, malware, and the cyber thieves behind them continuing to grow and evolve, it is important that you understand what it takes to protect your system and your data – and invest in the best solution. Remember that it can take only one incident, one infiltration, to bring your whole business down.

We realize that every system is different and every business has its own specific needs, so if you want to know more about getting the right router/firewall for you, please don’t hesitate to contact us.

For many people, smartphones have become essential tools in conducting not only personal communications, but also for business purposes as well. However, the rise in smartphone use has also increased the number of models released into the market, which can confuse would-be buyers. A few pointers are in order to help put things into perspective.

For many people these days, smartphones have become more of a necessity than a luxury. Being able to stay in touch through constant access to the internet and the thousands of mobile smartphone applications available has made smartphones an indispensable tool.

But with the boom in smartphone use, there also comes a conundrum for many: Which smartphone should I get? With so many choices out there, it’s becoming difficult and confusing to pick the right one. Here are a few quick and simple tips that you might find useful when canvassing the market:

1. Know what you want.
What do you need a smartphone for? Each handset has its own strengths and weaknesses. There are smartphones that integrate email and web browsing and put more focus on multimedia such as audio and video – while there are other no-frills, no-nonsense models that trim features down to those that are the most basic and essential.

2. Consider your carrier.
Carriers are important because there are some smartphones that are only available with certain carriers, or carriers that limit certain features of a particular smartphone. You do have the option of getting an unlocked phone (meaning the device does not come with carrier requirements), but this has its own set of pros and cons that you have to weigh as well.

3. Get a feel for your choices.
Nothing beats actual experience, so visit local stores to get the physical feel of each phone. Is the keypad big (or small) enough for you? Is the device too thick or too thin? Do you like the user interface or is it too complicated for you? These are just some of the questions that you can answer once you get an idea of how it actually feels to use them yourself.

4. User feedback is important.
Talk not only to sales people but also to other people you know. Your friends and acquaintances have actual experience with various smartphones, so ask them what concerns and issues they have with their particular models.

If you have additional inquiries about how you can better use your smartphone for your business, please give us a call and we’ll be happy to assist you.