Starter Devices for the Internet of Things

If there’s only one lesson we can learn from watching Amazon and Wal-Mart over the past two decades, it’s that data collection and analytics are keys to success in today’s optimized world. The “The Internet of Things” is all about gathering more data from the world around us, analyzing it, and using that data to empower our decisions.

Best of all, the devices that enable this new era of computing are available and affordable today. Here are some of the most popular options. 

IntelComputeStick

Intel Compute Stick – All you need is an HDMI TV or monitor and a power supply. When you add a keyboard and mouse, the Intel Compute Stick can replace a desktop or laptop….  however, it’s a bit underpowered for that role. Over 60% of Compute Sticks in the wild are deployed as non-traditional devices, used for digital signage, kiosks, data collection, and more. These are available in retail with Windows 10 starting at $99.

 

raspberry_pi_3_cpc_02

Raspberry Pi 3 – The wildly popular $35 Raspberry Pi is a small yet powerful computer designed to teach young students about software development. It’s not a complete device like the compute stick – you’ll need to supply your own memory card, case, and power supply – nor is it “PC compatible”. However, it does support several versions of Linux, and Microsoft has recently started releasing the embedded version of Windows 10 for these devices.

Raspberry Pi generated a lot of buzz last November when a new $5 edition – called Raspberry PI Zero – was released on the cover of a magazine.
Arduino-uno-perspective-transparent

Arduino – For hobbyists, makers, and mad scientists, the Arduino is an excellent microcontroller-based prototyping platform. To take advantage of it, you would have to be comfortable developing low-level software — but for cheap devices that can do one job and do it well, you can’t beat the price and flexibility.

edison-in-hand-3x2

Edison – Sometimes you need a bit of logic and flexibility behind those devices. Intel’s Edison is a System on a Chip, wrapping the power of a computer from 1996 into a package smaller than your camera’s memory card. When integrated with Arduino break-out boards, you can combine your prototyped projects with the power of the cloud, opening up collected data to the latest analytic tools.

RWA is a Microsoft Certified Partner, and our cloud specialists are ready to help you move to Office 365 and Power BI, the powerful new data analytics platform powered by the Microsoft Azure. Contact us today for more information.

Medical Ransomware Attacks On The Rise

medicalransom

Ransomware attacks are in the news again, this time targeting hospitals and health care providers. Despite HIPAA requirements, many providers operate under conditions that are technically acceptable in terms of legal compliance, yet ill-equipped to handle targeted threats. Last month, one Los Angeles hospital paid $17,000 to unlock infected computers, while the Los Angeles Health Department and 2 large German hospitals dealt with similar attacks.

Ransomware persists as a threat to this day because we’re often not able to use the latest security technologies in conjunction with mission critical platforms, such as intranet sites or Electronic Medical Record systems. However, there are several steps you can take to reduce the chance of ransomware making an impact in your organization.

The following list of preventative measures is not exhaustive. Medical practices should conduct annual security audits, and RWA offers a free health check to all potential clients.  Contact us to schedule your Information Technology Health Check.

Firewalls

RWA partners with several firewall providers, including Fortinet, Barracuda, and Cisco. In the real world, criminal profilers look for patterns and behavior when they don’t have positive identification on a subject. In the same way, our recommended security products don’t merely “check the ID” of a possible threat, but will look for patterns and methods used by polymorphic threats. Newer anti-ransomware technology can discover and quarantine threats that haven’t previously been encountered by other companies.

Backup

When you invest in a certified on-premises or cloud backup solution, you are storing data on a device that lies outside of the reach of ransomware software. You can’t access files in a backup system directly, and neither can ransomware that infects your computer. RWA supports several backup solutions through our partners, including the Barracuda Backup suite.

Local Permissions and Application Policy

Policies can be put in place that will force Windows to only run signed, trusted applications. The overhead requirements are a bit higher than what most businesses are used to, and it takes away some freedom from the operator of the computer. However, this technology can be the most effective tool in dealing with ransomware.

RWA is a Microsoft partner, and our technicians are certified to deploy a Windows Server and SCCM solution appropriate for your practice.

Training

Regular cybersecurity training can raise awareness of threats currently facing your organization, improving staff vigilance and security compliance. Contact us for more information about HIPAA compliance training services.

Local Antivirus

While modern antivirus should be part of your anti-malware strategy, most ransomware threats are unique and polymorphic. Utilizing antivirus to catch and quarantine ransomware threats should only be one part of a comprehensive ransomware strategy.

Moving Beyond Passwords

We’re not going to get political here… but when the elected leader of the free world speaks out against the very concept of maintaining passwords, you know that they’re on the way out. [Read President Obama’s OP-ED at the Wall Street Journal.]

obamapass

Nobody likes passwords. They’re needlessly complex, you have to change them once every few months, and you need remember a different password for every site you log in to. While technology vendors have done a great job fortifying their products against hackers and viruses, passwords have always been one of the weakest links of the security chain.

Two factor authentication – also known as 2FA – is the most likely replacement for passwords over the next 10 years. The concept is simple: Two simple credentials are generally more secure than one complex credential. We’re already seeing this with chip-and-PIN credit cards. The credit card and the PIN need to be paired up in order to be effective, and while it may be possible to steal either the PIN or the card without alerting the owner, it’s extremely hard to capture both.

For home users of Windows 10, 2FA is usually implemented through physical possession of your device and either a PIN or a biometric factor, such as your fingerprint or infrared photography of your face. Once Windows verifies your identity, it can log in to sites that support Microsoft Passport automatically – no need to juggle usernames and passwords.

Smartphone authentication apps are quickly becoming a favorite tool for authentication – some apps constantly generate secure one-time-passwords, while others communicate with internet services, using your unlocked screen and requests to confirm that you are who you say you are.

On Window 10 Home and Pro, you can set up a PIN using the following steps:

  1. Open the Start menu.
  2. Search for “Sign-in options.”
  3. Under PIN click “Add.”
  4. Create a PIN.

 

RWA can enable similar methods of 2-factor authentication for your business over Windows 10, Office 365, and Azure AD. The combination of 2FA and Single Sign On can provide the security your company needs without the passwords. As a Certified Microsoft Partner, we’re ready to support you in your journey to the cloud and beyond. Contact us today for more information on our latest service offerings.

 

 

 

New “Trusted Information” Scams

The internet and low-cost international support providers are enabling a new generation of cyber scammers and hackers.

offshorecall

For the past few years, many offshore factories have been running night shift runs of popular products, introducing unofficial clones and knockoffs that are identical to the officially branded goods. Manufacturing firms have simply been unable to control outsourced staff in those remote facilities.

Similarly, when IT firms and PC manufacturers outsource support to offshore firms with low labor costs, they’re taking a chance that protected data may fall into malicious hands. We’ve received reports of scammers targeting tech support customers with a complete set of personal information, including service tags or serial numbers. The most likely source of these data breaches would be technical support staff in call centers. During the day, they work as subcontractors for popular computing brands. At night, they share information amongst other scammers and work together to trick customers into thinking subsequent support calls are legitimate and that they need to allow access to their computer. Once they install their software, they may pretend to fix the computer, and won’t hesitate to bill your credit card for the hours spent. The most malicious scammers install will ransomware that may pop up after several days or weeks.

If you get called at home by unknown people claiming to be tech support and they claim they need access to your computer, hang up the phone. ONLY give out personal information if you have initiated the call and properly looked up the main company number yourself on the company’s main website.

See Also : “Infoworld : Train Your Users To Beat Phone Scams

Getting Rid of Complex Passwords

If you’ve ever thought that modern password requirements were needlessly complex and even less secure than coming up with your own passwords, then you’re in good company.

NIST, the National Institute of Standards and Technology, released a preview of their new digital authentication guidelines, and you can expect these recommendations to filter down to websites and applications you use on a daily basis. Here’s a summary…

pswd

At least 8 letters, but no limits.

The specifications state that maximum password length limitations will need to be at least 64 characters long.

Emoji-compatible

You’ll be free to use any letter, number, or Unicode symbol they like, including emoji. 😅

Passwords will be checked against a bad list.

At least 100,000 bad passwords will be in these lists, including “Password123” “wordPass123” and “ChangeMe.”

You won’t be told what to do.

Half-page instructions telling you how to make a complex password will go away, and you’ll only get a warning if it’s too easy to guess.

You will be encouraged to use long phrases, as passwords like “CloudHorse55Banjo” tend to be far more secure and memorable than short but complex passwords such as “P@s$W0rd!

The problem with requiring specific rules about letters, numbers, and capitalization, is that many people will cope with these restrictions by writing the password down on a note and taping it to the monitor.

No more password hints.

… because it’s almost as bad as taping your password to the screen.


Visit NIST SP 800-63-3 for more information.


If you’re looking to go beyond passwords, RWA can enable 2-factor authentication for your business over Windows 10, Office 365, and Azure AD. As a Certified Microsoft Partner, we’re ready to support you in your journey to the cloud and beyond. Contact us today for more information on our latest service offerings.

‘Tis The Season – Holiday Scams

This has been a banner year for scammers, fraudsters, and hackers, starting with the largest credit card breach in history, and culminating in a security breach affecting almost every employee and contractor affiliated with the federal government over the past 10 years. In keeping with spirit of the season, a wide array of smaller scams have been targeting shoppers during the holidays. Here are some notable scams to look out for…

tistheseason

The Grinch E-Card Greetings

Happy Holidays. Your email has an attachment that looks like an e-greeting card, pretty pictures and all. You think that this must be from a friend… Nope. Malicious e-cards are sent by the millions. Never open these attachments at work, as they might infect your workstation.

The Fake Gift Card Trick

Internet crooks promote a fake gift card through social media but what they really are after is your information, which they then sell to other cyber criminals who use it for identity theft. Here is an example: A Facebook scam offering a complimentary 1,000 dollar Best Buy gift card to the first 20,000 people who sign up for a Best Buy fan page, which is a malicious copy of the original.

The Charity Tricksters

The holidays are traditionally the time for giving. It’s also the time that cyber criminals try to pry money out of people that mean well. But making donations to the wrong site could mean you are funding cybercrime or even terrorism. So, watch out for any communications from charities that ask for your contribution, (phone, email, text, and tweets) and make sure they are legit. It’s a good idea to contact the charity to make sure the request did in fact come from them. It is safest to only donate to charities you already know, and refuse all the rest.

“Too Good To Be” True Black Friday Deals

Black Friday and Cyber Monday were the busiest on-line shopping days, but the bad guys are still out there, trying to get rich with your money. Don’t buy anything that seems too good to be true.

Complimentary Apple Watch

Watch out for the too-good-to-be-true coupons that offer complimentary watches, phones, or tablets on sites all over the Internet. Don’t fall for it. Make sure the offers are from a legitimate company.

Photoshop for less than $200 

With constant pressure to cut costs, we’ve seen middle managers attempt to purchase expensive software at a deep discount only to learn that the software is pirated and needs to be activated with an illegal activation key generator. When purchasing software, take care make ensure you are dealing with a credible vendor, and that your connection to their website is encrypted with a valid certificate.

Postal Deliveries

Watch out for alerts via email or text that you just received a package from FedEx, UPS or the US Mail, and then asks you for some personal information. Don’t enter anything. Think Before You Click.

Fake Refunds

There is a fake refund scam going on that could come from Amazon, a hotel, or a retail chain. It claims there was a “wrong transaction” and wants you to “click for refund” but instead, your device will be infected with malware.

The DM-Scam

You tweet about a holiday gift you are trying to find, and you get a direct message (DM) from another twitter user offering to sell you one. Stop – Look – Think, because this could very well be a sophisticated scam. If you do not know that person, be very careful before you continue and never pay up front.

The Extra Holiday-Money Fraud

People always need some extra money during this season, so cyber fraudsters are offering work-from-home scams. The most innocent of these make you fill out a form where you give out confidential information like your Social Security number which will get your identity stolen. The worst of them offer you work where you launder money from a cyberheist which can get you into major trouble.

The Evil Wi-Fi Twin

If you bring your laptop/tablet/smartphone to the mall to scout for gifts and check if you get it cheaper somewhere online. But the bad guys are there too, shopping for your credit card number. They put out a Wi-Fi signal that looks just like a complimentary one you always use. Choose the wrong Wi-Fi and the hacker now sits in the middle and steals your credit card data while you buy online. When you use a Wi-Fi connection in a public place, it is better not to use your credit card.

New Device Announcements from Microsoft

Microsoft announced a number of new devices today, and here are some of the highlights…devicehead

Lumia 950 on Windows Phone 10

devices20151
Here at RWA, we’ve spent many years supporting and dealing with Blackberry in the Enterprise, and many of our staffers now see Windows Phone and Exchange as the best mobile secure messaging platform.  Microsoft went a step further with today’s event and produced a compelling Continuum demo on the Lumia 950 XL. Universal apps with the common Windows Phone experience were shown on the main phone screen, while those same apps on the same phone featured a desktop experience through an attached keyboard and monitor.

Microsoft Surface Pro 4

devices20152
After a weak start several years ago with the initial release of Microsoft Surface, the Surface Pro 3 has a strong following in enterprise space – over 97% of Surface Pro 3 customers would recommend it to others. Combined with Windows Phone, we expect that these devices will transform the ways computers are used to gather and display information for our medical clients. The new version introduced today is rather impressive, and would have been considered their flagship offering if not for the …

Microsoft Surface Book

devices20153
This is the Microsoft Laptop, featuring 12 hours of battery life, detachable 13″ tablet screen, and an innovative latching mechanism. RWA believes that all 3 of these products are the strongest devices we’ve ever seen from Microsoft, and could change and improve the way our customers do business – especially with Enterprise Data Protection coming to Windows 10 next year.

As impressive as these new devices are,  your business needs a partner to manage network security and assist in the migration from older or non-Microsoft platforms to a modern, secure environment. RWA is an official Microsoft Partner, and we are prepared to support you now and into the future.

WiFi Sense

Among numerous new features, Windows 10 will bring a significant change to traditional WiFi connectivity. Rather than relying on publicly posted passwords, WiFi Sense connects you to a network of millions of Wireless Access Points distributed all over the world.

wifisense2
This new feature is enabled by default during setup. Once WiFi Sense connects to your social media accounts, whenever your friends share a WiFi network, it will be copied and stored in your own copy of Windows. When you visit that location in the future, you’ll  have automatic internet access.

wifisense1
If you’re a business owner, you’re probably starting to worry…  WiFi Sense is a massive database that contains millions of WiFi passwords and Microsoft IDs, possibly including your own. If their devices are not managed, there’s a chance your employees might enable WiFi Sense on their phones and laptops, and you may already be providing internet access to people you’ve never met in a neighboring office.

That said, Microsoft issued the following assurances:
• WiFi Sense only provides access to the Internet.
• WiFi passwords are encrypted and will not be visible to WiFi Sense users.
• WiFi Sense only shares with friends, not friends of friends.

If you’d like to opt-out on your traditional or home WiFi access point, append the phrase “_optout” to your SSID name.

If you run a business, you should consider moving to a more sophisticated WiFi solution and leave PSK security behind. Every business is different, and there’s no one-size-fits-all solution. To learn more, contact RWA today and schedule your health check or wireless audit.

Windows 10 – The next generation

(Wait, what happened to Windows 9?!)

 

Windows 10 Family

The New Windows 10 Family

 

Recently Microsoft launched the Enterprise Technical Preview of Windows 10. This will be the direct successor to Windows 8, with an estimated formal release in late Q2 2015. Microsoft reportedly skipped the “Windows 9” name to underscore the new direction it is taking with its multi-platform OS and to avoid consumer perception this follows the old tick tock ‘cycle’ (i.e. Vista = problematic, Windows 7 = good, Windows 8 = problematic, Windows 8.1 = stable, etc.) It is also reported this may be the last major version of Windows OS.

Versions of Windows 10 are planned for devices running both ARM and x86 processors including Xbox, Windows phones, tablets, convertible laptops and desktops. The new OS will be responsive meaning it can adapt the GUI to better serve the host hardware — tablet and touchscreen all-in-one desktop versions will provide different input options / features depending on whether a mouse / keyboard / dock is present.

 

Windows 10 Screenshot

Windows 10 Screenshot

 

Windows 10 marks the return of the Windows (‘Start’) Menu — a hybrid offering Windows 7-like ‘Start’ menu layout combined with Metro applications. The Metro section is dynamic (shrinks / grows based on pinned / removed apps) and can also be resized at will (all Metro apps can be removed if preferred.) Other new OS functionality includes:

 

  • Windowed Applications – All applications (including Metro apps) will now run in a resizable window
  • Quadrant Active Desktop Layout – Up to four windowed apps can be snapped onto the same screen, sharing focus. Windows will now also provide tips for better utilization (visibility / work flow) of active / background apps. Overall snapping apps in Windows 10 is better handled
  • Windows Search – Web searches are now also included in results (as web links)
  • Task Preview – This new task bar button gives an overview of all opened windows. It is different than Windows 8.1’s ALT-TAB window manager and a little more like Mac OS X’s Exposé
  • Virtual Desktops – Multiple virtual desktops are better handled with integrated indicators to allow easier switching and application management
  • Command Prompt – This features an ‘Expert’ mode which finally (!) gives the option for enabling shortcut pasting (CTRL-V)

 

Microsoft indicated the Windows 10 Technical Preview only demonstrates a fraction of the planned new functionality. A more consumer focused Technical Preview is estimated to be released in early Q1 2015 which could demonstrate further features.

Microsoft says Windows 10  is redesigned to allow for more frequent and seamless updates. Patches are planned to be more responsive, being released in one to three days as opposed to the current weeks or month release cycle. Reportedly all future Windows 10 upgrades will be more frequent (at least yearly), be incremental (10.x) and will be free (matching Apple’s current OS model.) Indeed according to Microsoft Windows 10 itself will be a free upgrade.

 

Windows 10 is available from July 29th, 2015. Businesses will welcome its return to a more familiar interface while also providing enhanced security and functionality.  To learn more contact RWA today and schedule your free IT health check .

The Densest Digits

Higher Capacities And Lower Pricing – A Boon for Data Storage

 

"Hard Drive Repair" by William Warby

“Hard Drive Repair” by William Warby

 

With new tech, hard drive capacities are increasing and storage costs are lowering. Both Toshiba’s 5TB and HGST’s 6TB hard drives had a limited market release in February 2014. Since then more manufacturers introduced similar products leading to a welcomed downward shift in mechanical storage cost.
[one_third]

“Luggage (Re-edit)” by Rob Faulkner (CC BY 2.0)

“Luggage (Re-edit)” by Rob Faulkner (CC BY 2.0)

[/one_third]

Not to be beaten to the punch again, Seagate (in keeping with their previous announcements) supplied 8TB hard drives to select enterprise customers for testing with an expected general market release this quarter. And Seagate’s CEO Steve Luczo pledged 10TB drives available by or before the middle of 2015, with a target of 20TB drives by 2020.

These newest drives can offer much higher capacities (greater areal densities) thanks to technological developments. Seagate’s heat-assisted magnetic recording (HAMR) process uses a laser to preheat a drive platter location before storing data (changing the magnetic polarity.) Seagate’s Luczo indicated limited production of the 8 & 10TB hard drives would maintain higher pricing, though Seagate will likely continue to respond to market pressures.

 

The new developments in storage technology are welcomed news. As the availability of larger capacity hard drives and hybrid drives (mechanical drives combined with smaller NAND caching Solid State Drives) increases, storage pricing should continue to drop through next year.

 

Are your data storage and disaster recovery solutions solid and do they accommodate your future growth? Every business is different, and there’s no one-size-fits-all solution. To learn more contact RWA today and schedule your free IT health check.