Blog

September 16th, 2014

Facebook_Sep18_AAs of the first quarter of 2014, Facebook has 1.28 billion active users (users who log in at least once a month). With around a fifth of the world's population using the service, you can bet that it is a target for spammers and hackers. If you use Facebook on a regular basis, there is a good chance that you have seen some suspicious or outright blatant spam links. Clicking on these could lead to sites that are set up to steal information so it is a good idea to be aware of the five most common spam and malware posts on this social media platform.

1. Statistics on Profile visits

Spend enough time on Facebook and you will likely see this type of post on your Timeline. The post usually shows itself off as an app that allows users to see who has been viewing their personal profile, or the statistics related to profile views. There is also a link to click to either go to a site or install an app.

These posts look legitimate, but Facebook doesn't actually allow these apps, so clicking on them usually leads to malicious apps or sites. As some of these posts contain links to Facebook apps, you will be asked to allow the app permissions like access to personal data, friends lists, etc. These apps won't work, but they do give the developer access to your information which could then be used to start other malicious hacks.

2. Changing the color of your Profile

With the wide number of apps, devices, and other tech available to us, developers are often keen to offer users the ability to customize how their app looks. For example you may have applied your own themes or changed icons with your browser. Therefore, it makes sense that some users might want to change the color of their Facebook Profile from the standard blue that everyone uses.

There are apps out there that supposedly allow you to do this. However, Facebook doesn't allow users to customize the color of their Profile - it's blue for everyone. Therefore, the apps and links that supposedly allow you to change the color are fake and likely related to spam or malicious content. It's best to not click on the links in these posts, or install apps that say they allow you to do this customization.

3. Check if a friend has deleted/unfriended you

This post seems to come up every six months or so on Facebook. Like the statistics on Profile visits, apps claiming to allow you to check if you have been unfriended are fake. The biggest giveaway that this is a fake app or post is the wording. When someone doesn't want to be connected with you on Facebook, they will 'unfriend' you, not 'delete' you as these posts often claim. Needless to say, it is best to refrain from clicking on these links and apps.

4. Free stuff from Facebook

If you are a Facebook fan then you might like a free Facebook t-shirt, hat, water bottle, etc. There is a known post that shows up from time-to-time declaring that Facebook is giving away free stuff, and that if you click on the link in the post you too can get hold of some freebies.

Facebook does not usually give away stuff via network posts. Those people you see walking around with Facebook apparel usually either work for the company, had it printed themselves, or attended a Facebook event. Therefore, if you see these posts, don't click on the link.

5. Revealing pics or videos of celebrities

With all the recent leaks of celebrity photos and videos, you can be sure that the number of posts popping up on you News Feed with links to these types images and videos will become increasingly popular.

Not only is this obscene, the posts are 100% fake. Clicking on any of the links will likely take you to a site with 'files' that you need to download. The issue is, these files are actually malware and can pose a serious security risk.

As a general rule of thumb: Don't click on any links in posts connected to celebrities and revealing images or videos.

What can I do about these posts?

These tips are mainly for individual Facebook users as this is whom hackers and spammers are targeting the most. How is this an issue for your business? Well, if an employee is browsing Facebook at work and clicks on one of the links in posts like the ones above, there is a good chance they could introduce malware into your systems and networks.

Therefore, you might want to educate your employees about common Facebook security threats like the ones above. Beyond this, you should encourage everyone to take the following steps when they do come across content like this:

  1. Click the grey arrow at the top-right of the post.
  2. Select I don't want to see this.
  3. Click Report this Post.
This will ensure that the post itself is deleted and that the content is reported to Facebook for followup. Usually, if there are enough reports, Facebook will look into the content and likely ban the user.
Published with permission from TechAdvisory.org. Source.

September 11th, 2014

BI_Sep08_AIn business, as in life, we constantly try to make predictions about the future. How will sales be next year if we implement a new procedure? What will the weather be like for the annual staff event next week? It's no surprise then that businesses of all sizes have started to embrace the idea of predictive analytics. However, many business managers are unsure as to exactly how to work with this form of analytics effectively. To help, here is an overview of the three main components of predictive analysis all business owners and managers should be aware of.

Together, these three elements of predictive analytics enables data scientists and even managers to conduct and analyze forecasts and predictions.

Component 1: data

As with most business processes, data is one of the most important and vital components. Without data you won't be able to make predictions and the decisions necessary to reach desired outcomes. In other words, data is the foundation of predictive analytics.

If you want predictive analytics to be successful, you need not only the right kind of data but information that is useful in helping answer the main question you are trying to predict or forecast. You need to to collect as much relevant data as possible in relation to what you are trying to predict. This means tracking past data, customers, demographics, and more.

Merely tracking data isn't going to guarantee more accurate predictions however. You will also need a way to store and quickly access this data. Most businesses use a data warehouse which allows for easier tracking, combining, and analyzing of data.

As a business manager you likely don't have the time to look after data and implement a full-on warehousing and storage solution. What you will most likely need to do is work with a provider, like us, who can help establish an effective warehouse solution, and an analytics expert who can help ensure that you are tracking the right, and most useful, data.

Component 2: statistics

Love it, or hate it, statistics, and more specifically regression analysis, is an integral part of predictive analytics. Most predictive analytics starts with usually a manager or data scientist wondering if different sets of data are correlated. For example, is the age, income, and sex of a customer (independent variables) related to when they purchase product X (dependent variable)?

Using data that has been collected from various customer touch points - say a customer loyalty card, past purchases made by the customer, data found on social media, and visits to a website - you can run a regression analysis to see if there is in fact a correlation between independent and dependent variables, and just how related individual independent variables are.

From here, usually after some trial and error, you hopefully can come up with a regression equation and assign what's called regression coefficients - how much each variable affects the outcome - to each of the independent variables.

This equation can then be applied to predict outcomes. To carry on the example above, you can figure out exactly how influential each independent variable is to the sale of product X. If you find that income and age of different customers heavily influences sales, you can usually also predict when customers of a certain age and income level will buy (by comparing the analysis with past sales data). From here, you can schedule promotions, stock extra products, or even begin marketing to other non-customers who fall into the same categories.

Component 3: assumptions

Because predictive analytics focuses on the future, which is impossible to predict with 100% accuracy, you need to rely on assumptions for this type of analytics to actually work. While there are likely many assumptions you will need to acknowledge, the biggest is: the future will be the same as the past.

As a business owner or manager you are going to need to be aware of the assumptions made for each model or question you are trying to predict the answer to. This also means that you will need to be revisiting these on a regular basis to ensure they are still true or valid. If something changes, say buying habits, then the predictions in place will be invalid and potentially useless.

Remember the 2008-09 sub-prime mortgage crisis? Well, one of the main reasons this was so huge was because brokers and analysts assumed that people would always be able to pay their mortgages, and built their prediction models off of this assumption. We all know what happened there. While this is a large scale example, it is a powerful lesson to learn: Not checking that the assumptions you have based your predictions on could lead to massive trouble for your company.

By understanding the basic ideas behind these three components, you will be better able to communicate and leverage the results provided by this form of analytics.

If you are looking to implement a solution that can support your analytics, or to learn more about predictive analytics, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

September 4th, 2014

Security_Sep02_AWith smartphones playing a larger role in today’s daily business, the need to recharge them while you are on the go increases. And when you’re nowhere near your charger, that public charging kiosk can look pretty promising. But what you might not know is that common traits in smartphone hardware and software design makes recharging phones through public chargers prone to juice jacking. If you're not sure what that is then let’s find out and also discover how you can avoid juice jacking too.

What’s juice jacking?

Regardless of the kind of smartphone you have, whether it’s an Android, iPhone or BlackBerry, there is one common feature across all phones: the power supply and the data stream pass over the same cable. This setup allows for juice jacking during the charging process whereby user access is gained on your phone by leveraging the USB data/power cable to illegitimately access your phone’s data and/or inject malicious code onto the device.

The attack can be as simple as an invasion of privacy, wherein your phone pairs with a computer concealed within the charging kiosk and information such as private photos and contact information are transferred to a malicious device. However, on the other hand, it can also be as invasive as an injection of malicious code directly into your phone. According to security researchers at this year’s Black Hat security conference, your iPhone can be compromised within one minute of being plugged into a harmful charger.

Exposure to a malicious kiosk can also create a lingering security problem even without the immediate injection of malicious code. Once a device is paired to a computer, it can access a host of personal information on the device, including your address book, notes, photos, music, sms database, typing cache, and even initiate a full backup of your phone, all of which can be accessed wirelessly at anytime.

How do I avoid it?

The most effective precautions center around simply not charging your phone using a third-party system. Here are some tips to help you avoid using public kiosk charger:
  • Keep your devices topped off: Make it a habit to charge your phone at your home and office when you’re not actively using it or are just sitting at your desk working.
  • Carry a personal charger: Chargers have become very small and portable, from USB cables to power banks. Get one and throw it in your bag so you can charge your phone anytime you’re at the office or while on-the-go if you use a power bank.
  • Carry a backup battery: If you’re not keen on bringing a spare charger or power bank, you can opt to carry a full spare battery if your device has a removable battery.
  • Lock your phone: When your phone is truly locked as in inaccessible without the input of a pin or equivalent passcode, your phone should not be able to be paired with the device it’s connected to.
  • Power the phone down: This technique only works on phones on a model-by-model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.
  • Use power only USB cables: These cables are missing the two wires necessary for data transmission and have only the two wires for power transmission remaining. They will charge your device, but data transfer is made impossible.
Even the tiniest detail like charging your phone from a kiosk charger could affect the security of your device. While there are many substitutes to using a third-party system, ultimately the best defense against a compromised mobile device is awareness. Looking to learn more about today’s security and threats? Contact us today and see how we can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
September 3rd, 2014

BCP_Sep02_AMany people wonder why it’s necessary to perform business impact analysis (BIA) when they’ve already invested a large amount of time on a risk assessment. The answer is simple: because the purpose of a BIA is different, and wrong results could incur unnecessary expenses or create inadequate business continuity strategies. To that end, let’s take a look at five tips for successful business impact analysis.

Five tips for successful business impact analysis:

  1. Treat it as a (mini) project: Define the person responsible for BIA implementation and their authority. You should also define the scope, objective, and time frame in which it should be implemented.
  2. Prepare a good questionnaire: A well structured questionnaire will save you a lot of time and will lead to more accurate results. For example: BS (British standard) 25999-1 and BS 2599902 standards will provide you with a fairly good idea about what your questionnaire should contain. Identifying impacts resulting from disruptions, determining how these vary over time, and identifying resources needed for recovery are often covered in this. It’s also good practice to use both qualitative and quantitative questions to identify impacts.
  3. Define clear criteria: If you’re planning for interviewees to answer questions by assigning values, for instance from one to five, be sure to explain exactly what each of the five marks mean. It’s not uncommon that the same event is evaluated as catastrophic by lower-level employees while top management personnel assess the same event as having a more moderate impact.
  4. Collect data through human interaction: The best way to collect data is when someone skilled in business continuity performs an interview with those responsible for critical activity. This way lots of unresolved questions are cleared up and well-balanced answers are achieved. If interviews are not feasible, do at least one workshop where all participants can ask everything that is concerning them. Avoid the shortcut of simply sending out questionnaires.
  5. Determine the recovery time objectives only after you have identified all the interdependencies: For example, through the questionnaire you might conclude that for critical activity A the maximum tolerable period of disruption is two days; however, the maximum tolerable period of disruption for critical activity B is one day and it cannot recover without the help of critical activity A. This means that the recovery time objective for A will be one day instead of two days.
More often than not, the results of BIA are unexpected and the recovery time objective is longer than it was initially thought. Still, it’s the most effective way to get you thinking and preparing for the issues that could strike your business. When you are carrying out BIA make sure you put in the effort and hours to do it right. Looking to learn more about business continuity? Contact us today.
Published with permission from TechAdvisory.org. Source.

August 29th, 2014

A customer web portal is a great way for companies to communicate information with clients over the web. A customer portal facilitates customer service by allowing data to be sent between an organization and the customer.

A customer web portal is great for customer service requests or concerns about a product or any type of feedback. Having an online platform to communicate can lower operating costs for telephone service and can further involve customers in the company increasing loyalty.

A good business is one that recognizes the necessity of customer satisfaction. Having a web portal will allow customers to contribute to your business with ideas that could potentially improve your company. A portal will also allow your company reply to dissatisfied customers as soon as possible.

Make sure your technology is as reliable and efficient as you’d like with Proactive Networks in Pasadena. We are a group of IT professionals with the technology to keep your online data safe and maximize your efficiency. Contact us today for a free technology review.

August 27th, 2014

socialmedia_Aug26_AHave you ever looked at images and visuals posted by businesses and users on Instagram? While many users take photos using their mobile devices, there are many images that simply look way too good to be taken with a phone camera, especially the ones without filters. Many business owners want to know how they too can take quality images like these too.

The truth behind some of Instagram's best images

Those awesome Instagram photos we see aren't always taken using mobile phones. Instead, many users use digital cameras which offer much better image quality. You can capture some amazing shots with a higher end DSLR cameras with multiple lenses.

If you have one of these cameras and are looking to create high-quality images for Instagram, or any other social media site, you may be slightly confused as to how to get the images onto the platform - especially since many of us use this via the mobile app. To make uploading a little easier, here is a brief guide detailing how to get images from your digital camera onto Instagram.

1. Transfer and process images

Once you have taken photos with your camera, you will need to get them off of your camera's memory and onto your computer's hard drive. Most camera's have apps that allow you to do this, so be sure to follow the instructions in the app that came with it.

When your images have been transferred to your computer, you are likely going to want to process them a little bit. This is especially true if you have a DSLR or other high-end point-and-shoot which takes RAW images. These can be quite large and are not compatible with Instagram.

Most images taken with a camera are quite large in size, so you are going to need to use an image editing program like Adobe Photoshop, or free tools like Pixlr to process them. What you are looking to do is to crop your images so that they are square.

If you are used to the advanced photo editing features, then do your edits before cropping. When you crop your images you should crop or resize them so that they are 640X640 pixels. This is the size of all images taken using Instagram's camera app.

Also, be sure to save the images as JPEGs, as this is the image format used by most smartphone cameras.

2. Save processed images in their own folder

It helps to create a folder somewhere on your hard drive (we recommend in the same folder where you save all of your other folders) that is specifically for images you want to post on Instagram.

When you have processed and edited the images to your liking, save the images here. Try using an easy to use file name like the date and a letter or note so you can easily tell which images are which, so you know which to use.

3. Move the images to your device

You can move images using the cloud or by manually transferring the images to your phone. If you decide to manually transfer your files, you will need to plug your device into your computer.

For users with iPhones, you can open iTunes and click on your device followed by Photos. Then select the box beside Sync photos from. Select the file you created in the step above and then Sync to transfer the images over.

For users with Android devices, plug your phone into the computer and drag the folder you created in the step above into the Photos folder of your Android device.

For Windows Phone users, plug your device into your computer and open My Computer on your desktop. You should see your device listed in the window that opens. Open the file system for your device and drag the image files you created above into the Photos folder of your phone.

If you choose to use the cloud to transfer your files, use the operating system's cloud (e.g., iCloud, Google Drive, or OneDrive) to upload the files. Just be sure to use the same account as the one on your phone.

4. Add images to Instagram

Once the photos are either on your device, or in the cloud, you can now upload them to Instagram. This can be done by:
  1. Opening the app and tapping on the camera icon.
  2. Tapping on the button in the bottom left of the screen.
  3. Selecting where the image is located on your device. E.g., the Gallery app if you placed the photos in your phone's hard drive, or the cloud service you used.
  4. Editing them as you see fit.
Once this is complete, you should be able to post your images as you usually do with any other Instagram image on your phone. Take the time to add filters, and hashtags as well as a good description before you post.

If you would like to learn more about using Instagram to share your images then get in touch and we will show you the advantages of the bigger picture.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
August 25th, 2014

Cyber attacks and data breeches are becoming more common as technology continues to grow. A hacker gaining access to your companies private data and information can have devastating effects. Here are 5 major cyber attacks that have happened in 2014.

  1. The biggest hack of the year happened to Ebay late February and was orchestrated by the Syrian Electronic Army. All usernames and passwords were stolen and many feared that there would potentially have their identities stolen.
  2. A hack to the Montana Health department that had happened in July was later discovered in May and put more than a million people at risk.
  3. Hackers breached the data from restaurant PF Changs stealing credit and debit card information to a number of customers.
  4. The company Evernote and Feedly were attacked within a day of each other in June. Thankfully the problem was quickly restored.
  5. Dominos Pizza was held ransom with personal information that the hackers threatened to release online.

It’s important to keep your companies information secure. Proactive Networks in Pasadena will protect your data and ensure that your business moves forward. We are network integration specialists with powerful solutions to you IT needs. Contact us today for a free technology review.

August 25th, 2014

Security_Aug18_AIt seems like nearly every week, and in some cases nearly every day, there is some security breach announced. The vast majority of these assaults tend to revolve around online user accounts, where password, account information, and even usernames are stolen. Over the years, there has been a general trend where the number of accounts breached or compromised is growing, and in early August news broke about possibly the biggest breach to date.

The latest big-scale breach

In early August, it emerged that a Russian hacker ring had amassed what is believed to be the biggest known collection of stolen account credentials. The numbers include around 1.2 billion username and password combinations, and over 500 million email addresses.

According to Hold Security, the company that uncovered these records, the information comes from around 420,000 sites. What is particularly interesting about this particular attack is that such a wide variety of sites were targeted when compared this with other attacks which tend to either attack large brand names or smaller related sites.

How did this happen?

Despite what many believe, this was not a one-time mass attack; all sites that were compromised were not attacked at the same time. Instead, the hacker ring - called the Cyber Vor - was likely working on amassing this data over months or longer. How they were able to amass this much information is through what's called a botnet.

Botnets are a group of computers infected by hackers. When the hackers establish a botnet, they attack computers with weak network security and try to infect them with malware that allows the hacker to control the computer. If successful, users won't even know their computer has been hacked and is being used by hackers.

Once this botnet is established, the hackers essentially tell the computers to try to contact websites to test the security. In this recent case, the computers were looking to see if the websites were vulnerable to a SQL injection. This is where hackers tell the computers in the botnet to look for fillable sections on sites like comment boxes, search boxes, etc. and input a certain code asking the website's database to list the stored information related to that box.

If the Web developer has restricted the characters allowed in the fillable text boxes, then the code likely would not have worked. The botnet would notice this, and then move onto the next site. However, if the code works, the botnet notes this and essentially alerts the hacker who can then go to work collecting the data.

So, is this serious and what can I do?

In short, this could be a fairly serious problem. While 420,000 sites may seem like a large number, keep in mind that the Internet is made up of billions of websites. This means that the chances of your website's data being breached by this ring are small. That being said, there is probably a good chance that one of the sites related to your website may have been breached.

So, it is a cause for concern. However, you can limit the chance of hackers gaining access to your information and a website's information.

1. Change all of your passwords

It seems like we say this about once a month, but this time you really should heed this warning. With 1.2 billion username and password combinations out there, there is a chance your user name for at least one account or site has been breached.

To be safe, change all of your passwords. This also includes passwords on your computer, mobile devices, and any online accounts - don't forget your website's back end, or hosting service. It is a pain to do, but this is essential if you want to ensure your data and your website is secure from this attack.

2. Make each password different

We can't stress this enough, so, while you are resetting your password you should aim to ensure that you use a different one for each account, site, and device. It will be tough to remember all of these passwords, so a manager like LastPass could help. Or, you could develop your own algorithm or saying that can be easily changed for each site. For example, the first letter of each word of a favorite saying, plus the first and last letter of the site/account, plus a number sequence could work.

3. Test your website for SQL injection

If you have a website, you are going to want to test all text boxes to see if they are secure against SQL injection. This can be tough to do by yourself, so it's best to contact a security expert like us who can help you execute these tests and then plug any holes should they be found.

4. Audit all of your online information

Finally, look at the information you have stored with your accounts. This includes names, addresses, postal/zip codes, credit card information, etc. You should only have the essential information stored and nothing else. Take for example websites like Amazon. While they are secure, many people have their credit card and billing information stored for easy shopping. If your account is hacked, there is a good chance hackers will be able to get hold of your card number.

5. Contact us for help

Finally, if you are unsure about the security of your accounts, business systems, and website, contact us today to see how our security experts can help ensure your vital data is safe and sound.
Published with permission from TechAdvisory.org. Source.

Topic Security
August 21st, 2014

BValue_Aug18_AIn many countries around the world, businesses are required to meet the needs of all employees. For able-bodied employees, one system will usually be able to meet needs, but disabled employees may have different requirements. Therefore, businesses should ensure that they develop an accessible technology plan.

What is accessible technology?

Accessible technology, also commonly referred to as assistive technology, is the idea of creating or implementing technology and systems that cater to employees with disabilities. While not every company will have or require accessible technology, it is required by many countries that businesses meet the needs of disabled employees.

To that end, it is a good idea to develop a plan on how to implement accessible technology. To help, here are five steps you could take:

1. Defining your strategy

The accessible technology strategy should be the first thing you develop as it will be the foundation of the overall plan. When looking at your strategy you should define how accessible technology fits into your overall organization plan and how it will fit with your existing strategies.

What you are looking to do is to figure out how this form of technology will fit with existing systems and increase overall operating effectiveness. From here, you can define the overall objectives, budget, and vision for the plan.

2. Identifying requirements

In this step, you should look closely at existing technology in the organization and the needs of your employees. Because each company is different and the needs of employees are different you should be careful to also identify the technology needs of your employees.

When looking at both the needs and existing systems you can work to come up with an overall set of requirements, along with a general priority. For example, will you need to modify existing computers or purchase new ones?

The key idea here is that you need to figure out exactly what you need.

3. Picking the new technology

Once you have identified what changes you need to implement, what new technology you will need, and your budget, you can then begin looking for the best solutions. The most effective way to do this is to work with it experts like us who can help you find and integrate the best technology and changes that will meet your adaptive technology needs.

4. Implementing and training

Once you have defined the changes, and new technology to integrate, you need to implement it. This may include altering physical devices and machines where necessary, and then testing the systems to make sure they are working properly.

It is also be a good idea to train your employees who will be using the systems, and the team who will be managing the systems.

5. Maintaining

As with all tech systems, it is important to realize that the solution you implement will not work forever, and will eventually require maintenance, updating, or even replacing. You should take steps to audit systems on a regular basis to ensure they are still meet the needs of your company and employees.

This can be a time consuming and potentially costly step, especially if you neglect it. We strongly recommend working with a company like ours, who can help manage your solution and ensure that updates and any necessary changes are implemented when they are needed, and that should needs change, systems are subsequently updated to meet the new requirements.

If you are looking to implement accessible technology in your business, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

August 20th, 2014

If you operate your business online, it is crucial to keep your business information as secure as possible. These tips will help you brush up on your online security skills and prevent hackers from stealing vital information.

  • Change your password and user name from the defaults that were originally given when you first installed your computer system.
  • Check for updates for your operating systems security. Security safeguards are constantly improving and buffing up security services. Take advantage of this and constantly check for security updates.
  • Protect the financial information of your customers with encryption software. Encryption is also important for protecting internal information of the company.
  • Limit access to important company information. If your employee needs direct access to your information, require two passwords that change regularly. Some software can help you monitor this computer activity.

Proactive Networks in Pasadena will protect your data and ensure that your business moves forward. We are network integration specialists with powerful solutions to you IT needs. Contact us today for a free technology review.