This just in: According to a recent CBS news report, copy and multi-function machines in offices contain a huge, unknown security risk that all businesses must address immediately or face the legal, financial, and PR repercussions of a security breach.

A Surprising Fact About Your Office Copier

     Nearly every printer, copier and multi-function machine manufactured after 2002 contains a hard drive that stores the images of every document you’ve ever copied, faxed, or scanned. These document images stay on that machine’s hard drive forever and can quickly and easily be reproduced with a little know-how. Surprisingly, this little fact has not received any press – until now.

A CBS Undercover Investigation

     In April of this year, a reporter went undercover to a New Jersey copier warehouse that had over 6,000 used copy machines in stock for resale. This investigation reveals a shocking fact – it’s incredibly easy for a person to retrieve and reproduce every single document ever scanned, copied, or faxed through the machines available for resale.

     As part of the investigation, the CBS reporter pulled 4 random machines that were available for sale and purchased them for approximately $300 each. These machines were immediately loaded onto a truck and delivered within 2 hours to this reporter’s office. Using a free application available online, he was able to access the hard drive of each machine and reproduce the documents within 30 minutes. What he uncovered was unbelievable.

Disturbing Facts Revealed By The Investigation

     They discovered that one of the machines was formerly owned by the City of Buffalo, New York, Sex Crimes Division. In no time at all they were able to access over 249,000 documents that passed through that machine, including lists of sex offenders and crime data. Another machine from the Buffalo PD Narcotics Division contained a list of drug raid targets. The third machine was from a construction company. It contained blueprints of buildings, over $40,000 in check copies, as well as pages of paystubs, names, and the social security numbers of employees.

     But the fourth machine was the most disturbing. It was previously owned by a New York health insurance firm and contained over 300 pages of detailed medical records including drug prescriptions, blood tests, and even a cancer diagnosis – all which blatantly violate the new HIPAA laws.

Know What Your Responsibility Is

     Before you trade in, resell or dispose of any office copier, scanner or multifunction machine you MUST make sure the hard drive is wiped clean of all information as you would any computer in your office. Failure to do so could result in damaging security breaches and identity theft for your company, staff, and customers. This goes DOUBLE if you use your office machines to scan, fax, or copy social security numbers, credit cards, or medical records of any kind.

     As always, we are here to assist you with all things digital. If you are getting ready to dispose of or trade in a copier, scanner, fax, or multi-function machine, give us a call at 702-869-3636. We can make sure your data is forever erased and inaccessible to criminals looking for an easy hit.

The security of your organization is not only threatened by malware, hacks, and network attacks, but also attacks via a technique called “social engineering”.

Be aware that hackers have another tool in their toolset that employs a particularly subtle, insidious way of compromising the security of your systems and network. Called social engineering, it’s the use of psychological tricks to deceive targets into revealing potentially compromising information about the systems in their organization. In practice, it can be as simple as a hacker calling an employee and asking subtle questions to gain information, or posing as someone trusted, perhaps as building maintenance, walking in the doors of an organization to directly gain access to systems—or even searching through the trash and refuse left behind by employees. The popularity of social networking has also increased the danger with the ease and convenience of creating connections to potentially trusting members of your organization.

However, there are some actions you can take to protect your business:

• Create a policy outlining the proper handling and sharing of information online as well as offline.
• Put systems and procedures in place to protect your systems if sensitive information does get out—such as the regular replacement of passwords.
• Educate your employees about the threat. You cannot solve a problem if your people do not know that a problem exists in the first place. Awareness can be your best defense.

If you ask most business owners what’s the biggest threat to their company’s network and data, they might say, “viruses, hackers and cyber criminals,” or perhaps
“faulty hardware, software and system failures”. But research is showing a much different reality.

According to a recent study published by Computer Economics (a research and metrics company for IT managers) revealed that employee sabotage – whether it be for financial gain, retribution or some other motivation – accounts for a bigger threat than viruses, hackers, hardware failures and natural disasters.
    
With so much critical data and operations tied up in a company’s network, internal sabotage from employees becomes an even greater risk. In a matter of minutes,
an employee can delete software or erase years of data vital to a company. They can purposefully download viruses or attempt to tarnish their employer’s reputation by posting pornography on their company’s web site or spamming all clients with racist, hateful and slanderous e-mails. Or they can simply download client lists and other confidential information and sell it to competitors, post it online or use it to start a competitive business.

What are the reasons why they do this? The biggest one given is simply “job dissatisfaction.” Another contributing factor seems to be the recent downturn in the economy. Cut backs, layoffs and fewer raises have given rise to employees stealing data, equipment or money. For example, a law firm recently discovered their internal IT person was purchasing computer equipment on the company’s credit card and reselling it on eBay. He had embezzled over $40,000 before the company caught up to what he was doing.

Another company suspected that one of their employees was stealing and suspended them from work until a further investigation could be conducted. When the employee caught wind of what was happening, they deleted over a year’s worth of company e-mails – all containing important client records and history – in an effort to cover their tracks. Fortunately this company had a solid backup system in place and was able to immediately recover all the data within a few hours.

To protect yourself, we strongly recommend you have an offsite backup of your data in place. Please give ITS a call today if you do not have a backup solution in place 702-869-3636

Having an efficient IT system is one way a business can improve productivity and earn more. But IT technologies are constantly changing and upgrading, and those who don’t keep up can lose money in the process.

In this day and age, few businesses (if any) can survive without an IT arm. Every business, big or small, needs someone, or preferably a group of people, on hand to fix computer problems, check networks, monitor software – to generally make sure that their operations are running smoothly.

One question, though: have you ever stopped to consider whether the cost of maintaining your in-house IT system is worth it? For instance, consider your internet connection. Let’s say that a conservative estimate of the efficiency of your business without an internet connection is at 50%. And if your business makes a $1 million a year, then $500,000 depends on your internet connection. If your monthly bill for that connection is $500, or $6,000 annually, you earn $500,000 – $6,000 = $494,000. Now, if you decide to switch to a cheaper DSL connection, which is about $50 per month or $480 a year, you get a much higher figure: $499,520.

You could argue that the DSL is the wiser option, but when you look at a deeper level, a slower internet connection may also hamper your company’s productivity – let’s say, by 10%. So with only a DSL connection, your business operates at 90% of its total possible productivity. Considering the previous figures, a loss of 10% in productivity means a loss of $100,000. Subtract that savings from the DSL connection, $5,520 – you get a whopping loss of $94,480. So when you think you’re saving by getting a cheaper internet connection, you are actually losing more money. Inversely, if you subscribe to an even better connection that costs you $10,000, productivity can increase by $15,000.

The same principle applies when your IT infrastructure is not up to date, with slow computers, outdated software, and other problems. In a company with 10 employees who bring in an annual average of $65,000 each, even losing productivity for just 35 minutes a day due to IT handicaps can cost you $47,000. Hardly chump change! But hiring an IT provider who charges $20,000 a year can offset that lost productivity and even make your business run better, by as much as $27,000. It’s also noteworthy to mention that employing an IT firm can count as a legitimate business expense, thereby lowering your tax liability to about $8,000 if you peg corporate tax at 40%.

IT is important to a business. If you doubt that, just try doing without it for a week – just shut the whole thing down. For most, that’s out of the question, but operating with old software and hardware is almost just as bad. However, many businesses cannot spare the resources to continually upgrade their IT systems.

Enlisting the services of an IT firm changes all that. IT Service Providers are constantly on the lookout for better technologies – both hardware and software – that can make your business function much more efficiently and cost effectively. It’s what they do. And the costs are minimal. If you’re wondering how much better your company might operate with an IT Service Provider, we’ll be happy to sit down with you and run some numbers.

Before you entrust your sensitive data to a “cloud” service provider, make sure you weigh the risks with the benefits.

“Cloud computing,” largely synonymous with Internet-based computing, has become a hot topic of discussion among many in the business community, with its promise of radically simplifying the access to, and use of, computing resources on demand. It’s no wonder then that it’s been small businesses, often without full-time IT resources of their own, that have been the first to adopt the concept. As a business owner, however, before you start moving critical data to the “cloud,” you’ll do well to bear in mind the risks that come with the computing model.

First is security and privacy—ask how the service provider ensures the confidentiality and integrity of your data while in their care. Do they provide backups? Can you back up your data yourself? Are their security processes and procedures reviewed and vetted by a third party?

Next is availability. Do they guarantee the uptime of their services—7 days a week, 24 hours a day? Do they provide a service level guarantee? Do they have processes in place to handle exceptional circumstances that can disrupt services, such as a natural disaster? Is support readily available to help in case you encounter any issues?

Finally, there’s cost. While pay-as-you go can be attractive, the total cost over time can add up. It’s worth thinking two to three years out and considering the total cost versus alternatives.

Asking these basic questions can go a long way in giving you peace of mind before you entrust your valuable data and core business systems to the care of others. If you’d like some help sorting all this out and making the best decision for your unique needs, give us a call.

Making your business greener isn’t only good for the environment, but can also help your business become much more cost effective too.

There’s been a lot of buzz about environmental issues such as climate change, and with the effects reaching everyone around the world, we all need to do our part to help. The good news is that going green in your office or business can also help you become more cost effective. Here’s how:

• Shut down your system when it’s not being used. The principle behind this is pretty simple – you can save electricity and the bills you’ll have to pay with a simple system that can power down when it’s not being used.
• Downsize your infrastructure. You’ll save on bills and power consumption, as well as equipment. Determine the workstations that can be run on a skeletal system, with the heavy lifting done virtually or remotely. This is especially applicable to companies that have people frequently on the road or in the field. Also, if you let people work from home or remotely, there is little need to maintain a vast infrastructure at the home office.
• Go for a paperless office. Paper comes from the cutting down of thousands of trees, and buying it costs money. But these days with almost everything done electronically, paper use can be reduced to a minimum, if not eliminated completely.
• Turn your trash into gold. If you have old units you’re going to throw out but are still in working condition, consider donating them to charity and get a tax break. Or, try to recycle them. E-waste is becoming a big problem these days, so the less you throw away, the better.

If you’d like to know more about how to make your business more cost effective and environment friendly at the same time, we’d be happy to talk with you and draw up a plan that’s specifically suited to your needs.

Despite the clear trend towards greater adoption of mobile devices by businesses and consumers, a new study finds that many businesses are not taking full advantage of the opportunities created by this trend—especially in sales and marketing.

Global smartphone shipments continue to rise, driven by operator subsidies, lower barriers to adoption with the introduction of lower-cost models, and greater choices afforded by vigorous competition from companies such as Apple, RIM, Microsoft, and Google. Not far behind is the rising interest and adoption of other mobile devices, such as tablets with the success of Apple’s iPad.

Despite this trend, a new study by eROI, an online marketing agency, finds that many businesses are not taking full advantage of the opportunities it creates—especially in sales and marketing. The company surveyed 500 businesses, and the majority cited lack of resources and little understanding of what needs to be done as the major barriers to capitalizing on the trend. This, despite findings which show 91 percent of the population use mobile devices, with 23 percent using smartphones that make extensive use of online services.

Companies would benefit from looking at how these trends can be leveraged for building a strategy toward reaching new customers, engaging current customers, and creating rich experiences for both. Some examples from early pioneers in this area: building versions of their website that can be viewed comfortably on mobile devices, using services that make extensive use of social networks and location-based services such as Facebook and FourSquare that work well with mobile devices, and even building custom applications to provide a new channel for reaching and serving customers.

Companies can start small with pilot projects then work from there to see which work best for their businesses.

The continued exploit of many vulnerable applications that have been fixed by vendors for over a year highlight the need to keep software updated with the latest versions and patches.

A new report released by security firm M86 Security reveals a trend toward more sophisticated forms of malware in taking advantage of vulnerabilities in common software applications and developing techniques to avoid detection.

In M86’s report, among the applications commonly exploited are Microsoft’s Internet Explorer and Adobe Reader. Another vector for malware that hackers have been using recently is Java and Adobe’s Flash—which are installed on many PCs, often as plug-ins to most browsers.

Although the vulnerabilities in these applications have been identified and patched for over a year, failure to keep up with the latest updates have made many systems still vulnerable to attack. Our customers taking advantage of our Managed Security need not worry, since we make sure our customers’ systems are patched as soon as updates become available. Find out more about our Security Offerings today.

The 2010 hurricane season is upon us!  It is a good time to look at whether or not your business has a plan in place, to make sure you are covered in the event of a storm or a disaster.
Even if your business is not in an area that is prone to hurricanes, these tips are still for you. Floods, earthquakes, ice storms, fires, and even oil spills can dramatically affect your business operations by causing rain damage, electrical surges and power outages. 

What You Can Do To Prepare: 40% of small businesses never reopen after a major disaster due to lack of planning, according to a study by the American Red Cross. Small business need to make sure that they develop a disaster recovery strategy that outlines what programs and data are crucial to their day to day operations. Your data files represent many hours of work, and this effort should be protected against loss. Confirm that your procedures are sufficient to protect your data files. In addition, a monthly verification process should be in place, to make sure that the data you are backing up is everything you need. If you don’t have access to a file server or network, some form of scheduled desktop data backup should be performed. There are several inexpensive options such as external hard drives, flash drives, and CD rewritable disks. Businesses should back up the information in a timely manner and store the data in a safe, secure and dependable facility.

1. Backup Data Files.

2.UPS.  Due to the frequency of summer electrical storms, protecting computer equipment with an Uninterruptible Power Supply (UPS) that provides both over and under voltage protection is recommended. These devices contain a battery that will provide electrical current to a computer for a short period (usually 4 – 15 minutes), even when the power is out.

3. Ensure an Uninterrupted Power Supply. Consider purchasing a backup generator, but at the very least make sure you have plenty of batteries on hand. If you lose electrical power, you won’t be able to support your network infrastructure, let alone maintain the things we seem to take for granted, such as lighting the office.

4. Sign Up for a Reliable Internet Service. All of our businesses rely on the Internet to handle day to day operations. Without the Internet, we wouldn’t be able to send and receive e-mail, fulfill orders from customers, or perform a variety of other daily tasks.  When terrestrial networks are severely damaged, satellites provides instant infrastructure where it’s needed.  This allows business owners to ensure their Internet connection is not interrupted, so they can continue to send and receive e-mails, process orders, check inventory, and conduct day-to-day business.

5. Plug in a Corded Telephone. If you use a cordless phone in your office, don’t forget that it will not work during a power outage. By having at least one corded phone, you can make sure that your business will still have a telephone even if there is no electricity.

6. Computer Storage. If worst comes to worst and you have to evacuate, your computer, monitor, and all peripherals such as printers, scanners and speakers, should be shut down properly and unplugged from wall outlets. Move computers and peripherals away from windows and doors, and towards the center of the room.  If flooding is a possibility, place all your computer equipment on a raised platform least two feet from the floor.  Make sure everything is securely supported and covered with plastic sheeting.

Let Us Help You!
Intelligent Technical Solutions will be glad to help you get ready for the season. We can help you document your Network, prepare your Disaster Recovery and Business Continuity Plans, and get ready for the storms. If we are unlucky enough to get hit by a weather emergency, we can help you recover and get your technology back up in the shortest possible time. Call us today at 702-869-3636 for a free disaster preparedness assessment.

Mozilla implements new initiatives to ensure the security of its browser to fix the main security holes, and this brings Firefox’s latest version to 3.6.7

The Mozilla foundation, the organization behind the Firefox browser, announced recently that it has released a patch to fix many major security holes found in its software, as well as the pull out of malicious add-ons in its extensions gallery.

A new update brings Firefox’s latest version to 3.6.7, and includes fixes for nine critical issues that could potentially be exploited by hackers to launch attacks on vulnerable systems. This comes after recently pulling out a password stealing add-on called the “Mozilla Sniffer” in the Firefox extensions gallery. As a preventive measure, the Mozilla foundation has announced a US $3,000 security bounty program that for anyone who finds an eligible security bug. It has also announced that it will implement a source code review of add-ons to catch potential malware that could be injected into otherwise patched Firefox browsers.

As always, users are advised to be constantly on guard and to make sure they are using the latest updated versions of their software. Customers under our Managed Security program benefit by letting us do the worrying and updating for them, so they can focus on their business instead of their security. Not on our Managed Security program? Contact us today.