No Viruses for the Mac? The MacDefender virus will set you straight

MacDefender is the name of a newly discovered malware program that targets Mac OS X users. Disguised as an anti-virus program for Macs, it dupes – and if that fails, bullies – users into entering credit card information to pay for fake anti-virus software. It is a widely held belief that one of the reasons Macs are superior to other systems is because of their ‘invulnerability’ to viruses, malware, and similar threats. All well and good, except for the fact that a recent rogue anti-virus malware that specifically attack Mac OS X systems has been discovered. So much for the ‘Mac = no virus’ myth. Called the ‘MacDefender’ and also known as Mac Security and Mac Protector, this malware tricks users by having them think that their system is under attack. It begins when users visit a malicious website where the program automatically downloads itself to the computer. If you have the “Open safe files after downloading” option selected, it automatically installs itself onto the system. The original installation package is then also automatically deleted. Next, a new menu item appears on the Mac OS X menubar. You’ll see a small orange shield that becomes red, which supposedly means that there are viruses in your system. You’ll then be prompted to “register” – which involves giving out your credit card information – to a website to clean the virus. If you don’t, the malware will then direct your browser to porn sites to ‘encourage’ you to register and pay up. To know more about how MacDefender works, check out this video . While Macs are certainly targeted less than Windows systems, the threat of getting infected by viruses and malware is very real, especially if myths like Macs being impervious to viruses persist. To know more about protecting yourself from threats like these, please contact us so we can draw up a plan to keep your system safe and secure.

Continue reading

Mobile and Online Payments Now Possible with Google Wallet

Google is testing the waters of the electronic wallet with retail and online shopping industries by introducing a new service called Google Wallet. Google Wallet allows users to make purchases and earn loyalty points and coupons – all from a single smartphone. Smartphone technology has grown by leaps and bounds these past few years, and having a smartphone these days is almost synonymous to being online all the time. Software giant Google has decided to tap into this phenomenon with a new service called “Google Wallet”, which enables users to make purchases and payments from their smartphones. Partnering with Mastercard, Macy’s, Subway, American Eagle, Citibank, and Sprint, Google assures users that their e-wallet service is safe. The service requires that smartphones have a special chip that allows the user to simply “tap” or “swipe” the phone at participating stores to pay for merchandise or services. When you swipe your smartphone’s e-wallet, you also earn coupons and points for rewards. The technology is also designed so that the user can turn the chip off when Google Wallet is not being used, making it safe from hackers. If the smartphone is lost, the data can also be wiped remotely. A similar system to Google Wallet has been operational in some countries including Japan for some time now, but its use is limited to only certain areas and stores there. While the concept of Google Wallet has great potential, there are still several limitations to the system as Google continues to look for more partners for the enterprise before its official launch, which is slated for within a month or two.

Continue reading

Simple Online Security Tips

As more and more incidents of online identity theft are reported, it’s important that users become more aware of how they can prevent themselves from becoming the next victim of identity theft. Following some simple tips can help you make your online experience a much more secure one. Security experts are seeing a rise in the incidence of cyber-crime these days as more and more people use the web for their day-to-day needs. No one is spared – both businesses and private individuals have become victims of opportunistic cyber-criminals who take advantage of loopholes in security systems and a lack of foresight and alertness on the part of users. One common cyber-crime is identity theft, in which hackers steal and assume the identity and personal information of someone else. Under the guise of the usually unknowing victim, these unscrupulous individuals commit fraud or other crimes. While there is no 100% guaranteed way to be safe from identity theft when online, there are a number of steps you can take to protect your identity and your data. Have the right security software. One of the keys to keeping your identity and data secure is having the proper security software in place to protect your system. Also make sure to update the software regularly. Know the modus operandi. It’s also important to be aware of the different scams and techniques hackers use, such as phishing, which involves duping the user into clicking a legitimate-looking (but fake) link that has the victim enter personal information or download a file that introduces malware into the system. The rule of thumb is that if an email is unsolicited, there is a high probability of it being a scam or phishing email. Be stingy with your personal information. Be sure to only fill out personal information on sites that are legitimate and that you trust, and even then, only if you absolutely need to. Check and double check things like the URL or the company’s tag line to know if a site is what it says it is and whether it is secure. Phishing sites also look legit – but a careful look should be enough to tip you off that something’s amiss. Create unique passwords. The more complicated your passwords are, the harder they are to guess or hack. So don’t pick generic passwords like “password” or “12345″ or things like your birthday or wedding anniversary. The best passwords are alphanumeric – a combination of both letters and numbers. Secure wireless networks. It’s important to allow only the right people to have access to your wireless networks. Besides saving bandwidth, this also prevents leechers and hackers from using your connection to tap into your system or use it for unscrupulous activities. To know more about keeping your identity and data secure, please give us a call and we’ll be happy to discuss a custom security solution that meets your specific needs.

Continue reading

Ready for a Data Loss Disaster? Eight Questions to Find Out

Losing data to a natural or man-made disaster can be devastating – but the protective actions you can take are not. What would happen to your business if you had a major data loss? The possibility is definitely there; this can’t be denied. Data loss disasters come in many forms, ranging from simple human errors to “acts of God” that cannot be controlled. However, you can control how you prepare for them. Here are eight questions you can ask yourself to test your disaster preparedness. First: Do we back up our data? It’s amazing how many small businesses do not have a backup system in place. It’s so easy to assume disaster won’t strike you. But data loss doesn’t always come from huge, cinema-worthy disasters. They can result from simple everyday errors – yet have huge disastrous results. Don’t let this be you. Do we back up all of our account information? Many small businesses tend to keep their accounts data on one employee’s PC, instead of the network which is on their backup schedule. But what if you lose your customer database? Be sure it’s included in the files to be backed up. Do we back up our email files? Ever wish you had that one email from a few months back, in which a customer gave you the “go ahead” – but now they’re refusing to pay for your work? These days, email is increasingly used as legal evidence of agreements or notices to proceed. If they’re included in your backup, you can easily pull up even deleted emails – received or sent. Is our Calendar and Contact information backed up? What if you came to work one morning and your online calendar and address book was gone? What appointments and communications would you miss, and at what cost? Most of the time, by default your Outlook Contact and Calendar files are stored on the individual PCs. Make sure these files are included in your backup set. Do we back up folders and files from each computer? In addition to important information that is stored in shared networks, think about the files that each of your employees create and use on their own hard drives. Spreadsheets, letters, memos, databases – wouldn’t it be a shame to lose all that work? Are we always saving our files to an area that will be backed up? Consider where each and every file your work on is being saved. Will it be included in your backups? Develop policies and educate your employees on where to save their work so it’s included in your backup schedule. Do we back up data frequently enough? This answer to this question is – how much work are you willing to risk? Say you complete an important contract on Tuesday morning, and an employee accidentally deletes it that afternoon. But you only run backups on Monday, Wednesday, and Friday. Bye-bye contract! A more frequent backup schedule would have saved the day. Do we know where our backups are and how to use them? If you use USB drives, external hard drives, or backup tapes for your backups, are you storing them offsite in a safe place? Even if your files are backed up to the cloud, do you know how to recover them in case of an emergency? Knowing your backup system and keeping it safe will ensure you can get back to business quickly and efficiently. Even if you already have a backup system in place, take a few moments to think about your specific business. If the unthinkable happened, exactly what data would you need to get back up and running? What could you not operate without? Once you identify these things, simply make sure they are included in your backup. Need help? We’re experts in guiding small businesses in setting up a backup system that meets their unique needs. Give us a call today to discuss the options available to keep your business data safe and sound.

Continue reading

The ROI Series, Part 4: Measuring ROI

Business value

The ROI Series: Calculating the ROI of a Technology Investment—Part 4. Cost savings are usually important to small businesses even in the best of times. New technology solutions may be necessary for survival and growth, however — and they may not be as expensive as you think when you consider their return on investment (ROI). In this four-part series, we’ll explain what ROI is, help you understand indirect ROI, and provide guidelines for predicting and measuring the ROI of a technology investment. Part 4: Measuring ROI If you’ve been following this series, you’ve already learned what ROI is and how you can use it to make sure your technology implementations are profitable. But the process doesn’t stop there: it’s important, once you’ve implemented a new technology solution, to track its benefits. There are many direct and indirect benefits of implementing new technology, as we’ve described — but in most cases, companies don’t know what they are. In many cases, what you measure is clear. Consider a service company that implements customer service software designed to help phone representatives more quickly resolve customer issues. To determine ROI, the company simply measures the number of calls per employee before and after implementing the software. In other cases, companies don’t measure what we call the relevant “value drivers.” Some companies don’t know what to measure; others know what to measure but don’t know how to do it. The end result: only 17 percent of CFOs measure ROI for outsourcing projects, according to Hewitt Associates. As an example of how this could happen, consider a manufacturing company that implements software designed to reduce errors in a product line, thereby improving quality. While the company may be tracking the increase in quality (in the form of fewer returned goods, for example), it may not be considering other value drivers. How about waste? We can assume that quality has improved, fewer products have been scrapped — but the company doesn’t have a business process in place that can track costs incurred from waste. How do you identify value drivers? Follow the workflow. IT will always impact your business processes in some way. For example, it might eliminate, create, or change a business process. So to identify value drivers, look at the results you hope to achieve from these business process changes. As an example, consider the service company we referenced previously. As a result of its new customer service software, the company might reduce its customer service employees from five to four. This change in business process shows that one value driver is the reduction in labor costs due to increased efficiency, resulting in a direct ROI. Another value driver might be improved customer service, resulting in an indirect ROI. As another example, consider a company that implements software to track employee performance against objectives. In the past, it has paid bonuses randomly; now it has a methodology. This change in business process shows that one value driver is the savings in bonuses not paid due to non-performance, resulting in a direct ROI. Another value driver might be improved employee morale and effort, resulting in an indirect ROI. Generally, a year of data collection should be sufficient to determine the changes in costs and revenues that will drive both direct and indirect ROI, providing you with solid data to determine just how effective your IT investment has been.

Continue reading

Small and Medium-Sized Businesses Make Big Targets for Cyber-Attacks

Security experts are discovering an emerging trend in cyber-crime these days as more and more SMBs become attractive targets for cyber-thieves because of their inadequate security measures. Reports have shown that cyber-criminals can siphon off as much as $70 million worth of accumulated resources. There is a misconception among many SMBs that they are small targets for would-be cyber-attacks. “We’re too small a company to be of any worth” is the mindset of many. However, there is an ongoing trend in which smaller companies actually find themselves victims of the most elaborate and vicious cyber-attacks. Why? Security experts are discovering that SMBs tend to have less or inferior security protocols in place to counter cyber-attacks. While this was of little consequence in the past, cyber criminals are now starting to take notice of the fact, and are exploiting it to their advantage. And it’s profitable too – an attack on one SMB might not amount to as much as a larger organization, but given the greater ease through which hackers can attack smaller businesses, they more than make up for the difference in the volume of companies they target. According to several news reports, these cyber-thieves can make off with as much as $70 million. The more unfortunate fact is that smaller companies are less able to counteract the effects of losses from cyber-attacks. This is why you should stay one step ahead of cyber-thieves by updating your security systems. Short term or long term, it’s a practical solution to keep information and data safe, and your operations stable. Give us a call today – we can help.

Continue reading

The ROI Series, Part 3: Predicting ROI

Business value

The ROI Series: Calculating the ROI of a Technology Investment—Part 3. Cost savings are usually important to small businesses even in the best of times. New technology solutions may be necessary for survival and growth, however — and they may not be as expensive as you think when you consider their return on investment (ROI). In this four-part series, we’ll explain what ROI is, help you understand indirect ROI, and provide guidelines for predicting and measuring the ROI of a technology investment. Part 3: Predicting ROI As we explained in part 2 of this series, you can’t measure ROI simply by asking what a technology implementation will do for your bottom line. However, if the new technology leads different parts of your company to collaborate, which in turn produces better goods and services that lead to top-line growth, then your ROI is likely strong. Getting at those indirect ROI numbers, however, may be the greatest challenge of ROI analysis. Few models exist to guide you, and with good reason: determining ROI involves looking at many components, then applying those components to your particular situation. But there are things you must take into account, from both a cost and a benefit perspective, when considering the ROI of a technology investment. Your existing technology infrastructure. There are few companies without existing technologies in place, and any new solution will need to work with these systems to be effective. There will likely be costs associated with the new technology’s impact on existing systems — but there will also be benefits. For example, a new technology might automate the tracking of hourly employees’ work hours. Or, it might offer more efficient collaboration. Your business processes. A new technology can clearly improve your business processes by reducing downtime, improving productivity, and lowering costs. But implementing the new technology will likely involve training staff in using the technology — and that can have associated costs. Your external relationships. Finally, no business is an island. Your systems may link to customer and vendor systems. As a result, any new technology may impose constraints on or require changes of external organizations or individuals — in the way information is delivered or received, for example. To solve this puzzle, it can be helpful to ask three different but related questions about the technology solution’s direct and indirect costs as well as its efficiency. Direct costs: Can you afford the technology — and will it pay for itself? To answer these questions, you’ll need to know the cost of the solution itself and the monetary value of the resources used to implement it, measured in standard financial terms. You’ll then compare the dollar cost of all expenditures to the expected return in terms of the projected savings and revenue increases. You may need to project the cost and return over a multi-month or multi-year time span in order to show a payback period. Indirect costs: How much bang for your buck will you realize? Now the analysis becomes more complex. Analyzing the effectiveness of a technology solution requires you to look at its costs in relation to how effective it is at producing the desired results — in essence, to expand your measurement of ROI beyond cost savings and revenue increases to include performance relative to your company’s goals. Efficiency: Is this the most you can get for this much investment? Finally, you’ll want to ask whether the technology will produce the greatest possible value relative to its direct and indirect costs. That can present difficulties, as it will require you to conduct a similar analysis on many alternatives, perhaps simulating the performance of the alternatives in some way. These three types of measurements differ in several ways. While the first is based simply on financial metrics, the second includes the quality of goods or services, customer satisfaction, employee morale, or in the case of some companies (such as manufacturers of “green” products or non-profits), social or political benefits. All of these measurements, however, will help you answer the same basic question: Which technology investments will pay off in the long term? In the next part of this series, we offer specific tips for measuring ROI.

Continue reading

The Dangers of Public Wi-Fi

The convenience and practicality of using public Wi-Fi hotspots is undeniable, but it can also be a problem should hackers decide to exploit network loopholes and gain access to the people connected to it. It’s important to have the proper protection to keep your system safe. These days, Wi-Fi is everywhere. Airports, coffee shops, train and bus stations, malls – almost every public place you can think offers Wi-Fi connectivity. Being connected to the internet has evolved from luxury to necessity, and whether it’s for personal or business reasons people are online as much as possible. This is all well and good, except when you consider that hackers have started to extend their playing field to public Wi-Fi networks. With the volume of sensitive information such as passwords and financial transactions, it’s inevitable that crooks and fraudsters move to public networks where there is more potential to illegally farm large chunks of information. Two things are important about this emerging trend. First, it’s the very nature of public networks that makes them vulnerable to attack. Second, hacking has become much easier these days, with very simple hacking programs such as Firesheep easily downloadable from the web. However, the solution is simple as well: have the proper security protocols on your smartphone or laptop. It’s unfortunate that many people neglect to recognize the importance of such policies, and only have minimal security (if any at all) to guard against attacks. But as long as you have the proper protocols in place, you can stay connected – even through public Wi-Fi – without fear of hacking or any sort of intrusion into your system. If you want to know more about keeping your portable devices safe from attacks, please feel free to contact us. We’ll be glad to explain the issue in more detail and draw up a solution customized to fit your needs.

Continue reading

Is Your Data in the Cloud? Can You Get It Back?

Are you concerned about the safety of your data if it’s stored “in the cloud”? Cloud computing is a relatively new trend among businesses today, and with the right preparation and knowledge it can be an economical and effective solution to data management challenges. You just need to know the right questions to ask when selecting a provider. A few weeks ago, Amazon suffered several days of outage in its EC2 and RDS service, bringing down dozens if not hundreds of services along with it — including such high-profile sites as Reddit, Heroku, Foursquare, Quora, and many others. Although the cause of that outage has been analyzed extensively in many forums, the discussion is interesting and relevant because it brings attention to the lesson that wherever or whomever you entrust your data to—be it in the “cloud” or to a big company like Amazon — it pays to be smart about how you manage your data, especially if it’s critical to your business. Understand your options. When someone else is managing your data, it’s easy to leave the details to them. However, making sure that you at least have some understanding of what your options are in what different service providers can offer you will pay dividends later if something goes wrong, since you’ll be better equipped to make an informed decision on the spot. Things you should look at include: Who is the service provider? What is their history? Who is behind them? What is their track record? Where do they store your data? Do they own the servers where your data is stored or do they rely on someone else? Is your data stored within the local area (i.e., a drive away) or is it distributed all over the map? Do they provide a mirror of your data within your own server, or is everything in their data centers? What measures do they employ to make sure your data is safe? What methods do they employ to ensure you can get to your data when you need it? Do they provide service level assurances or guarantees to back up their claims? These are just some of the basic questions you should be asking of your service provider. Do a test drive. Often you will not know exactly how a service works until the rubber hits the road, so to speak. Ask your service provider for a demo or a trial period. Test how fast it is to back up your data, but more importantly how fast you can bring it back when you need it. This is especially important if you’re talking about gigabytes of data. Understand that doing backups in the cloud can be hampered by your bandwidth and many other components of your system and theirs. Don’t put all your eggs in one basket. Some service providers give users the option of storing data in multiple sites, to ensure that your data is safe if one site goes down. But why rely on just one service provider when you can get the services of multiple providers instead? Or perhaps better yet, why not manage some of your data on your own? While it may be complex and costly to reproduce what many service providers can provide today, it is relatively easy to set up a simple system to keep at least some of your really, really important data locally by using an unused computer or a relatively cheap, network-attached storage device or secondary/removable drive that you can buy at your local store. Create a plan and write it down . Unforeseen occurrences can and will happen — not only from your side but from your service provider’s as well. When they do happen, you will need to have a contingency plan ready, often referred to as a Business Continuity Plan. Make sure to document your plan in writing, and communicate it to everyone in your organization so they will know what to do in case disaster strikes. With its promise of unprecedented efficiency, reliability, scalability, and cost savings, cloud computing and storing your data in the cloud is the topic du jour these days. However, it’s sometimes easy to overlook the basic due diligence that’s necessary regardless of how or where your data is stored. Ultimately, it is your business on the line—and being prudent and proactive about how your data is stored, managed, and (most importantly) recovered in times of need will save you much grief when you actually need it.

Continue reading

The ROI Series, Part 2: The Indirect Benefits of Technology Implementation

Business value

The ROI Series: Calculating the ROI of a Technology Investment—Part 2. Cost savings are usually important to small businesses even in the best of times. New technology solutions may be necessary for survival and growth, however—and they may not be as expensive as you think when you consider their return on investment (ROI). In this four-part series, we’ll explain what ROI is, help you understand indirect ROI, and provide guidelines for predicting and measuring the ROI of a technology investment. PART 2: The Indirect Benefits of Technology Implementation It’s easy to see the direct benefits of new technology, such as reduced headcount or increased revenues. That’s because they show up as line items on financial statements. But it’s also important to consider the indirect benefits: an ROI that cannot be easily quantified but is nonetheless realized. A good example of an indirect ROI is employee productivity. When you implement new technology, employees can perform their jobs better and faster. For example, an application that facilitates better communication between attorneys and clients at a law firm may not generate a direct return by reducing head count, but it can significantly improve the quality of service clients receive while giving attorneys more time to focus on value-added tasks, such as sales. That, in turn, will increase clients and profits—a very clear indirect return. All technology generates some indirect returns, but how much is direct and how much is indirect? One research firm found that direct returns account for only half of technology ROI. Less than 50 percent of companies that implemented a document management system saw a direct ROI, while 84 percent saw an indirect ROI in the form of measurable increases in employee productivity. To determine how much of a proposed implementation’s ROI is indirect, you must consider three key factors: the kind of technology being implemented, the areas in which it will be implemented, and your current IT environment. The kind of technology being implemented. While all technology provides some indirect ROI, some technology generates more. For example, supply chain software can improve productivity, but most of its ROI is direct, in the form of reduced inventory and transportation costs. On the other hand, collaboration software may have a huge impact on worker productivity by reducing the time it takes to execute group-oriented tasks, such as sharing information and coordinating meetings. Likewise, content management systems tend to generate significant indirect ROI by leading to faster filing and decreased retrieval times. The areas in which technology will be implemented. Where and how you deploy technology will also impact the portion of its ROI that is indirect. As an example, consider a business intelligence dashboard. Depending on how it is used, ROI could be more direct or indirect. If it is used to give a logistics manager the ability to better monitor and control transportation costs, the ROI is primarily direct. If it is used to provide financial analysts with quicker access to monthly metrics, the primary benefit will be time savings, an indirect ROI. Your current IT environment. Finally, the extent to which a new technology’s ROI is direct or indirect may depend on how much change the technology leads to. Consider an application that tracks employee hours. A company that has manually collected time will see significant direct ROI in a reduction of the number of timekeepers needed. On the other hand, a company that already has an automated attendance process will see more indirect ROI in the form of efficiencies through time savings. Indirect ROI may not be readily visible, but it is critical to driving business value. A business that ignores indirect ROI, choosing not to improve its technology because there is no direct ROI, will not be able to keep up with competitors. In the next part of this series, we offer specific tips for predicting ROI.

Continue reading