Homeland Secure IT is stuck in the past! That’s right, a high-tech business is using what most consider to be antiquated technology.
It isn’t because of the cost, it is because of the features. We are actually paying more per month for our cell phone plan than if we were using the latest devices and connectivity.
What we use and why we use it:
Our handheld devices are Blackberry Curve 8350i smart phones, on the Nextel / Sprint network, using iDEN with Direct connect and Blackberry Enterprise Server connectivity. As mentioned, this is an expensive data plan. And it is a slooooooooow connection. However, we use what we have because it provides:
Instant communications with our techs via Direct Connect (a phone call takes so much longer, and we can DC multiple techs at once in an instant)
Blackberry Enterprise Server (BES) provides us with INSTANT transfer of mail, contacts, calendars from our Microsoft Exchange Server. Mail generally moves in a matter of seconds, instead of minutes with ActiveSync Push
The Blackberry Curve has a very fat-finger-friendly physical keyboard on it that allows rapid typing, without even looking at the display.
What we dislike about this:
iDEN transfer speeds are horrible. Try browsing on one of these phones if you are not around a WiFi connection sometime.
Cell calls are dropped CONSTANTLY and we are out of range constantly (Verizon phones have a signal, almost always when ours do not)
People who call us while we are in a Direct Connect conversation get “Please hold while the subscriber you are trying to reach is located”
If you try to direct connect someone while the phone is being used for email, you get “User busy in data”
Many times the phone will never ring, but we will get a voice mail notification (presumably because we had no signal)
This service is expensive in comparison with Verizon
That list is just off the top of my head, I’m sure I will think of a few more points after I hit submit.
What we would like:
A major reduction in service interruption due to signal path. Verizon appears to be the best bet in regards to that.
Instant mail transfer to allow our clients to send/receive email INSTANTLY with no delays, like we have with BES. Our customers are used to getting responses in a few seconds after sending their email, going from that to a delay of several minutes means that a conversation spread out over a half-dozen emails could take 10-15 minutes to complete due to the transport delays.
A push-to-talk experience like Direct Connect, or something very similar. Of course, there are some push-to-talk Apps for the Android, but they are not “instant” in functionality, they actually appear to record your comment, then send it, and play it on the remote end. I am unaware of a Push-To-Talk Verizon Android phone, and obviously, iPhone does not offer it at all.
An Android or iPhone rather than the old Blackberry, but with a good keyboard on it, not just a touch screen. Something we can run the latest and greatest apps on and feel a little more “with it”. The only Android phone offered for iDEN is the Motorola i1 which has Android v1.5 (lagging behind the rest of the world by far)
So here we are, stuck in the past, and feeling unhappy, but unable to make a move.
We could move to Verizon, get a modern Android phone like the Droid 2, with a keyboard, have great signal most everywhere we go, and give up Direct Connect as well as suffer with slower email, but make up for it with faster internet browsing.
We could move to the Motorola i1 Android device on Nextel, but still have slow internet, and an outdated Android…
We COULD go back to carrying two phones, one for feel-good experience, and one for Direct Connect and email.
If you have any comments, I would love to hear from you. Especially if you have used a “walkie talkie” or “push to talk” app on Android that gives a more “Direct Connect” like feel, closer to real-time communication.
Ransomware - Pay up or the world sees your porn habit!
If you have not heard about the Kenzero trojan, then sit back and let me tell you a tale that may keep you from sleeping tonight.
We’ve seen lots of malware which makes the user believe they have been infected and that they can pay X dollars to have their machine cleaned up. While very popular, these have nothing on Kenzero and the new breed of “ransomware” trojans that have been making the rounds.
Picture this, you install an application and it turns out to be the carrier for Kenzero. The trojan then uploads all your intimate information to the web for everyone to see. We’re talking about all that porn that you keep hidden away, your browsing history, and more. Then you are told to pay a “ransom” to have it removed from the public view! Fortunately, Kenzero is (currently) only loaded when you install a Japanese anime program that the average person is not going to install.
The important thing to keep in mind is that even though Kenzero is currently only a payload that is delivered via a specific means, there are likely criminals who will take a lesson from this and quickly create similar malware to be distributed via traditional channels, like attachments, links, exploited websites, etc. There are other variants of this theme such as the old Cryzip, which locks down your files and forces you to pay the ransom to get it back. And some that make the threat that they will delete everything, if you don’t send money.
I’m sure this is not going away, and I am also certain that after reading this, you will want to insure your computer is up to date with all OS patches, and that your anti-virus is current.
If you are using questionable anti-virus for your home or business, please consider Trend Micro Internet Security or Trend Micro Worry Free Business Security. Call us today for a free consultation and ask about a free evaluation of these great products. We offer computer, server & network support in Greenville & Upstate SC, as well as full virus service such as cleanup, removal and prevention. 864.990.4748 or info@homelandsecureit.com
Homeland Secure IT Alert for Wednesday, September 15, 2010
Yesterday’s “Patch Tuesday” was an exciting one… It included patches across the board for all Microsoft Windows operating systems, Microsoft Office and IIS (web server).
The most critical in my opinion is IIS as it often sits on your server, providing Outlook Web Access, or other data, and is accessible to the outside world. So, in addition to applying updates to the workstations, please pay attention your servers too…
If you read the bulletins you will see that the majority of the exploits have involved coaxing someone to open an email or website with malicious payload. Cut your exposure dramatically by NOT following random links and keeping your systems patched, in addition to keeping current and quality Anti-Virus products on all systems in your network. We recommend, support and sell Trend Micro Internet Security and Worry-Free Business Security products.
I have included security alerts from our friends at Watchguard, makers of outstanding firewalls and security appliances…
—
Microsoft Office Update Plugs Critical Outlook Hole
Severity: High
14 September, 2010
Summary:
These vulnerabilities affect: The versions of Outlook that ship with Microsoft Office 2002, 2003, and 2007
How an attacker exploits them: By enticing your users into opening or previewing a maliciously crafted email message
Impact: The attacker can execute code, potentially gaining complete control of your Windows computers
What to do: Install the appropriate Office patches immediately, or let Windows Automatic Update do it for you.
Exposure:
As part of today’s Patch Day, Microsoft released an Office security bulletin describing a critical buffer overflow vulnerability that affects the versions of Outlook that ship with Microsoft Office 2002, 2003, and 2007. Specifically, Outlook suffers from a heap buffer overflow vulnerability due to its inability to handle specially crafted email. If an attacker can get one of your Outlook users to open or preview a malicious email message, she can execute code on that user’s computer with that user’s privileges. If your users have local administrator privileges, as most Windows users do, the attacker can leverage this flaw to gain complete control of your users’ computers.
Luckily, one factor significantly mitigates the risk of this serious vulnerability for Outlook 2003 and 2007 clients. Specifically, this flaw only affects Outlook clients that connect to an Exchange server in Online Mode. It does not affect Outlook clients that connect to an Exchange server in Cached Exchange Mode. By default, Outlook 2003 and 2007 clients connect to Exchange servers with the unaffected Cached Exchange Mode. However, Outlook 2002 clients don’t support Cached Exchange Mode, and thus suffer the greatest risk from this flaw.
We recommend you upgrade all your Outlook clients as soon as possible to avoid this serious vulnerability. Furthermore, if you have Outlook 2002 clients, update them immediately.
Solution Path:
Microsoft has released patches that correct this serious Outlook flaw. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.
Attackers can exploit this flaw with seemingly normal email messages. The patches above are your best solution. Theoretically, WatchGuard’s incoming SMTP proxy might be able to help prevent emails that target this vulnerability. However, neither Microsoft, nor any third party researcher, have disclosed specifically how an attacker would have to craft an email in order to trigger this flaw. Without this information, we can’t say for sure whether or not our proxy might help. However, if we do learn such details, we will update this alert.
Status:
Microsoft has released patches correcting this issue.
This alert was researched and written by Corey Nachreiner, CISSP.
—
Seven Windows Updates for an Equal Number of Vulnerabilities
Bulletins Affect Print Spooler, MPEG-4 Codec, RPC, and More
Severity: High
14 September, 2010
Summary:
These vulnerabilities affect: All current versions of Windows and components that ship with it (one flaw also affects Office to some extent)
How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network packets, or enticing your users to open malicious media or documents
Impact: Various results; in the worst case, an attacker can gain complete control of your Windows computer
What to do: Install the appropriate Microsoft patches immediately, or let Windows Automatic Update do it for you.
Exposure:
Today, Microsoft released seven security bulletins describing seven vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity.
The print spooler is a Windows service that manages printing. According to Microsoft, the print spooler does not adequately validate whether a remote user has adequate permissions to send it print jobs. By sending a specially crafted print request, an attacker can exploit this print spooler vulnerability to save a malicious file on your computer. Windows automatically executes files saved to certain locations. By placing a malicious executable in the right place, the attacker could exploit this flaw to gain complete control of your Windows machine. However, only computers with shared printers are vulnerable to this issue. Furthermore, most administrators do not allow the traffic necessary for print sharing (UDP and TCP ports 135, 137, 138, 445, and TCP port 593) through their firewall. So this flaw primarily poses an internal threat. Microsoft rating: Critical.
MPEG Layer-4, is an audio and video encoding format used to compress media for playback on digital devices, like computers. Windows ships with special codecused to decode and playback MPEG-4 within music files or videos. Windows’ MPEG-4 codec suffers from an unspecified code execution vulnerability, involving its inability to handle specially crafted media files. By luring one of your users into downloading and playing a specially crafted media file, perhaps embedded on a website, an attacker could exploit this vulnerability to execute code on that user’s computer, with that user’s privileges. If your user has administrative privileges, the attacker gains complete control of that user’s PC. Microsoft rating: Critical.
According to Microsoft, the Unicode Script Processor (USP10.DLL) is a collection of APIs that enables a text layout client to format complex scripts. Unfortunately, it suffers from a memory corruption vulnerability involving the way it handles specially crafted documents containing OpenType fonts. By enticing one of your users to download a malicious document, and then open it within an application that uses the Unicode Script Processor APIs, an attacker can exploit this flaw to execute code on that user’s computer, with that user’s privileges. If your user has administrative privileges, the attacker gains complete control of that user’s PC. Keep in mind, third-party, non-Microsoft applications can also use the Unicode Script Processor. Note: Unicode Script Processor also ships with Office, so you will have to patch Office as well. Microsoft rating: Critical.
Remote Procedure Call (RPC) is a protocol Microsoft Windows uses to allow one computer on a network to execute a task on another computer and then receive the results of that task. The Windows RPC client suffers from an unspecified memory corruption vulnerability involving its inability to handle specially crafted RPC requests. By sending a specially crafted response to an RPC request, an attacker could exploit this vulnerability to gain complete control of your Windows machines. That said, the attacker would have to find a way to lure the victim into making an RPC request to his malicious computer in the first place. Furthermore, most administrators do not allow RPC traffic through their firewall. Therefore, this flaw primarily poses an internal threat. Finally, this flaw only affects XP and Server 2003. Microsoft rating: Important.
MS10-067: Wordpad Text Converter Memory Corruption Vulnerability
Wordpad is a very basic word processing program and text editor that ships with Windows. It also includes some text converter components that allow you to open various Word documents, even if you do not have Office or Word. Unfortunately, the Wordpad text converter suffers from an unspecified memory corruption vulnerability involving its inability to handle specially crafted Word 97 documents. By luring one of your users into downloading a malicious document, and opening it in Wordpad, an attacker could exploit this vulnerability to execute code on that user’s computer, with that user’s privileges. If your user has administrative privileges, the attacker gains complete control of that user’s PC. This flaw only affects XP and Server 2003. Microsoft rating: Important.
The Local Security Authority Subsystem Service (LSASS) is a Windows component that handles security policy and authentication tasks for Windows. LSASS suffers from a heap buffer overflow vulnerability caused when handling specially malformed LDAP messages. By sending a maliciously crafted LDAP message, an authenticated attacker could exploit this flaw to elevate his privileges, and gain complete control of your computer. Of course, the attacker would need valid credentials and access to your Active Directory server in order to exploit this vulnerability. It primarily poses an internal threat. Microsoft rating: Important.
MS10-069: CSRSS Local Elevation of Privilege Vulnerability
The Client/Server Run-time SubSystem (CSRSS) is an essential Windows component responsible for console windows and creating and deleting threads. It does not properly allocate memory when handling specific user transactions on Windows systems configured with Chinese, Japanese, or Korean system locales. By running a specially crafted program, an authenticated attacker could leverage this flaw to elevate privileges, gaining complete control of a Windows computer. However, the attacker would first need to gain local access to a Windows computer using valid credentials (Guest access would work) in order to exploit this flaw. Furthermore, this flaw only affects Windows systems with Chinese, Japanese, and Korean system locales installed. It also only affects XP and Server 2003. Microsoft rating: Important.
Solution Path:
Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately. If you choose, you can also let Windows Update automatically download and install these for you.
Attackers can exploit these flaws using diverse exploitation methods. A properly configured firewall can mitigate the risk of some of these issues. In fact, by default your Firebox will prevent most of the Microsoft flaws that require network access – specifically, the SMB-related vulnerabilities. You can also configure your Firebox to block the files types necessary to carry out some of these attacks (.DOC .MP4 files, etc…). That said, the Firebox cannot protect you from local attacks, nor can it prevent attacks that leverage normal HTTP traffic. Therefore, installing Microsoft’s updates is your most secure course of action.
Status:
Microsoft has released patches correcting these issues.
This alert was researched and written by Corey Nachreiner, CISSP.
—
Three IIS Flaws Allow Authentication Bypass, DoS, or Code Execution
Severity: Medium
14 September, 2010
Summary:
This vulnerability affects: IIS 5.1, 6.0, 7.0 and 7.5
How an attacker exploits it: By sending specially crafted HTTP requests or URLs
Impact: In the worst case, an attacker can gain complete control of your IIS server
What to do: Install Microsoft’s IIS update immediately, or let Windows Update do it for you
Exposure:
Microsoft’s Internet Information Services (IIS) is one of the most popular web servers used on the Internet. All server versions of Windows come with IIS, though some of its services may not start by default.
In a security bulletin released as part of Patch Day, Microsoft describes three vulnerabilities affecting IIS. The worst is a buffer overflow vulnerability involving the way IIS handles FastCGIenabled requests. By sending you IIS server a specially crafted HTTP request, an attacker could exploit this vulnerability to gain complete control of your IIS server. This flaw sounds quite bad, however a key mitigating factor limits its severity. FastCGI is not enabled by default on IIS server. You are only vulnerable to this flaw if you’ve specifically enabled it.
The two remaining flaws include a Denial of Service flaw that an attacker could leverage to crash your IIS server and an authentication bypass vulnerability that attackers could leverage to gain access to web resources that require authentication.
Though Microsoft only rates these flaws as Important, we recommend IIS administrator download, test and install the IIS update immediately.
Solution Path:
Microsoft has released IIS updates to fix this vulnerability. IIS administrators should download, test and deploy the corresponding update as soon as possible, or let Windows Update do it for you:
WatchGuard’s HTTP-Server proxy action allows you to control many aspects pertaining to the HTTP requests you accept to your web server. In some cases, this control can allow you to configure your proxies in ways that prevent certain types of attacks from succeeding. However, neither Microsoft, nor this flaw’s original discoverer, have disclosed enough technical detail about this flaw for us to say whether or not our proxy can help. If we do learn technical details that suggest our proxies do help, we’ll update this alert. However for now, Microsoft’s patches are your primary recourse.
Status:
Microsoft has released updates to correct this vulnerability.
This alert was researched and written by Corey Nachreiner, CISSP.
—
WHEW! That was a ton of information! Are you still with me? Are your eyes glazed over yet?
As always, if you have questions or require assistance with these patches or any others, please call us at 864.990.4748 or email info@homelandsecureit.com– Please inquire about our Watchguard line of network security products!
If you have issues with your business computer systems, who do you call?
If you are calling a one-man-shop, you may be getting a great deal in terms of hourly rates, however, you may find that the wait for this one person to finally get around to you could lead to inconvenient downtime. Unfortunately, the better the technician, the more likely this will become reality as they will pick up new clients, and have to service them. Obviously, there is only so much of one person to go around.
Some independent technicians have built-in a set number of clients to avoid this, as they realize they cannot be in two places at one time. The average tech will operate on a first come, first served basis, and still others will prioritize their calls, placing downed servers higher in the queue than a workstation with a virus.
Before opening Homeland Secure IT, many years ago, I ran a business like that, and though I had plenty of clients, I was run ragged with a call in Easley, then a call in Greer, then a call in Clemson. I am glad those days are over!
Homeland Secure IT is fortunate enough to have multiple technicians who CAN be in more than one place at one time! What about when we can’t? Yes that happens, when we are deploying a new server or network where all technicians are tied up on that job, sometimes we have to pull a man off that job to handle a call. Still other times we will have a heavy workload, such as in the case of when a new virus or updates are released and everyone is calling at one time. Using remote access tools, in many cases, we can service more than one client at a time. Again, these are tools that the average one-man-shop does not have at his/her disposal.
What is YOUR response time?
Generally, in the Greenville area, we are on location within 30 minutes, longer if we are dealing with Seneca due to drive time. Our average response time is difficult to measure due to a large number of our calls being handled by remote access, email or phone, which equates to INSTANT response time! When averaged in with our typical on-site response time of 30 minutes, it brings us closer to 5 minutes for response time! Just remember “on-site” where we go to you, will generally take us 30 minutes from the time you call.
What about these free estimates? How does that work?
Computers which are brought to our office qualify for a free estimate. We never charge to determine what is wrong with your computer, if it is brought to us. The same goes for an onsite consultation regarding performing service for your company. We will come to you and talk with you about how our services or products may or may not be right for you at no charge. That being said, we do not offer free estimates for a computer repair if we must dispatch a person to your location. We still generate a charge for the visit.
What services does Homeland Secure IT provide?
It may be easier to ask, “What services doesn’t Homeland Secure IT provide?” than to ask what we do. We specialize in small business computer and network support. We have offices with a single person in them that we provide total IT support for, and we have clients with 50+ users, with multiple locations, requiring VPNs between their sites and many servers. There really is no client “too small” for us, and we have yet to find one too large, but I am sure there is one out there! We do everything from desktop and laptop repairs, to network security, Voice over IP, CCTV and server deployment and maintenance.
If you are dealing with the one-man-operation and you are happy, then by all means, please continue! If you are growing tired of waiting hours and hours, or even days for a technician to show up, or return a call, then please call us at 864.990.4748 or email info@homelandsecureit.com. We serve the entire Upstate of South Carolina!
Making the news this week has been dire warnings of a rapidly spreading email worm. While it appears to be nothing more than we have seen in the past, I have reposted a security alert from Watchguard, makers of a great firewall devices and security appliances.
—
Supposedly Wide-Spread Email Worm Making Headlines
“Here you have” Email contains fake and malicious PDF or WMV links
Severity: Medium
10 September, 2010
Virus/Worm Summary:
Subject lines to avoid: include “Here you have,” or “Just for you,” and “This is the Free Dowload (sic) Sex Movies, you can find it Here”
Malicious email attachment: contains supposed links to PDF or WMV files, which actually link to malicious .SCR files
Impact: Spreads via your email contacts and through network shares. Infects your computer with various malware, and potentially steals information
What to do: Make sure you are using updated antivirus software, and block .SCR files at your gateway (see below for details)
About the Virus:
Late yesterday, various antivirus (AV) vendors began receiving reports of a new mass-mailing email worm, generally called VBMania, which arrives with various subjects including, “Here you have.” Today, others in the press have jumped on the bandwagon and published many shrill reports [ 1 / 2 / 3 ] that describe this worm as an outbreak and suggest it has flooded inboxes worldwide. While we don’t doubt that attackers have aggressively seeded this malicious email using spamming techniques (and likely a botnet), we haven’t yet seen the worm in our own inbox. There are reports of it affecting some well known companies. However, it doesn’t seem to be as wide-spread as the big worms of the past (Nimba, etc). In fact, most antivirus (AV) companies still only rate this worm as only a medium risk. While you should make yourself, and your users, aware of this new worm, it doesn’t offer reason for panic.
Unfortunately, the lack of coordination among AV vendors’ naming conventions makes it difficult to track these worms. While the media generally refers to this as the “Here you have” worm, AV vendors have given this worm a variety of names including:
For simplicity sake, we will refer to this worm as VBMania.
Distinguishing Characteristics
Despite the media hype surrounding this new worm, it doesn’t seem to use any new techniques that would allow it spread any more quickly than a typical email worm. In fact it seems to call back to older malicious email techniques, some saying it shares similarities with the older ILoveYou and Anna Kournikova worms from 2000 and 2001. We describe some of VBMania’s distinguishing characteristics below.
VBMania arrives as an email with the following Subject lines:
Here you have
Just for you
This is The Free Dowload Sex Movies,you can find it Here.
The body of the worm contains some text describing either a document or movie. It also includes a link to what appears to be a PDF document or WMV movie file. However, if you actually click the link, it attempts to get you to download a malicious .SCR screensaver file. An example of the malicious SCR file might include:
PDF_Document21_025542010_pdf.scr
If you run the malicious .SCR file it:
Copies itself to the Windows directory as CSRSS.EXE (not to be confused with the real CSRSS.EXE in your Windows system directory) and adds registry entries to make sure it can restart after your next reboot
Sends itself to your email contacts and IM buddies
Copies itself to mapped drives and removable USB media (uses AUTORUN tricks as well)
Tries to lower your computer’s security by disabling many popular security applications
Downloads and installs various malware (likely including a botnet trojan)
Steals sensitive information (including passwords from web browsers)
VBMania doesn’t really use any tricks that you haven’t seen before. You should have no problems distinguishing this worm in your inbox, and avoiding it. However, attackers seem to have spammed this worm very aggressively. If one of your users does accidentally run its malicious file, they could cause a lot of damage to your network. Make sure to inform your users of this new email worm so they know to avoid it. However, you don’t need to panic over this new threat, despite what the media may suggest.
What you can do
As always, remind your users never to open unexpected attachments or click on unexpected web links from any source. Inform them that most modern viruses falsify the “From” field and can appear to come from friends, co-workers, or other trusted parties.
Most major antivirus vendors already have signatures that detect this worm. Check with your vendor for the latest update.
Educate your users by downloading and presenting the new SecurityWise module, “E-mail Safety in the Age of Cybercrime.” This resource is available free of charge, exclusively to LiveSecurity Service subscribers.
XTM appliance owners should follow the steps below. The SMTP or POP3 proxy can help.
For all XTM users:
If you manage a WatchGuard XTM appliance, it can protect your network in many ways:
If you have spamBlocker (part of the UTM security bundle), it will likely block the emails this worm sends
Gateway Antivirus (part of the UTM security bundle) will block this virus with a signature
If you have RED (part of the UTM security bundle), it will block the VBMania URLs serving the malicious .SCR files
You can also configure an HTTP proxy policy to prevent your users from downloading .SCR files
For all XCS users:
If you manage a WatchGuard XCS appliance, it can protect your network in many ways:
XCS’s antispam feature should simply block the email this worm sends
The Kaspersky AV solution running on XCS appliances will detect and block VBMania as “Email-Worm.Win32.VBMania.a“
An XCS appliance with RED will block the VBMania URLs serving the malicious .SCR files
This alert was researched and written by Corey Nachreiner, CISSP.
—
As always, if you require assistance with this or any other security issue, please call 864.990.4748 or email info@homelandsecureit.com – We offer sales and support of Watchguard security products…
Here’s what I am looking forward to this month in Greenville:
Trey Pennington (@TreyPennington) has created the “Social Story Conference” which is going to be in Greenville, SC on September 24th. Trey, along with some other awesome people will be speaking on the subject of social media and social stories. In short, how businesses can, and do, connect with people and form relationships, rather than force-feeding marketing down a one-way pipeline.
If you want to learn more about how to connect with your customer base, how to share in their lives, and how your products or services are part of their lives then you should consider going. If you are just wanting to continue to “broadcast” your information in the hopes that someone is going to listen, then avoid this conference by all means. Let’s face it, if you are constantly blathering on twitter about the $29.99 special your company offers without ever taking the time to follow your followers or listen to what they have to say, you are going to be unfollowed or filtered, just like the annoying car dealership commercials are muted by TV viewers.
The line up of speakers for Greenville is exciting! In addition to Trey Pennington, we’ll get to hear from and connect with Amber Osborne (@MissDestructo), Tim TV, Sean Buvala (@StoryTeller), Olivier Blanchard (@TheBrandBuilder), and Rick Murray… The emcee will be Phil Yanov (@ThinkHammer).
This is not about the social media platform, it is independent of the transport mechanism. It’s not about Twitter, or Facebook, it’s about connections.
More information is on the Social Story Conference website at http://socialstoryconference.com/ and you can also follow the hash tag of #SocialStory on Twitter.
Homeland Secure IT is proud to help sponsor this event and we can’t wait to see you there!
Here’s the scenario… Assume you are an executive and you are lucky enough to have a personal assistant. Now, let’s also assume you are sick of getting email from just any Tom, Dick or Harry. What do you do? You make your PA your “Gatekeeper”.
There are lots of ways to handle this, but let’s throw some other items into the mix just to make the possible solution below the best one… You want to get your “filtered” mail on your desktop, your iPad, Outlook Web Access, your Android phone, and still have your contacts and calendars shared where your PA can drop those items right into your box.
My suggestion would be to create three accounts:
Mary Jane (maryj@yourcompany.com) for your PA
Joe Blow (joeb@yourcompany.com) for your external email, that the world mails to.
Joe Blow Personal (joeblowpersonal@yourcompany.com)
Associate your Outlook account, iPhone, iPad, Android and other devices with Joe Blow Personal. If you use Outlook Web Access, you will login to OWA using Joe Blow Personal’s credentials.
Share the Joe Blow Personal account’s Calendar and Contacts (If you want the PA to make direct entries to those folders).
Set Mary Jane as a full owner of the Joe Blow account.
Now, on Mary Jane’s computer, set her Outlook to open the Mary Jane email account and an additional email account of Joe Blow (joeb@yourcompany.com). Also, go to File/Open and open Joe Blow Personal’s Calendar and Contacts.
Mary Jane now can open the inbox of Joe Blow, where all the junk comes from, and sort it as they see fit, then forward the mail to you for reading (Or if you allow her to open your inbox, she could drag and drop the good stuff to your mailbox). Mary Jane can also directly enter calendar entries and contacts for your account.
You can set your reply-to address to be joeb@yourcompany.com if you do not want people replying directly to you, so any emails you send out will be replied to and go direct to your gatekeeper.
Outlook and Exchange allow many wonderful configuration options… If you desire more information about this or anything related to Microsoft Exchange / Outlook, please call us at 864.990.4748 or email info@homelandsecureit.com – we offer free consultations in the Greenville / Upstate, SC area!
When selecting a backup solution, you may be considering one of the following:
LTO, DLT, DAT Tape – The de facto standard in backup media for business and enterprise. Though it is growing a little long in the tooth, the format has proven itself to be reliable and affordable when you consider the lifetime of the drive and the media. These are available in a variety of flavors, from SCSI, to SATA, internal and external. And for those needing massive storage and speed, there are enormous auto-loaders such as 96 slot HP LTO 5 fiber channel systems.
Iomega REV removable cartridge systems – Outdated, no longer sold or supported by Iomega. (You can still buy media)
Portable hard drives – While these seem attractive because they are cheap and available at every office supply house in town, the reliability of these devices is not idea for mission critical solutions. The constant plugging and unplugging of USB cables can wear connectors out prematurely and there is the slight possibility that a server can be damaged by static when plugging in a drive. Most IT people feel this is a better solution than no solution at all.
Remote Backup or In-The-Cloud backup – We offer Servosity Online Backup and feel it is a great addition to any existing hardware backup system you may have, and could serve as your primary backup if so desired. These are affordable solutions that require very little hands-on time.
Network based disk storage – These are awesome for speed, and convenience, but they generally remain on site and in the event of a catastrophic disaster such as fire, flood, or even theft, you could be left with no backup. This falls under the “much better than nothing” category.
Flash drives and other non-volatile storage media, including CD & DVD – Again, this better than nothing and surely works for small amounts of data, but longevity may be in question. CDs and DVDs have a lifespan after written to, usually of only a few years, making long term archival use impossible. Flash drives are great to make a quick backup, but there are occurrences of people losing data on one from high powered RF devices erasing them. Probably not a solution for most businesses.
A plethora of other technologies exist, but one that has been gaining momentum in the business and enterprise market is RDX.
RDX, or Removable Disk Technology is based around a docking station that accepts an RDX cartridge. The cartridge encases and protects a hard drive. RDX cartridges come in many sizes, whether you need 160GB or 1.5TB, there is bound to be one that fits your data needs.
What makes RDX different from a typical portable or removable drives? It is a “hardened” solution that encloses the hard drive and enables it to take a drop of up to 1 meter. These systems also offer protection from static discharge. A typical RDX can move upwards of a 100GB an hour. If you outgrow the the original size cartridge, you can begin replacing them with larger capacity as the dock is backwards and forwards compatible with any other RDX cartridge.
RDX is a standard that allows you to purchase cartridges from any manufacture to use in your system. It also offers a shelf life of up to 30 years, allowing you to archive your data and know that if the IRS audits you, you can access it.
No need to upgrade your current backup software in most cases when switching to RDX as the technology is already supported in most backup applications such as Symantec Backup Exec!
If you are looking for a backup solution, whether it is your first, or an upgrade of a current system, then you may wish to give RDX a close look. Call us at 864.990.4748 or email info@homelandsecureit.com. We offer RDX products from HP, Imation, Lenovo, and Quantum to name a few. We offer a free evaluation in Greenville and the Upstate of South Carolina.
I hate to keep beating this dead horse, but a dear friend called this morning as I was on my way in to the office, telling how his notebook computer had experienced a totally depleted battery over the weekend and that when he tried to bring it back up, he got the dreaded blue screen of death… This was followed by lots of time attempting to get the machine to run, and then a restless / sleepless night worrying about lost productivity, unrecoverable data, and expense involved.
I told him not to worry because somehow, some way, we will recover his data and get him back online. Of course, he didn’t mention that no backup existed until near the end of the conversation… Hopefully this story will have a happy ending…
What are you doing for a disaster recovery plan? Sure you are backing up your desktops and servers, but what about those notebooks? We offer a free trial of Servosity Online Backup…
Free Servosity Online Backup Trial! Click Here...
With Servosity Online Backup you will be able to sleep at night knowing your data is protected, even on mobile computers which may never see the main office. Your data is encrypted and uploaded to the Servosity secure remote storage server. In the event of a disaster, individual files, folders, or an entire system drive can be restored.
Have important files that change throughout the day? Servosity also offers CONTINUOUS backup protection – important files are backed up as they are changed on your system. All of this takes place automatically.
Servosity works with Microsoft Windows, Apple Mac OSX, Linux and other *nix based operating systems. Don’t take a chance, try out Servosity TODAY! For FREE!
Homeland Secure IT offers many backup solutions and one is just right for your application! Tape, Backup-2-Disk, NAS/SANs, Autoloaders and Jukeboxes… Email info@homelandsecureit.com or call 864.990.4748 for more information.
