Homeland Secure IT Alert

Secure IT Alert for Thursday, February 2, 2012

If you are running a current version of Apple Mac OS X, 10.6.x or OS X 10.7.x  (Snow Leopard & Lion respectively), then you are vulnerable to exploits that these patches correct.

These security flaws could potentially allow an attacker to execute code on your computer after you visit a malicious web site or download/view affected documents or files, or allow Denial of Service (DoS) or even elevation of privileges.

How do you fix this? Apple has released OS X Security Update 2012-001 and OS X 10.7.3 to fix these security problems – UPDATE ASAP.

The 52 security vulnerabilities affect 27 components that are part of OS X and OS X server.  Some of the affected software includes: Apache, OpenGL, PHP, QuickTime and Time Machine.

A few examples:

Buffer overflow vulnerability in ImageIO – View a malicious image and it could result in a crash of an application, or code to be executed on your computer. The upside is, it would only execute with your privileges.

Buffer overflow vulnerability in CoreAudio – Play a malicious audio file and experience a crash of your system, or execute code with your privileges.

QuickTime vulnerabilities – Six of these babies could mean that if you open a malicious image or video in QT, code could be executed with your privileges.

The full update information can be found at http://support.apple.com/kb/HT5130

Should you require assistance in applying these updates, do not hesitate to call us in the Greenville or Upstate SC area at 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert

#LeapIntoIT Kindle Fire Giveaway

It’s that time again!  Time for us to have some fun, and help one of our Upstate, SC friends get something cool to play with.

We’ve given away stuff before, like Trend Micro anti-virus, a wireless IP security camera, a Cisco Flip Mino HD video camera, Microsoft Office 2010, and even a Microsoft X-BOX 360, but this is likely the most exciting thing yet, or at least the 2nd most exciting!

We decided that since it is a Leap Year, we will help one person leap into the tablet computer revolution by giving them one of the hottest little tablets out… The Amazon Kindle Fire!  It is far more than just an eBook Reader, it’s a smokin’ hot tablet too!  So hot, it’s on FIRE! =)

Let’s call it the “Leap Into IT” giveaway!  #LeapIntoIT

Who is eligible?

Anyone who can walk into the Homeland Secure IT office at 104 Mauldin Rd, STE E in Greenville, SC to retrieve the tablet in person. We will NOT SHIP IT. Also, you must not be prohibited by law from participating in any giveaway, and all that legal mumbo-jumbo. Let’s put an age restriction on it too.  You must not be older than, no wait, you must be at least 18 to participate.

Employees of Homeland Secure IT cannot play this silly game because they would never get any work done.

Past winners of Homeland Secure IT giveaways ARE eligible (Andrea, James, Hal, etc)

How do you get involved in this?

There is NO purchase necessary, but there are some things that you will want to do…

• Pass through our initiation process – This is where you tattoo your forehead with the Homeland Secure IT logo. Okay, this is optional.
• Sign up to this blog by hitting the SUBSCRIBE BUTTON over in the right-hand column. You can receive the daily blog posts in email first thing in the morning this way. And you can opt out later (after the contest is over) when you get tired of my yammering…
• Sign up for our SUPER LOW traffic mailing lists HERE … We rarely send anything out, so you won’t be too annoyed. You can unsubscribe from either or both at anytime, AFTER the contest end date.
• Go to our home page at www.HomelandSecureIT.com and hit the Google +1 button & Facebook “like” while you are there.
• Go to our Google business places page and leave a review and rating (hopefully a good one)
• Go to Merchant Circle and leave a review/rating
• Go to Yelp and leave a review/rating
• Go to Yahoo! and leave a review/rating
• LIKE us on facebook HERE …     Follow us on Twitter HERE …

Here is a list of ways to connect:  

http://www.homelandsecureit.com/connect.html

If you connect in a different manner and you feel it is important, email me, or tag me in a post so I can see what you have done and count that as well!

In review, it is up to you to determine how much, or how little you wish to get involved. The more ways you connect, the more chances to get this darn Kindle Fire!

How is the selection made?

Good question! We lay out a grid, with your each name written in it in the parking lot, and we then shoot a gerbil straight into the air, and in whatever grid the gerbil falls into, that’s our winner.

Okay, (maybe) it isn’t like that at all.  No, in fact it is not.

On February 29th, 2012, I’ll take every name/email address from our mailing lists, all the names of those who have reviewed us on Yelp, Google Places, Yahoo! & Merchant Circle, all the mentions on Facebook, Twitter, Linked-In, all the Likes and Follows on Twitter, Facebook, Linked-In, all the Google Plus +1s, and dump them into a spread sheet. Next I go to www.Random.Org and put the number of lines in my spreadsheet as the max number and generate a random number.

Whoever matches that number in the spreadsheet is contacted.

If they are out of the area and cannot get it in person, another number will be selected and the process repeated until we have a winner!

So, with that said… Let’s do this!   Leap Into IT!!!!

Cisco SPA525G2 with 32 button sidecar

One of the best selling phones for the small and medium business (SMB) market is the Cisco SPA525G2 phone. The entire series of SPA phones are affordable, reliable and well suited to SMB use, but the 525 G2 is the current big daddy with its color display, ability to play MP3s from a memory stick, sync to your cell phone via bluetooth, built-in bluetooth for wireless headset usage and so much more.

On every system we sell that includes the SPA 525, we get a few questions like, ‘How do you answer another extension?”, and of course we answer it, but, with such a long list of these “star codes”, I can’t remember them myself.

Cisco Star Codes for SPA525G2 Phones:

• Call Return (*69)—Calls the last caller, regardless which extension.
• Blind Transfer (*98)—Allows the user to transfer a call to another number  without waiting for the other party to pick up.
• Call Back Act (*66)—Periodically redials the last busy number (every 30  seconds by default) until it rings or until the attempt expires (30 min by default), regardless which extension. Only one call back operation can be ordered at a time. A new order automatically cancels the previous order.
• Call Back Deact (*86)—Cancels the last call back operation.
• Call Forward All Act (*72)—Call forwards all inbound calls. Applies to primary extension only.
• Call Forward All Deact (*73)—Cancels call forward all. Applies to primary extension only.
• Call Forward Busy Act (*90)—Call forwards on busy. Applies to primary extension only.
• Call Forward Busy Deact (*91)—Cancels call forward on busy. Applies to primary extension only.
• Call Forward No Answer Act (*92)—Call forwards if no answer. Applies to primary extension only.
• Call Forward No Answer Deact (*93)—Cancels call forward no answer. Applies to primary extension only.
• CW Act (*56)—Enables call waiting. For example, if call waiting is turned off globally, this star code will turn on call waiting until the CW Deact code is entered.
• CW Deact (*57)—Deactivates call waiting. For example, if call waiting is turned on globally, this star code deactivates call waiting until the CW Act code is entered.
• CW Per Call Act (*71)—Enables call waiting for a single call. For example, if  call waiting is turned off globally, this star code will turn on call waiting for that call.
• CW Per Call Deact (*70)—Deactivates call waiting for a single call. For example, if call waiting is turned on globally, this star code deactivates call waiting for that call.
• Block CID Act (*67)—Blocks caller ID on all outbound calls. Applies to all extensions.
• Block CID Deact (*68)—Deactivates caller ID blocking on outbound calls. Applies to all extensions.
• Block CID Per Call (*81)—Blocks caller ID on the next outbound call (on the current call appearance only).
• Block CID Per Call Deact (*82)—Deactivates caller ID blocking on the next outbound call (on the current call appearance only).
• Block ANC Act—Blocks anonymous calls. Applies to all extensions.
• Block ANC Deact—Deactivates anonymous call blocking. Applies to all  extensions.
• DND Act (*78)—Activates Do Not Disturb. Applies to all extensions.
• DND Deact (*79)—Deactivates Do Not Disturb. Applies to all extensions.
• Secure All Call Act (*16)—Defaults to prefer to use encrypted media (voice codecs).
• Secure No Call Act (*17)—Defaults to prefer to use unencrypted media for all outbound calls. Applies to all extensions.
• Secure One Call Act (*18)—Prefers to use encrypted media for the outbound call (on this call appearance only).
• Secure One Call Deact (*19)—Prefers to use unencrypted media for the outbound call (on this call appearance only).
• Paging (*96)—Pages the number called.
• Call Park (*38)—Parks a call on an entered line number.
• Call UnPark Code (*39)—Retrieves a call from an entered line number.
• Call Pickup (*36)—Picks up a call at an entered extension.
• Group Call Pickup (*37)—Picks up a ringing call at a group of extensions.
• Media Loopback Code (*03)—A service provider can set up a test call from an IP media loopback server (the source) to a subscriber’s VoIP device (the mirror). The test call provides statistical reporting on network performance  and audio quality.

Depending on the source’s capabilities, the SP can see packet jitter, loss, and delay (although Media Loopback cannot identify an offending hop). This helps the SP identify an offending hop that could be causing issues in VoIP calls to a subscriber. The test results can also provide audio quality scoring, which lets a SP better understand the subscriber’s experience.

Referral Services Codes—One or more * codes can be configured into this parameter, such as *98, or *97|*98|*123, and so on. The maximum total length is 79 characters.
This parameter applies when the user places the current call on hold (by Hook Flash) and is listening to second dial tone. Each * code (and the following valid target number according to current dial plan) entered on the second dial-tone triggers the Cisco IP phone to perform a blind transfer to a target number that is prepended by the service * code. For example:
a. After the user dials *98, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends a blind REFER  to the holding party with the Refer-To target equals to *98 target_number. This  feature allows the Cisco IP phone to hand off a call to an application server to perform further processing, such as call park. The * codes should not conflict with any of the other vertical service codes internally processed by the Cisco IP phone. You can delete any * code that you do  not want the call server to process.

Feature Dial Services Codes: Tells the Cisco IP phone what to do when the user is  listening to the first or second dial tone.
You can configure one or more * codes into this parameter, such as *72, or *72|*74|*67|*82, and so on. The maximum total length is 79 characters. When the user has a dial tone (first or second dial tone), they can enter a * code (and the  following target number according to current dial plan) to trigger the Cisco IP phone to call the target number prepended by the * code. For example:
a. After the user dials *72, the Cisco IP phone plays a special prompt tone while waiting for the user the enter a target number (which is validated according to the dial plan as in normal dialing).
b. When a complete number is entered, the Cisco IP phone sends an INVITE to *72 target_number as in a normal call. This feature allows the proxy to process features such as call forward (*72) or BLock Caller ID (*67).
You can add a parameter to each * code in Features Dial Services Codes to indicate what tone to play after the * code is entered, such as *72‘c‘|*67‘p‘.

Following is a list of allowed dial tone parameters (note the use of back quotes surrounding the parameter without spaces).

•  ‘c‘ = Cfwd dial tone
•  ‘d‘ = Dial tone
•  ‘m‘ = MWI dial tone
•  ‘o‘ = Outside dial tone
•  ‘p‘ = Prompt dial tone
•  ‘s‘ = Second dial tone
•  ‘x‘ = No tones are place, x is any digit not used above

If no tone parameter is specified, the Cisco IP phone plays the prompt tone by default.
If the * code is not to be followed by a phone number, such as *73 to cancel call forwarding, do not include it in this parameter. In that case, add that * code in the dial plan.

Homeland Secure IT is happy to be a Cisco SMB Select Partner! If we can provide your business VoIP support in the Greenville / Upstate, SC area, please call upon us at 864.990.4748 or email info@homelandsecureit.com

http://www.symantec.com/connect/sites/default/files/pcAnywhere%20Security%20Recommendations%20WP_01_23_Final.pdf

The danger is that someone so inclined could potentially access your computer through vulnerabilities exposed from old source code, and gain full access to your computer, files and your network.

To sum it up, disabling pcAnywhere is a surefire way to protect yourself and your company.

If you have questions about this or any other security issue in the Greenville or Upstate SC area, please call upon Homeland Secure IT, we can help set your mind at ease.  864.990.4748

In addition to performing all your favorites, we’re going to be premiering two new songs, “Carolina Girl” and “Standing in the Dark” which will be on our forthcoming album, due out June 8, 2012.

If you would, please visit our facebook page at http://facebook.com/DocksideBand and “like” us!!!!!!

You found that if you reboot that firewall (pull the plug on the thing since there is no power supply) that YOU get back online right away, but then later that day, someone else on the network is now having trouble accessing websites so you reboot the firewall and all is well, for a while.

What could it be? It MUST be the firewall going bad since that fixes it.

Before jumping to that conclusion and just replacing the device, think back. Has your company grown? Maybe you have added a few new employees, or, maybe you have added tablets or other connected devices.

What could be happening here is that you have added one too many devices to your network and exceeded the number of seats that your firewall appliance supports. When you originally purchased that device, a technician counted the number of computers, servers and connected devices and said “You need a 25 user firewall and it will cost $xxx.xx”, to which you agreed and promptly forgot about.

Now, flash forward to today and your 12 users and a server have grown to 15 users, two servers and many people have iPads or Android tablets or phones, taking you past the 25 user limit.  The last person to connect once you go over the limit will generally be denied access to websites by the firewall, as a warning that you have exceeded the license terms, and it probably won’t “reset” just by turning that computer off, you will have to reboot the firewall to free unused seats up.

So what are you going to do about it? I guess you could tell the employees to stop connecting their personal phones to your network, or you could replace the firewall with a cheap router that has no limitations.

Both will work, but are bad ideas.

The real solution is to correct the licensing issue. Determine how many connected devices you have within your network, and estimate how many you will need for the next year, then talk to a vendor who can provide the proper licenses and apply those for you. Don’t forget to include VoIP and security systems, even copiers and connected printers, as they may require a seat too.

If you are experiencing rapid growth, consider upgrading to an unlimited license.

Just a note – If you have an old device, say 4-5 years old, now may be the time to consider upgrading the entire device to the latest technology at the same time you correct the user limitation!

Should you require help with this, Homeland Secure IT offers sales and support of most major brands of firewalls. We partner with Cisco, WatchGuard, SonicWALL, TrendNet, D-Link, NetGear and more! Call us for more information in the Greenville / Upstate SC area – 864.990.4748 or email info@homelandsecureit.com

Homeland Secure IT Alert

Homeland Secure IT Alert for Wednesday, January 11, 2012

Yesterday was Adobe’s first patch day of the new year and the security bulletin describes a total of six vulnerabilities in Adobe Reader and Acrobat X 10.1.1 and older, on both Microsoft Windows and Apple Mac.

The issues that are addressed are considered “critical” in nature and the solution is to download and deploy updates or to allow the Adobe Software Updater to perform the updates for you.

Adobe Reader X 10.1.2

• For Windows
• For Mac

Adobe Acrobat X 10.1.2

• Standard and Pro for Windows
• Pro Extended for Windows
• Pro for Mac

Homeland Secure IT Alert

Well, HP released a fix for that a week or so back… However, they didn’t mention fire issue.

None-the-less, you may wish to consider upgrading.

Should you require assistance applying updates to your devices, servers or computers in the Greenville or Upstate SC area, you can call upon us at 864.990.4748 or email info@homelandsecureit.com

We’re working on new and exciting things that will help us to provide even better computer service & support to Greenville and Upstate area individuals and businesses, as well as bringing on new products as requested by our clients.

Our office will be closed tomorrow, Friday the 30th, and will not reopen until Monday the 3rd of January, 2012. If you need emergency assistance, please call our office or send an email, we will be monitoring voice mail and email and will get back with you ASAP! Most clients have our cell phone numbers and shouldn’t hesitate to call if a need arises.

We wish you, your family and your business many blessings in the coming year!

Also, if you are looking for a great party, come to The Hide-Out in Easley and catch The Dockside Band on New Year’s Eve! We’ll be playing all your favorite tunes.

http://facebook.com/DocksideBand or http://www.TheDocksideBand.com for more info!

More information is here: https://www.facebook.com/events/147966045304842/

Please like us too! https://www.facebook.com/DocksideBand

Happy New Year!

Charter Ups Broadband Speeds Again, Bumps Top Tier to 100 Mbps –

DiGeronimo says DSL is Basically Archaic

Original Publication Date: 12/1/2011

Original News Source: Multichannel News

By Todd Spangler — Multichannel News, 12/1/2011 3:00:00 PM

Looking to kick more sand in the face of DSL, Charter Communications is increasing connection speeds of its three top broadband tiers — Express, Plus and Ultra, which will now provide downloads of up to 100 Megabits per second — at no additional cost for subscribers.

The speed boosts are the MSO’s fourth in the last three years. The faster speeds will take effect in markets with DOCSIS 3.0 technology deployed, which represents approximately 95% of Charter’s service area.

“As customers share multiple devices on a single connection, we want to send a very strong message: DSL is basically archaic,” said Rich DiGeronimo, Charter’s senior vice president of product and strategy.

Charter is increasing Internet Express downstream speeds from 12 Mbps to up to 15 Mbps, and increasing upstream speeds from 1 Mbps to up to 3 Mbps. Internet Plus downstream speeds are being increased from 18 Mbps to up to 30 Mbps, and upstream speeds are being increased from 2 Mbps to up to 4 Mbps.

In addition, Charter’s fastest residential offering is increasing from 60 Mbps to 100 Mbps — with Ultra100 providing 100 Mbps downstream and 5 Mbps upstream. Charter’s Internet Lite tier will remain 3 Mbps down.

The midlevel Plus tier, at 30/4, is now faster than the fastest AT&T U-verse Internet service available. Charter’s footprint overlap with AT&T is 60%, although U-verse is not available in all of those areas.

“We believe we have an advantage in this space,” DiGeronimo said. “The thirst for speed is only growing.”

Charter is offering Express for $19.99 per month for 12 months to new customers, Plus for $29.99 per month. Ultra100 is $40 more per month than the Express tier.

“We’re not asking for more money. It’s really about differentiation,” DiGeronimo said. About 90% of Charter’s broadband customers take either Express and Plus service.

Charter’s broadband services are subject to different usage thresholds. Customers with Lite and Express tiers are allotted at 100 Gigabytes of bandwidth usage per month, while those on the Plus and Max services have a threshold of 250 GB per month. The Ultra100 tier will be capped at 500 GB per month; previously, the Ultra60 tier did not have a maximum usage limit. Charter currently does not charge overage fees for those who exceed the thresholds; however, users’ accounts may be suspended for repeated violations.

Charter also is increasing speeds for business customers, bumping up commercial Internet speeds at no cost for two of its most popular services, Charter Business Internet Essentials16 and 25. The speed increase will take place in approximately 95% of Charter’s service areas nationwide.

Specifically, the speed increases are: Internet Essetials16, with download speeds of 16 megabits per second (Mbps) and upload speeds of 2 Mbps, will increase to up to 20 Mbps download and up to 3 Mbps upload; and Internet Essentials25, with download speeds of 25 Mbps and upload speeds of 3 Mbps, will increase to up to 30 Mbps download and up to 4 Mbps upload — which the MSO notes is at least 6 times faster than 5 Mbps DSL service and 20 times faster than T1 lines. Charter’s fastest commercial offerings, Pro50 and Pro100, remain the same, providing up to 50 Mbps download/5 Mbps upload and up to 100 Mbps download/5 Mbps upload, respectively.

—

Homeland Secure IT loves Charter! We help Greenville & Upstate South Carolina individuals & businesses get connected with high speed internet all the time and Charter, especially Charter Business, has the highest customer satisfaction of any of the ISPs we work with. If you are feeling the need for speed, email us at info@homelandsecureit.com or call 864.990.4748 and we can assist you in the search for the best service and the best price!

We are hoping to book more gigs in the area and need your help!  If you would, please mention us to anyone who matters at bars, clubs, restaurants, and if you know any event coordinators, let them know we are available for bookings too!

We’ll play just about anything, from street fairs and festivals, to weddings, anniversaries, graduations, you name it!  Having a big family reunion? We’re in. Barn raising? Yep, sounds great!

More information can be found by going to http://www.facebook.com/DocksideBand (please LIKE us!) or visit our website at http://www.TheDocksideBand.com

The Dockside Band

The Dockside Band performs what we consider to be “Fun, Summertime” music spanning many genres such as country, rock, beach, blues and folk and many generations, from the 60s to current.  Artists we cover include Jimmy Buffet, Zac Brown, Journey, Bad Company, Matchbox Twenty, Van Morrison, Otis Redding, The Drifters, Kenny Chesney, The Commodores, Toby Keith, Jimi Hendrix, Tom Petty, Garth Brooks, etc…

We have played at restaurants and events that require low volume levels, so that is never an issue!

If you would like to check us out, we are playing New Year’s Eve at The Hide-Out in Easley, and then January 28th at Rendezvous in Greenville!

For more information, give me a call at 864-979-1224 and thank you for your support!!!!

While reading an article over on physorg entitled “Research team finds disk encryption foils law enforcement efforts“, I was reminded of conversations from over a dozen years ago with friends in law enforcement about how criminals were using PGP (Pretty Good Privacy) to encrypt their files, from the records of bookies to prostitutes and their client list. We discussed how this simple form of encrypting files would be almost impossible for an investigator to circumvent.

File, folder and entire disk encryption has come a long way since then and is affordable and easy to implement by the typical user of a computer. While it has not become “mainstream”, you can bet that criminals are busily integrating encryption into their storage.

One point they make in the article is that if the police raid the home/business of a (suspected?) criminal, they are likely to find the computer/s on and running. If they can manage to get them in this state, they may be able to move around the drives/folders and copy files to another device. If the criminal shuts the computer down, (or the police do so to move it to their lab) upon bootup or access of the encrypted drive/folder, an encryption key/passphrase would need to be input. Some of these encryption packages are destructive, so if an incorrect attempt is made X number of times, the data becomes totally unusable, even for the legitimate owner.

If you would like to utilize encryption in your home or business to protect against criminals (hopefully not law enforcement), we can help. Shoot us an email to info@homelandsecureit.com or call 864.990.4748 if you are in the Upstate or Greenville SC area and we can assist with protecting your precious data, whether it is a flash drive, usb drive, a folder, a file or an entire drive on your computer.

Titanium Internet Security 2012 includes everything you would expect in an anti-virus package with a few extras…

• Blocks email and image spam
• Blocks and finds malicious links in emails and IMs
• Blocks downloads and access to malicious websites
• Fake AV cleaner – eliminates malware posing as antivirus software
• Protects from viruses, spyware, worms, trojans, botnets and rootkits
• Utilizes the Trend Micro Smart Protection Network to proactively stop threats before they reach you
• Prevents unauthorized changes to your applications
• Skinable interface (allows customizing Trend with a favorite photo or image)
• Windows Firewall Booster
• Protect your children – restrict internet content and set access schedule for your kids with Parental Controls
• Maximize your PC’s performance – System Tuner improves PC performance by cleaning up browser history, cookies, temporary files, registries and more
• Protect and defend your data from loss and theft with Data Theft Prevention to keep information like credit card numbers and passwords safe
• Secure Erase – shreds computer files with sensitive information to keep it from being easily recovered
• Includes SafeSync – secure online backup with sync, sharing and mobile access (2 GB cloud backup)
• Includes a  copy of Trend Micro Smart Surfing for Mac

So how can you score such great anti-virus for yourself or your business?  Homeland Secure IT is a partner with Trend Micro and recommends this product as well as sells it and installs it.  The suggested retail price is only 49.99 for the first year, with renewals generally costing less. You can call us at 864.990.4748 or email info@homelandsecureit.com for more information.

However, since this is the Thanksgiving season, and we want to give you our thanks for supporting us this year, we are going to give away one copy of this software, and maybe a couple copies if the interest is high enough.

We will draw on December 1st and announce the winner on our blog, Twitter, Facebook and Linked In.

You enter by subscribing to our mailing lists HERE, subscribe to this blog, LIKE us or link us on Facebook, Mention us on Twitter, or give us a Google Review, or otherwise connecting with us.

Here’s a list of how you can connect with us!

For every way you reach out to us, we count that as an entry. So if you join our mailing list, leave a review on Google, post a link on twitter and like us on Facebook, that is FOUR entries !  If you have already connected because you love us, or because you wanted to win something like the X-Box we gaveaway, don’t worry, you are STILL in our list and need do nothing.

The winner who is selected must be able to come pick up the item at our office in Greenville, SC. We will not ship it to you.  If you do not want it, or you do not claim it within 7 days, we will pick another winner!

Good luck!

Homeland SECURE IT Achieves Select Certification from Cisco

Greenville, SC, November 1, 2011:  Homeland Secure IT announced today that it has achieved Select Certification from Cisco. The Select Certification recognizes Cisco® resale channel partners that focus on meeting the technology and service needs of small businesses.

Cisco’s portfolio of both Small Business and Small Business Professional Series products directly complement and enhance Homeland Secure IT’s Systems Design, Sales, Installation and Support of end-to-end communications and physical networks.

Cisco Select Certified

“The Cisco Select Certification was created in response to customer demand for channel partners capable of designing and implementing Cisco solutions purpose-built for small businesses,” said Andrew Sage, vice president of Worldwide Small Business Sales at Cisco. “With the Select Certification, Homeland Secure IT has made an investment in obtaining the training, skills and knowledge necessary to play a pivotal role in meeting this growing demand.”

To earn Select Certification, Homeland Secure IT fulfilled the training and exam requirements for the Cisco Small Business Specialization.  Homeland Secure IT also met the personnel, training and post-sales support requirements set forth by Cisco.

The Cisco Resale Channel Program provides a framework for channel partners to build the sales, technical and Cisco Lifecycle Services skills required to deliver Cisco solutions to end customers. Through the program’s specializations and certifications, Cisco recognizes a channel partner’s expertise in deploying solutions based on Cisco advanced technologies and services. Using a third-party audit process, the program validates channel partner qualifications such as technology skills, business best practices, customer satisfaction, and presales and post-sales support capabilities — critical factors for customers choosing a trusted channel partner.

About Homeland Secure IT

Homeland Secure IT is headquartered in Greenville, SC, and serves Greenville and the Upstate of South Carolina.  Our goal is to deliver seamless design, implementation, and support to customers requiring both simple and sophisticated communications solutions.

• Unified Communications (VoIP)
• Wireless (WLAN)
• Video Surveillance
• Storage Solutions (NAS, SAN)
• Backup and Disaster Recovery
• Security (Firewall, A/V)
• Switching

For more information about this topic or to schedule meeting with our design and engineering team, please call 864-990-4748 or visit our website at http://www.HomelandSecureIT.com

The End is Near (The End Of Support for XP)

The end is near!!!!

The End of Support (EOS) for Microsoft Windows XP, that is…

Microsoft wants you to be aware of this, so they have a gadget you can download and install on your Windows 7 or even Windows Vista machine. (Sorry, if you are running XP, that’s not one of the supported systems for this Countdown Timer.

Get your gadget here.

Get your upgrade to Microsoft Windows 7 HERE!  Homeland Secure IT is your Upstate / Greenville Microsoft partner…

Fortunately, none of our equipment even looks at name servers other than our own in-house server.  But does yours?

First, let’s look at what DNS is….

The simple explanation is: DNS stands for “Domain Name System”, and its function translates common names you enter into your web browser, like “www.google.com, or www.HomelandSecureIT.com” into their IP addresses, kind of like calling 411 and asking for a phone number from a name.

It also functions in the other direction, performing reverse DNS lookups, from an IP address to a hostname.

If you are using a home router or an inexpensive business router which handles DHCP (oh that’s another acronym we will talk about at a later date), giving out IP addresses dynamically to computers and devices that connect, then that device will also give out the DNS server/s these devices should use to do name resolution.

Some servers are handling DHCP and they too may give out DNS servers other than themselves, and even if they ARE a DNS server, they may simply be forwarding lookups to your ISP.

And some devices may be set static, with DNS servers entered manually.

In most of these cases, you may have been given a set of DNS servers to enter when you initially configured your router/server/device.  If your ISP updates the servers and gives you new IPs, you need to reprogram these devices.

The consequences if you do not update these settings? SLOW resolution of names to IPs… Where you enter www.somesitehere.com and hit return and your browser just hangs there doing nothing for a loooooong time, or you get warnings that the site was not found.

When your ISP gives you new servers, it is best to go ahead and update your devices at that moment in time, or else you will forget about it and one day not be able to get to your favorite website causing a “face-palm” and a wasted 15 minutes on the phone because you forgot to write down those IP addresses, or can’t get to your cloud based email.

If you need help in Greenville or Upstate SC let us know….  Call 864.990.4748 or email info@homelandsecureit.com

Do you have a unified threat management or spam protection device that is not from WatchGuard?

If so, and you would like to upgrade to the WatchGuard XTM or XCS series UTMs, then through December 2011 you can take advantage of their offer to allow trade-ins of competitor’s appliances for a three-year XTM Security Bundle on selected models or a three-year XCS Email Security Bundle and pay ONLY for the services.

You get the box for free!

Some of the brands that are acceptable trade-ins are:

• Aastaro
• Barracuda
• Cisco
• Clearswift
• Fortigate
• IronPort
• Juniper
• M86 MailMarshal
• McAfee Email Gateway
• ProofPoint
• SonicWall
• St. Bernard
• Symantec
• Trend Micro

For more information, please contact your WatchGuard reseller, or if you’re in the Greenville / Upstate SC area, please call Homeland Secure IT at 864.990.4748 or email info@homelandsecureit.com

Today, Cisco released 2.1.2 to the cloud for update which addresses that specific issue!

But wait, if you can’t log into the thing, how do you update your firmware so you can log into it?

First, you will need to downgrade your Flash Player to version 10.

To determine which version you are currently using visit here: http://www.adobe.com/software/flash/about/

To download earlier versions of Adobe Flash visit here: http://kb2.adobe.com/cps/142/tn_14266.html#main_Archived_versions

Once you have downgraded your browser to Adobe Flash Player 10 you will be able to log into UC320W Configuration Utility to perform the upgrade, and once complete can reinstall Adobe Flash Player v11.

The 2.1.2 firmware does not correct any other issues or add any features. If you are not experiencing login issues, you may want to hold off until 2.1.3 is released which does add some new functionality, or so we have heard!

Should you require assistance in updating or configuring your Cisco UC devices in the Greenville or Upstate, SC area, please give us a call at 864.990.4748 or email info@homelandsecureit.com – We are a Cisco SMB partner!

—

Last Updated: 19 July, 2011

1. Executive Summary
The purpose of this document is to identify different standards and legislations that require organizations to have security awareness programs. This information can then be used to help justify your security awareness program. Any questions or suggestions for this document should be sent to info@securingthehuman.org.

2. ISO/IEC 27001 & 27002
§ISO 27002 8.2.2 – All employees of the organization and, where relevant, contractors and third party users should receive appropriate awareness training and regular updates in organizational policies and procedures, as relevant for their job function. Learn more at: http://en.wikipedia.org/wiki/ISO_27001

3. PCI DSS
§12.6 – Make all employees aware of the importance of cardholder information security.
• Educate employees (for example, through posters, letters, memos, meetings and promotions).
• Require employees to acknowledge in writing that they have read and understood the company’s security policy and procedures.
Download the standard at:

https://www.pcisecuritystandards.org/security_standards/documents.php

4. Sarbanes-Oxley (SOX)
§404(a).(a).(1) – The Commission shall prescribe rules requiring each annual report required by section 13(a) or 15(d) of the Securities Exchange Act of 1934 (15 U.S.C 78m or 78o(d)) to contain an internal control report which shall – state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting;
Learn more at: http://en.wikipedia.org/wiki/Sarbanes-Oxley

5. Gramm-Leach Bliley Act
§6801.(b).(1)-(3) – In furtherance of the policy in subsection (a) of this section, each agency or authority described in section 6805(a) of this title shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical and physical safeguards –
• To insure the security and confidentiality of customer records and information;
• To protect against any anticipated threats or hazards to the security or integrity of such records;
• To protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.
Learn more at: http://en.wikipedia.org/wiki/Gramm-Leach-Bliley_Act

6. CobiT
§PO7.4 Personnel Training – Provide IT employees with appropriate orientation when hired and ongoing training to maintain their knowledge, skills, abilities, internal controls and security awareness at the level required to achieve organizational goals.
§DS7 – Management of the process of Educate and train users that satisfies the business requirement for IT of effectively and efficiently using applications and technology solutions and ensuring user compliance with policies and procedures is: […] 3 Defined when A training and education program is instituted and communicated, and employees and managers identify and document training needs. Training and education processes are standardized and documented. Budgets, resources, facilities and trainers are being established to support the training and education program. Formal classes are given to employees on ethical conduct and system security awareness and practices. Most training and education processes are monitored, but not all deviations are likely to be detected by management. Analysis of training and education problems is only occasionally applied.
Learn more at: http://www.isaca.org/Knowledge-Center/COBIT/Pages/Overview.aspx

7. Federal Information Security Management Act (FISMA)
§3544.(b).(4).(A),(B) – Securing awareness training to inform personnel, including contractors and other users of information systems that support the operations and assets of the agency, of information security risks associated with their activities; and their responsibilities in complying with agency policies and procedures designed to reduce these risks.
Learn more at: http://en.wikipedia.org/wiki/FISMA

8. Health Insurance Portability & Accountability Act (HIPAA)
§164.308.(a).(5).(i) – Implement a security awareness and training program for all members of its workforce (including management).
Learn more at: http://en.wikipedia.org/wiki/Hipaa

9. NERC CIP
The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection Standard.
§CIP-004-3(B)(R1) – The Responsible Entity shall establish, document, implement, and maintain a security awareness program to ensure personnel having authorized cyber or authorized unescorted physical access to Critical Cyber Assets receive on-going reinforcement in sound security practices. The program shall include security awareness reinforcement on at least a quarterly basis using mechanisms such as:
• Direct communications (e.g., emails, memos, computer based training, etc.);
• Indirect communications (e.g., posters, intranet, brochures, etc.);
• Management support and reinforcement (e.g., presentations, meetings, etc.).
Download the standard at: http://www.NERC.com/files/ CIP-004-3.pdf

10. US State Privacy Laws
Many states in the United States have their own individual privacy laws. You can find a listing of most of those state privacy laws at the Morrison & Foerster’s Privacy Library. Many of these privacy laws require some type of awareness training, or at a minimum that the privacy requirements are communicated to employees in that state.
Learn more at: http://www.mofo.com/privacy–data-security-services/

11. EU Data Protection Directive
The European Union has directed all European member countries to develop and define laws regarding the protecting of personal privacy of the citizens of their respective country. While each country’s implementation of this directive is different and unique, many of them require security awareness training to educate people on how to protect individual privacy.
Learn more at: http://en.wikipedia.org/wiki/Data_Protection_Directive

12. Australian Government InfoSec Manual
§0252 – Information security awareness and training: Revision: 2; Updated: Nov-10;
Applicability: U, IC, R/P, C, S/HP, TS; Compliance: must
Agencies must provide ongoing information security awareness and training for personnel on information security policies including topics such as responsibilities, consequences of non-compliance, and potential security risks and counter-measures.
Download the manual at:

http://www.dsd.gov.au/publications/Information_Security_Manual_2010.pdf

You can find the original latest version of this document here.

—

Should you need assistance with security and compliance at your Upstate or Greenville SC area business, Homeland Secure IT can assist. Call us at 864.990.4748 or email info@homelandsecureit.com for more information!

Be sure get your devices up to date…

• OS X Lion v10.7.2 and Security Update 2011-006
• iTunes 10.5
• Safari 5.1.1
• iOS 5 Software Update
• Numbers for iOS v1.5
• Pages for iOS v1.5
• Apple TV 4.4

Apple iPhone

Smartphones: Whether it is an Android, iPhone or even a Windows based phone, you cannot survive without one. These devices provide instant communication with your clients through email, text message and phone, along with the ability to browse the web and select from tens of thousands of applications to assist in your business. Your clients will not wait for you to get to your office to respond to an email. Even a quick, “I’m driving, will respond as soon as it is safe” auto-response is better than no response. The cost of a typical phone can range from 100 to 300 dollars per phone depending on features and term of contract from the carrier of your choice.

Square Credit Card Reader

Credit Card Processing: If you expect to get paid, then you need to accept every form of payment possible, including plastic. Yes, you will lose a little bit on the sale, but you will gain an instant payment. If you are just getting started, without purchasing a machine or paying a monthly charge, you can accept credit cards anywhere you have a cell signal using the Square credit card application with your smart phone and the free reader device that they provide to you. No per-swipe fee, and less than 3.0% charge. Fast, secure, and in your account the next business day. Find it in your phones’s marketplace.

Reliable & Fast Internet: There are a lot of choices these days for fast internet, from DSL to cable to fiber, and the old tried and true T1 standard, but some businesses may find that a wireless broadband internet plan may be enough for them. We recommend Charter Business in most situations, but that varies depending upon what is available at the business location. One advantage to using a cellular based broadband internet connection is that you can take it with you, which is great for businesses that are not tied to one specific location. Typical 4G plans will provide over 5 meg down and up to 2 meg up. Verizon Wireless offers the MiFi devices for around 50 dollars with 5GB plans for 50 dollars per month.

IP Surveillance Cameras

IP surveillance: Sure it sounds like the CIA, but IP security cameras at your business will decrease loss of inventory, increase productivity, and may provide an insurance savings. You can even keep tabs on your employees using a smartphone or any web browser to view these camera. Recordings can be reviewed after events occur, and most systems can email you when there is movement in a particular location. Prices range from $150 for a single entry level camera into the $2000 range to cover an entire business. You can install yourself, or get an IT provider to handle this for you for the most professional results.

Email: This is a no-brainer, but many small businesses will cut corners here. A Hotmail account will work for sure, but who wants AcmeWidgetCo@hotmail.com on their business cards. At the very least, your business should use a service that allows for linking a domain to your mail, such as Google Apps (Gmail) or Microsoft Office 365. This gives you a professional appearance, and provides for important features such as linking of your smartphones, sharing of calendars between users and so much more. Microsoft Office 365 costs about 5 dollars per person per month and gives you up to 20GB of storage.

Anti-Virus & Security: Far too often this is overlooked, or taken for granted. A business that is vulnerable to viruses or malware is a business that could experience costly downtime and repairs, not to mention, open yourself up for compliance violations and potential fines or legal issues depending upon the field you are in. The components of a secure network are as simple as a quality firewall like those offered from Cisco, Watchguard or SonicWall, an anti-virus software package from Trend Micro or Symantec, and taking the time to apply updates to the Operating System (Windows, Mac, etc) and support software (Microsoft Office, Adobe Reader, Adobe Flash, JAVA).

Backup: When disaster strikes, you need to be prepared for it. Having backups of your important files will insure you are not out of business when a computer or server fails. Backups technology can be as simple as an external USB drive or remote backup solution, or on the other end of the spectrum, as complicated as auto-loader tape drives. One thing is for sure, ANY attempt to backup your data is better than none. For automated cloud backup solutions, consider Servosity or Mozy Pro.

Here at Homeland Secure IT, we utilize a vast array of technology and we also help many small and medium businesses and even home offices stay up to date. If we can help you with decisions regarding your Greenville or Upstate technology infrastructure, please call us at 864.990.4748 or email info@homelandsecureit.com. We offer sales, service, repair and consultation of everything from computers to VoIP.

What is your “must have” business technology? I would love to hear about it.  VoIP phone systems? iPad, Android or Windows based tablet computers? A favorite app (We love TiKL & Waze)?

Happy Customers are Good Customers!

Customer service is a series of activities designed to enhance the level of customer satisfaction – that is, the feeling that a product or service has met the customer expectation.

The quality and level of customer service has decreased in recent years and this has been driven home for me in the last few weeks causing me to reflect on my own personal definition of customer service.  A couple of weeks ago, I helped a customer at McAbee’s Custom Carpet as he was picking up a piece of carpet he ordered a few days prior.  This nice gentleman felt the need to tell me how Customer Service in our country was a dying trait and he was so glad to find a small entrepreneurial company that once again cared about providing customer service.  Really?  I guess I’ve taken this for granted… great service is what my father founded this business on nearly 50 years ago.

Just today I was met with having to deal with a local vendor that had managed to get me to the point of being very upset and disgusted with their lack of customer service… or even response.  The ability to provide a high level of service requires both obligation and responsibility as I see it and somewhere between the two lays a level of comfort.  It’s not a matter of control or money but rather a need to see through the problem to the pain trigger and address it head-on.

So many service providers these days are working for a large Corporation, whether larger than our Upstate SC business area or even Worldwide businesses and they are losing their hold on great customer service.  If you even get to speak with an actual person, they tend to hide behind someone else in their pyramid of business (be it supervisor or manager) and they lack the ability to accept responsibility for wrong doing or making a situation better.  They tend to pass-the-buck as we have all experienced and this tactic must be an attempt to where the customer down to the point that they no longer even care to pursue their point of concern.  It just serves to enrage me!

Where does this leave us – the consumer?  What leverage do we have when a product or contract of service goes astray?  Does anybody really care?  I think we are just beginning to see a change in customer service in our society.  Take the banking industry for example:  Bank of America announces that they will begin charging their customers to use their own debit cards.  They must have known this would cause BoA customers to go elsewhere.  Was it worth risking?  I say bravo to the customers that find another bank with better customer service.  When did it become customary to raise your profit margin by charging additional fees to your already existing customers?

As an entrepreneur with Homeland Secure IT, I’ve followed my own father’s footsteps in starting a business with my husband.  My Dad instilled two business traits in my mind:  quality and service and the two go hand in hand.  I remember hearing him say, “When business becomes so large that you no longer care about one or the other, quality or service, you might as well give up and lock the door.”  I’ve watched both Homeland Secure IT and McAbee’s Custom Carpet go to extremes to make certain that a customer is happy, even if it means losing money in the end.  There is so much more than the dollar amount to a business venture, there’s reputation of service that will keep customers coming back again and again.  If employees of large companies feel no obligation to the satisfaction of their product or service, what do they care if they see a customer walk in the door again?  The only leverage I can find at times is the threat of internet reviews for a business and we need to take this more seriously.  I know John and I are constantly looking to reviews on Yelp, Yahoo, Google, and other forums to see just what other consumers have experienced before we decide to invest in a business.  Perhaps the time has come where we do not have to feel like an unheard voice among so many, your opinion matters!

The businesses I’m invested in will continue to provide top-notch service to our customers.  I am a firm believer in my father’s theory, why would we continue to grow a business if we are not giving our community reason to support us?

Pamela Hoyt – Homeland Secure IT / McAbee’s Custom Carpet

@PamelaHoyt   –   http://www.facebook.com/PamelaMHoyt

Anyone browsing to mysql.com yesterday would have been redirected, and without even being prompted, then likely been exploited themselves by the software running on the rogue website which apparently looked for vulnerable browser plugins to use for an injection point.

Trend Micro’s smart web filtering may have caught this and stopped it, but one thing is for sure… Doing everything you can to protect yourself from this type of exploit is more important than ever.

You should always insure you are running up-to-date and mainstream/quality anti-virus software (Such as Trend Micro), and also keep your operating system (whether Microsoft Windows, Apple Mac OS X or even linux), browser, and all support software such as Adobe Flash Player, Adobe Reader and JAVA, as well as Microsoft Office fully updated!

Another thing you should consider is backups! With the cost of USB hard drives at an all time low, and online backup (Like our Servosity offering) being an easy install, configuration and affordable, there is no excuse to not have backups.

Should you need assistance in the Greenville / Upstate SC area determining what you or your business needs, please contact us at 864.990.4748 or email info@homelandsecureit.com. We provide sales of Trend Micro, Symantect & McAfee anti-virus protection, virus cleanup & removal, and can handle your computer service & computer repair tasks!

Only one problem…  Nobody that I called in the Greenville area has one!  One person told me only 200 of the top stores got them today and those 200 stores only received 2 each.

So I will wait a while, or I could buy it online at sprint.com.

Why do I want it? Last year about this time, we replaced our aging Blackberry phones with Samsung Galaxy S Epic 4G phones and have loved them! BUT, that was this, this is now. The new phone does not have a keyboard built-in, so it is much thinner, and it also has a much larger display. The battery life is improved to boot.

As far as speed, the new phone has a 1.2Ghz DUAL CORE processor, compared to the 1Ghz single core we currently have.

The OS is upgraded, the camera is 8 megapixels.  What’s not to like?

Apparently the size. Some people don’t like that bigger 4.5″ screen, compared to the 4.3″ screen in our current phones.

We’ll see… Maybe by next week I can find one?

Thoughts?     OH, and don’t make it about carriers.  Sprint has done a great job of keeping us happy.  Verizon would be our 1st choice, but we’re locked in for a little while longer with 3 of our phones.

Have a great weekend!