Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT

MS pushes Windows 10 whether you want it or not

  • 0
admin
Tuesday, 15 September 2015 / Published in Woo on Tech
The first one is always free

By all accounts, the launch of Windows 10 is probably Microsoft’s most successful release since Windows 95. From an IT professional’s perspective and given Microsoft’s history with OS launches, this is definitely the least troubled release since Windows 7 (2009). Despite this, I have gathered enough feedback on the upgrade process, both through my own and client experiences as well as reports from around the web, to not recommend it YET for my clients’ business machines, especially if they are operation-critical devices. While the upgrade process seems to go relatively smoothly and painlessly, the actual problems start to crop up after the process finishes and you attempt to get back to work. Historically, operating systems have never worked well on Windows machines, and while 10’s experience seems to improve on Microsoft’s track record in this area, it’s still a risky path at the moment. Unfortunately, despite my recommendation (one shared by many other pros in the business as well) to avoid upgrading your Windows 7 or 8 machine, Microsoft is essentially forcing you to download a copy anyways, whether you plan to upgrade or not.

What this means for you:

Depending on the amount of free space on your hard drive and bandwidth usage cap of your internet connection, this may be no big deal, especially if you do intend to upgrade to Windows 10 at some point. Microsoft sneaks the package onto your machine via Automatic Updates and stores the 3-6GB download in a hidden folder called “$windows.~BT” (the $ hides directories in Windows and is not a wry, insiders joke made by greedy MS programmers). It will do this even if you have been studiously ignoring the pesky system tray app that constantly reminds you that your free Windows 10 upgrade is just waiting to be installed. According to Microsoft, this is by design and ostensibly done to make the process quick and easy:

For individuals who have chosen to receive automatic updates through Windows Update, we help upgradable devices get ready for Windows 10 by downloading the files they’ll need if they decide to upgrade.

To be fair, some folks (rather impulsively in my opinion) seem to make the decision to upgrade to Windows 10 on the fly, possibly because of the way Microsoft has relentlessly pushed the new OS.

Unfortunately, if you choose to use Automatic Updates (and you should unless your technology is managed by an in-house IT department, at which point they will make that call depending on organizational policy), then you can’t avoid this download without some messy registry hacking and fussing with your computer. I can hear some of you scoffing, “6GB? Who doesn’t have room for 6GB?!” Well, 128GB SSD laptop users for one, and I know many, many folks running older computers with smaller 250GB hard drives that are on the edge of being completely full. On top of this, many folks use cellular broadband on their laptops, and this sizeable “update” could easily push their bandwidth allotment over the edge. While I applaud Microsoft’s forced march towards a modern operating system on all Windows machines (see “The World Still Clings to Windows XP”), this heavy-handedness on top of the privacy concerns has me revising my ranking of this release lower and lower.

forced updatemicrosoftprivacywindows 10

Quantum computers could render current encryption obsolete

  • 0
admin
Wednesday, 09 September 2015 / Published in Woo on Tech
Current encryption standards in danger?

Though the average consumer is still many years away from seeing or using one, quantum computers are moving steadily from theory to reality, and seems to be following the same accelerated curve most other technologies follow. First theorized in the 1960’s, the field of quantum computing was formally established in the early 1980’s, but actual systems using quantum computing only appeared in this decade. Lockheed Martin purchased in 2011 what appears to be the first physical implementation of a quantum computer: the D-Wave One. Google launched its own quantum computing initiative in 2013 in joint effort with NASA, and Edward Snowden revealed in 2014 alleged plans by the NSA to build a quantum computer expressly for cracking encrypted data.

[Skip this section unless you really want a brain twister!] Quantum mechanics on its own is an incredibly dense and complex field of science, and even though quantum computing concerns itself with a specific application of quantum mechanics, it is just as inscrutable as modern computers are now to most people. In a nutshell, where modern computers process data by boiling down everything to zeros and ones (bits), quantum computers process data using qubits, which can exist as either a zero or one, or any number of infinite states in between. While you are trying to wrap your head around that one, consider this next mind-blowing fact: where traditional CPU’s solve problems by switching between one or zero (albeit very, very quickly) and testing a condition (is it 0 or 1), a quantum CPU can simulaneously solve for one and zero at the same time. Because of this capability, a quantum CPU would be vast leap forward both in speed and complexity as compared to a “traditional” CPU.

What this means for you:

Scientists and security experts are justifiably concerned that quantum computers could easily crack the toughest encryption methods in use today. Encrpytion that would normally take today’s computers thousands of years to crack could, in theory, be broken within hours on a quantum computer. It’s not a long jump to suppose that the first organizations to implement quantum computers will be nation-states and large corporations, and then the race will be on to safeguard data with even stronger cryptographic algorithms. Echoing an arms race not unlike the nuclear one in decades past, modern technology is advancing at a pace that most humans will never stay ahead of, and we are relying on a small number of people in power who continually demonstrate an alarming lack of understanding of technology in general. Its important for all of us to step up our game and to focus on, at minimum, learning more about the technology we use everyday, and when we hit our limit, making sure we are protected and led by more knowledgeable people we can trust.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

dataencryptionquantum computingquantum physicssecurity

Chrome just hammered a stake through Flash’s heart

  • 1
admin
Wednesday, 02 September 2015 / Published in Woo on Tech
Adobe Flash

Under the auspice of saving battery life on laptops, Google just made good on their promise in June of this year to pause Flash elements on webpages loaded in their browser, Chrome. Though they don’t outright name what elements they are targeting *cough* advertising *cough*, as of September 1, Chrome will, by default, no longer autoplay Flash-based media on any page. If you want to punch that monkey to win a prize, you will have to click on the advertisement to get it to dance around on your screen. Now before you break out the champagne, this certainly doesn’t mean the end of web advertising by any stretch of the imagination – many of the ads you see are HTML5-based (including Google’s own AdWords platform) – but seeing as Chrome has 50% of the browser marketshare, it’s a safe bet that many, many advertisers will stop using Flash as a delivery mechanism, and given Flash’s long history of security weaknesses, this is a good thing.

What this means for you:

If you’re using Chrome as your main web browser, make sure it’s updated to the latest version, and start breathing the Flash-paused air. Firefox users have been enjoying this particular state for a little while now, as Mozilla put Flash in permanent time-out last month. If you are still using Internet Explorer (and many, many folks are required to because of various corporate applications) you can also experience a Flash-paused existence by following the steps outlined in this article.

Most importantly, if your website was designed with Flash elements (as many were up to about 2 years ago), it’s time to refresh your online presence to marginalize or eliminate the dependency on Flash. Its days are well and truly numbered.

advertisingchromefirefoxflashGoogleinternet explorerplugins

Ashley Madison searchable data wreaks havoc

  • 0
admin
Wednesday, 26 August 2015 / Published in Woo on Tech
Can't keep this one quiet

Remember a couple weeks ago when the adultery website Ashley Madison and assorted “sibling” sites were hacked? The alleged hackers were holding the data hostage and demanding (parent company) Avid Life Media be held accountable for what the hackers claimed was the fraudulent business practice of offering website “patrons” the opportunity to pay have their data completely erased. The data has been released (including the supposedly erased data), it is now searchable thanks to websites like Have I Been Pwned, and it’s wrecking lives like, well, a proverbial home-wrecker. It doesn’t take much imagination to envision why this is happening – marriage as an institution in America has been on some fairly rough ground lately, but you don’t come to this blog for that kind of gossip…

So here’s my IT angle on the whole mess:

  1. Just one, simple piece of data in the wrong place at the wrong time can be a game changer. In the case of the above, finding someone’s email address in the database separate from any other context can utterly destroy trust. And this doesn’t have to be a spouse or a family member: it can be a congregant, constituent, employee, employer, customer, client, prospect, competitor, adversary or worse – a true enemy. Many have said that their accounts were created for research (I didn’t even put that in quotes), and many probably were and even have official documentation backing up that claim, but when data is released without context, the victims don’t have any control over how the data is viewed or used.
  2. Most agree that Avid Life Media’s IT team had more that adequate protections and data encryption in place, but like every other business, they were fighting a losing battle. As I’ve said repeatedly (as has most of the industry), the current battle against digital intrusion is a war of attrition, and the attackers have the upperhand. They only have to succeed once to win, but we, in defending our organizations, cannot stumble even once. In case you are having trouble envisioning why this is, imagine a game of soccer where you are the goalie and the hacker is the other team. It’s just you versus the entire team, and there are multiple balls in play. They only have to score once to win. You, on the other hand, can only hope to get one of the opposing team out on penalty to slow them down, but guess what? They have a rather deep bench. And there are no time outs.
  3. Do your employees or vendors have access to data or systems to which they shouldn’t? Some believe the hack was an inside job. Keep in mind that you have to trust someone at some point to manage your security. Though it may be difficult or even painful to examine your operations for disgruntled employees or customers, unethical or inhumane practices reap as they sow, as Avid Life Media is perhaps experiencing first hand.
  4. Things done on the internet can never be erased. Even if you pay someone to do so, and they make an honest attempt at it, the internet never forgets. Want to keep something secret? Keep it as far away from the internet as possible. Can’t (or won’t) do that? Count on it not being secret and at least you’ll be prepared for when it does become public. Also, there are very few levels of obscurity on the internet, in most cases, things are merely forgotten or overlooked, but they never truly disappear from view.
  5. Privacy and security are hard won, and increasingly so as time progresses. Expect the costs of maintaining these things to continue to rise.

With all the recent, high profile hacks it’s hard to not be a “Debbie Downer” when it comes to the current state of security and privacy – but don’t fool yourself into thinking that things aren’t as bad as they might seem. Taking a realistic view on internet privacy and security is important in achieving a balanced perspective when making decisions on what to spend (both in dollars and energy) on defending yourself and your business. It’s not the end of the world. Not nearly. But it’s rough out there, and likely to get worse before it gets better. Be prepared, be realistic: plan for the worst and hope for the best.

 

ashley madisondata breachhackprivacysecuritytrust

Climbing your email Everest – email retention part 3

  • 2
admin
Wednesday, 19 August 2015 / Published in Woo on Tech
Get to the top!

You’ve done the hard work we outlined in the previous two parts of our series on the email beast, and now you are ready to tackle the summit of your email Everest. There are a variety of reasons to retain email, but they generally fall into two categories: “legal” or “industry/business best practice”.

Interestingly enough, there is no federal mandate (yet) directing US businesses on how much or how long email must be retained. However, if your industry is bound by legal or regulatory requirements to retain certain types of electronic documentation for a certain amount of time, you should consult with your lawyer about where this may intersect with documents and information stored in email. If your company establishes a retention policy, it’s incredibly important to adhere to that policy. Deviations or failures to enforce a formal company policy (“I have no idea where that email is, your Honor,”) are dealt with harshly in court, and will be costly. Relying on a manual process (such as Outlook’s “archiving” functionality) is fraught with failure, so any formal retention policy should be a centrally managed and maintained by an automation process rather than a human. Not all email providers include this capability, especially the consumer “free-mail” services like Gmail, Outlook.com, Yahoo, etc. Business-class service will typically offer retention capabilities as an add-on service, so make sure that if you need it, you can actually implement it on the server side.

Bottom line: If you have a formal retention policy, you must enforce it or you could face significant consequences in litigation.

If you fall into the broader, less compliance-bound audience that would like to keep track of the information that is contained in your vast email archives, consider a different way of retaining that data rather than relying on Outlook archives and your overstuffed email server hard drives. In most cases, people retain emails in order to track conversations with clients, customers, vendors, etc. If your business relies on this information, you should consider a tool that is built specifically for that purposes, and you’ve probably already realized that Outlook is not that tool. Before you despair, I do have good news for you: there are literally hundreds of Customer/Client Relationship Management (CRM) solutions that integrate very well with Outlook. Implementing a CRM solution for your company is not as easy as the sales videos would have you believe, but it may be very worthwhile in the long run.

The most crucial element in successfully implementing a CRM solution to funnel your customer/client emails into is follow-through and consistency. Everyone needs to be fully trained on how to use the system properly, and then they must use the system consistently. Most CRM implementations fail not because the software is bad, but because the company doesn’t get 100% buy-in from ones that need it the most: executives and the sales team. If everyone has sales responsiblities, then everyone has to use the CRM software.

At the very end of this long climb up “Mount Email”, regardless of what solution you choose to retain, the final consideration should always be data backups. Whether it’s a formal retention platform, CRM solution, or simple PST files, make sure your platform of choice is supported by a solid backup strategy that includes at least 2 different backup mediums. Understand how often your data is backed up, where it’s stored, and how you retrieve it in the event that disaster strikes.

Image courtesy of bplanet at FreeDigitalPhotos.net

crmemaillitigationpolicyretention

Warm up that delete key – email retention part 2

  • 1
admin
Wednesday, 12 August 2015 / Published in Woo on Tech
Warm up that delete key

Last week we talked about our “growing” email problem. The average size of an individual email as well as the overall volume has increased substantially over the years, and some parts of the email technology platform have changed to accommodate that. In other critical areas it has only barely kept pace or fallen woefully behind. Though it’s changed its look over the years, Outlook still works essentially the same way it did nearly 20 years ago. And while we have more ways to read our email now with the proliferation of mobile devices and cellular data networks, I rarely come across a business professional who isn’t struggling to stay afloat in the growing email tide.

So how do we address this weighty issue?

First off, reduce the volume in any way you can:

  1. Better spam filters – the best ones work at the server level, and don’t rely on your local email client. If you are using a local spam filter on top of your provider’s “filter”, you need to adjust the settings on the server side so they never get delivered, or change providers. It’s a hassle, but a good spam filter will make it all worthwhile.
  2. Ditch the mailing lists – if you spend more time shuffling unread newsletters into the “later” folder, you should either look at subscribing to a less frequent digest, or unsubscribe altogether. Ironic advice coming from someone who sends a newsletter. Hopefully because you are reading this, our newsletter makes the cut.
  3. Separate business and personal – modern email clients and mobile devices allow you to stay on top of multiple email accounts, so there’s no good reason to keep everything in the same mailbox. Don’t go hog wild (5 separate mailboxes is just as bad as single overstuffed box), but if you are using your business mailbox for everything, you really need to move the personal stuff to a separate email account.
  4. Delete, don’t archive – once you get over the initial fear of throwing away an email permanently, you may find it amazingly liberating and a great way to reduce stress. Be mindful of your company’s retention policy and business practices, but delete anything that isn’t critical. Because it’s “virtual”, email becomes a convenient way for our “inner hoarder” to manifest itself. As with anything hoarded, the volume rapid overtakes any benefit gained from keeping the stuff around. Be merciless, even cruel, and give your delete key a solid workout.

A lot of you have heard this advice before (probably from me), but it always bears repeating. The only way to drink from a firehose is to reduce the pressure. Getting in front of your daily email workload will grant you time to focus on the next task: sorting, filing and putting to use the email you do decide to keep.

Make sure to stop in next week for the final part of our series on taming the email retention beast!

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

archivedeleteemailoutlookpolicyretention

Email’s growing problem

  • 2
admin
Wednesday, 05 August 2015 / Published in Woo on Tech
I've got that email here...somewhere...

Believe it or not, email has been around since the 1960’s, though it didn’t make its way into mainstream business culture until the early 1990’s. Judging from some inboxes I’ve come across, some of you might actually have email dating back that far. Depending on your industry, this may or may not be necessary, but storing and keeping that much email usable is almost a universal problem that smaller businesses and individuals struggle with daily.

Are you impacted?

Some of you may be asking, “I’ve been storing email in Outlook for years and it’s only a problem now?” This isn’t a sudden, unexpected crisis, but one that has been growing (pun intended) for some time. Lately I’m seeing more and more folks hit “critical mass” and it’s due to the coincidental rise of several technology factors:

  1. Mobile devices with increasingly higher-resolution cameras. The iPhone can take an 8MB photo, and a 43MB panoramic photo. As a reference, GoDaddy’s email attachment limit is 20MB, and Gmail’s is 25MB. Whether their reason for sharing several high-res photos via email is for business or pleasure, a handful will put most people right over their size limit and capabilities of Outlook.
  2. Faster internet connections. We don’t think twice about sending larger files via email, or multiple emails to get around the attachment limits.
  3. The rapidly diminishing cost of storage, both in physical media like hard drives and on cloud platforms like DropBox, iCloud, SkyDrive, etc. This encourages to disregard file size, something that email (remember the tech is over 50 years old) was never designed to handle.

Combine the above with email archives going back years and you can end up with an inbox grossly over the limit. Overly large email boxes (and large email attachments) can lead to noticeable performance degradation, especially in the corporate poster child of email clients, Microsoft Outlook. Depending on your server limits, you may have been forced to move your old emails to one or more archives, which, when they too become oversized, can also lead to headaches and data loss.

Next week: we discuss how to solve this thorny problem.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

archiveattachmentsemailproblemretentionsize

Most Android devices impacted by critical vulnerability

  • 0
admin
Wednesday, 29 July 2015 / Published in Woo on Tech
Android in the crosshairs again

Due to a vulnerability in Android’s implementation of MMS, nearly one billion smartphones and tablets could be impacted by a security weakness known as Stagefright. In a nutshell, an attacker exploiting this vulnerability could send an MMS message with an infected attachment that could literally take over your device without you knowing it. Even though Google has released a fix for this vulnerability none of the major carriers and manufacturers have pushed the update to the affected devices, including Google’s own Nexus devices, which are due to be patched next week.

What this means for you:

This vulnerability can affect you even if you don’t open an infected MMS attachment, which could appear as a picture, movie or just about anything that can be attached to an SMS message. Stagefright’s actual purpose is to provide you with the thumbnail preview of the attachment in your SMS application, so having the attachment appear while scrolling through your messages would be enough to get infected. Regardless of what app you use to view MMS messages on your Android device, the only way to combat this attack is to prevent your device from automatically downloading MMS attachments. In Google’s default SMS application Hangouts, this is accomplished by doing the following:

  1. With Hangouts open, tap the Menu icon (3 horizontal lines in a stack) in the upper left corner.
  2. Tap the “Settings” icon (looks like a gear)
  3. Tap “SMS” (usually at the bottom of the list, below “Add Google Account”)
  4. Scroll down to “Auto retrieve MMS” and uncheck that box.

    Disable auto retrieve MMS

If you aren’t using Hangouts to view your SMS and MMS, make sure you check with the software developers to find out if disabling this option is possible in their app. I was previously using ChompSMS as my messaging app, and this option was NOT available, so I immediately switched back to Hangouts.

AndroidbugexploitGooglehangoutsmmssecuritysmsstagefrightvulnerability

Windows 10: Are you ready?

  • 0
admin
Wednesday, 29 July 2015 / Published in Woo on Tech
Windows 10

Of all the operating system releases in their long and storied history, Microsoft seems at last to be launching an OS that is at once very competent and highly anticipated. In case you didn’t know what today was, Microsoft is launching Windows 10 to the world, and it’s a sure bet that thousands (if not millions) of people are attempting to upgrade right now. As technology evangelist, I applaud their enthusiasm, but as your technology consultant I strongly advise against taking the plunge on opening day.

Here five reasons why:

  1. Even though Windows 10 has been large-scale testing and beta for months, there will likely be plenty of as-of-yet undiscovered bugs and problems. This has been the case with every operating system ever released in the history of computing. I don’t think I’m going out on a limb to say there will be bugs, and it will take time to sort them out. Day one upgrades rarely go well for the average computer user.
  2. Though supposedly the upgrade process is the easiest it’s ever been, I’ve already seen problems with user-initiated upgrades. If you are not careful, you could lose access to business-critical apps, or even your data. Make sure you back up before you upgrade!
  3. Unless you’ve already tested them, make sure your business critical apps will run on Windows 10 before upgrading your work computers. Even if they do, make sure the software developer has officially given the “thumbs up” – many are not supporting Windows 10 yet, and it may be many months before they are ready to do so.
  4. Microsoft’s new terms of use have taken a much more invasive stance with regards to your personal privacy. This article summarizes them neatly, but in a nutshell, Windows 10 will be sharing a lot about you, your data and browsing habits unless you disable these “features”. It’s a safe bet that in the first heady days on our whirlwind romance with the new OS, many of us will ignore or forget about this.
  5. As most will get their free copy of Windows 10 as an upgrade to an existing install of Windows 7 or 8, you need to make sure your current OS is in perfect health. Upgrading a damaged or compromised OS will only lead to heartache and headache, so make sure you get a clean bill of health before upgrading to 10.

If you’d like to read more about Windows 10, I recommend Microsoft’s FAQ. At the very minimum, check with your nearest IT professional about upgrading before you take the plunge, and make sure you have a contigency in place, because, despite our industry’s efforts, Murphy’s Law remains incontrovertible.

cautionmicrosoftupgradewindows 10

New data breaches could hurt more than wallets

  • 0
admin
Wednesday, 29 July 2015 / Published in Woo on Tech
Planned Parenthood Hacked

Hacktivism is not new, but when the data stolen and released targets a group already beseiged by violent acts of “protest”, have the hackers stepped over the line into actual terrorism? What if the data stolen contains sensitive data aside from financial information, such as medical records, or proof of infidelity? What if the security hole could be used to crash a moving vehicle? Following the scandalous breach at Ashley Madison comes three more hacks that will add to your gray hairs. First up is the “doxing” of Planned Parenthood employees after a hacking group penetrated their network and gained access to employee information, which they promptly released online. It’s not a far stretch to imagine those 300 people being targeted for harassment and violence by more “hands-on” anti-abortion groups now that their information has been made public. Regardless of your feelings about a group’s politics, lining up people in the cross-hairs on an issue known to incite extreme acts of violence is never the right way to protest.

That’s not the worst of it. Keep reading.

UCLA Health – one of the largest hospital systems in the country – revealed that it too had been hacked, and sensitive data on 4.5 million patients and employees has been compromised. While admitting that the usual sensitive information was likely exposed, UCLA officials could not confirm whether the data had actually been stolen, and to add insult to injury, they are only now admitting to the hack, months after the actual breach was detected. No mention was made whether medical records were exposed, though one imagines if such a thing had happened, the enormous liability exposure would lead to full disclosure. One would hope.

If you happened to be a UCLA patient and the owner of a new Jeep Cherokee, you are probably having a really bad week. Fiat Chrysler is recalling over one million new SUV’s after details were released by two hackers who were able to physically disable a moving Jeep Cherokee and send it into a ditch, while the driver was helpless to do anything about it. With our cars becoming increasingly automated and connected (and at some point, self-driving), you can bet this type of event will become more commonplace. It’s good that Fiat Chrysler decided to recall the potentially dangerous vehicles, but indicative of a wider blind spot in all industries of the mounting threat of cyberattacks. Hackers have supposedly been trying for years to call attention to security problems like ones exploited in the Jeep, as others have in industries like airplane manufacturing. Let’s hope no one has to crash a plane to get their attention.

data breachdoxingfiat chryslerHackingjeep cherokeeplanned parenthooducla
  • 37
  • 38
  • 39
  • 40
  • 41

Recent Posts

  • code in a laptop screen

    Software Updates: When to Install, When to Wait, When to Worry

    On July 19, 2024, CrowdStrike pushed a routine ...
  • half open laptop

    Technology Transparency: Why We Don’t Hide Our Markups

    Go look up Microsoft 365 Business Basic on Micr...
  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP