Security and what’s changed

Posted: May 14, 2015 in Technology

Security, security, security, we hear it all the time, but why has it moved to the forefront more than it has in the past?  I wanted to take an opportunity in this post to dive a little bit deeper into the reasons that so many countermeasures are required these days to protect systems and PC’s from attack. The threat landscape of the individuals and groups on the attack has changed quite drastically in the last 5-10 years.

In the late 1990’s and the early 2000’s, the attackers were mostly what we would refer to as “script kiddies”, basically teenagers with too much time on their hands.  A lot of them were interested in learning programming code and knew they were causing damage but it wasn’t necessarily for ideological or financial motives.

In recent years we have seen a shift to the attackers being mostly rogue organizations or those looking for financial gain.  These groups or individuals are looking for data that can either threaten the national security of a country or to gain information such as credit card or social security numbers that they can either use themselves or sell.  Another difference we see here is that these groups are also usually very well-funded and often have teams of people working to gather the data that they are trying to obtain.

The technology landscape has also changed in recent years and will continue to try to adapt.  Currently numerous security tools are often used to have “defense in depth” but there is hope that the base operating systems, such as Windows, will soon be more secure in the way they function at a basic level severely limiting the methods attackers have to take over an operating system.  The security tools also are evolving to become less impactful to the end user and eventually will have little to no impact on the work that a person does on their PC.

While there are some growing pains and at times some struggles with the measures that are put in place to reduce security threats there is hope for the future of these technologies.

Staying Current

Posted: April 23, 2015 in Technology

Staying at a job for more than a couple of years in the information technology field is truly an accomplishment these days.  I say these days but for as long as I can remember it’s always seemed like the trend has been between two to four years is the average job span of a person in this field.  Typically you find that most of these constant career changers are looking to work their way up the career ladder or they just aren’t being challenged enough in their current position.

For those blessed to have been with the same company for many years, how do you ensure that you as a person don’t lose your marketability by being at one place too long?  I personally believe staying current on technology is one of the most important things you can do to help your appeal to a new company should the time come whether you voluntarily or involuntarily have to leave your current position.  There are numerous ways you can stay up to date on current technology trends (without spending a dime.)

First, subscribe to company blogs from major technology providers such as Microsoft, Dell, Citrix, and many others.  There are also generic technology sites such as Engadget that can help you get a daily dose of what’s new in the technology world.  Another suggestion along this same line is to create yourself a Google News Alert that searches for certain keywords or company names and can alert you when new posts come out regarding that particular topic.

Secondly, get some refresher training.  The YouTube’s of the world have really changed the way information and instruction becomes available to the world.  There are many smart people out there who just enjoy talking and have posted videos on just about any topic you could possibly want to learn more about.  Microsoft also has free topic driven training available through their Microsoft Virtual Academy online.  Most classes are between one to four hours and really give you focussed training on technologies that Microsoft offers.

My third and final suggestion, write.  One of the main reasons I started blogging was to help keep my creative juices flowing but also it gives you “street credit” if you will among the industry to show that you really are interested in your current career field and gets you thinking about what you can use some of this wonderful technology for.

While at home I mostly embrace the “Mac life” at work my focus is around Microsoft technologies so I try to straddle the fence as best as possible.  One of my frustration points with Microsoft has been their disjointed technology in some cases.  You can definitely tell that their company mostly works in a silo and one group doesn’t know what the other group is doing.  I can say however that over the last year I have seen a marked improvement in the way Microsoft seems to be coming together.  Today’s topic, OneDrive.

Microsoft’s OneDrive is a cloud storage (online storage) technology similar to that of Dropbox, Box, Google Drive, etc.  One of my biggest complaints has been that if you are an Office 365 user, your storage is provided through “OneDrive for Business” which has a SharePoint backend and requires a totally separate app from the personal OneDrive (and to top it off, they still don’t have a OneDrive for business Mac app (supposedly releasing in preview the end of Jan. 2015.)  Good news was finally announced by Christ Jones, VP of OneDrive and SharePoint for Microsoft that they will now be consolidating down to a single sync engine for OneDrive that will allow connection to personal OneDrive as well as OneDrive for business.  The Android and Windows Phone versions have already been released and iOS is supposed to release later this month.  No word yet as to when the Windows and Mac versions will be released but I expect it to be by the end of 2015 or sometime near the release of Windows 10.

In other news announced late last year, Microsoft will also be providing “unlimited” OneDrive storage space to all Office 365 personal, education, and business customers.  If you haven’t tried out Office365, I highly recommend it.  Most Office 365 plans include the full version of Microsoft Office for up to 5 computers (as well as the version for your mobile devices and the online version which can be used from anywhere you have a compatible web browser) along with e-mail hosting and more.  One of the other features of having Office 365 is you’re always on the latest version of Office so no need to worry about costly upgrades.  All plans are available for a small monthly fee.

Sources – OneDrive Blog

The Perils of USB Device Charging

Posted: November 9, 2014 in Technology

We all love the convenience of just being able to plug-in our devices to convenient USB ports located on our computers, on airplanes, at airports, or hotels but have you ever stopped to think about what might be on the other side of that USB connection? Up until now an iPhone has not been capable of being infected via a USB connection, unfortunately that has changed. A new malware released on 6-November now has the ability to infect your phone via a USB connection. It’s always a good idea to use extra precautions when connecting to an un-known USB connection. While, to date, no one has infected a smart phone via a public charging station it was however demonstrated at one of the last international hacking conferences that were held. The problem is that someone could easily hide a tiny computer within one of those charging stations that contained malicious code to infect your device. Once someone had access to your device they could potentially track your GPS location, read all your e-mails and text messages, or worse.

While we certainly can’t live our lives in fear over the dangers of technology it is always prudent to be cautious when connecting our devices to an unknown source. I personally shy away from direct USB connections to charging stations or on planes and stick with my USB wall adapter just to err on the side of caution.

One final note, whether you use USB or your wall adapter, never leave your phone unattended.  I see it happen in airports all the time.  While we’d like to believe everyone in the airport is honest, leaving your phone alone at a charging station is just asking for someone to take it.

Source –


Collaboration as a lifestyle

Posted: October 19, 2014 in Technology

Collaboration is one of those “buzz” words we’ve been hearing for many years now but the technology to empower that idea has only now really began to become more readily available.  If you’re not familiar with the term collaboration, think of it really as social networking for business.  Social networking sites like Facebook, Twitter, and LinkedIn have given us the ability to connect with people and share our thoughts and ideas and have them provide almost instant feedback on those thoughts and ideas.  You may have already started hearing collaboration being referred to as social networking for business and that really is a good way to look at it.  Today I’d like to discuss two tools that are currently available to us from Microsoft that have really changed the way I work with my other team members, Microsoft SharePoint and Lync.

Microsoft SharePoint has been around for many years but is only now becoming more and more popular due to the availability of it within cloud providers such as Office 365.  SharePoint makes it extremely easy for teams to be able to work together either in a general fashion or on specific projects by creating what are known as SharePoint sites.  Like a website, a SharePoint site is available via your web browser and is edited in a very familiar way just like you would a Microsoft Word document.  SharePoint in a basic way was designed to replace the use of file shares within a company but is so much more.  With SharePoint sites you are empowered as the “owner” of the site to give access to whom you need to share information and collaborate with.  Once you’ve granted access you can add things such as documents and organize them in folders just like you would on your local computer but the benefit is that the files become available to other members of your team and you anywhere within the organization (or in the case of Office 365, anywhere on the internet) securely from a web interface or natively within Microsoft Office applications like Word, Excel, PowerPoint, etc.  Going beyond the basic features of file sharing you can do other things such as create team blogs or newsfeeds where you can discuss particular topics and comment/like the posts just like you would on a site such as Facebook.  As projects come up you can create “child-sites” of your main team site for that specific project and then once done archive or delete it.  It really provides a great central place to share information with other team members and many people find they end up setting their team site as their web browser’s home page.

Microsoft Lync may have previously been known to you as Microsoft Office Communicator or OCS for short.  Many people think Lync is just a tool for instant messaging like Skype or AOL Instant Messenger but it is quite a bit more.  At a basic level Lync is used by companies to provide instant communication within a company.  For many years people have used e-mail when the phone wasn’t convenient or accessible but, as I know I’ve experienced, one e-mail soon becomes twenty and next thing you know that simple e-mail became a long running chain.  Microsoft Lync empowers a person to be able to find anyone in the company and easily communicate with them either by instant messaging, by voice or even video.  The great thing about Lync is that if you and your colleague decide that an instant message isn’t really enough to be able to communicate your thoughts, with a click of a button you can add voice, video, or even screen sharing.  Many times I personally have been working on a task or project and needed input from another member of my team and with Lync I’ve been able to quickly reach them if they are available, share something on my screen, resolve the issue, and then go back to what I was doing.  The instant ability to communicate really saves a lot of time rather than having to setup a meeting or lookup someone’s phone number or start that chain of twenty e-mails.  Speaking of meetings though, Lync also provides us with a meeting space online that can be used both inside and outside of our company.  Microsoft Lync has a plug-in for Microsoft Outlook that allows you to easily insert your meeting information to a calendar invite by clicking a button on the toolbar.  Once your meeting time has arrived, participants simply click on the “Join Lync Meeting” link within the meeting invite and then can either join via a headset or speakerphone attached to their PC, have Lync call them at their desk or cell phone number, or even dial in to the meeting if they aren’t near their computer.  Within the meeting you can do the same things you can within a one person conversation such as instant message, voice or video chat, or share content such as your entire monitor or a PowerPoint presentation.

Having used both of these tools for the last year I can truly say it has made communicating with other members of my team a much easier experience and has really empowered us to work much more efficiently and effectively.  If you’re unfamiliar with these technologies, check with your manager or local IT resource and they can help guide you in accessing these tools.​ If you want to implement these tools for your own company I suggest looking in to Microsoft’s Office 365 online offerings. They have several versions available for small businesses as well as enterprises.

Tying in to my last post somewhat about trading privacy for the use of technology I wanted to talk about a topic very near and dear to all of our hearts, passwords.  Gone are the days of paying bills by mail, balancing your checkbook with a mailed bank statement, or even writing hand written letters.  Everything is online and with everything being online means that you have to have some piece of information to access the information stored on the internet.  In most cases this comes in the form of a username and password.

The problem with passwords, unless you’ve got the memory of an elephant, is you either end up using the same password or a small set of passwords for every site you access or even worse, you write them down on a piece of paper or store them in a plain old text file on your computer.  The tools hackers use are very sophisticated.  Used to we’d tell you as long as it’s over 8 characters and you have a special character in it, you’re fine.  Not really the case anymore.  The truth is, the longer and the more complex your password is, the better off you are.  I know you’re saying to yourself, “Well how do I come up with a password that long and even better yet, how do I remember it?”  Here’s a few things you can do to help strengthen your personal security posture.

First, one of the easiest ways to make better passwords is to utilize pass phrases instead of passwords.  Let’s say you have a website that allows for 20 character passwords you could utilize something like “Ihave3dogsIlove#2014”  Notice how this pass phrase really covers all our bases: it includes upper and lower case letters, it includes numbers, and it includes a special character.  The added benefit, it’s a phrase that you might could actually remember!  Keep in mind you still don’t want to use personal names or identifying information but even with that in mind a pass phrase can be a quick and easy win to helping secure your online information.

Secondly, enable multi-factor authentication.  What is multi-factor authentication you ask?  Multi-factor authentication goes back to the old saying of what you know, your username and password, and what you have, either a physical security token or something like a smart card.  Most people in their personal lives aren’t going to have smart cards but there are several methods you can use that are very similar.  Not all websites support this technology as of yet but what basically occurs is you enter your username and password as you normally do but after that you are then prompted for a security code.  In the past these codes were actually carried around on physical hardware tokens but today are available in the form of either a text message from the company or using an “authenticator” app such as Google Authenticator.  The text message option is very easy because it’s as simple as typing in the code you’re sent from the company you’re logging in with.  The authenticator option really isn’t that bad either as it requires you to simply download an app from your smart phone’s app store and then simply register with the website you are trying to login with.  Once you’ve registered the authenticator directly to the website it then generates a number string that changes every 30 seconds or so.  Using multi-factor authentication really is one of the best ways to go especially if you don’t want to have to try to use longer and longer passwords however not all websites and companies support it.  Here’s a great website thought that is constantly updated with the list of companies that do support some type of multi-factor authentication-

Lastly, and this is one that I went with, is to utilize an online password vaulting service.  Now let me put out a disclaimer that you should not utilize sites like this for your company passwords if you work for a corporation as most security policies frown on things like that but for your personal accounts, it’s great.  The tool I use is called “LastPass.”  Tools like LastPass include web plugins that work directly with your web browser to help you store your online account passwords as well as to help you with generating new passwords.  LastPass includes a random password generator to help you generate random, long strings of characters to use as passwords.  You may be asking yourself, “How am I going to remember strings of random characters?” the answer is with tools like LastPass, you don’t have to.  LastPass stores your passwords in their secure, encrypted database and then the plugin for your web browser then can either auto-fill your password when it’s time to login or you can copy and paste it from your password “vault.”  If you need access to your passwords on a computer that doesn’t have the plugin you can utilize the mobile app or their website.  LastPass also supports multi-factor authentication to help further secure your password vault.  There are many other tools out there like LastPass but in my opinion it is one of the better ones.  Give it a try, it’s free and if you refer a friend they give you free months of “premium” service which allows you access to the mobile app.  Here’s the link – LastPass

In closing, times are a changing.  In today’s day and time you really can’t afford to keep using your same old short, easy to remember passwords if you want to keep your personal information safe.  Sure, companies themselves can get hacked but that’s a topic for another day.  It’s up to us however to help protect our own data.  What do you have to lose, get to changing those passwords!

America, Beacon of Hope

Posted: September 26, 2014 in Insights
Tags: ,

For any of you that know my wife and I, you know that we are not really “people” people. I used to be but have been a lot more inward in the last 10 years. We didn’t really feel like doing much tonight from all the walking at the theme parks so we decided to hang out at the hot tub at the resort tonight. Now I’m one of those that normally complains so much about having to “deal with” all the foreign people down here in the Orlando area but I had my perspective changed tonight.

We met this wonderful couple from Switzerland tonight (the husband was originally from Scotland and the wife was from Italy.) We spent at least an hour talking to them. One of the questions I asked them was “Of all the places you’ve visited, what’s your favorite place to visit?” and I was shocked to hear the answer. He said “the US, specifically Florida.” This lead our conversation many places but he told me that the American culture is so very popular in Europe. He said one of the big things right now is that they absolutely love shirts that have American english words or slogans on them. I never realized how much folks from outside the states, love the states. We then got to talking about history of our homelands, etc and they just love the “liberty & freedom” of the United States and how in Europe everything is illegal except the specific things they allow as to where in the US everything is allowed except the things we specifically disallow.

I was proud of us for this cultural exchange. It was a great experience and so eye opening. So very thankful for this great country we live in. Even with all the “bad” we perceive others still see it as the beacon of hope that our forefathers had in mind.

Everyone love’s technology these days, how could we live without it?  With the use of all the technology comes a price of a lack of privacy.  Have you ever noticed when you go in to a store that if you’re using an AT&T phone it might join “AT&T Wifi”?  To you the consumer it’s great because you don’t have to try to use your cellular data in the store and you think, “wow that’s nice of them to offer that service” but they have other motives.  Utilizing these free Wifi hotspots allows the store to track who is in their store (especially if you have that particular store’s app installed on your phone.)  For you, it’s a great convenience to have the Wifi service.  To the store it’s great because now they can track who comes in and out of their stores and when for marketing purposes.

Have you visited Disney World lately?  Disney now utilizes what they call “MagicBands” as the sole thing you need with you while visiting their parks.  These MagicBands act as your ticket, your “FastPass” for rides, and if you’re staying in a Disney resort it also acts as your room key and your charge card.  Now you may be saying, “That’s a great convenience!”  Well, you’re right it is (for you and for Disney.)  These MagicBands utilize RFID (radio frequency identification) similar to the proximity cards that most places use to access doors.  This technology, when scanned, allows Disney to also know exactly where you are at the point of use.  They can utilize this data to track your spending habits, ride preferences, you name it!  Again with more and more convenience comes the loss of more and more privacy.

So next time you get ready to use that “convenient” new technology, ask yourself, What privacy am I giving up to utilize this?

Food for thought!

Reference articles: