Socialize

September 5th, 2014

HealthcareIT_Sep03_A

As of June 30, 2014, more than 1,000 data breaches affecting more than 500 patients each have been reported to the Department of Health & Human Services - for a total of roughly 32,000,000 people who have had their privacy compromised. And, according to the annual Redspin Breach Report, published in February of 2014, 7.1 million patient records were breached in 2013, a 137.7% increase over 2012.

And, the threat is getting broader. Once caused primarily by snooping or negligent employees, data breaches are now increasingly caused by cybercriminals who realize the potential financial value of medical records. Case in point: The Chinese hacker attack on the 206-hospital Community Health Systems which resulted in the breach of 4.5 million patient records, the second-largest HIPAA breach ever reported.

No physician practice should consider itself immune. While large hospital systems may be most attractive to hackers, Eric Perakslis, executive director of Harvard Medical School's Center for Biomedical Informatics, recently wrote in a New England Journal of Medicine article that 72 percent of cyberattacks have been aimed at hospitals, group practices and other provider organizations.

Perakslis recommends an "active learning approach” that involves real-time surveillance of emerging threats - and that includes an intimate knowledge of one's own network and vigilance at one's own practice. One of the most effective ways you can do this is to work with a company like ours who can help not only ensure security of your systems but also help teach you and your staff about common security issues.

Published with permission from TechAdvisory.org. Source.

September 5th, 2014

GeneralHealthcare_Sep03_AThe Drug Enforcement Administration (DEA) is making it more difficult for physicians to prescribe opioids, and in doing so, has necessitated changes to e-prescribing.

The issue stems from titles II and III of the Comprehensive Substance Act (CSA), under which controlled substances are classified into one of five schedules based on potential for abuse and likelihood of dependence. The DEA has rescheduled hydrocodone-combination products (HCPs) from schedule III to schedule II in an attempt to curtail abuse and dependence.

But, the regulations around schedule II drugs are much more restrictive than those around schedule III drugs. There will be only two ways to prescribe HCPs after the rule change becomes effective October 6: with a paper-based prescription handed to the patient or e-prescribing. Any other means of prescribing, such as phone calls or faxes, are not allowed.

For e-prescribing, some changes may be necessary at the electronic medical record (EMR) level and at medical practices as well as at pharmacies. EMR vendors and practices will have to implement the security that's required by the DEA in regards to identity management and factor authentication. As for pharmacies, currently only about two-thirds are ready to receive electronic prescriptions of controlled substances; the others will have to make some changes.

If you are one of the practices that needs to make these changes in order to meet DEA requirements, contact us today to see how our systems can help.

Published with permission from TechAdvisory.org. Source.

September 4th, 2014

Security_Sep02_CWhat do you do when your smartphone needs to be charged but your charger is not at hand? A handy solution is to turn to a public charging kiosk. But what you might not be aware of is the fact that this can lead to juice jacking of your smartphone. To avoid this security threat, it’s time to get a comprehensive view of what juice jacking is and how you can protect your smartphone from it.

What’s juice jacking?

Regardless of the kind of smartphone you have, whether it’s an Android, iPhone or BlackBerry, there is one common feature across all phones: the power supply and the data stream pass over the same cable. This setup allows for juice jacking during the charging process whereby user access is gained on your phone by leveraging the USB data/power cable to illegitimately access your phone’s data and/or inject malicious code onto the device.

The attack can be as simple as an invasion of privacy, wherein your phone pairs with a computer concealed within the charging kiosk and information such as private photos and contact information are transferred to a malicious device. However, on the other hand, it can also be as invasive as an injection of malicious code directly into your phone. According to security researchers at this year’s Black Hat security conference, your iPhone can be compromised within one minute of being plugged into a harmful charger.

Exposure to a malicious kiosk can also create a lingering security problem even without the immediate injection of malicious code. Once a device is paired to a computer, it can access a host of personal information on the device, including your address book, notes, photos, music, sms database, typing cache, and even initiate a full backup of your phone, all of which can be accessed wirelessly at anytime.

How do I avoid it?

The most effective precautions center around simply not charging your phone using a third-party system. Here are some tips to help you avoid using public kiosk charger:
  • Keep your devices topped off: Make it a habit to charge your phone at your home and office when you’re not actively using it or are just sitting at your desk working.
  • Carry a personal charger: Chargers have become very small and portable, from USB cables to power banks. Get one and throw it in your bag so you can charge your phone anytime you’re at the office or while on-the-go if you use a power bank.
  • Carry a backup battery: If you’re not keen on bringing a spare charger or power bank, you can opt to carry a full spare battery if your device has a removable battery.
  • Lock your phone: When your phone is truly locked as in inaccessible without the input of a pin or equivalent passcode, your phone should not be able to be paired with the device it’s connected to.
  • Power the phone down: This technique only works on phones on a model-by-model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.
  • Use power only USB cables: These cables are missing the two wires necessary for data transmission and have only the two wires for power transmission remaining. They will charge your device, but data transfer is made impossible.
Even the tiniest detail like charging your phone from a kiosk charger could affect the security of your device. While there are many substitutes to using a third-party system, ultimately the best defense against a compromised mobile device is awareness. Looking to learn more about today’s security and threats? Contact us today and see how we can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
September 4th, 2014

Hardware_Sep02_CBusinesses today rely heavily on technology on a daily basis. And regardless of the industry you’re involved in, an essential piece of hardware is the computer monitor, whether used at work or in the home. While computer monitors come in a variety of shapes, designs, and colors, did you know that they can also be categorized broadly into three different types based on the technology used to make them?

CRT (cathode ray tube) monitors

These monitors employ CRT technology, which was used most commonly in the manufacturing of television screens. With these monitors, a stream of intense high energy electrons is used to form images on a fluorescent screen. A cathode ray tube is basically a vacuum tube containing an electron gun at one end and a fluorescent screen at another end.

While CRT monitors can still be found in some organizations, many offices have stopped using them largely because they are heavy, bulky, and costly to replace should they break. While they are still in use, it would be a good idea to phase these monitors out for cheaper, lighter, and more reliable monitors.

LCD (liquid crystal display) monitors

The LCD monitor incorporates one of the most advanced technologies available today. Typically, it consists of a layer of color or monochrome pixels arranged schematically between a couple of transparent electrodes and two polarizing filters. Optical effect is made possible by polarizing the light in varied amounts and making it pass through the liquid crystal layer. The two types of LCD technology available are the active matrix of TFT and a passive matrix technology. TFT generates better picture quality and is more secure and reliable. Passive matrix, on the other hand, has a slow response time and is slowly becoming outdated.

The advantages of LCD monitors include their compact size which makes them lightweight. They also don't consume much electricity as CRT monitors, and can be run off of batteries which makes them ideal for laptops.

Images transmitted by these monitors don’t get geometrically distorted and have little flicker. However, this type of monitor does have disadvantages, such as its relatively high price, an image quality which is not constant when viewed from different angles, and a monitor resolution that is not always constant, meaning any alterations can result in reduced performance.

LED (light-emitting diodes) monitors

LED monitors are the latest types of monitors on the market today. These are flat panel, or slightly curved displays which make use of light-emitting diodes for back-lighting, instead of cold cathode fluorescent (CCFL) back-lighting used in LCDs. LED monitors are said to use much lesser power than CRT and LCD and are considered far more environmentally friendly.

The advantages of LED monitors are that they produce images with higher contrast, have less negative environmental impact when disposed, are more durable than CRT or LCD monitors, and features a very thin design. They also don’t produce much heat while running. The only downside is that they can be more expensive, especially for the high-end monitors like the new curved displays that are being released.

Being aware of the different types of computer monitors available should help you choose one that’s most suited to your needs. Looking to learn more about hardware in today’s world? Contact us and see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
August 27th, 2014

socialmedia_Aug26_CBusinesses in many industries rely on visuals to sell their products. From that bicycle shop on the corner to the bakery down town, and even the local electronics retailer, having high quality images of your products will help attract customers. What many business owners want to know is how some businesses have such appealing images and how they can add these quality visuals on platforms such as Instagram.

The truth behind some of Instagram's best images

Those awesome Instagram photos we see aren't always taken using mobile phones. Instead, many users use digital cameras which offer much better image quality. You can capture some amazing shots with a higher end DSLR cameras with multiple lenses.

If you have one of these cameras and are looking to create high-quality images for Instagram, or any other social media site, you may be slightly confused as to how to get the images onto the platform - especially since many of us use this via the mobile app. To make uploading a little easier, here is a brief guide detailing how to get images from your digital camera onto Instagram.

1. Transfer and process images

Once you have taken photos with your camera, you will need to get them off of your camera's memory and onto your computer's hard drive. Most camera's have apps that allow you to do this, so be sure to follow the instructions in the app that came with it.

When your images have been transferred to your computer, you are likely going to want to process them a little bit. This is especially true if you have a DSLR or other high-end point-and-shoot which takes RAW images. These can be quite large and are not compatible with Instagram.

Most images taken with a camera are quite large in size, so you are going to need to use an image editing program like Adobe Photoshop, or free tools like Pixlr to process them. What you are looking to do is to crop your images so that they are square.

If you are used to the advanced photo editing features, then do your edits before cropping. When you crop your images you should crop or resize them so that they are 640X640 pixels. This is the size of all images taken using Instagram's camera app.

Also, be sure to save the images as JPEGs, as this is the image format used by most smartphone cameras.

2. Save processed images in their own folder

It helps to create a folder somewhere on your hard drive (we recommend in the same folder where you save all of your other folders) that is specifically for images you want to post on Instagram.

When you have processed and edited the images to your liking, save the images here. Try using an easy to use file name like the date and a letter or note so you can easily tell which images are which, so you know which to use.

3. Move the images to your device

You can move images using the cloud or by manually transferring the images to your phone. If you decide to manually transfer your files, you will need to plug your device into your computer.

For users with iPhones, you can open iTunes and click on your device followed by Photos. Then select the box beside Sync photos from. Select the file you created in the step above and then Sync to transfer the images over.

For users with Android devices, plug your phone into the computer and drag the folder you created in the step above into the Photos folder of your Android device.

For Windows Phone users, plug your device into your computer and open My Computer on your desktop. You should see your device listed in the window that opens. Open the file system for your device and drag the image files you created above into the Photos folder of your phone.

If you choose to use the cloud to transfer your files, use the operating system's cloud (e.g., iCloud, Google Drive, or OneDrive) to upload the files. Just be sure to use the same account as the one on your phone.

4. Add images to Instagram

Once the photos are either on your device, or in the cloud, you can now upload them to Instagram. This can be done by:
  1. Opening the app and tapping on the camera icon.
  2. Tapping on the button in the bottom left of the screen.
  3. Selecting where the image is located on your device. E.g., the Gallery app if you placed the photos in your phone's hard drive, or the cloud service you used.
  4. Editing them as you see fit.
Once this is complete, you should be able to post your images as you usually do with any other Instagram image on your phone. Take the time to add filters, and hashtags as well as a good description before you post.

If you would like to learn more about using Instagram to share your images then get in touch and we will show you the advantages of the bigger picture.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
August 27th, 2014

office365_Aug26_CChances are high that you spend a good amount of time editing or compiling Microsoft Word documents. Regardless of what you are editing, there will come a time when you are working on a file and the words are replaced as you type new ones. This could cause some problems, especially if you are unsure how to turn this feature off.

Word's two editing styles

Every version of Word used in businesses these days has the same two editing styles or modes:
  1. Insert mode: This is the default editing mode where words are inserted where the blinking cursor is placed. All text that comes to the right of the cursor will be moved to the right with newly typed text coming before it.
  2. Overtype mode: This mode replaces text to the right of the blinking cursor. So when you type new text any existing text to the immediate right will be replaced with the new letters.
While the vast majority of users prefer to use insert mode, overtype mode can be useful when editing documents and replacing words, or rewording paragraphs and keeping track of what needs to be rewritten.

Turning overtype on and off

On some older versions of Word, and on some computers, overtype mode is already enabled, and simply hitting Insert on the numberpad of your keyboard will turn it on. You will know overtype is active by looking at the status bar at the bottom of your document. The words OVR should be visible in bold letters.

If you don't see a status bar, try clicking on File > Preferences > View. Once in the View window, scroll down to the Windows section and tick Status Bar. Finally, press Ok and the bar should pop up at the bottom of the window.

Managing overtype

If you find that overtype cannot be activated, or have received a document where it is already activated and can't figure out how to turn it off, you can manage overtype by:
  1. Right clicking on the status bar at the bottom of the document.
  2. Clicking on Overtype to add it to the status bar.
  3. Clicking on OVR in the status bar to turn it on or off.
You can also activate or deactivate overtype by:
  1. Clicking on File followed by Options.
  2. Selecting Advanced.
  3. Scrolling down to Editing options.
  4. Ticking or unticking Use overtype mode.
If you untick Use overtype mode you will disable the feature, meaning you won't be able to hit Insert to switch between the two editing modes.

Looking to learn more about using Word in your office? Contact us today as we specialize in this area and have great tips, advice and solutions for you.

Published with permission from TechAdvisory.org. Source.

August 26th, 2014

androidphone_Aug26_CWhile location services on your Android smartphone make it easier for you to use certain apps or functions like photo tagging, sometimes it’s best to hide your location since they can affect your device’s security. With that in mind, isn’t it time you took a look at how to change different location settings on your Android smartphone to enhance its security?

Photos and GPS tagging

Your Android smartphone gives you the ability to attach GPS coordinates to the pictures you take, known as geo-locating or GPS tagging. This lets you arrange pictures in albums by locations, or lets Google+ stitch together stories of your trips. Geo-locating images in itself isn’t a bad thing, but you can get into trouble when you broadcast sensitive locations to the world. For instance, a picture of your expensive watch with a GPS tag of your house isn’t the best idea.

Four ways to control geo-locating photos:

  1. Go to your camera settings and you’ll find an on/off toggle.
  2. Simply go into Settings>Location and from there you can decide if you want the location saved along with your images.
  3. Download an EXIF editor and manually remove the location information from specific images.
  4. You can also turn off location services altogether by going to Settings>Location.

Discrete location settings

Apart from location settings in photos and GPS tagging, Android actually has three discrete location settings which allow you to set how accurately you want location reporting to be. You can find these at Settings>Location, Note that this affects your smartphone’s battery life immensely.
  • High accuracy: This uses the GPS radio in your phone to pinpoint its exact location from satellites while making use of nearby Wi-Fi and cellular networks too.
  • Battery saving: This mode only uses Wi-Fi networks and mobile networks to identify locations, and while it might not be as accurate it will help your phone last longer.
  • Device sensors only: This only uses the GPS radio to find you. It may take a little more time to find your location since it’s not using nearby Wi-Fi and mobile networks to get your general location first. This also uses more battery.
Having your location settings turned off will not only help keep your smartphone’s security intact, but also help strengthen your smartphone’s battery life. Interested in learning more about Android phones and their functions? We have solutions for you and your business.
Published with permission from TechAdvisory.org. Source.

August 25th, 2014

Security_Aug18_CSince the advent of the Internet, hackers have been actively trying to exploit it. Over the past few years, many have targeted different websites to obtain user account details like usernames and passwords. There seems to be a trend where the number of accounts compromised with each new security announcement is rising. In early August, news broke that possibly the largest breach to date has been uncovered.

The latest big-scale breach

In early August, it emerged that a Russian hacker ring had amassed what is believed to be the biggest known collection of stolen account credentials. The numbers include around 1.2 billion username and password combinations, and over 500 million email addresses.

According to Hold Security, the company that uncovered these records, the information comes from around 420,000 sites. What is particularly interesting about this particular attack is that such a wide variety of sites were targeted when compared this with other attacks which tend to either attack large brand names or smaller related sites.

How did this happen?

Despite what many believe, this was not a one-time mass attack; all sites that were compromised were not attacked at the same time. Instead, the hacker ring - called the Cyber Vor - was likely working on amassing this data over months or longer. How they were able to amass this much information is through what's called a botnet.

Botnets are a group of computers infected by hackers. When the hackers establish a botnet, they attack computers with weak network security and try to infect them with malware that allows the hacker to control the computer. If successful, users won't even know their computer has been hacked and is being used by hackers.

Once this botnet is established, the hackers essentially tell the computers to try to contact websites to test the security. In this recent case, the computers were looking to see if the websites were vulnerable to a SQL injunction. This is where hackers tell the computers in the botnet to look for fillable sections on sites like comment boxes, search boxes, etc. and input a certain code asking the website's database to list the stored information related to that box.

If the Web developer has restricted the characters allowed in the fillable text boxes, then the code likely would not have worked. The botnet would notice this, and then move onto the next site. However, if the code works, the botnet notes this and essentially alerts the hacker who can then go to work collecting the data.

So, is this serious and what can I do?

In short, this could be a fairly serious problem. While 420,000 sites may seem like a large number, keep in mind that the Internet is made up of billions of websites. This means that the chances of your website's data being breached by this ring are small. That being said, there is probably a good chance that one of the sites related to your website may have been breached.

So, it is a cause for concern. However, you can limit the chance of hackers gaining access to your information and a website's information.

1. Change all of your passwords

It seems like we say this about once a month, but this time you really should heed this warning. With 1.2 billion username and password combinations out there, there is a chance your user name for at least one account or site has been breached.

To be safe, change all of your passwords. This also includes passwords on your computer, mobile devices, and any online accounts - don't forget your website's back end, or hosting service. It is a pain to do, but this is essential if you want to ensure your data and your website is secure from this attack.

2. Make each password different

We can't stress this enough, so, while you are resetting your password you should aim to ensure that you use a different one for each account, site, and device. It will be tough to remember all of these passwords, so a manager like LastPass could help. Or, you could develop your own algorithm or saying that can be easily changed for each site. For example, the first letter of each word of a favorite saying, plus the first and last letter of the site/account, plus a number sequence could work.

3. Test your website for SQL injunctions

If you have a website, you are going to want to test all text boxes to see if they are secure against SQL injunctions. This can be tough to do by yourself, so it's best to contact a security expert like us who can help you execute these tests and then plug any holes should they be found.

4. Audit all of your online information

Finally, look at the information you have stored with your accounts. This includes names, addresses, postal/zip codes, credit card information, etc. You should only have the essential information stored and nothing else. Take for example websites like Amazon. While they are secure, many people have their credit card and billing information stored for easy shopping. If your account is hacked, there is a good chance hackers will be able to get hold of your card number.

5. Contact us for help

Finally, if you are unsure about the security of your accounts, business systems, and website, contact us today to see how our security experts can help ensure your vital data is safe and sound.
Published with permission from TechAdvisory.org. Source.

Topic Security
August 22nd, 2014

Productivity_Aug18_CThe world is becoming increasingly connected, especially when you look at all the different apps on your device and computer. The problem for some though is that all these apps simply aren't connected enough, and it takes time to share information across devices or services. One tool that may help, while also helping increase productivity is If This Then That (IFTTT).

What is If This Then That?

IFTTT is a Web and mobile app that was developed to connect different Web apps like Google Apps, DropBox, Facebook, Instagram, etc, together into one general system. In general, the service runs on conditional statements - or recipes - that fit the IFTTT statement.

The service is set up on a number of different conditional statements that make up what the developers of the app call a recipe. Each recipe is broken down into two different sections:

  • This - Also referred to as a trigger. Each trigger in a recipe is kind of like a requirement in that the set trigger has to happen for the recipe to start working.
  • That - That refers to an action that happens when a 'this' condition is triggered.
Once you have set up a number of recipes, the app runs in the background to check for triggers and then will automatically execute the action when it notices a trigger.

Examples of IFTTT recipes

There are a wide variety of recipes out there that you can create. For example, some of the more useful IFTTT recipes for businesses include:
  • If a photo is posted on the business Instagram account, then it is shared with Twitter and Facebook.
  • If a Square payment is processed, then this creates a line in a specific spreadsheet.
  • If a contact is added to a phone's address book, then this information is placed on Evernote.
  • If an article is posted on a specific blog, then the post is shared on Twitter, Facebook, and Google+.
  • If an email is starred on Gmail, then a reminder is set on my phone to review starred emails.
  • If I enter the office, then my phone is muted.
  • If a client emails an attachment, then a copy is saved to DropBox.
  • If my device is in the office, then my office lights are turned on (if you have Phillips Hue bulbs).
There are a wide variety of supported apps that allow you to create recipes for nearly anything you can think of. The developers are constantly adding support for new channels (apps), including many from the Internet of Things.

How to sign up for this

Because you can access IFTTT from the Web and via an app on your mobile device, we recommend first thinking about how you are going to use it. If you are going to be using recipes for your mobile device, then we recommend downloading the app onto your device. Regardless of how you are going to use it, you can create an account by:
  1. Going to the IFTTT website (https://ifttt.com/)
  2. Clicking Join IFTTT.
  3. Setting a username and password and clicking Create account.
From there, you will be able to log in and start creating rules. If you do want to use your mobile device, you should then download the free app for your device - Windows Phone, Android, iPhone - and then log in using the account information you just created. When you first log in you should see a number of channels (apps) related to your system have been activated. This means you can now start creating recipes.

Creating recipes from your browser

  1. Go to the IFTTT website (https://ifttt.com/) and press Sign in.
  2. Press Create.
  3. Press This and select your trigger - try picking your app first, then click on it to get a list of actions.
  4. Press Create Trigger.
  5. Click That and select an action channel.
  6. Select Create Recipe.
You can also click Browse from the menu bar at the top to find and activate already created recipes.

Creating recipes from your mobile device

  1. Open the app.
  2. Press the mortar and pestle icon at the top-right.
  3. Press the + followed by the + besides If on the next screen.
  4. Select the app from the icons at the top of the screen, and select the related trigger.
  5. Tap the + beside Then and select an action or app.
  6. Press Finish to activate the new recipe.
If you are looking for a cool way to connect different apps, and even save yourself time, then this could be something worth looking into. And, if you are looking to learn more about how you can increase your productivity, contact us today to see how our systems can help.
Published with permission from TechAdvisory.org. Source.

Topic Productivity
August 21st, 2014

BValue_Aug18_CThe vast majority of countries in the West have some requirement or law that states that businesses need to meet the needs of their employees. For many businesses this means implementing systems that afford a duty of care and allow employees to do their job adequately. As such, it is a good idea for companies to have an accessible technology plan.

What is accessible technology?

Accessible technology, also commonly referred to as assistive technology, is the idea of creating or implementing technology and systems that cater to employees with disabilities. While not every company will have or require accessible technology, it is required by many countries that businesses meet the needs of disabled employees.

To that end, it is a good idea to develop a plan on how to implement accessible technology. To help, here are five steps you could take:

1. Defining your strategy

The accessible technology strategy should be the first thing you develop as it will be the foundation of the overall plan. When looking at your strategy you should define how accessible technology fits into your overall organization plan and how it will fit with your existing strategies.

What you are looking to do is to figure out how this form of technology will fit with existing systems and increase overall operating effectiveness. From here, you can define the overall objectives, budget, and vision for the plan.

2. Identifying requirements

In this step, you should look closely at existing technology in the organization and the needs of your employees. Because each company is different and the needs of employees are different you should be careful to also identify the technology needs of your employees.

When looking at both the needs and existing systems you can work to come up with an overall set of requirements, along with a general priority. For example, will you need to modify existing computers or purchase new ones?

The key idea here is that you need to figure out exactly what you need.

3. Picking the new technology

Once you have identified what changes you need to implement, what new technology you will need, and your budget, you can then begin looking for the best solutions. The most effective way to do this is to work with it experts like us who can help you find and integrate the best technology and changes that will meet your adaptive technology needs.

4. Implementing and training

Once you have defined the changes, and new technology to integrate, you need to implement it. This may include altering physical devices and machines where necessary, and then testing the systems to make sure they are working properly.

It is also be a good idea to train your employees who will be using the systems, and the team who will be managing the systems.

5. Maintaining

As with all tech systems, it is important to realize that the solution you implement will not work forever, and will eventually require maintenance, updating, or even replacing. You should take steps to audit systems on a regular basis to ensure they are still meet the needs of your company and employees.

This can be a time consuming and potentially costly step, especially if you neglect it. We strongly recommend working with a company like ours, who can help manage your solution and ensure that updates and any necessary changes are implemented when they are needed, and that should needs change, systems are subsequently updated to meet the new requirements.

If you are looking to implement accessible technology in your business, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.