Monday, September 23, 2013

Comcast Speed Increase Might Be Available to You

We have noticed that Comcast Business is now offering higher speeds for the same price. You might be able to get them to increase your speed.

image

This is what new customers are getting. However Comcast has no plans to increase the speed of existing customers. This means that you will be paying the same and getting less. Doesn’t seem right does it?

Our suggestion is that you call and ask for the higher speed. When they say that it is only for new customers, tell them that’s not the right thing to do because you are a good loyal customer that doesn’t want to have to move to another company to be treated fairly. This should work.

You’ll need the account number on your bill when you call. Here’s the number: (866) 683-1995

-Amy

Monday, September 16, 2013

Corporate Privacy Takes Another Hit

It seems like every time you browse the news headlines these days there’s another story about a corporation being hacked and losing their bank account, customers credit card accounts or identity. These kinds of loses are all perpetrated by people external to your organization. But last week, security researchers uncovered that Android devices store and backup to Google wifi passwords in clear text. It does this as part of the phone backup. Google provides a pretty slick backup and restore option for your phone so when you get a new one all of your applications, files, settings and yes wifi passwords are there for you. Nice from a user perspective.

Why is this important?

We have to think about what that means for your business. When an employee comes to your office and connects their phone to your LAN wireless then the Android is storing that password and sending a copy of that password to Google. As we know from previous disclosure by Google about their use of the data they collect, Google now has the right to sell, display, publish a connection to your network. This also makes Google the worlds largest holder of corporate wifi access credentials.

Will Google intentionally do something evil with this power? Probably not. But an individuals password could be guessed and the data harvested. It could be handed over to law enforcement or become part of government security data gathering. Imagine if you were a hacker and you got a list of those passwords. Now that the word is out that Google has a giant list of corporate access passwords you can bet that there’s plenty of bad guys trying to get their hands on it. It would make a really nice new rainbow table. (Rainbow table is the name given to lists of potential passwords that an automated tool will cycle through when attempting a hack.)

What should we do?

The danger is there. The way to mitigate the risk is to not allow phones of any type to connect to your corporate wifi. If you’d like them to be able to connect to a wifi while in the office, then we should connect them to a guest wifi that is segmented in the firewall from the internal network.

I would tackle this in the two ways. First by policy. Employees are likely to know and need to know the password to the corporate wifi. It would then be easy for them to add that to their phone. Your acceptable use policy needs to include a statement that phones should not be connected to the corporate wifi under any circumstances. Second we should lock down the corporate wifi to only specific MAC addresses or trusted machines with an installed certificate. Both methods will allow you to know that only devices and people that you trust have access to your corporate wifi and the data in your corporation.

- Amy 

Labels:

Friday, September 13, 2013

Alert: Office Update Issues

There are two problems occurring due to updates to Microsoft Office 2010 and 2013. They effect different types of installations.

1. If you purchased your computer from a retail outlet it probably shipped with a trial edition of Office 2010. This trial edition has long since expired but is still installed on your computer. You have another version or edition of Office installed. If those conditions are met then your Office icons will go Orange and the file associations that allow you to click on a Word document and have Word open (as an example) are reset to the expired trial edition. The solution is to reset the file associations and remove the expired trial software.

1a. If you purchased your computer from a retail outlet it may have included a click-to-run version of office. This installation type is used by some computer manufacturers to minimize what they have to install on the computer before they ship it. Instead of installing office they install what is essentially a shortcut to download office. If you have installed office this way then the same file association problem will occur as above. You are most likely to experience this problem at home.

2. If you purchased Office through volume license and one of a set of two updates gets installed but not both, then the Outlook folder pane will be hidden behind a big blank space. The solution for this problem is to install the second update. Unfortunately the second update is currently a manual download and isn’t being delivered via normal channels (the mistake that Microsoft made) so it is unlikely that anyone will get the second update. We have the file and are ready to install it but we can’t do it proactively because to do so would also break Outlook.

Microsoft is currently working on automated fixes for these two issues which I would expect to happen soon. In the meantime if you hit either of these call us. We have the manual fix available and can do it quickly for you.

-Amy

Labels:

Wednesday, September 11, 2013

Deadlines Approaching: HIPAA and Health Insurance Marketplace

There are two very important deadlines approaching.

HIPAA HITECH September 23rd: New rules for HIPAA go into effect September 23rd. Among these new rules is a definitely of Business Associate. You are a BA of a company subject to HIPAA if there is any chance that you may come into contact with Patient Healthcare Information (PHI). As you IT company we care about protecting PHI and that puts us into contact with it on occasion. You will need to have a BA agreement with us by September 23rd. I have a boiler plate document for that if you need one.

These new rules also include more specific language regarding your duty to encrypt patient information even while at rest on your server and other security measures.

<the information below is provided with permission by Cunningham & Associates a client of Harbor Computer Services>

Health Insurance Marketplace October 1st:

For your information --- The health insurance marketplace (a/k/a the exchange) will begin enrolling individuals October 1, 2013. All employers subject to the Fair Labor Standards Act, which includes companies with at least one employee and $500,000 in annual revenue, must notify employees of the existence of the new health insurance marketplace not later than October 1, 2013.

The Department of Labor has posted information about the notification requirement along with two model notices (copies attached. ED: blogs do no allow for attachments please email amyATharborcomputerservices.net for copies), one for employers who offer a health plan and one for employers who do not offer a health plan. The content and delivery requirements and model notices can be found at http://www.dol.gov/ebsa/healthreform/.

Please contact us if you have any questions.

Pat and Jack Cunningham

 

- Amy

Labels:

Friday, September 06, 2013

SSL Certificates, DNS and Domains

We have fixed a price gouging issue. It wasn’t that long ago that we were able to obtain SSL certificates from GoDaddy at a very reasonable price for a basic certificate to protect remote access to the websites hosted on your servers. We turned to GoDaddy to supply these after running into pricing issues with other suppliers. This worked until now. But this year prices jumped at GoDaddy from $19, to $29 to $69 for renewals. So we went on a hunt and decided that it was time to register ourselves as resellers of these services and protect our clients (you) from this price gouging.

We are now registered with ENOM a bulk reseller of Comodo, Symantec and GeoTrust, TrustE, and SiteLock. They have the bulk pricing from these companies that we can pass along to you at very reasonable rates. For example, instead of a $69 SSL certificate renewal it will only be $30 for a basic certificate. We can also host your DNS records, websites and do domain registrations too. All will be at similar bulk rate pricing as compared to the general public pricing.

There’s no need to make any changes immediately. But as your domain renewals come due, SSL certificates expire we’ll be offering to renew them through this new service. I think that we have a win-win here and we’re happy to provide it to you.

- Amy

Labels: