Get Started Today!  732-747-9373   

Fotolia 68929807 M new

DeckerWright Corporation Blog

DeckerWright Corporation has been serving the Red Bank area since 1984, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

No More Wireless Printers!

Sometimes technology is created that was never meant to work.  Many of today’s low end printers include wireless network connectivity.  While wireless connectivity for printers may be a good thing in your house, it is the source of intense pain for our technical staff and clients.  We recently amended our service agreement Statements of Work to specifically exclude printers connected to networks with wireless connections.  Why does it seem that printers connected with wireless network connections tend to work at home, and not at the office?

The nature of home and business networks provides the answers.  In a home network, there are not normally a dozen other access points and other sources of wireless interference that can disrupt a wireless network connection.  In a business setting, particularly in multi-tenant spaces, there are often a dozen or more access points in range to fight for bandwidth, with an untold list of other sources of wireless interference that can disrupt wireless network traffic.  If a wireless connection to a printer gets disrupted during printing or takes a printer offline, then the print job is going to be stopped. 

The second factor that impacts wireless printing pain is the number of people trying to print to the wireless connected printer.  In a home network, it isn’t often that two or more people are trying to print to the printer.  In a business environment, it isn’t uncommon for a dozen or more people to print to a printer.  The increase in the number of print jobs sent to the printer increases the likelihood that a print job is sent to a printer when the printer is offline due a wireless network connection disruption.   If someone can’t print immediately on a business network, our help desk phone line starts ringing. 

Another factor in wireless printer frustration is the business need to print.  If a staff member is working on a project and tries to print out the a copy of their work effort and the printer doesn’t work, not only is the employee disrupted, but normally two other employees get drawn in to solve the problem.  How does that happen?  If the staff member is not the company’s technology person, they are going to reach out to the technology person to try and help make the printer print.  When that staff member can’t get it to work, the office manager or owner gets drawn in, so a printer problem quickly impacts the productivity of three people.  A single wireless connected printing problem can easily cost a company over $100 per event in lost productivity, not to mention technical support fees that may get charged for help.  At its worst, printing problems like this happen weekly or monthly multiplying the lost productivity cost.  For less than $200, a physical network connection can be installed that will eliminate the problem – a pretty good return on investment!

In conclusion, never ever setup a wireless connected printer on a business network.

Click HERE for more details.

0 Comments
Continue reading

Ramsonware Epidemic - Timeline to Recovery

Just when we thought the tide of ransomware attacks was ebbing, we have seen a spike in attacks recently.  In the past month, we were contacted by three companies seeking out help in addressing ransomware attacks.  In keeping with our policies to only work with clients that have existing support agreements, we politely declined to support them.

Ransomware attacks are a nightmare not only for our clients, but for our technical staff as well.  Today’s attacks encrypt much more than a company’s data, it also encrypts configuration files and attacks the security system.  The criminals are smart.  They kick off the encryption process after business hours, most commonly on the weekends so the encryption process will go un-noticed until it has completely messed things up.  The net effect of these attacks is to turn computers and servers into zombie billboards flashing the criminal’s demand for payment.

If you're hit with a crypto-locker attack, there are only three options:  Pay the ransom, recover from backups or re-install everything from scratch and start over.  Recent ransom requests we have heard about range from about $1,000 to $12,000.  If you don’t have good backups and have to pay the ransom option, the steps to recovery include:

  1. Remediate the malware from all of the infected computers (Day 0)
  2. Find and address the attack vector (Day 0)
  3. Respond to the ransom request to find out the ransom amount (1 Day)
  4. Figure out how to get enough bitcoin to pay the ransom (3 Days)
  5. Pay the ransom and wait (1 Day)
  6. Get the decryption key and software
  7. Begin decryption (1 to 3 days depending on volume)
  8. Resolve operating system and application errors after decryption (1 day to a week)

After deciding to pay the ransom, the typical time to being functional is approximately 7 business days.  By working nights and weekends, that cycle time may be reduced by about one day during the decryption process.  Unfortunately, the time it takes to find out the ransom amount, get the bitcoin, pay the ransom and get the decryption keys will run at least 3 business days, and perhaps as much as a week depending on where you purchase the bitcoin.  We use Coinbase to purchase bitcoin on behalf of our clients.  Coinbase acts like a bank that maintains a currency (bitcoin) exchange market.  In order to initiate a transaction, I have to transfer funds to the Coinbase account.  This banking transaction takes from 24 to 48 hours to post to the Coinbase account.  Once the funds are confirmed in the Coinbase account, we can initiate a bitcoin purchase.  That transaction takes 24 hours to post.  Once we own the bitcoin, we can transfer the bitcoin to the criminals account.  That posting takes an additional 24 hours for the transfer to be acknowledged by the criminal.  After the criminal acknowledges receipt of the ransom, the decryption key and software would be on the way.

Decrypting the files is tricky business.  The tools the criminals provide are crude and require manual control to pick which folders and files to clean up.  Due to the simple tools and their crude nature, decrypting a file server completely can take several days.   The reason they encrypt the files overnight or on the weekend, is that the encryption process takes time, so the decryption process will take time too. The amount of technical support time needed for resolving a crypto-locker virus ranges between 16 to 40 hours of technical support time.

If you are fortunate enough to have good backups, a recovery from local backups can be completed in 4 to 8 hours, meaning a business will be offline for at about a day after a crypto-locker attack is discovered.  If the local backup is compromised or non-existent, a cloud recovery could take up to a week depending on restoration process, volume of data and recovery process.  The amount of technical support time needed for resolving a crypto-locker virus by recovering from backups ranges from 8 to 16 hours depending on the backups and backup location.

With the long recovery times, the biggest expense with a crypto-locker virus isn’t the ransom or the technical support costs, but rather the lost staff time from the inability to access systems.

Click HERE for more information.

0 Comments
Continue reading

Newark Airport Ate My Phone

I never appreciated how important my phone was to me until I lost it in Newark airport while embarking on a four-day trip to Florida. I had reached the gate and was plugging in my phone charger when I noticed a strange feeling in my pants. A quick pat of my pocket confirmed my suspicion: my phone was missing. That was a first. Up until that point in my life I had never (knock on wood) lost a phone. I ransacked my backpack and my suitcase, but the phone was not there.

As calmly as I could, I retraced my steps, but the phone was nowhere to be found. My mind raced. Top priority was establishing a line of communication with my mother who would no doubt, at some point, freak and organize a full-on search party if she didn’t hear from me in time. I recalled that some airports had kiosks or stores that sold cheap phones, so I set out to search for one. Eventually, I located such an establishment and inquired about purchasing a cheap phone. There were two problems with that: one, I had to admit that I lost my phone in an airport, and two, I was buying a “burner” phone in an airport. Not my proudest moment.

I obtained the phone, but it came without a SIM card. That needed to be purchased separately from one of many SIM card vending machines scattered throughout the airport. Purchasing a SIM card for a burner phone from a vending machine was exactly as strange an experience as I thought it would be. I felt ridiculous.

To activate the phone and receive my new number–and, presumably, the rest of my new identity–I had to text a code to a number. After assembling the phone, I sent the code. It was like a scene from a Bourne movie. Once the text arrived with my new number, I called mom hoping she would answer and not think that I was a robot warning her about her credit. Luckily for me, she answered. Problem One: solved.

Problem Two was that my Google account–the account I used to book my entire trip–has two-part authentication enabled and the authentication device was the phone that disappeared into the Newark Triangle. That meant I had no way of getting into the account. I was flying blind. Fortunately, since I’m a horrible millennial, I had printed out my boarding pass, so I avoided the headache of trying to get a new one. That was an especially prescient move considering I didn’t have access to my flight information.

The gravity of my phoneless situation didn’t hit me until I realized that I would have to endure the flight in silence with no entertainment. Queue the Twilight Zone music. The lost phone contained thousands of downloaded Spotify songs, plus a movie I had downloaded from Amazon Prime. Naturally, since I’m still a millennial, I didn’t bring along a book, because what self-respecting modern human travels with such antiquated devices? On top of being locked out of my email, the vending machine SIM card I got for my burner lacked a data plan. Without access to my Google account, I was not able to sign into the Play Store on the burner to download apps. Without data, I had no way to shield myself from human interaction. Since I had no entertainment options available, I settled and bought a book.

Problem Three was trying to secure a ride to my hotel, partly because I didn’t have Uber and mostly because I was unsure of which hotel I had booked. That’s one of the perils of booking a trip and bundling the different pieces together. Since I had no data and no email, I couldn’t check my reservation. I was up the creek and trying to steer my canoe with a tennis racquet. On a whim, I chose a hotel that sounded like the one I thought I had booked. I then had to rely on the old-fashioned method of asking a human for a phone number and placing a telephone call to the hotel to schedule a shuttle. Imagine my relief when I arrived at the hotel and the check-in person confirmed my reservation.

Problem Four was surviving the rest of the trip. Without social media, I was unable to do millennial things like post pictures of my food or send video SnapChats of me enjoying the 90-degree Florida weather to my northern friends to make them jealous. My burner at least allowed me to communicate with the three people whose numbers I remembered, but a carrier pigeon might have been more reliable. Calls would drop if anyone within five feet of me so much as sneezed and signal strength would go to zero if I passed through any medium thicker than tree shade.

When I arrived back at work Monday morning, I was not able to log into our business apps, since they require two-factor authentication. Minor setback. I also had to face a wee bit of ridicule from coworkers since news in a small office travels faster than lost iPhones through Newark airport.

I’d like to blame two-part authentication for making my life difficult, but it was my own carelessness and stupidity that nearly screwed me into oblivion. At times, I thought I was on a Discovery Channel survival show. Millennials Traveling Without Phones. Despite the setbacks, I’m glad I enabled two-part authentication. The ordeal proved a) just how hard it is to crack two-part authentication, b) just how deeply rooted technology is in our lives, and c) that I would make a terrible action hero.

Some major life lessons were learned from this experience:

  • Don’t lose your phone. The obvious takeaway from this whole ordeal.
  • Travel with a book. It’s always good to have a backup plan.
  • Travel with a computer. Again, I’m a terrible millennial, so I also neglected to bring along a laptop. My laptop is already authenticated with Google, so I could have used that to check my email.
  • Back up your phone. I had iCloud backups enabled for my phone, and there was a fresh backup from the night before I lost it. Aside from a little confidence in my ability to keep track of my belongings, I didn’t lose a thing.
  • Make sure that security is enabled on your phone. Be sure to set at least set a login PIN for your phone. If your phone supports fingerprint login, enable that, as well.
  • Make sure that security is enabled for your apps. If any of your apps have access to your financial information, make sure they require a password to log in. NEVER set them to remember the password. Rather, set them so you must enter a password every time you open the app.
  • Newark airport lost and found is useless. I had a better chance of Gandhi handing me the winning Mega Millions ticket while I was a date with Emma Watson than I had of finding my phone.

If you do lose your phone, or if it is stolen, contact your service provider and have the number disabled. Report it stolen, then change the passwords on your important accounts. The last thing you want is whoever possesses your phone to have access to your personal information.

Now if you’ll excuse me, I need to go dump my burner into the nearest trash can.

0 Comments
Continue reading

Printer Best Practices - Never Share a Local Printer on a Workstation

printer

Next to ensuring our client’s backups are running, the biggest area of technical support issues is printers. Even in the age of electronic everything, people still need to print. We follow a number of best practices that eliminate a lot of technical support phone calls for printing issues. One of these best practices is to never, NEVER, share a printer out from a workstation. We will not set up a shared printer on a workstation and, in our managed service agreements, we will not support shared printers. Why is that?

Printer sharing got its start when Microsoft introduced its peer-to-peer networking system. Printers could be connected to one computer and other users could attach to it and print. Much to our chagrin, printer sharing remains a feature in Microsoft’s operating systems. As Microsoft’s networking evolved over the years, the protocol that supports printer sharing became an afterthought. The ability for a computer to resolve a name, in this case a printer share name, is a key part of having the technology to work. If the name cannot be resolved, the technology cannot work. With the way names get resolved today, particularly on peer-to-peer networks, the reliability of a computer being able to resolve a share name has gone down dramatically. The net effect is shared printers dropping off the network with increasing frequency. If your computer cannot “see” the shared printer, it cannot print to it.

Other things that often go wrong with shared printers are the workstation the printer is connected to is turned off, the printer is turned off, and the printer is out of paper. Since a person accessing a shared printer is not directly connected to the printer, they don’t always get the printer’s diagnostics. If the printer is out of paper, they might not get a warning saying so; they’ll only know they can’t print. All of this leads to frustrated end users. When we bill clients for technical support, a shared printer becomes a service annuity. It’s not a service clients like paying for, and it’s not one we like billing.

In order to have a better printing experience, printers that are to be shared by multiple people should always be network printers physically connected to the network. That means the printer must be configured with an IP address. Users may be set up to print directly to the printer, or if possible, to a printer share managed on a server. Please don’t ask us to share a local printer on a workstation. We will politely say no, because we really want you to be able to print!

Click HERE for more information.

0 Comments
Continue reading

The Power of KPIs and Dashboards

KPIDashboard

In the past year we made major strides in improving our internal processes. As part of those improvements, we have been able to launch real-time management dashboards focused on key performance indicators (KPIs). The tool we use for this purpose is called BrightGauge. BrightGauge was specifically designed for the IT industry and has hooks into most of the major software packages we use.

By measuring the right KPIs, management and staff can maintain focus on the activities that have the greatest impact on our performance and success. For example, we have a gauge on our Operations dashboard that looks at new client-generated tickets. The gauge “dings” every minute until someone touches the ticket and moves it to a service board for resolution. This helps us maintain our internal 12 minute goal of touching new client requests. Other gauges we monitor are how many tickets we have opened and closed for the week and how many tickets are in a “client waiting state”.

For the sales team, we have gauges that monitor key sales activities. The sales team is responsible for so many outbound calls per day and week. The service board tracks progress and helps keep the sales team on track.

One of the greatest challenges facing a business is determining the KPIs that drive the business. Every business owner or manager has to identify KPIs that can be measured, monitored, and managed to improve performance. Whether the KPIs are sales calls, calls per day, tickets per service person, or some other metric, the KPI must be identified along with a way to capture and display the data. Start with understanding what the KPIs are for your business, and then find the system and display tools that will let you see the KPIs and how you are doing. The results on your business will be incredible!

Click HERE for information about BrightGauge.

0 Comments
Continue reading

Head in the Cloud

CallIT

0 Comments
Continue reading

Why Use Complex Passwords for Email

Email is ubiquitous. Everyone has at least one email address and many of us have four or more for different purposes. Each year a number of our clients have their email box stolen or compromised by criminals. This most often happens to public email accounts, but has also happened to the client’s business email account. Why do criminals want access to your email?

In the past, the most common reason was to send spam to all of the people in your contacts list. By making an offer or a link seem like it was coming from you, the criminals had a better chance of tricking the victim to click. Other uses of the email box included relaying spam and holding the email box for ransom. 

Today’s attacks on email are more targeted and sinister. Criminals use social media to discover email addresses that may be associated with a victim’s bank account or another account that can be used for purchasing or verifying an identity. Rather than completely hijacking the account once they gain access, the criminals assess what financial accounts the email is connected to and they wait. Recent documented thefts through email hijacking include cell phone numbers, diversion of bank wire transfers, Bitcoin theft, and identity theft. In short, the email associated with financial transactions, regardless of the form, must be protected.

The best way to protect an email account is to use random complex passwords or pass phrases. The National Institute of Science and Technology (NIST) issued new password guidelines last year recommending the use of pass phrases instead of passwords. The longer the better. Most systems support passwords from 8 to 32 characters. Pick a hard one and you have decreased the likelihood of having it stolen by a factor of 10. If multi-factor authentication is available for the email box, turn it on and use it as a secondary authentication system.

Check out this YouTube video link to see how easy it is to use social engineering to guess passwords.

0 Comments
Continue reading

Vulnerability Test Versus Penetration Test - What's the Difference?

Companies that need to meet HIPAA, PCI, PII, and other contractual requirements are required to have their security tested periodically. The tests check security from outside the firewall to see what, if anything, is accessible from the Internet. Some tests even require a look at the inside of the network to determine what is easily compromised if an attacker gains access to a computer on the inside. Tests to meet security requirements fall into two buckets: vulnerability tests and penetration tests. Many companies in our industry use penetration test to describe what are actually vulnerability tests or port scans. What are the differences between the two tests?

Vulnerability tests only test what can be reached on the internal network from the Internet. The first step in a vulnerability test is to run a port scan on the public IP addresses used by a company to discover open ports. Common open ports include HTTP, HTTPS, FTP, RDP, and SMTP. In a vulnerability test, the open ports are tested to see if a computer responds to the common application that is associated with that port. If the computer responds, the response is evaluated to see if well-known exploits could be used to successfully gain access to the computer. From the moment a vulnerability test is started to when it generates the findings, the process is fully automated; there is no human intervention. Vulnerability tests are required for HIPAA and PCI compliance and need to be conducted at least annually. Costs for vulnerability tests range from $100 to $250 per public IP address.

Penetrations tests are more intense. Penetration tests normally also include looking at the inside of the network for vulnerabilities as well as what can be compromised from the Internet. The biggest difference between a vulnerability test and a penetration test is that a penetration test is actively conducted by a highly skilled ethical hacker. The penetration test starts with a vulnerability test. Once the results of the vulnerability test are returned, the ethical hacker manually tries to gain access to the system using the latest techniques available from the dark web. If the ethical hacker is able to gain access, they will progress through the compromised system to see what they can gain access to. This discovery process may take many hours and reveal that all of a company’s data is at risk. The ethical hacker documents their findings and performs a similar test for each discovered open port. Once the external vulnerabilities are tested and documented, the ethical hacker is given access to the internal network to identify security weaknesses on the internal network. A full penetration test ranges from $8,000 to tens of thousands of dollars depending on the size of the company and the number of locations to be tested.

A common problem in our industry is “security” companies advertising a penetration test for $99. Be sure that the $99 test you are buying is really a penetration test; it is most likely only a vulnerability test.

Click HERE for more information.

0 Comments
Continue reading

Guard Your Cell Phones

A person’s cell phone is becoming a linchpin in technology security. Cell phones have taken on a major role in helping to verify an identity. Whether you are on the phone with a customer service person or logging into a computer system, the cell phone is often used as a method for verifying a person’s identity. As the cell phone becomes an increasingly popular tool for identity verification, criminals have a greater motivation to steal either your cell phone or your cell phone number.

Cell phone verification often starts with setting up a new account. Microsoft, for example, uses the cell phone number entered during account setup for verifying the identity of a person during password resets and other administrative tasks. Many banks and credit card companies also use cell phones for texting verification codes. This multi-factor authentication (MFA) technique is being commonly adopted by many service providers.

Another way cell phones are used for MFA is through the use of third party push applications to cell phones. Google, Duo, and Symantec all have cell phone apps that generate new codes every minute. When logging into a system, the code listed on the device gets entered into the login process, providing a second code in addition to the password. This MFA makes breaking into a system a lot harder for criminals. 

Since the access to your money has been connected to your cell phone, criminals have devised many schemes to take over your cell phone. The most common ways are tricking the cell service provider into assigning your cell number to a device in their control and changing the cell phone number attached to an account. Cell phone number theft has become a widespread problem. The cell phone theft is normally paired with the compromise of the victim’s email account. By gaining access to the victim’s email account, the criminals can have the cell company send verification information to the victim’s email address. Once the cell number is obtained, the criminals can use login information they may have obtained via keylogging malware on an unsuspecting victim’s computer. With the login information and control of the cell phone, the criminals can log in and clear out your bank account.

Here are some tips for safe guarding your cell phone:

  • Make sure you use either a random complex password or pass phrase on the email account associated with your cell phone.
  • Make sure you keep your computer fully patched and run current anti-virus software to guard against malware.
  • Check the mobile phone number associated with key accounts regularly to ensure your cell phone is attached to the accounts you expect.
  • Make sure the password you use on your cell phone account is complex or has a long pass phrase.
  • Practice good computer hygiene.

 Click HERE for more information.

0 Comments
Continue reading

Looming Security Requirements for Personal Identifiable Information (PII)

For many years DeckerWright Corporation has been working with healthcare firms to help them protect patient information by meeting Health Insurance Portability and Accountability Act (HIPAA) security requirements. The concept of Protected Health Information (PHI) was introduced in the HIPAA legislation in 1996. The Health and Human Services (HHS) Department of the federal government was tasked with writing the regulations defining PHI and how to protect it. An evolving body of regulation governs how healthcare firms should protect PHI from being lost or stolen and defines penalties if PHI is breached.

Fast forward to today. There is a lot of talk about Personal Identifiable Information (PII) and how to protect it. PII is any data that may be used to identify a person, such as first and last name, address, phone number, or social security number. From financial institutions to retail establishments with Payment Card Industry (PCI) data requirements, non-healthcare industries are rapidly adopting many of the key aspects of HIPAA. One of the takeaways from HIPAA regulations is the concept that there needs to be a constant focus on security improvements since security vulnerabilities and threats change over time. Putting in the latest security technology today does little to protect against the threats of tomorrow.

While there are plenty of technical requirements in many PII related guidelines, all of the guidelines require the adoption of policies and procedures meant to reinforce a culture of security and to provide the framework needed to respond to breaches when they happen. Each set of industry guidelines requires slightly different documents that describe the information technology environment, plan for disaster recovery, and provide for what to do during a breach. The guidelines normally include the need for regular vulnerability tests and an annual security risk assessment.

With the launch of General Data Protection Regulation (GDPR) in the European Union, it will not be long before the United States adopts its own PII guidelines modeled on HIPAA regulations. Absent any lead from the federal government, industry trade groups will take charge in developing and disseminating security guidelines. The foremost group in this regard is the PCI since it can enforce the rules through fines and penalties related to credit card use. As PII security requirements begin to reach all industries, look for federal legislation to address the PII in the hands of tech companies that are not touched by HIPAA, PCI, or financial institution requirements. These include large companies like Google and Facebook. Since the body of security requirements has been evolving from HIPAA’s origins over 20 years ago, look for the upcoming federal guidelines to build on the well-understood body of work.

Click HERE for more information.

0 Comments
Continue reading

Latest Blog

Sometimes technology is created that was never meant to work.  Many of today’s low end printers include wireless network connectivity.  While wireless connectivity for printers may be a good thing in your house, it is the source of intense pain for our technical st...

Account Login