Get Started Today!  732-747-9373   

DeckerWright Corporation Blog

DeckerWright Corporation has been serving the Red Bank area since 1984, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Power of Peer Groups

For the past seven years, DeckerWright Corporation has been a member of the IT industry’s leading peer group, HTG.  Member companies come from across the United States and provide the same types of services.  Owners of the other company form the board of directors for DeckerWright Corporation providing feedback, ideas and accountability.  Many of the systems we have in place today to improve our service delivery and protect our client’s data have come from ideas fostered in the peer group.  At the latest meeting, we learned about new security tools and processes that we will be deploying to our clients over the next few months.  Another thing you discover in the peer group is IT problems in New Jersey look a lot like IT problems in California, Kansas and Florida.  Many of the problems someone else has seen and solved, another benefit we can pass along to our clients.

If you have an opportunity to get involved with a peer group in your industry or area, you should seriously consider it.

Click here for more information.

0 Comments
Continue reading

Security Information and Event Management (SIEM)

DeckerWright Corporation provides consulting services to assist clients with responding to and meeting enterprise level security requirements.  These requirements are derived from HIPAA, ISO and PCI security requirements and are written into agreements many companies must agree with in order to transact business.  One of the emerging trends is for companies to maintain log files for up to a year so that in the event of a security breach.   The log files may be reviewed for clues on what happened and what may have been compromised.  An additional requirement is for the log files to be reviewed for potentially malicious activity.   A day’s worth of firewall logs could easily exceed 100,000 entries.   

The industry response to the needs has been the development of SIEM systems.  SIEM systems allow for the protected offsite storage of device (eg. Firewall and server) log files for specific periods of time.  The SIEM tools also review the log files looking for potential bad behavior and can provide alerts for further investigation, or action to resolve problems.  The latest generation of SIEM tools can “connect the dots” by linking behavior in one device to device in other devices to identify an evil pattern of behavior.  We have begun to deploy SIEM systems for our clients that must meet these security requirements.

Click here for more detail.

0 Comments
Continue reading

Should I Worry About The Intel Security Flaw?

There has been a lot in the press recently about a security problem identified in nearly every Intel processor produced over the past 20 years.  Should you be worried about the flaw?  The answer is both yes and no.  The flaw that was discovered could allow data to be pulled directly from the processor.  Since the data at risk has to be in the processor, data at rest like your documents, and spreadsheets will be unaffected unless you are working on them.  Data like logins and passwords would be prime targets for the malware.  So far, there are no known attacks that have targeted this flaw.  The degree of difficulty in writing the software to take advantage of the flaw will be difficult and will require a skill set only few programmers have.  Expect nations to invest the money to develop the code first, and criminals to have the code in 12 to 24 months.  While serious, the Intel flaw is less serious than being behind on Windows patching is for most PCs.

The Intel “patch” will involve two parts.  The first is a patch that will be released from Microsoft that will prevent the attack through the operating system.  The second “patch” will be a firmware upgrade specific to your computer.  Due to the complexity of applying firmware patches, many machines will go unpatched.  Computers older than five years old will probably never get the firmware level patch.  Since the vast majority of devices with Intel processors will never get their firmware upgraded, the Intel flaw will be a problem for many years to come.

0 Comments
Continue reading

iPhone vs Samsung: Which is the best?

I’ve never been an Apple junkie. My first–and until recently only–Apple device was a first-gen iPod Touch that I bought way back in 2008. For phones, Android has traditionally been my style. Why did I choose to not claim a seat on the iPhone bandwagon? Because everyone else seemed to have an iPhone and I’m not a big fan of being like everyone else.

After years of ownership, Android fit like a comfy sweater. All was bliss until one day when I was on a service call and the client came to me with an iPhone issue. They handed me their iPhone and my eyes glazed over. After several more such instances I grew tired feeling like an idiot and decided that, as a tech professional and a Millennial, it was time for me to learn how to use an iPhone. So in the name of science, when my phone went up for renewal, I sprung for an iPhone 8.

I have learned many things in my few months of iPhone ownership. For example, the screen responds differently to hard touches and soft touches, something I learned while trying to remove an app (after Googling how to do it). I know I still have much to learn and that there is a myriad of features I have yet to discover. I’ll report on them as I go. For now, though, I’m happy that I can set up email and navigate the settings menus without having to consult a YouTube tutorial. I even figured out how to change Siri’s voice to British, a tweak that makes navigation far more enjoyable.

Here are some observations thus far.

Things I like:

  • It looks nice
  • It feels nice
  • It has biometric security
  • The battery lasts a long time
  • It has a whole bunch of swipe and touch features that I have yet to explore
  • I can get iPhone accessories at pretty much any store that sells things
  • I’m no longer the odd man out in group texts

Things I don’t like:

  • The keyboard doesn’t support swipe texting (I might be a Millennial but I’m a horrible texter)
  • I had to make an Apple account, but use Google for everything
  • It’s a pain to turn the location on and off
  • I can’t manually change camera settings (ISO and shutter speed)
  • I can’t clear app caches to free up space
  • There’s no headphone jack!!!

So which phone is best? Having owned both Samsung Galaxy and iPhone, I can say that you really can’t go wrong with either one. At this point in the game, they’re about equal. Apple started the smartphone ball rolling when they introduced the iPhone back in 2007. Since then, everyone else has had to play catchup, and catch up they have. Samsung’s newest Galaxies give the iPhones a run for their money. And Google’s newest Pixel 2 introduces yet another player to the which-smartphone-is-best competition. My brother just got a Pixel 2 and, I have to admit, I’m a little jealous.

Smartphones have come a long way since their ancestors first blew people’s minds 10 years ago. It’ll be exciting to see where they go from here. Android or iPhone? I’ll leave that choice up to you.

0 Comments
Continue reading

Internet Neutrality Policy Change...so what?

The Trump administration entered into an area of hot debate that had been dealt with in the Obama administration. The concept of “Net Neutrality” fostered by the Obama administration is about to be turned 180 degrees by the Trump administration. So what? The Trump administration is advocating changes that would allow carriers like AT&T, Comcast, and Cablevision the ability to build fast lanes on the Internet for those willing to pay. The current policy put in place during the Obama administration sought to treat all Internet traffic as equal. Think of toll lanes that have become popular in many states that allow drivers the ability to pay extra to drive on less congested roadways. The Trump administration is proposing rules that would give carriers the ability to craft service plans giving bandwidth priority to service providers willing to pay for it. Companies like NetFlix and VoIP providers like Vonage may pay the carriers extra for their data to get moved first. This would allow service providers to provide a higher quality of service they can’t now. On the flip side, start-up companies without the extra money would have to rely on the shared Internet which may result in more slow-downs and competitive advantages for existing large companies. There is no easy answer in this debate. 

Despite the desires of carriers to move to this model, much of the equipment on the internet is not set up to support the prioritization of traffic. While the IEEE protocols exist, they are not implemented on the Internet and even if they were, every carrier between the source and destination would need to have the priority feature working and activated for a particular form of traffic. It will take years for the carriers to work out interchange agreements supporting traffic prioritization. Though you can expect the regulations to change next year, the services will take years to implement.

Click here for more information.

0 Comments
Continue reading

MICROSOFT 365 - just another 365?

In November 2017, Microsoft introduced a new cloud product: Microsoft 365. As if the current branding of Microsoft’s cloud 365 offerings weren’t confusing enough, along comes Microsoft 365. 

What sets Microsoft 365 apart from the other 365 cloud offers is the bundle of services included in the offer. First and foremost is Azure Active Directory (AAD). The Microsoft 365 product bundle stakes out Microsoft’s future vision of not only cloud computing, but also of Microsoft’s path forward past desktop operating systems and applications. Microsoft 365 powered by AAD provides the first and only cloud based security and authentication system that can work over most mobile and desktop systems. Since AAD uses Microsoft’s InTune cloud offer, Microsoft 365 provides the first generation of unified security management across mobile and desktop operating systems. I would categorize the technology as first generation Microsoft technology, where it normally takes Microsoft three generations to get it right. This three generation cycle will probably be completed in a record time of less than 24 months.

The key to making it work is AAD’s ability to manage Windows desktops like Active Directory. Using Windows 10 upgraded with the Creator’s Upgrade, AAD has the ability to be the single-sign-on (SSO) source for users. The Microsoft 365 cloud license includes AAD, Exchange Online, Office Pro for up to five devices, and Windows 10 Enterprise. Microsoft is heavily pushing the concept that any computer running Windows 7 or above can run Windows 10. They may be right, but doing an in-place upgrade is tricky at best and a disaster at worst. For our clients wanting to try Microsoft 365, we are recommending either replacing their computers or at least installing a new Solid State Drive to improve performance and deliver Windows 10.

Microsoft 365 is designed for clients who want to get rid of their servers and move everything to the cloud. With Microsoft providing AAD to manage and control security, Microsoft 365 provides businesses the ability to control end points so that they can monitor and protect business data. As you plan for the end of life for Windows Server 2008 and Windows 7, Microsoft 365 must be seriously considered.

Click here for more information

0 Comments
Continue reading

Should You Invest in BitCoin?

If you follow the financial news at all, you can’t help but notice that BitCoin continues to reach new highs. Should you be “investing” in BitCoin?  

BitCoin–created less than ten years ago by an as yet anonymous person in the Far East–has become all the rage in the financial markets. The BitCoin “market” is completely unregulated and is not monitored or protected by any government. 

If BitCoin were to fall from its current high of about $9,000, to $10, an “investor” would lose almost everything. Given the high risk of holding BitCoin, I would categorize keeping any funds in BitCoin as pure speculation. What drives the value of BitCoin today is simple supply and demand. Since the underlying algorithm that “mines” BitCoin is fixed and only allows for slow BitCoin “currency” growth, an increase in demand can cause the value to jump. Likewise, if the investors head for the doors, you could lose everything. 

Another factor driving the BitCoin stampede is Wall Street’s introduction of derivative contracts built on BitCoin. To put this in perspective, think of the housing market meltdown in 2008. Rather than a piece of real estate, the underlying asset in this case is a cyber-currency that could disappear overnight. If you can believe it, it will be vastly more risky. 

My advice for the typical investor is to stay clear of BitCoin unless you are prepared to lose all of the real dollars used to purchase them.

Click here for more information on BitCoins

0 Comments
Continue reading

Kaspersky Labs - Back Door for the Russians?

In early summer the federal government issued a directive to have any government agency using Kaspersky Labs anti-virus software to remove it immediately from their computers. Why? The government’s cyber security team linked attempted breaches to cyber criminals using access built into Kaspersky Labs AV software in attacks on government systems. The Wall Street Journal headlined that “Russia has Turned Kaspersky Software into Tool for Spying”.  The software routinely scans computers for malicious files, but can also be used to look for data files that might be valuable to cyber criminals or foreign governments. Apparently, the federal government’s cyber defense team has documented cases where the Kaspersky software was used as a tool for taking federal government documents. 

Kaspersky Labs denies the allegation, saying that it has no ties to either Russian crime syndicates or the Russian government. The US government thinks otherwise. What should you do if you're using Kaspersky Labs AV software? We recommend replacing Kaspersky Labs with another AV software package. Why take the risk? DeckerWright Corporation uses Webroot with all of its clients and recommends this software, but most of the AV programs on the market do the job.

Click here for more details.

0 Comments
Continue reading

Cell Phones Thefts for Two-Factor Authentication (2FA)

There is a growing problem with cyber criminals stealing cell phones to access a victim’s two-part authentication in order to access financial accounts. Unlike the typical theft of a cell phone, the cyber criminals in this case transfer the victim’s phone number to a phone in their possession. They do this by compromising the victim’s email and then instructing the cell phone carrier to transfer the phone number to another device through the cell phone carrier’s web site. The victims find out about the change when they are unable to send or receive calls and messages on their phones. Getting this fixed with the cell phone company is time-consuming and painful. In the meantime, the bad guys have full access to the victim’s email account to reset passwords and the cell phone to get the 2FA code. By the time the victim realizes what is going on, their accounts are cleaned out. 

This problem first surfaced for people with BitCoin accounts. Cyber criminals are able to search social web sites looking for any reference to BitCoins. Once a target is found, they use dark web databases to identify the victim’s email addresses and possible passwords. Once the cyber criminals gain access to the email account they have access to the user’s cell phone listed in case of a problem. With the cell phone number, the cyber criminals are able to find out the cell phone carrier. The last piece of the puzzle is identifying possible BitCoin wallet locations, like CoinBase, to target. Once they confirm that they have found the right “wallet”, they move to the last step: transferring the phone number. With the email address and control of the cell phone, the criminals now have access to the victim’s accounts. When the criminals transfer BitCoins to their account, the transaction is not traceable and it is not reversible. Forbes magazine interviewed several victims who lost thousands of dollars from this exploit. 

In order to protect yourself, use complex passwords. If you discover your cell phone number has been transferred, reach out to your bank and BitCoin “wallet” companies to try and freeze the accounts. Insulate your BitCoin accounts by linking them to bank accounts or credit cards with low balances. Make sure the information your cell phone company has is current, and that you get notified of any changes. Use a back-up email account for account validation to reduce the likelihood of your email getting hacked.

Click here for more details.

0 Comments
Continue reading

When 1 GIG of Bandwidth Isn't Enough

Verizon recently announced the availability of 1 GIG internet connections in selected markets. Google also provides 1 GIG service in several metropolitan centers across the US, so 1 GIG internet is not far off even if you don’t have it now. What difference does it make? 

If you download thousands of movies or songs, it will take less time on a 1 GIG connection. What it won’t do is make your Netflix or Spotify streaming any better. Going to 1 GIG connections for most businesses will provide the opportunity to do more, faster. However, there are limits to the positive business impacts of these new higher bandwidths. A second characteristic of every internet connection is latency. Latency is measured as the time it takes for one packet of information to go to a web location and return. The amount of bandwidth doesn’t have any impact on latency since latency is dependent on the distance to and from the web location and all of the technology in between. Latency is measured in milliseconds (1000 ms equals 1 second). On a local area network, the typical latency between your computer any anything else is 1 ms. Put your server on the internet on the opposite coast, and the latency ranges between 40 to 90 ms depending on the service provider and location. 

What difference does latency make? Different types of applications are designed to expect different latency. A database package like QuickBooks is designed to run with latency below 3 ms, so you couldn’t put your Quickbooks database on a server on the other coast and expect it to work. Web sites are engineered to support high latency and won’t care about 70 ms connections. Software applications need to be carefully architected to match the network they are going to be running on. 

Latency doesn’t have much impact on steaming services like Netflix or Spotify. Once the first packet arrives, the rest are right behind. The internet service most susceptible to high latency is Voice Over IP (VOIP) phones. When latency gets over 200 ms, VOIP call quality suffers. High latency is one reason help desk calls to India are so bad. 

So go ahead and order the new 1 GIG service when it is available in your area. Just remember that bandwidth is only one factor in making your applications work.

Click here for more details.

0 Comments
Continue reading

Latest Blog

For the past seven years, DeckerWright Corporation has been a member of the IT industry’s leading peer group, HTG.  Member companies come from across the United States and provide the same types of services.  Owners of the other company form the board of directors ...

Account Login