Jason Palmer | Jason Palmer, CPA, CITP

Can a Small Business Windows PC User move to a Mac?

July 29, 2013 By Jason Palmer Leave a Comment

Admit it. You’ve looked at them. We have all looked at them. Apple has spent millions in advertising so that we cannot miss them: The New Mac Book Air and Mac Book Pro notebook computers. The Mac Book Air is ultra light. The Mac Book Pro has an amazing screen. And the iMac and Mac Mini desktops are more like sculptures than computers.

But you live in a Windows world with Microsoft Office and Quickbooks and probably feel like all you can do is longingly gaze at those sleek aluminum cases and dream about the day that you might be able to run your business on a Mac.

Well someday may be today for you.

There is a good chance that Microsoft Office for Mac and Quickbooks for Mac versions may just set you free from Microsoft Windows. Especially if you are not using any of the advanced features of the Windows version and you have limited sharing needs for your Calendar and don’t need to share you Quickbooks data file with other users.

There are a few key differences in Microsoft Office for Mac:
The keyboard short cuts will be a little different due to the differences between the Windows and Mac keyboard command structure. For example, PC’s have a “Windows” key and Mac’s have a “Command” key.

The fonts may be slightly different so you may have to substitute or purchase fonts for a close or exact match. However, if you use the standard font in the Windows version there is a very similar Mac version so spacing and document layout should be maintained without issue.

Macro support is not as comprehensive on the Mac version. If you have extensive use of Macros, you will want to test your documents and spreadsheets before fully committing.

Outlook sync to other services, such as Google, is not as strong in the Mac version and some calendar/event tagging is handled differently.

If you predominantly write letters and simple reports, create basic spreadsheets with standard formula tools, and use Outlook as an email client with a Contact address book and Calendar, you should be fine. Both Windows and Mac versions can open and save each other’s Microsoft Office files without issue.

Here are some key differences for Quickbooks for Mac:

Quickbooks for Mac does not offer the Premier Specialized Editions. One key benefit of a Premier Edition is the predefined reports. However, you can easily duplicate most of those reports through the report writer.

The only Intuit Payroll option is “Quickbooks Complete Payroll” which is Intuit’s version of a payroll service. (You report the hours, Quickbooks Complete Payroll takes care of the rest including direct deposit or mailing checks and all tax filings.) If you presently use a third party payroll service like ADP or PayChex, then there is no issue at all as nothing changes.

If on your Windows version, you use the Basic Payroll (Tax Tables Only) or the Enhanced Payroll (Tax Tables plus Federal and State Tax Forms Printing), you are out-of-luck.

There is no multi-user version of Quickbooks for Mac. It is a single install, single user program.

If you are the only user of your Quickbooks program, do not do payroll yourself and don’t need predefined advanced reports, the QuickBooks for Mac will certainly do the job without issue.

Quickbooks has a one-time conversion process to move the data file from the Windows to Mac version. After that, once you Start Quickbooks for the first time on a Mac, the layout, look, and feel are pretty much the same – only cooler – because it is on a Mac.

WordPress Twitter Exception Message: SSL certificate problem

July 26, 2013 By Jason Palmer Leave a Comment

Most plugins for WordPress require little if any technical knowledge to install and configure. Sometimes you have to look under the hood and check the engine yourself to make a plugin work correctly.

Recently the Genesis Framework “Getting Latest Tweets” Plugin widget was updated and site owners started to report SSL Certificate problems. The Getting Latest Tweets plugin securely connects your WordPress site to your Twitter Account and displays your latest Tweets on your web site. To see how this works, visit the home page of www.jasonpalmer.com and look in the lower right hand corner to see my latest Tweets. (You can learn more and download the WordPress “Getting Latest Tweets” plugin here.)

If after installing and configuring the “Getting Latest Tweets” plugin you see the message “No Tweets Found in the spot where it is supposed to display the latest Tweets on your WordPress site, read on to learn how to fix the problem.

The error message appears after installing the “Getting Latest Tweets” plugin and saving the Twitter Application API information. These are the keys and application name information obtained from your Twitter Developer Dashboard. (How to do this is all described with screen shots below the configuration panel of this plugin.)

You will usually one of the following two error messages or similar variation:

“Twitter Exception Message: SSL certificate problem”
or
“Twitter Exception Message: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed”

The reason for this error message is that some web servers do not have the latest Certificate Authority file installed. Digital Certificates authenticate the owners of web sites. To complete this process when making a request from our web server to another web server, we need to make sure that the issuer of the digital certificate that we receive from the web site we visit is authentic. The Certificate Authority file contains this information about well-known companies that issue SSL Digital Certificates to secure web sites. (For a technical explanation, visit Wikipedia here.)

Plugin authors, if they want to make secure connections from your web server to another web server, such as in the case of “Getting Latest Tweets” from Twitter to post automatically on your web site, usually include the latest Certificate Authority file with the installation of their plugin. “Getting Latest Tweets” did not do this.

The solution is fairly simple and will work for most LAMP (Linux/Apache/MySQL/PHP) and WAMP (Windows/Apache/MySQL/PHP) implementations.

We need to get a good, current copy of a Certificate Authority file from a trusted source, place it on our Web Server in the appropriate directory folder, then tell the programs that need access to this Certificate Authority file where to find it.

NOTE: If you understand the problem as described above but have absolutely no idea what anything below means, ask the company that hosts your web site to assist you or correct the problem for you.

WARNING: Make sure you have a valid backup copy of your PHP.INI file BEFORE you proceed!

First, get the latest cacert.pem file from:

http://www.curl.haxx.se/docs/caextract.html

Look to see if you have a \curl or \Tools\curl or similarly named directory on your Web Server. You can also search for “curl” to help find an appropriate directory.

Warning: Do not replace the .pem file that exists in any plugin directory. Only replace the .pem file in a common server directory, like in the example below.

Next: Simply open up your PHP.INI file and add the following line:

curl.cainfo = “PATH_TO/cacert.pem”

Example:

I am running the WAMPDeveloper Stack on Windows from DevSide.net

I added the following line at the bottom of my PHP.INI file

curl.cainfo = “C:\WampDeveloper\Tools\curl\cacert.pem”

Then I placed the cacert.pem downloaded above in:

c:\wampdeveloper\tools\curl

Works perfectly for most stacks, BUT NOT ALL, and resolves the issue for many plugins looking for an updated Certificate Authority File that are returning errors similar to the one at the top of this article.

You may stop reading this article now unless you really, really want the ultra-technical details and are an IT Professional.

IT Professionals, please continue:

If you are looking to understand how to update cURL the library utility that many plugins use to connect and transfer data to and from other sites securely, additional references are below.

It is usually the responsibility of the developer of the application/plug-in to explicitly point to a current cacert.pem file – especially for WordPress users running on Windows AMP stacks such as Bitnami or WampDeveloper (Devside.net).

Backupbuddy, Vaultpress, and Google Analytics plug-in’s all distribute a cacert.pem file and I assume use the proper CURL Reference such as:

curl_setopt($ch, CURLOPT_CAINFO, ’C:/accessible/by/apache/cacert.pem);
and
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

The following sites are presented for reference and additional configuration details:

The Main Home Page for cURL:
http://curl.haxx.se/docs/manpage.html

A good Mozilla.org Certificate Authority CA Cert Bundle file is available here:
http://www.curl.haxx.se/docs/caextract.html

The page explains in depth how to make SSL Server to Server Connections:
http://curl.haxx.se/docs/sslcerts.html

How do I update root certificates in Apache/PHP/cURL environment?
http://kb.ucla.edu/articles/how-do-i-update-root-certificates-in-apachephpcurl-environment

How do I use cURL in PHP on Windows?
http://kb.ucla.edu/articles/how-do-i-use-curl-in-php-on-windows

Quickbooks & The Hartford Pay-as-you-Go Workers Compensation

July 25, 2013 By Jason Palmer Leave a Comment

When Quickbooks Payroll by Intuit partnered up with The Hartford to offer “Pay- as-you-Go” Workers Compensation Policies, I decided to investigate.

If you use Quickbooks Full Service Payroll, which is a comprehensive service that includes direct deposit of employee paychecks, automatic preparation of payroll tax forms and payment of taxes, with The Hartford, you can pay your Workers Compensation with each pay period.

If you use Basic (Paycheck Calculations Only) or Enhanced Payroll (Paychecks and Tax Form Preparation) you can still use The Hartford, but you have to make the periodic Workers Compensation payment directly through The Hartford web site. It is not an automatic deduction. This is still a better option than having to make one big Workers Compensation payment each year on the anniversary date of your policy. (As of this writing, Disability Policies at The Hartford are not available on the “Pay-as-you-Go” billing platform and must be paid in full annually.)

I contacted The Hartford and was able to obtain quotes almost immediately. For Workers Compensation, the annual premium was a significant savings. For Disability, the annual premium was higher but the combination of the two policies was still a savings. When I asked my commercial insurance broker his opinion of The Hartford, he had only good things to say. Specifically he mentioned that their customer service is very responsive and that they pay their claims in a timely manner.

True to form, I had a number of questions for The Hartford about the quotes presented and they were extremely responsive. This included their ability to put the new policies in place almost immediately should I decide to proceed. However, if you read my last post, “Leaving NYSIF – New York State Insurance Fund – Not So Easy”, it was all for naught as I was unable to exit my NYSIF policies. [I will be looking at The Hartford again and perhaps some other Carriers as my NYSIF renewal date approaches.]

Important Safety Tip: Absolutely check with your current Workers Compensation and Disability Insurance Carriers to determine your ability to cancel your policy and leave prior to term BEFORE you obtain quotes or complete any applications. It will just save you a great deal of time and aggravation. Penalties for early departure can be severe.

NOTE: The degree to which you can actually “Pay-as-you-Go” with The Hartford will vary with the specific Quickbooks Payroll Service you have selected and the amount of your policy premiums. In the case of some Policies, the Premium may be so small that it makes more sense, or the only option may be, to pay annually.

More Information on The Hartford at:
http://www.thehartford.com/worker-compensation

More Information on Intuit Payroll at:
http://payroll.intuit.com

Disclaimer: The information presented above is my personal experience and current as of the date of this article posting as it applied to my specific situation. I am a licensed Certified Financial Planner and Certified Public Accountant (licensed in the State of New York.) I am not licensed to sell or represent any insurance product in any State. Insurance Carrier rules and regulations vary by State and change frequently. You must check with your own Agent, Broker, or Insurance Carrier directly to verify the information as it may apply to your specific situation.

Leaving NYSIF – New York State Insurance Fund – Not So Easy

July 24, 2013 By Jason Palmer Leave a Comment

My Workers Compensation and Disability Policies are with NYSIF – The New York State Insurance Fund. Early on, I was single shareholder corporation with no employees and therefore was able to exclude myself from the Workers Compensation Policy. In the Insurance Industry, this is known as a “Ghost Policy.” New York State absolutely requires that any business that has a payroll, with or without eligible employees, must have both a Workers Compensation and Disability Policy in place.

At the time, on the advice of my commercial insurance broker, he directed me to NYSIF because they would have the least expensive policy premium minimums. Since I had no employees to cover, things like customer service and claims were non issues. I just needed the policies in place to comply with the regulations. For the most part, if you are in this situation, with no eligible employees and exclude yourself as the single (or no more than two) person shareholder company, NYSIF is a good option for New York State Workers Compensation and Disability coverage.

I was investigating switching Carriers just after my policy had renewed, July 1^st.

What I learned was that terminating coverage at NYSIF at any other time than approximately 45 days prior to the policy renewal date comes with extreme prejudice. NYSIF enforces a 30 Day written cancellation notice as purportedly mandated by New York State Law.

Furthermore, NYSIF enforces something called a “Short Rate” penalty for policies canceled prior to the end date. In the case of my Disability Policy the penalty was 100% of the paid premium because I was at the policy premium minimum. For my Workers Compensation policy the NYSIF underwriter would not provide the penalty amount. He simply stated the penalty would be “severe.”

Be advised that if you have a NYSIF – New York State Insurance Fund Workers Compensation and Disability Policy and want to change Insurance Carriers, you must plan to do so approximately 45 days prior to the end date of your policy. This will allow you time to get quotes from alternate Carriers and provide the proper 30 Day written notice to NYSIF that you intend to cancel your policy and move your coverage.

Should you decide to terminate your policy with NYSIF, you must send the notice in writing on Company Letterhead at least 30 days prior to the renewal date of the policy. The letter must include the following information: Policy Name and Current Address; Policy Number; Reason for Cancellation; Effective Date of Cancellation; Policyholder’s signature; Current Telephone Number.

In the case of the Disability Policy you can send a signed scanned copy of this document via email or fax. However, the Workers Compensation cancellation document will only be accepted via U.S. Mail and NYSIF will look to either the date requested on your letter or “30 Days from the Postmark” whichever is later as the effective date of the cancellation regardless of your intended date. (Contact NYSIF Customer Service directly to obtain the current contact information for where to send the cancellation letter(s).)

Give me Liberty, or better yet, give me my FBI or NSA File!

July 4, 2013 By Jason Palmer Leave a Comment

Today is Independence Day, July 4, 2013. The recent news of alleged automated digital information gathering by various United States Government Agencies has caused many to ask “What do they know and when did they know it?”

With that in mind, it seemed only fitting to take a step back in time to old days of the mysterious “FBI Files” of the Hoover and McCarthy era. It is rumored that the FBI created files on almost everyone who was even the least bit subversive – you know, anyone exercising their Constitutional Rights such as the First Amendment – Freedom of Speech, Freedom of Religion, and Freedom of the Press – who might have had a difference of opinion with the current political climate.

Most certainly, the hysteria of the day about our potentially intrusive, “Big Brother” Government was that if you were protesting in the ‘60’s and ‘70’s you must have an FBI file, right? I mean, the FBI’s file on Elvis is famous. (See it here at: http://vault.fbi.gov/Elvis%20Presley%20 ) His swinging hips were sure to be the downfall of family values and corrupt teenage girls everywhere. Obviously he was considered a threat to domestic tranquility worthy of Government investigation.

The question is, were YOU?

Are you on the radar of the U.S. Government to the point at which the FBI or NSA, or any number of other specialized Agencies might have performed an investigation in to your activities and “known associates?” Do you have a photo of yourself and Jimmy Hoffa? Perhaps you are the one carrying the banner at a protest rally? Did you ever answer “yes” to the infamous question by Senator McCarthy, “Are you now or have you ever been a member of the Communist Party?”

To use a tag line from the National Enquirer, “Enquiring minds want to know!”

Fortunately, under the Freedom of Information Act, FOIA for short, you have the legal right to request that the FBI, NSA, and a number of other US Government Agencies perform a search and present you with a copy of your “File” – if one exists. For certain types of information and files you need to file a Privacy Act request instead.

Some Agencies, such as the NSA are less forthcoming with the information that they may have collected on you because many of their records are exempt from FOIA and enjoy special legal protections.

You can also request files on the deceased with a few caveats.

To get your file, you can visit a privately run free service site, http://www.getmyfbifile.com that will help you create the form letter request to the FBI and other Agencies.

A more practical and perhaps fun use might be to request a file on a deceased relative. Ever wonder why Grandpa who lived in some rural part of the country always had those clear jugs of liquid (moonshine?) and did not seem to have ever had a real job but always had lots of cash to buy you ice cream and candy? Or, perhaps he was active in the Workman’s Circle or he did answer, “Yes” to Senator McCarthy’s question. He just might have a file. To get Grandpa’s file, you can visit a privately run free service site, http://www.getgrandpasfbifile.com that will help you create the form letter.

The Direct Links to U.S. Federal Government Agency FOIA Pages are below:

FBI – Federal Bureau of Investigation
http://www.fbi.gov/foia

NSA – National Security Agency
http://www.nsa.gov/public_info/foia/index.shtml

DSS – Defense Security Services
http://www.dss.mil/about_dss/contact_dss/foia.html

CIA – Central Intelligence Agency
http://www.foia.cia.gov

USMS – U.S. Marshalls Service
http://www.usmarshals.gov/foia/index.html

DIA – Defense Intelligence Agency
http://www.dia.mil/public-affairs/foia

USSS – United States Secret Service
http://www.secretservice.gov/foia.shtml

CID – Army Criminal Investigation Command
http://www.cid.army.mil/foia.html

Dad Tech – Using the Right Tool for the Job

June 16, 2013 By Jason Palmer Leave a Comment

Lon T Palmer

Today is Father’s Day 2013 and for Home Improvement Stores, the equivalent of the entire year-end Holiday Gift Giving season for Dad repeated for one Sunday in June. I could not help but notice the endless number of advertisements for Tools available at every possible price point and combination in advance of Father’s Day.

Although I think about my father (who passed in 2008) almost every day, seeing these advertisements and a recent trip to both Home Depot and Lowes got me thinking about some words of wisdom he imparted to me. “Using the right Tool for the task makes the job easy.” My father had left me with a lifetime of lessons but on a more tangible level, a workshop full of Tools for almost any task.

My shop includes such tools as a ½” Hammer Drill for sinking anchors in to solid concrete, a Drywall Screwdriver, SawzAll for cutting through almost anything, a Table saw for ripping plywood, Chop Saw for doing molding, a variety of other power drills and tools of varying sizes for different materials, and dozens of screwdrivers, wrenches, sockets, chisels, torches, and hand tools in almost every conceivable size for working with wood, metal, pipe, or stone. Yes, I could open up a catalog showroom.

My Dad was very hands-on and an excellent Teacher. To that end, both my brother and I can absolutely swing a hammer, use a drill, hang a shelf, measure twice and cut once, fix a light switch or leaky faucet and can pretty much perform almost any carpentry, plumbing, electrical, tile, or similar “home improvement” task.

Most of the time, we always had the right Tool for the job.

That is not the end of the story but just the beginning. See, sometimes you do not always have the right tools with you. It is just as important to learn how to improvise when the right tools are not available.

Much to my Mother’s disapproval, the end of a Kitchen knife can double as an acceptable flat blade screwdriver. A pointed letter opener can stand in for a Philips Head screwdriver. A common nail can be used to as an Awl to make a starter hold for a screw. Any reasonably solid object can be used as Hammer. (Pliers come to mind as do screwdriver handles.) Scissors can be used to both cut wire and strip wire. Any rectangular object can be used as a Square (for making corners). A glass of water or bottle of soda can be used as a level with a 2×4. Thick rubber bands with 1×2 can make an acceptable clamp. And the list goes on…

My point is that it is great when you have the “Right Tool for the Job” but lack of the right tool should not necessarily prevent you from succeeding. Dad was a master of creativity in “Getting the Job done” and to that end, never let the lack of the proper tool stand in his way of completing the task.

Thanks Dad for teaching Shelly and me that you can still drive a nail without a hammer. And that a hammer by any other name, (which was frequently the case), would still “Get the Job done.”

Happy Father’s Day

Mobile Device Management – Verizon VZ Manager Software

June 7, 2013 By Jason Palmer Leave a Comment

Verizon VZ Access Manager

If you are a Verizon Wireless Cellular Data customer, you most likely use the Verizon VZ Manager program to manage your connection to the Internet. VZ Manager is available for both the Mac and PC Operating Systems. You need to run the correct version of VZ Manager based on the specific Verizon Wireless Cellular Data Device you are using. In some cases, newer versions of the Verizon VZ Manager Software that support 4G devices may not support older Verizon 3G Cellular Data Devices.

To find the correct version and download the VZ Manager Software for your specific Verizon Cellular Data device, visit:

http://www.vzam.net/download/supported.aspx

Once you load the VZ Manager Software on either a Mac or PC and connect your Verizon Cellular Data Device, the first thing you need to do is to activate the device. This is accomplished from the OPTIONS menu by clicking on “Activation.”

If everything works properly, the VZ Manager Software will make an initial connection to the Verizon Wireless Cellular Data Network and link your new device to your account enabling you to connect to the Internet. During the initial connection, you may be prompted to allow the VZ Manager Software to either update itself or download Firmware updates to your device.

You may be prompted to reconnect multiple times during this update process. The last update is usually a roaming list that includes specialized network information to allow you to connect to both the Verizon Cellular Network and other Cellular Carries where Verizon has Cellular Data Network Sharing agreements.

There is a special caveat for Mac users: The Mac version of the Verizon VZ Manager Software is unable to update the Firmware of the Cellular Data Cards. This must be done using the Microsoft Windows version of the Verizon VZ Manager Software. (Firmware is a specialized kind of software that manages the autonomic functions of the device. The best analogy is that you do not have to think for your heart to beat, your lungs to breath, or your eyes to see. Your body just takes care of these things.)

There are few options to accomplish this task. If you are fortunate enough to have a Windows notebook that is also compatible with your Verizon Cellular Data card, just follow the instructions above to install the updates and prepare your card for Mac use.

If you are running a Microsoft Windows Virtual Machine in either VMWare Fusion or Parallels for Mac, you can assign your device to the Windows Virtual Machine; Download the Microsoft Windows version of the Verizon VZ Manager Software for your particular Cellular Device, perform the activation again, and apply the updates. Upon completion, you simply disconnect from your Windows Virtual Machine and re-launch your Mac version of the Verizon VZ Manager Software. At least once every three months, and preferably monthly, you should repeat this process so that your Verizon Cellular Device is always up-to-date.

NOTE: If the previous paragraph made no sense to you then you are not running a Microsoft Virtual Machine, so move on to the next option.

If you do not have a Windows Virtual Machine on your Mac, and you do not own a Windows Notebook that is compatible with your specific Verizon Cellular Data Card, then find a friend who does. Hopefully, they will let you download and install the Verizon VZ Manager Software for Windows and update your Verizon Cellular Data Card. Not to worry, activation and updating of your Verizon Cellular Data Card is Air Time Free and does not dip in to your Data Plan.

For AT&T, Sprint, and T-Mobile customers, the procedure is pretty much the same. One company, Smith Micro, pretty much writes the software and rebrands it for each Cellular Data Carrier. And, only a few companies, such as Novatel, Pantech, LG, and Kyocera manufacture the majority of PCMCIA, Express, and USB Stick Cellular Data Devices.

Mobile Device Management – Containing The Mobile Invasion

April 11, 2013 By Jason Palmer Leave a Comment

Mobile Devices

When Dorothy in the “Wizard of Oz” was walking through the Forrest, she exclaimed, “Lions and Tigers and Bears – Oh my.” Trust me when I say that most Information Technology Staff have the very same sentiment, “Cell Phones, Tablets, and Notebooks – Oh My” when walking through the office and seeing the extreme variety, feel every bit as much in peril as Dorothy.

Why? Because every one of those devices is a potentially unsecured entry point in to the corporate network and might be able to access sensitive data.

What is an Information Technology Manager to do? Ban all mobile devices from accessing the Network? Demand that only mobile devices issued by the Company and properly secured may connect to the Network? Tell the CEO that she cannot use her iPad to read her mail? Tell the CFO that he cannot access or look at the latest corporate financials on his iPhone because Apple does not understand “enterprise security?” Make everyone use a Blackberry curve?

There must be a better answer and there is.

It is called Mobile Device Management. The technology is available from a number of different vendors. It enables Information Technology Staff to secure and manage most well know brands of Smart Cell Phones, Tablets, and Notebooks from a centralized console.

Each Mobile Device Management vendor implements the solution slightly differently but with the same general result: the Information Technology Staff can apply and enforce usage policies, approve specific apps, determine the location of the device, enforce proper login credentials, and remotely wipe lost or stolen devices.

Another great feature is the standardization of Management Interface (Dashboard) of the various mobile platforms. The Information Technology person does not need to be concerned about if he or she is managing an iPhone or an Android phone. The Mobile Device Management software presents a single, unified view by class of device: All Cell Phones and All Tablets. Of course the granularity is there should one want to take advantage of specific features available in say an IOS device (iPhone, iPod, iPad) vs. and Android phone or tablet.

When performing a review of Mobile Device Management software platforms, there are a number of considerations to review. These include how many devices you have to manage? Are they predominantly Apple devices, Android Devices or something else? Are the mobile devices being used in your corporate environment by your employees supported? Does the Mobile Device Management Platform support all the versions of the mobile device operating systems in-use? And, from an Administrative perspective: Is the software license purchased as a one-time fee or is this a monthly service?

The important take-away from this article is that mobile devices, especially ones that your own Information Technology Department do not official support represent a real threat to your sensitive corporate data and need to be “cleared” prior to being allowed to access data on your network.

Think of it this way: For those of you that work in larger offices, visitors are signed in, logged, and guided. They don’t just wander in the front door and walk aimlessly around office.

Why would you allow a perfect stranger, such as someone’s personal smart phone, access your corporate data network without being escorted in?

The answer: You wouldn’t

It’s 2013 – Do you know where your sensitive corporate data is?

April 10, 2013 By Jason Palmer Leave a Comment

Data File Security

There was a time in the 1970’s through about 1995, before the modern Internet, when the person who managed your Information Technology could say with absolute certainty that he or she knew all of the possible entry points in to your network and exactly where your sensitive corporate data was stored.

In the early days of Information Technology, data resided on a mini-computer or mainframe that was installed in a special room that was physically locked in the center of your office space. Green Screen “Dumb” terminals were the only way to access the Corporate Data. There was no connectivity to the outside world. The only way data entered or exited your office was on paper or possibly a heavily guarded backup tape in-transit to an off-site storage location.

In the late 1980’s, the Green Screen “Dumb” Terminal begins to be replaced with the “Smart” Personal Computer. In fact, the mini-computer and mainframe for many applications also begins to be replaced by more powerful Personal Computers known as Servers. With the dawn of the Personal Computer, came the Floppy Disk, Zip Disk, and similar precursors to the modern day USB Flash Stick Drive.

Even though data was now being created and stored outside the highly secured “Server Room”, the Information Technology Manager still had a significant amount of control as floppy disk drives could be disabled. Data stored on Floppy Disks or Tape had the potential for “mobility” but could be serialized and tracked like any other corporate asset.

Few PC’s had direct communications capabilities to the outside world and even if they did, Modems were extremely slow. Since Modems used regular phone lines, and all pricing was “per minute” it was easy, even if after the fact, to notice a multi-hour phone call to AOL or Compuserve (early online services) and investigate.

Data, up until the turn of the century, mostly left an organization the old fashioned way: on paper. Again, depending on the volume of information being printed, the Information Technology person might notice excessive printing activity and then investigate.

After about 1995, with the accessibility of the Internet starting to become common place and significant price drops in the cost of Personal Computers, for the first time, an employee might actually be able to take data from the office and bring it home to continue working on it. Communication speeds increase dramatically and now instead of taking hours for a file to be transferred via Electronic Mail or a File Sharing Service, it takes minutes or seconds.

It is at this point in the timeline of the modern computer era that the Information Technology Staff can no longer say with any certainty or confidence that they “know were all of the corporate data is.”

No longer is the transport of sensitive corporate data limited to that which could be physically carried out the door on paper or a disk, but now it can be sent across town or across the country or globe in an almost untraceable manner over the Internet. I say almost untraceable because the tools were not widely available to the average Information Technology person, nor was there a mindset, of securing and tracking both the creation, management, and transport of sensitive corporate data in the majority of businesses. (Banks, Public Companies, and Government Agencies are generally the exception.)

As the realization hits home that data has become mobile, technology catches up and businesses start to create policies and implement tools that are able to track the movement of sensitive information within an organization and in many cases prevent it from leaving the confines of the company.

Tools to accomplish this include the ability to log the username of every person who accessed specific files, such as Microsoft Word Document or Excel Spreadsheet for real time or after the fact review (audit trails); Advanced Content Filtering Firewalls that can scan every email and attachment going in and out of a company via the Internet looking for key words that might indicate a security breach or espionage; and, Company Policy Manuals that explicitly and politely remind employees about the definitions of “Confidential” and “Proprietary.” Even though most every Personal Computer has a USB or CD/DVD drive, the Write functions can be disabled or password controlled as an added measure of security.

So when you walk in to your office today, take a look around and ask yourself, “Do you know where your sensitive Corporate Data is?” And, more importantly, “What have you done to secure it?”

If you or your Information Technology person cannot answer this question with the same certainty of 30 years ago, engage a Data Security Professional who can help put the “Genie back in the Bottle” and keep your sensitive corporate data secure.

MoCA Ethernet over Coax Cable – It’s not just for TV anymore!

March 27, 2013 By Jason Palmer 1 Comment

Actiontec ECB2500C

Thanks to the Multimedia over Coax Alliance (MoCA), a standard is emerging to enable devices such as set-top boxes, computers, and smart TV’s to communicate with each other and network over the existing Coaxial cable (Cable TV Wire) already in the walls of most homes and offices. It does not matter if the Coax wire is in use to distribute TV service from a cable company, Verizon FiOS, or Over-the-Are Free Broadcast DTV or not in use at all and just sitting there.

Some background: Wi-Fi® enabled Internet Routers in many homes and small offices have replaced the need to run classic network data cables meeting the Cat 5e or Cat6 standard. Unfortunately, Wi-Fi® is susceptible to interference. traffic jams and distance/range limitations. There are only so many channels in which Wi-Fi® can operate and in densely populated areas during peak times, Wi-Fi® can experience a kind of traffic jam similar to the Long Island Expressway at rush hour. In other cases, the WiFi signal is just not strong enough to reach to every corner of the home or office.

When running new data network cabling is not possible, making the Cable TV wire already in your home or offices do double duty may be your best option. It is MoCA to the rescue to enable you to run Ethernet over the Coax wire already in every room.

For example: MoCA enabled devices, such as the FiOS Internet Routers, already serve up IP network addresses to the FiOS Set-top boxes over Coax. (This is how your FiOS set-top boxes get Guide and Widget information and their Internet functionality.) In fact, the new TiVo Premiere devices are MoCA capable and can use the Coax for their Ethernet/Internet connection instead of traditional network data cabling.

By adding a MoCA Network Adapter, to which you can connect any standard Ethernet enabled device such top computers, notebooks, smart TV’s, media streaming devices (like AppleTV or Internet Radio), and Blu-ray players, you now have a rock-solid network connection to your FiOS Internet Router.

(By standard Ethernet device, I am referring to any device that has an RJ-45 female jack and uses a standard male/mail RJ-45 Cat5e or Cat6 data patch cable to connect to a wired network. And, a MoCA Network Adapter has a single Ethernet port and Coax Connection to bridge the two different technologies.)

You are probably thinking, “But I don’t have FiOS. I have Cablevision, Comcast or some other CATV provider.” Not an issue. Just add one additional MoCA Network adapter to the Coax cable that feeds your Cable Modem. Then connect the Ethernet Port on the Adapter to one of the Jacks on your Internet Router. You have just IP enabled your Coax to serve up Ethernet over Coax to every room in your home or office. By adding additional MoCA Ethernet over Coax adapters anywhere you have Coax cable you can immediately get “hard wired” network stability and performance to share files between devices or access the Internet.

Privacy Note: It is important that if you are using MoCA Network Adapters connected to Coax that is also delivering your TV, Internet or Phone Service from outside your home or office, that you use a MoCA “Point of Entry” Filter where the Coax first enters your premises. This would usually be where the grounding block is installed. The MoCA Point of Entry filter keeps the IP address information that is being distributed across your Coax INSIDE your home or office. Otherwise anyone adding a MoCA Network Adapter could access your network.

Technical Note: The most popular brand and widely available MoCA Network Adapter is from Actiontec. It is a model ECB2500C or ECB2200V. The models are functionally identical except the V suffix indicates a Verizon Logo on the unit. They are available as a single unit or as a pair. Visit the Actiontec Site here: http://bit.ly/ZqQ52y

Sales Note: At the time of this writing, TiVo is selling the Actiontec MoCA Network Adapter for $49.99 which is significantly less than the normal price of $79. TiVo also sells the MoCA Point of Entry Filter for $8.99. Visit the TiVo store here: http://www.tivo.com/products/tivo-accessories/index.html

« Previous Page