Equifax Hack - Update

Last week I posted this blog sharing my thoughts on the Equifax Hack.  
http://blog.compnology.com/2017/09/equifax-hack.html

Since then many questions have arose.  I hope to address them here.  

Where can I check if I'm affected?

Many are paranoid to trust what's out there.  After the Equifax hack, I don't blame them.  

If you want to do the ‘check’ the site is here: 
(WAIT!  Read below first)
https://www.equifaxsecurity2017.com/potential-impact/




It redirects you to a ‘trustedID Premier’ site.   The whole thing feels wacky – but the process is legit.    Once you enter your last name and last 6 digits SSN, your told your probably are affected.    

Then you fill out a form to enroll.   This enrollment entitles them to advertise to you and share your personal info with other financial institutions.  So I don’t like that.  That’s the price you pay to use a service instead of monitoring it yourself.  

What if I'm NOT affected?
Take the perspective that you have been affected.   
Remember the credit agencies are ‘for profit’ and Equifax is treating this hack in a manner to protect their financial future.  They have sites to ‘check’ if your affected, but there’s all kinds of ‘strings attached’ once you take that approach.   

If you check with Equifax and they say you’re not affected, would you rest at east and move on?  I wouldn’t.  If you find out you are affected, then what?   I suggest to supersede the ‘check if your affected’ approach.  

Go Beyond Checking. 

• Get your credit report.  
https://www.annualcreditreport.com is the only government-authorized site where you can request free a copy of your credit report.    I just got mine from Experian.   Review it.   Set an outlook reminder in 90 days, pull from TransUnion.   Repeat with Equifax.  In a year do it again.  

• Review and Monitor your financial accounts.

• Review and Monitor your medical records and health insurance.   

• Freeze your credit.  
I know this sounds nuts, but it’s not.   https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs is the Federal site that explains.  Read it through.  Pretty clear.  I put a freeze on mine.   I can lift it when needed, no biggie.  

Here is the federal trade commission site on the facts.  https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do

Did I do it?

Yup.  I’ve went through it all.  Do the above 4 steps for you, your spouse, parents, kids, and any next of kin.  This was a game changer, let’s not risk it.  This is going to haunt people for years.  

Happy Clicking!

Nathan DeSutter

IT Consultant

blog.compnology.com

Equifax Hack

There’s much discovery still taking place regarding the Equifax hack.   The fact is this is huge.  Most hacks allow criminals to gather partial info on your personal identity, piecing together on the dark web.   Hacking Equifax however is a gold mine.  Your full legal identity details all packaged up nicely for fraudulent use.   Rightfully so you should be concerned. 

Most media outlets are covering this with various advice.  Generally I’ve heard good suggestions.   But be on guard.   Some sites like the credit bureau data breach site and TrustedID and others are including legal arbitration clause baring your ability to bring legal action.   If you have no plans to join the already active law suits, then those sites are helpful. 

What can you do?

The two biggest things you can do is monitor your credit report and make sure you delineate password use.  

Credit Report.

You can do personal credit check for free annually.  With 3 credit agencies, than means a free check every 4 months.  Look for ANYTHING that seems out of place or you don’t recognize.  Identity theft is a pain to say the least and a nightmare for most.  Over the coming months you can be sure personal identity will be sold on the dark web.  

This hack will have lasting risks for pretty much all of us.   Not to over hype this, but it would be better to assume your affected by the hack, and monitor your credit report. 

It’s not a bad idea to freeze your credit - I did.  You need to contact each credit bureau directly.    Also setup a fraud detection / alerting.   The Federal Trade Commission has details for both here:  https://www.consumer.ftc.gov/articles/0275-place-fraud-alert.

Password.

In our CyberSecurity workshops we provide several real world steps you can take; more than I can practically provide here.  Mainly though, make sure you keep separate passwords for your corporate network, personal email, and financial institutions. 

Other Signs.

Monitor your bank and credit card accounts more closely   Watch for odd transactions.  Take notice of paper or electronic bills that suddenly stop.  Could have been redirected to an attacker.   Even medical records need a look for things that shouldn’t be there. 

Be careful what you click.  Treat every email like a visitor at your home at 2am.  Provide personal info at great care.   Do a double take look at everything above. 

Happy Clicking!

Nathan DeSutter

IT Consultant

blog.compnology.com

Recurring IT Costs - What should you expect?

It's easy to see that a light bulb needs to be purchased or a failed system needs replacement.  But all too many times the reasoning behind why money goes into reoccurring IT costs seems to elude many.  I hope to clear up what is to be typically expected of any modern business regarding what their annual IT Budget should include for reoccurring IT Costs. 

I break it down into the MUSTS, the OPTIONS and the OTHER. 

The MUSTS:

Anti-Virus Clients, Internet Gateway Security, Anti-Spam, Domain Certificates, Public Domain and Web Hosting. 

If you're doing business without any one of these components, you're playing Russian roulette with a fully loaded gun.  It's not a matter of if it's a matter of when you will be infected.  In fact, almost guarantee your already infected, whether your aware of it or not.  Probably have slow performing systems, odd glitches, popups, tons of spam, blocked emails, and the list goes on.   Worse is many infections sit silently collecting data about your computer use, emails you send, websites you visit, tracking so they can sell your info to the highest bidder for marketing purposes and more.  

It's important to note that no single anti-anything will prevent this.  But through a healthy combination of trusted security prevention systems you can block most and your IT Dept. can swiftly mitigate should something slip through.  

So how much?

The budget will depend on how extensive the protection software/system your using.  Overall here are some budget examples.

Small 40-100 User Network:	Initial Purchase Cost	Annual Reoccurring Cost
Anti-Virus / Client Security	$30 per device	$25 / year per device
Internet Gateway Security	$1,200 - $2,400 per site	$600 - $1,200 / year per site
Anti-Spam / Email Security	$2,500 if you own	$2 / month per mailbox
Domain Certificate	$75-$200 / year / domain	$75-$200 / year / domain
Public Domain	$10-$50 / year / domain	$10-$50 / year / domain
Web Hosting	$10-$100 / month	$10-$100 / month
Annual Total - 40 Users:	$5k - $7.5k     ($150 / user)	$3k - $5k         ($100 / user)
Annual Total - 60 Users:	$5k - $8k        ($110 / user)	$4k - $5.5k      ($80 / user)
Annual Total - 80 Users:	$6k - $9k        ($90 / user)	$5k - $6.5k      ($70 / user)
Annual Total - 100 Users:	$7k - $9.6       ($80 / user)	$6k - $7.5k      ($65 / user)

The OPTIONS:

These 5 are the most common IT operating expenses which are reoccurring annual cost that I would consider optional. 

Website Filtering & Control is basically policing the internet use of your staff.  Mainly used to control how your staff uses the internet and what you allow them to access when.  Usually provides staff internet usage reports and the like.   About 20% of my clients implement such a system.

VPN License are a necessity to remote connect to your office.  Usually this is purchases in 5 packs and only as needed bases.  If your remote connecting without a VPN connection you're asking for problems.

Offsite Backup is pretty much common place.  Entire separate blog on this topic.  In general your data should be housed on your servers and your servers should be backing up offsite.  >75% of my clients take advantage of this and reduce their risk.

Warranty usually included with computers / servers is 3 years.   On some key systems, servers for sure, I suggest extending that to 5 or even more years.  Many things depending here.

Computer Monitoring Software is directly babysitting your employees or more politically correct 'Employee Investigation' software.  <10% of my clients use this.

Small 40-100 User Network:	Initial Purchase Cost	Annual Reoccurring Cost
Website Filtering & Control	$100 / user per year	$100 / user per year
VPN License	$50 / user per year	$50 / user per year
Offsite Backup	$100-$200 / server / month	$100-$200 / server / month
Warranty	5% - 10% of hardware purchase per year	5% - 10% of hardware purchase per year
Computer Monitoring Software	$100 / user	$10 / user per year

The OTHER:

Services like Office 365, Dropbox, Box, Hosted VoIP Phone System and other SaaS (Software as a Service).  Totally optional services depending on your operation.  

I'm a fan of cloud services, when the need is right this provides awesome team synergies and tools.  At times it's a cost savings.   However I will argue there's more times than not that cloud is over hyped and over marketed because software vendors realize the real profit is in reoccurring revenue and are changing licensing models as such.   Again case by case depending on your business needs / operations.   

Apx 60% my clients use these services or some form of it. 

Small 40-100 User Network:	Initial Purchase Cost	Annual Reoccurring Cost
Office 365	--	$5 - $20 / user per month
Dropbox / Box	--	$5 - $15 / user per month
Hosted VoIP Phone System	$100 - $300 per phone	$15 - $30 / user per month

In all this I left out workstations, servers, switches and the like network system equipment.  These are items that could go to OPEX or CAPEX depending.   As well as monthly telco expense.   With another blog I will outline what a full Annual IT Budget should look like for these smaller 40-100 user networks. 

Well hope this helped put some $$$ into perspective.  Again this was an over generalization of annual reoccurring IT costs and each business needs a case by cases evaluation.

Happy Clicking!

Nathan DeSutter

IT Consultant

blog.compnology.com

Cyber Monday 2016 - Tablets, Laptops, TVs

There will be some deals that’s for sure.  If your planning on spending some hard earned cash, here’s a couple thoughts on the techy stuff.


TABLETS.
Apple or Android?  Lots of options out there but really comes down to that choice first.  I could go on forever with pros/cons.  To oversimplify this, if you currently use apple iPhone and can afford Apple iPad, stick with it.   If keeping it simple is most important, get Apple iPad.  If price is most important, get Android.  If you want granularity into everything, consider android.  Apple tablet will be more secure than android, just a fact.   Although if you’re a safe user and use trusted apps your fine either way.   Of course there’s Windows 10, if your not attached to your apple or android look and feel then sure Win10 is nice on a tablet.  

Screen.  Personal preference here.  The 7”-10” are more portable, easy to take with you.  Anything larger becomes a thin laptop and large to hold up, expect to be using at a desk.   <7” are easy one handers.  >10” are two handers.   <7” is getting small.  

Memory. All comes down to pictures and video, that’s what sucks up the space.  If you don’t plan to load up on pics then the small 16 GB is just fine.  Going to be taking lots of photos, get the larger 64 GB.   32 GB is the mid range and some 128 GB are available.   

Watch out for the <$100 tablets.  Seems like such a deal and they look fine in box.  They get real slow real fast and become a pain.

Cellular.  You can use your phone as hotspot and you probably have internet most places you go.  But it’s usually <$10 month for cell service on your tablet.  If your like me, it’s well worth it to not deal with the hotspot.  If you’re the person to stand in line for hours to save couple bucks or you just don't need internet everywhere you go, then opt out.  If your frugal but like to keep things simple, price is not rule all and you use your table often on the road, just get cellular built in. 

Personally I have an iPad Air 2 64 GB, LTE tablet and Samsung S6 128 GB phone.  Wife has iPad mini 16 GB and iPhone6 64 GB with an iWatch.  She is always taking photos/video and out of space.  


LAPTOPS.
Endless options out there.  Really comes down to the planned purpose, toy or tool?  Kid or adult?  Work or fun?   Regarding the toy, kid, fun laptops, the i3 Intel processor is ‘ok’.  The really cheep slow stuff is the Celeron.   For the tool, adult, work device, get an i5 or i7.   

Screen.  Touch is all the craze.  Rarely do I see touch screens used in production on laptops as a useful tool.   We’re talking about laptops not tablets remember.   For toy/fun it’s nice.   For all uses, 13” to 15” is most common size.  I think 14” is the perfect mix of decent landscape and portability.   

Brand.  I’m a dell fan.  HP is ok.  Not a Lenovo fan.   

Watch out for the <$300 laptops.  On the outside seems great...?  They’re disposable in 12 months and get frustrating slow in 3 months, typically.   

Microsoft Surface devices are pretty nice, they can be both tablet and laptop.  I do like these. 

My likes:
For fun, you can do a decent Dell Inspiron 11” or 15” for $400-$600. 
For personal, my favorite is Dell XPS 13.   You can get an i5, 8 GB memory, 256 GB SSD for sub $1,000.  
For work, my fav is Latitude E7470 Ultrabook series.  Budget $1,500 with a dock and decent specs.  

Warranty.  Unless you plan to trash it when it breaks, watch out for the warranty.  Many times the super low cost come with a mail in warranty.  I hate these services and rarely go through the pain to use them.  But that’s just me. 

Yes, SSD drives are way faster than standard hard drives.  You WILL notice the difference in performance. 



TVs.
UHD, SUHD, Curved, 4K…what matters?  I’m one of those guys that will stand in front of the TV’s for hours and compare, most the time when your put them in your home they all look pretty darn good.   If you want to future proof and you have the $$, get 4k.  But for the most part you’ll have no clue you have a 4k TV until we start seeing content common in 4k, so be willing to flush some money.  Most Comcast and the like broadcast in 720 or 1080, far cry from 4k.  Netflix, Amazon and YouTube do have some 4k content, but you pay and its limited.  Curved is all about the experience, if you like that sort of thing go ahead.  It’s like 3D movies, some love it some hate it, this is personal preference and it’s expensive.   Brand, I’m a fan of LG, at least right now for TV’s.   Things change.  Used to be a visio fan, there still ‘ok’ to me.   My brand choice (2016) in order from top to bottom: LG, Sharp, Samsung, Sony, Visio.  I wouldn’t buy anything else. 

Size.  I think 60” is the sweet spot.  Have 50” in bedroom and 70” in living room.  I’ve never heard someone say “I wish I got bought a smaller TV”, I have heard many people wish they bought a better TV.  I’d rather have slightly better quality with step down size than the opposite.  

LCD, LED & Plasma.  Get LED if possible.  LCD is fine but generally speaking LED is better.  Reality is LED is just a different flavor of LCD, has an LED backlit.  Typically Plasma is hotter, uses more power and heavier.  Was the ‘thing’ until LED’s became reasonable cost.  Plasma still has some tricks but I vote for LED TV generally speaking. 

Wall mounts.  I buy all my mounts and HDMI cables from monoprice.com.  Awesome company.  Some knock off items, but check the reviews on products and you can find great deals on reliable slick gear.   I’m rarely disappointed from monoprice.com.  If you buy a mount or HDMI cable anywhere else you probably wasted money.  


Again, just some food for thought on the stuff people tend to ask me about most often.   

Happy Clicking!

Nathan DeSutter
IT Consultant
blog.compnology.com

Dell PowerEdge T630 Unboxing and Review

Just a server right? 

Is a steak just a 'steak'?  I say not!

Now to my little 3 year old girl, when she says 'more steak daddy', does she know if I just grilled up a $30 rib eye or a $5 round.  It's all yummy to her.  But dish out the round when expecting the rib eye and be prepared for some major disappointment.  

So just a server right?  Well just like with a great steak or any other item that comes varying factors of consideration, a server is very much not just a 'server'.

This brief video highlights some of the items to care about and how it impacts your business.  Many IT disappointments can trace back from simply not choosing the right server or even more important not setting up right (but that's another video)

Click HERE for larger video.

In this video we cover these 11 Key Server Design Considerations:

1.  Visual Check Importance  (0:45)

2.  Tower vs. Rack  (1:35)

3.  Power Supply Selection (2:30)

4.  Hard Drive Choice  (2:55)

5.  RAID Config Plans  (3:30)

6.  Explaining RAID10 Drive Protection and Failure  (3:48)


7.  SD Flash Card for OS Image?  (4:45)

8.  CPU options abound  (5:10)

9.  Multi-CPU vs Multi-CORE  (5:30)

10.  Memory Layout  (6:30)

11.  Dual SD cards for ESXi OS?  (7:30)


Please share any questions or comments. 


Happy Clicking!

Nathan DeSutter
IT Consultant
Compnology.com

Contact:
559-674-1301
nathan(at)compnology.com

In-House IT or Outsource IT Department?

Amazing how so many people are looking for a job yet finding the right person can be daunting.  Let alone a qualified IT person that you can trust with the life blood of your company, your information systems. 

7 questions to ask yourself when interviewing an IT candidate:

   

1.  Can they solve the problem beyond the fix?  How?

     2.  Will they simplify my IT or complicate it?   How?

     3.  Can they solve the IT Security risks companies of all sizes are faced with today?   How?

     4.  Do I expect the same person who crawls under my desk and who provides the day to day user support to also have the experience, capability and time to successfully guide my business through these tumultuous (yet terrific!!) times in IT? 

5.  Will they make my company IT Dependent or will they allow us to use Technology as a Strategic Advantage?

6.  Will they allow me to rest at ease that your IT Systems are under control, reliable and protected? 

7.  Once I find the right person, how will I retain them?  And what growth opportunities do I offer?

Don’t want a one night stand when it comes to your IT Dept.    Good People want to be held accountable, they want to be a part of something bigger especially in their field of expertise and people want to be part of a team of like-minded individuals than they can thrive from.

3 Key Areas Compnology Differs From In-House IT Position:

1.       Experienced and Talented IT Staff with the know-how to reliably support today's needs and allow your company to transform into your vision for tomorrow.   We are an IT company with 15 years’ experience in hiring, training and leading IT Staff / IT Talent. 

2.       Accountability.   Lead People, manage actions….don’t manage people.  We understand the real components of IT and separate hype from fact.  No pull overs or glossy eyed looks when IT explains what can or cannot be done.  We hold our team accountable for actions so you can hold us accountable for the results.   

3.       Team Environment.  People want to be part of a team.  1 or 2 in house IT staff will always struggle to be a solo hero or even worse if they compete.  Forming a mindset that builds walls not bridges.  The opposite of what you need from anyone, especially those in your IT Department.

“We offer a ‘win-win’ environment where techs can thrive and be constantly challenged and rewarded in meeting our client’s needs.  We believe you’re only as good as those you surround yourself with.”                   

    - Nathan DeSutter

Do Modern Systems Require Less Support?

Yes and No.

There is a shift of support.



I've always find it weird how much 'less' of a good chair you get now and how much 'more' they costs.


15 years ago most support was centered on HARDWARE. Today (2013) hardware has become significantly better. So hardware related support has gone way down. In this way modern support has definitely been reduced.

However, with the adoption of more technology in everyday lives, more use of software for business process, the use of SOFTWARE has gone up tremendously. With hardware, usually it's either fixed or not, there was not much room for middle ground. With software, you have literally thousands of developers creating software for the needs of their target audience. While many of them pay serious attention to compatibility, there are so many software related:

- bugs
- flaws
- security holes
- crashes
- data to protect
- backup and then update.

Although vendors rave this is ‘automatic’, anyone who tells you it’s ‘set it and forget it’ is either lying to you or ignorant.

Modern systems here require more support for sure.


The more software is used as a strategic advantage, the more complex your IT becomes. This should mean your company is able to do more with existing or even less staff. This also means you need more IT control & management. Rule of thumb, for every 10% more efficiency you get with staff, you will have 20% more IT management.



Simple Example:
Company Revenue: 25 M
Employees: 100
Revenue Per Employee: $250,000
IT Dept: $50,000

Improve IT = +10% company efficiency:
Revenue Per Employee: $275,000
Employees: 100
Company Revenue: $27.5 M
IT Dept: $60,000

Gain: $240,000

The 20% of IT costs should be far outweighed by the 10% increased efficiency and related profit.

With such a gain - now you need smarter decisions being made in IT - better protection and prevention methods. How do you think the big players above drive so much revenue per employee?

Post 2010 - this is industry agnostic.  Software solutions are out there for every type of company.

Do Modern systems require less support? No. Expect to pay more in IT as your company gains many fold back on the bottom line.


Happy Clicking!

Nathan DeSutter
IT Consultant
Compnology.com

Contact me:
559-674-1301
nathan(at)compnology.com