GCInfotech is your total business IT solutions resource for your Mobile Workforce

Every year in the US alone over 100 million cell phones are retired, disposed and/or replaced. It’s estimated that Americans swap cell phones every 18 months on average, tossing their old cell phones into a drawer or worse yet, into the waste stream. Aside from the imminent risk of identity theft or private information going public, cell phones contain many hazardous materials that if improperly disposed can be harmful to the environment.

Consider two environmentally responsible and humanitarian alternatives for cell phone disposal: recycle or donate. The EPA claims that for every million cell phones recycled, we can recover 35 thousand pounds of copper, 772 pounds of silver, 75 pounds of gold, and 33 pounds of palladium. If not recycle, then donate to one of the numerous organizations that exist for refurbishment and redistribution that offer a potential second life before disposal (see below for a list of donation programs). For years, GCInfotech accepted old phones and made donations on behalf of its clients to organizations such as Cell Phones for Soldiers.

It’s extremely important to take proper precautions to wipe your phone of data and restore it to its factory settings before recycling or donating. Manually deleting text messages, call records and contact lists isn’t nearly enough to combat unauthorized use or protect your personal information once the phone is gone. Wiping it clean of all data may be harder than you think.

Here are details for how to do it:

  1. Remove SIM card
  2. Remove memory card
  3. Perform a master reset, often referred to in the phone’s settings as “Factory data reset” or “Wipe Handheld” (Check the phone’s manual or the internet for specific instructions regarding your phone’s make and model. The reset process is not the same for all phones.)
  4. Check with your carrier to make sure your account has been terminated. If not, others may still be able to use the device, and on your dollar. If you’re maintaining the same account, activating a new device and deactivating the old one, check your bill carefully to determine that the old device is not somehow still using that account.

Contact GCInfotech today if you have any questions about what to do with your old cell phones, or if you have any other technology concerns that we may help you with.

Cell Phone Donation Programs:

American Cellular Donation Organization Cell Phones for Soldiers
Charitable Recycling Program CollectiveGood
Donate a Phone Call to Protect Good Deed Foundation
Recellular Inc. Recycle for Breast Cancer
RMS Communications Group, Inc. Wireless Foundation
Earth911 Sprint Project Connect
Verizon Wireless HopeLine AT&T Wireless
GCInfotech is your total business IT solutions resource for Cloud Computing

Is your memory in the clouds?

The “cloud” is a business metaphor representing the internet, which more and more people are leveraging to store and manage their data and applications. Incorporating your business into the cloud, aptly dubbed “cloud computing,” allows you to conduct your affairs over virtual servers without using a byte of your own processing power. This notion took the business world by storm in 2007, and has rapidly expanded as more companies begin to offer a variety of cloud computing solutions to help your business.

Analysts still debate its definition, though essentially it’s described as the ability to use data and software over the internet instead of on your computer’s hard drive. Using the internet to house documents and data eliminates the need to invest up-front in costly infrastructure and hire someone to implement and maintain it. This makes computing significantly less expensive at inception, especially for smaller companies that may just have a few computers. Instead, these operational costs are spread out over time, and over a large pool of customers/companies.  That way, each customer uses just the portion of “cloud” resources that they need.

Obviously technology plays a major role in most businesses, even if your business isn’t technology. So by focusing more of your efforts on getting your product to market instead of spending resources on the sustainability of your technology infrastructure makes sense.Beware, though, of issues that directly affect your bottom line. Aside from security and control, what are the most cost effective ways to do business in the cloud, or how do you keep data in sync, and how do you manage relationships between applications in your office that point to data in the cloud? As your company grows, do you want to continue to pay a margin on resources from the cloud service companies, or can you implement your particular systems’ infrastructure more cheaply than the cloud service companies charge for it? Furthermore, will the cloud service companies continue to share the declining cost of hardware with their customers? There are many factors that must be considered.

At the onset, behemoth companies like Google and Amazon helped give shape to the cloud computing concept, but today there are over a 100 legitimate vendors out there with their heads in the clouds. Solutions continue to evolve, and more vendors are joining the bandwagon. Maybe it’s time to discuss with your IT consultant whether or not cloud computing is right for your business before you spend money on additional or new infrastructure.

security

What It Is and How to Avoid It.

Browser hijacking is one of the Web’s ever present dangers. It’s a type of online fraud that’s generally used to force hits to certain sites of a hijacker’s choosing. Chances are high that most internet users will be subjected to this practice in some form. A hijacker uses malicious software to change your internet security and registry settings to gain control over what and how your browser displays web content. Combating it can be tricky because it’s not necessarily a virus or adware, so software monitoring programs will not always suffice.

Signs that your browser might be hijacked…

  • Home Page has changed unexpectedly
  • Internet settings have changed and you can’t seem to reset them manually
  • New or unrecognizable links in your Favorites
  • Inability to navigate to certain websites such as anti-spyware and other security software sites
  • A new toolbar appears in your browser
  • An endless barrage of pop-up ads
  • Rerouting of URLs to other dubious websites

Precautionary measures you can take…

  • Use common sense. If a pop-up ad asks your permission to install an executable file, don’t accept it unless you’re absolutely certain of what that program entails. Make sure you have all the latest security packs and patches from Microsoft.
  • Run your anti-virus program regularly and set it to auto-protection. Heighten your internet security settings and add the sites you regularly visit to the list of ‘Trusted Sites’ so they aren’t affected. Consider changing your browser; many of these malicious programs are specifically designed for Internet Explorer and won’t execute on other browsers such as Mozilla.
  • Prepare an ‘emergency kit’. Free utility programs like Hijackthis or CWShredder are effective at removing malicious code while other programs like Ad-aware and Spybot remove Trojans and can help you recover your system.

GCInfotech can help you take the appropriate preventative measures to protect yourself from the dangers of browser hijacking.

GCInfotech is your total business IT solutions resource for your Mobile Workforce

How Smart is your Smartphone?

The smartphone continues to revolutionize the business world as new and innovative phones flood the market and slick apps make it easier to do business around the clock, from anywhere. From a profitability and productivity standpoint, the business enhancing affects are unquestionable. But with this rapid progression in smartphone technology come new mobile security challenges that not only CIOs and IT staff need to think about, but also small business owners and managers. Smart phones can be open portals to sensitive personal information and your corporate network making it absolutely crucial to understand the mobile security risks and how to maintain the integrity of your data.

GCInfotech’s Cory Visi adds, “Like laptops, smartphones are an extension of your corporation’s network not only containing sensitive or confidential data, but through VPN capabilities it can allow direct connectivity to the heart of your company’s business. It is imperative for the network administrator to view smartphones the same as employee laptops, and to apply the same (if not greater) precautions and access levels restricting access to the corporate network.”

36% of business network attacks originate from end-user devices, and according to the 2010 Data Breach study
28% of attacks occur through the various social networks that employees enjoy on their smartphones

Monitoring these types of activities and deploying a mobile device use policy will go a long way in securing sensitive company data that travels between the company network and employee smartphones. With volume of apps available, and with the rate at which they enter the market, it’s understandable that not all apps are vetted before they’re available for download. This is a huge source of vulnerability and an increasingly inviting platform for malicious criminal activity that can have devastating effects on your business. Policy should define and restrict which smartphones may be used on a corporate network.  If the phone does not support features such as password protection, or remote-wipe (ability to remotely erase the phone if lost) for example, it should not be allowed to access company data.

If you already have one or plan to deploy a business smartphone to your workforce, give some thought to the following:

  • Education. Make your employees aware of how their smartphone interacts with your network.
  • Create and strictly enforce a use policy, and ensure that security apps are included in said policy.
  • Understand that not all smartphones operate on the same platform. Phone software packages have holes and no carrier is immune to malware and viruses. Learn about the various vulnerabilities and safeguards of the smartphone options you’re considering.
  • Require employees to sync their phones regularly, keeping sensitive data off of their phones.
  • Maintain a corporate firewall and regularly monitor all server activity.
  • Limit employee permissions to only what they need to get their job done.
  • Have authentication protocols in place for accessing corporate networks.
  • Keep malware definitions up to date and running on all security software.

GCInfotech will help you maintain the integrity of your corporate network and mission-critical data. If you have any questions or concerns regarding how to develop a strategy for mobile phone security in your company, give us a call.

security

Password security is an increasingly important matter among technology experts as they debate the issue over usability, security and privacy. Ideally the three fields would work more compatibly, providing us with easier systems to use while still maintaining that rock solid security we need. There may always be a degree of inconvenience to the end-user when it comes to creating new passwords and upholding the expectations we set for impenetrable security.

Perhaps a little inconvenience is worth it– as Cory Visi, Managing Partner at GCInfotech, points out, “Millions of computers all over the internet (some hacked, some not) are running programs that scan other computers and servers for weak and empty passwords 24 hours a day, 365 days a year. If your password is simple and short, your account is likely to be hacked.”

It’s a dangerous world out there, one where technology experts have to battle the savvy hacker looking to gain access to your personal or company data while still considering that the legitimate user, you, demands accessibility with nothing more than a few keystrokes. It’s striking that balance between security and usability that ultimately determines how reasonable password requirements really are, and our willingness to comply with them.

It begs a couple of key questions– the more security measures we introduce, the harder it is to use a system? The more security a system has, the less secure it actually becomes? Fundamentally, people understand the need for security and are typically willing to comply because it seems necessary, but it’s really about the effort required to comply that make security measures successful or not. If a system is unusable because of overbearing security protocol, people will invariably create the necessary workarounds in order to get their job done. However this occurs, whether it’s posting a sticky note on the monitor or using “password” as your password – it all boils down to the fact that you just may be sacrificing security for convenience.

Overly restrictive password requirements could in fact decrease security and even increase your costs. Decreased security due to the methods people employ to recall a password, and increased costs due to the resources you may have to redirect toward helping users when they get locked out of their systems recurrently. In essence, the good guys are kept out while the bad guys aren’t affected, because, after all, they have other ways for penetrating your system, including phishing scams and key logging for example.

It’s very important that you have someone, if not the entire IT staff, who understands the intricacies between the systems you run, any new developments that exist for enhancing security measures, the needs of your end-users, and the psychology of illegitimate users. These factors will indeed play a meaningful role in securing your systems. And, of course, engage a mandatory password change policy for your employees.

Cory Visi further explains the need for such a policy by saying, “Even the owners and partners should comply. Password security policies should balance the frequency of changes with the complexity of the password. Passwords that are changed more often don’t have to be as complex. However, high security passwords should always be complex.”

Experts may provide different parameters for password creation, but always remember that the best password is both highly secure and easily recalled by memory. Here are some helpful tips:

  • Use long, non-word combinations
  • Don’t use personal info or follow any discernible patterns
  • Use different character types (i.e. symbols, numbers, upper and lower case letters if permitted by the system)
  • Use a passphrase (i.e. “I Love to eat Carrots and Dip 4 Snack!” = ILteCaD4S!)
  • Use a password management tool
  • Use different passwords for different sites, especially for those you want to keep secure
  • Change your passwords frequently and don’t reuse them for at least a year

If you don’t have a comprehensive plan of action for ensuring the maximum security for your systems, it’s time to have that discussion with your IT consultant. If you need help understanding what options are available or need to know more about password and system security, one of our expert technicians at GCInfotech can help you.