Props to Apple

Standard

For my birthday and Hanukkah this year, I got an Apple Watch Series 2.  The only problem is that being a December baby, they were sold out everywhere due to the Holiday shopping season being in full swing.

I wanted to Space Gray Aluminum version with the black sport band.  apple-watchIt’s apparently quite popular.  Every store I checked and online site said availability was in early January.  The person at the Apple Store recommended checking the site each day and eventually, it might say there were some in stock.  Last time I checked, availability within 250 miles of me was January 9th.

So, on December 12th I finally decided to place an order on Apple.com and see what happened.  At least they were taking online orders.  It said my delivery date would be between December 27 and December 29.

Being the impatient person that I am, on Sunday, December 18th I decided to call and check on my order, as I had not received an update.  I was connected with a very helpful man, true to Apple’s usually excellent customer service.  I asked him if he might have any idea of my order was on time and when it might ship.  He put me on hold for a few minutes to check.  When he came back on the line, he told me that he had good news.  That he was able to upgrade my shipping to 2-3 business days, for free and that the watch should ship out sometime this week.

As it turns out, the watch shipped the next day on Monday, the 19th.  I was able to watch (no pun intended) as the watch went from the factory in China to Shanghai, where it boarded a UPS aircraft to Anchorage, Alaska, where it arrived on the 20th.  It then flew to Louisville, KY, UPS’ hub and on up to Manchester, NH where it arrived early this morning.

And now, here I am, Wednesday evening, writing this post with my new Apple Watch Series 2 all setup and on my wrist.  After figuring I would not see my birthday/Hanukkah present until at least a month after my actual birthday, I have to give Apple credit.  I wasn’t calling to whine or complain about how long my order was taking or that I couldn’t find it anywhere locally.  I was just calling in to see if they might be able to give me an idea when I should expect to receive my watch.  Maybe it was just good timing, but I like to think it was great customer service and today, I happily have my latest and greatest gadget.

I’ll be posting a review soon, so stay tuned!

Here we go again…;Yahoo or not?

Standard

The following was published in todays edition of Seacoast Sunday and on Seacoastonline.com.

Unless you have had your head in the sand, you know Yahoo has announced another data breach and this one is more massive than the last. That in and of itself is pretty hard to fathom.

Iyahoon September, Yahoo announced 500 million user accounts had been breached. This week’s announcement is for an additional one billion, that’s 1,000,000,000 breached user accounts! That is 1.5 billion breached user accounts for a site that claims one billion users a month. Yahoo now owns the bragging rights for the worst cyber-security events in the history of the public Internet.

What’s worst, this breach happened in August 2013, which means the hackers have had this information for three years. The breached accounts have likely been for sale on the dark web and if you have been the victim of identity theft in the last three years and have or had a Yahoo account, this could be how it happened.

So, the $1.5 billion question (sarcastic as it may be) is what should you do? If you have a Yahoo account and don’t actively use it, close it. Just get rid of it. If you do have a Yahoo account, change your password, even if you have recently done so. You can never change a password often enough. Do not use a simple or short password. Create a password that is a minimum of 12 characters in length and use a mixture of letters, both upper and lower case, numbers and symbols. Even better, use a passphrase, a sentence in place of a single word. Include spaces, just as if you typed it out on paper and still switch out some letters for other characters. Yahoo does offer limited two-factor authentication, so use it. It will help further protect your user account. Also, don’t use this password for any other online account. Every account should have its own, unique password, so that if any single site is breached, you only have to worry about security that one account.

What’s unique about this breach is that hackers didn’t just get the username and password, they also got the account security questions and their answers, making it even easier for the hacker to impersonate the actual account owner.

As a result of this coming to light, you may expect to see an increase in phishing email offering to help you secure your accounts or looking for more information. All this is designed to trick you into revealing more about you to the hacker. Don’t fall victim to these follow on hacks. Only take action that you initiate, never in response to an electronic request.

Many experts are also recommending blocking access to your credit report as a further mechanism to ensure your identity remains secure. It’s a prudent step as one of the main outcomes from a hack like this is hackers trying to open credit card accounts in your name.

The ramifications of this latest announcement will become clearer in the weeks ahead. It’s likely that Yahoo will see an exodus of users who have lost confidence in the company’s ability to keep its users secure. Many online companies will be watching the fallout as the implications are very broad reaching. As well, Yahoo’s acquisition by Verizon is surely in jeopardy. The previously announced $4.8 billion dollar acquisition is either on the brink of falling apart of Yahoo will be forced to accept a much lower price if they want to save the deal. The potential liability to Verizon is too large to ignore.

Just who hacked Yahoo is still not clear and may never be. The company has suggested it may have been a foreign state actor. With all the current talk about other nations hacking in to various U.S. systems, this may in fact be the case. It may also be a convenient excuse to draw attention away from the lax security controls that Yahoo has been accused of. Time will tell. For now, one thing is for sure. This should be a loud and clear warning to everyone that you must not take your online account security for granted. You must take steps that I and others have been recommending for years, to secure your accounts. Be safe online!

Yahoo! Here we go again…

Standard

yahoo-featureBy now, you have probably heard the news that Yahoo has been hacked…again.

This time, one billion, yes, you read that right, 1,000,000,000 accounts were compromised.  This is beyond huge and almost unimaginable scale.  Yahoo says they have one billion users a month on their services.  If that’s the case, then Yahoo has been completely exposed.

If you have every had a Yahoo account, you need to pay attention to this.  This latest hack is in addition, yes addition, to the earlier reported hack of five hundred million accounts.  This means that 1.5 billion Yahoo accounts have been compromised.  The first hack was reported to have happened as a result of spear phishing.  This latest hack appears to have been through the sites underlying code.  It’s reported that hackers were able to access to core code behind Yahoo’s services and use that infiltration to get to the accounts.

Change your password immediately!  If you ever had a Yahoo account, log in, change the password and even consider deleting your account if you no longer use it.  If you are like the vast majority of computer users and have used your Yahoo password in other places, change those account passwords as well.

The primary way that hackers are successful with breaches like this is by going to other sites, like Amazon, Spotify or others and trying the same username and password combination that was obtained from the hack.  They gain access to your accounts on other services and make purchases and pursue other nefarious goals.  Don’t let yourself be victimized.

Use unique passwords for all of your logins.  Where possible, use passphrases, a sentence in place of a password.  Replace common letters with numbers, symbols and upper case letters.  When available, use multi-factor authentication in addition to a username and password.

Stay Safe Online!

Beware of Amazon Scam this Holiday Season

Standard

The holiday season is a prime time for cyber criminals.  The rapid adoption of Internet shopping sites has lead to fertile ground for would ne cyber criminals.  Cyber Monday now competes hand in hand with Black Friday and many online retailers have extended Cyber Monday to a Cyber Week or even Month.

Given all of this online activity, it was only a matter of time before this became an active amazonphishtarget.  This season, Amazon users seem to be the prime target.  Cyber criminals are using a phishing scheme that states that some Amazon accounts have been hacked.  The email contains an “Important Notice” about your account and that you are required to “verify” your account by confirming payment information and other security information.  The confirming of payment and security information is not an uncommon request for many online sites and services as a verification method.  However, you never want to provide this information from links in an email without absolute certainty that the request is legitimate.  You may want to actually contact the company first, to see if they do request this type of verification from their customers.  Chances are, they may not.

This is especially true if the message you receive states that if you do not take the requested actions, that your account may be restricted or suspended.  A threat like this may be a good indicator that this is a phishing email and not a legitimate request.

Think Before You Click.  It’s that simple.  If you receive messages like this, asking for sensitive information, delete it.  Follow the simple rule: “If In Doubt, Throw It Out!”

In addition to this type of message, fake messages that appear to be shipping notifications and order receipts are also commonplace this time of year and if fact, throughout the year.  Don’t take the bait and click.  If you think it may be a legitimate message, go to site where you placed the order or the shipper’s site and search yourself from there.  Chances are, you won’t find anything corresponding to the email.  Remember, don’t click from the email message itself.  It may direct you to what looks like the Amazon or UPS site, when it fact it’s a fake version, designed to draw you in and reveal sensitive information.

Cyber criminals love this time of year.  Don’t give them reason to celebrate the holidays.  Stay Safe Online!

Gooligan, the Latest Android Security Threat

Standard

Google Android remains one of the two dominant mobile software platforms, along with Apple‘s iOS.  Android is known to be a more “open” operating system, in that it is not as rigidly controlled as other operating systems.  This has lead to concerns that Android is more vulnerable that others.  In some cases, these concerns are justified.

Google’s Play Store has seen several apps be compromised with malware.gooligan  Gooligan, the latest Android malware, discovered by respected security company, Checkpoint.  To date, over 1 million Google accounts have been compromised.  There is a rather unique twist to this threat.  While the account tokens have been compromised, the accounts on Google’s servers appear to be unaffected.  Instead, what the malware seems to be doing is tricking infected systems into downloading infected apps in the background, unknown to the user, that then presents ads to the user that tricks them into purchasing something, thus paying the people behind the malware.  It does this by increasing the download counts for the infected apps, making them look appealing to others to download and buy.  It’s a clever attack vector that leverages the setting to allow applications to be installed from unknown sources.  Simply turning this capability off will defeat Gooligan.

The problem is that many application developers entice users to install their applications, outside of the Google Play Store, therefore requiring this setting to be disabled.  This is the root of the problem.  As is rooting, the process whereby a user can “root” their device, unlocking the operating system to do essentially whatever you may want with it.

As it relates to Gooligan, the good news is that Checkpoint has a free tool to help you check to see if you have been infected with the malware.  Click here to get the tool, if you’re an Android user and want to be sure your device is safe.

Reflections on Merging IT Companies, One Year Later

Standard

This article was posted on today’s Seacoastonline.com.

Internet & Telephone, LLCOne year ago, on Dec. 1, 2015, my present company, Internet & Telephone, LLC acquired the company I started in 1997, Jenaly Technology Group, Inc. It’s been a whirlwind year bringing the two companies together with lots of lessons learned that I hope are valuable to share.

Merging two technology company involves all the things you would expect, bringing together employees, cultures, customers, vendors, accounting systems, databases, facilities, equipment and all the behind the scenes things that come with running a business, from insurance to accounts payable, accounts receivable, insurance policies, employee benefits and more.

My biggest lesson learned is around informing your employees that they are being acquired by a new company. I underestimated the impact this development would have on them. While I had been working on negotiating the merger, working with attorneys, accountants and multiple phone calls daily over the preceding months, when I shared the exciting news with my team, they were shocked. It took them time to process this new development and what it meant to them.

Eventually, everyone came around to see the benefits of bringing the companies together, but don’t underestimate the initial shock a decision like this may evoke. We quickly brought the two teams together to meet and get to know each other, and this was perhaps the best thing that we did to help the employees get excited about becoming part of this new combined company.

Over the past year, some have left and some have stayed and that’s to be expected. At the end of the day, each person needs to do what’s best for them and respecting that and helping each person to come to those very personal decisions is a good thing for a company to encourage and support.

Bringing together extensive and complex technology systems is the other major lesson learned in bringing together two companies like ours. Business like ours, that provide technology support services to small and mid-size companies, use an extensive array of technology that has to be brought together into single combined systems. The last thing you want to do is manage one company’s data in one system and the other in another.

When going through the process of looking at merging two companies together, the commonality of technology systems, both infrastructure and back end systems, cannot be understated. If there are common technologies in use at both companies, it will make the process that much more efficient. When you have differing technologies, especially when it comes to your line of business software applications, the process can be much more cumbersome and most importantly, take a considerable amount of time.

One of our most significant accomplishments was that we merged all our systems in just four months, by the end of the first quarter in 2016. This was not a trivial accomplishment. We brought together our key backend database that manages all of our customer information, service delivery information, project management, billing and more. We also brought together our software tools that use to manage our customer infrastructure.

A key component to our success with this is that both companies used the same technologies. Had we been using different systems, the process would have taken at least another three months, if not more. This rapid integration of critical systems allowed us to focus our customers and making sure the transition into the new company was seamless for them, so that they would immediately see the benefit of having a larger, more capable technology partner supporting their business.

As I said at the beginning, there were many lessons learned and these are the two most important ones. Looking back one year, I’m truly pleased with the success of our integration. The combined company is managing all of our customer information, billing, accounting, tools and more from single systems allowing us to realize maximum efficiencies from bringing the two companies together.

Perhaps our single greatest success is seeing a small number of customers who left us after the merger, out of concern that we were now too big to service them, return to us. I think there is no greater commentary on the success of bringing together two companies than that.

Happy Anniversary Jenaly and I&T!

Standard

jtg2it

One year ago today, on December 1, 2015, we announced the acquisition of Jenaly Technology Group, Inc. by Internet & Telephone, LLC.  What a year its been!

I started Jenaly in 1997.  Paul Cissel and Pete Peterson started I&T in 2002.  Paul, Pete and I have known each other for just shy of 25 years.  We’ve always liked and respected each other and bringing our companies together for the benefit of our customers and our teams was a smart decision.

Have there been bumps along the way?  Of course there have been, but nothing we weren’t expecting and nothing that has caused any of us to question our decision.  Together with Doug Smith and Ken Teal, we’ve got the best C level team in the industry, as Pete likes to say.  We have a team of over 50 professionals that true to our Mission Statement, deliver First Class service in a proactive manner for our customers voice and data needs.

As I look back over the past year, I’m so pleased with what we have accomplished.  We have had some expected attrition, both in staff and customers, but we are absolutely thrilled to say that some of those customers who left, have come back enthusiastically and we welcomed them back with equal enthusiasm.  What a testament to the quality and value that I&T brings to our customers!  We brought together two companies, two cultures, two teams, two customer bases and common tools, business philosophies and goals to create the premier managed services provider (MSP) in New England and beyond.  There is no limit to what we can accomplish and how much fun and success we will have along the way.

I am beyond pleased to be part of this amazing team driving this incredible company into the future.  The best is yet to come, but as Paul likes to say, I am humbly grateful, but in no way satisfied.

Thanks for your support over the years and looking forward to sharing exciting new services and successes in the future.  Cheers!

Here are some links about our merger:

Internet & Telephone acquires Jenaly Technology Group

The Road Less Traveled To Double-Digit Managed Services Growth

ChannelE2E Podcast 051: MSP Acquisition, I&T Buys Jenaly

Press Release: Jenaly is Now Powered by Internet & Telephone, LLC