The Vote Happens Tomorrow, Wednesday, May 16, 2018

Standard

This is absolutely our last chance to tell the Senate to vote to overturn the repeal of net neutrality.  It is critical that this message be sent loudly and clearly as if the Senate votes to overturn, the House and President need to follow.  This has become a partisan issue when it never should have been.  Over 86% of American’s do NOT support the repeal, yet right along party lines, Democrats overwhelmingly agree and Republicans overwhelmingly support the repeal.  Clearly send them all a message to listen to their constituents over their party!

Make your voice heard by clicking here.

Take Action

This May Be Last Chance to Save Net Neutrality

Standard

The following was published in yesterday’s Foster’s and Seacoast Sunday.

On May 3, I had the honor of testifying before a U.S. Senate field hearing about net neutrality. The hearing was held by Senator Jeanne Shaheen as a member of the Small Business and Entrepreneurship Committee.

Facebook_profile2It was an official hearing with six witnesses, including Portsmouth City Councilor Nancy Pearson, director of the Center for Women and Enterprise in Nashua, Portsmouth City Councilor Joshua Cyr, director of Education and Acceleration at Alpha Loft in Portsmouth, Robert Zakon, co-founder and chief technology officer of the Zakon Group in North Conway, Zach Luse, founder of Paragon Digital Marketing in Keene and Lisa Drake, director of sustainability innovation at Stonyfield Farm in Londonderry.

The hearing, “Net Neutrality: Impacts on New Hampshire Small Businesses,” was held at the University of New Hampshire in Durham. The hearing was kicked off by Stan Waddell, UNH’s chief information officer. He talked about the importance of net neutrality to higher education and UNH in particular. Sen. Shaheen read an opening statement and then each witness gave a statement followed by interactive questions and answers between the senator and witnesses.

Unlike the recent hearings surrounding Facebook in Washington, D.C., I was impressed with Sen. Shaheen’s understanding of the issue and its impact on New Hampshire and really, the entire global economy. She was well prepared and well versed on the matter at hand. Her questions were pointed and important, and the ensuing discussion was valuable for all in attendance. The entire hearing will be recorded on the Congressional Record as will each of the written testimonies submitted.

The main reason for the hearing was to gather more data and input on the impact of repealing net neutrality rules put in place several years ago. If you have been following this issue, you know in 2015, the FCC passed rules that prohibit Internet Service Providers from throttling, blocking or charging content companies for faster response on the ISP’s network, what’s commonly referred to as paid prioritization. The FCC repealed those rules and Congress is debating whether to overturn that repeal. The first step toward such action will be a vote in the Senate using something called a Congressional Review Act, which would be a vote to reverse the repeal and reinstate net neutrality protections.

If the Senate passes this measure, it moves to the House, where it would also have to vote to reverse the repeal. From there, it requires the President’s signature. This should not be a partisan issue, but it has become one. It’s become a fight between Democrats and Republicans without regard to the will of the people.

More than 86 percent of Americans support net neutrality and want to see the repeal overturned. People making their voices heard have built the momentum that led to a historic accomplishment earlier this week when the Senate produced enough signatories to force a vote on the Senate floor. That vote is expected to take place this coming week. There is still time to make your voice heard. It does not matter that the New Hampshire and Maine senatorial delegations are in support of this measure. Take the time to contact them and let them know you support their actions. Visit www.battleforthenet.com and follow the easy steps to register your support.

The Senate only needs one more vote to pass and it is expected that it will. From there, the pressure needs to be maintained so the House follows suit. From there, the president needs to be clear it’s the will of the people that net neutrality be forever protected and that this is not a political issue. It’s an issue at the core of freedom of speech, entrepreneurialism and economic competitiveness. Please do your part and make your voice heard. Thank you.

Your Voice Is More Important Than Ever

Standard

Today, the U.S. Senate made history.  Senators successfully submitted a discharge petition, a picture of which is below, that will force a Senate vote next week to save #netneutrality.  This is a key outcome from the Senate field hearing that I particpated in last week.

Senate Discharge

Senate Discharge forcing vote on #netneutrality. From @JRosenworcel, FCC Commissioner Jessica Rosenworcel.

The country is clear, with more than 86% of citizens supporting maintaining net neutrality rules enacted by the FCC in 2015.  Those rules prohibit providers of Internet access from throttling, blocking or using paid prioritization to deliver content across the Internet.

Please take action and make your voice heard.  50 Senators are in support of this action, but 51 are needed for it to pass.  All 48 Democrats are in support as is Independent Senator Angus King of Maine along with his fell Mainer, Republican Senator Susan Collins.  Most observers believe any one of a number of moderate Republican Senators will deliver the needed 51st vote to pass.  From there, the measure heads to the House, which will need significant outreach to get the needed 58 additional Representatives to support.  From there, it will require the President’s signature.

The only way to assure net neutrality is preserved is to put pressure on Congress by making your voice heard.  This is not a political issue, this is a fundamental first amendment issue.  Please make your voice heard by going to:

www.battleforthenet.com and take action!

“Congress is fast approaching one of the most consequential votes on internet policy and free expression this century,” Demand Progress Director of Communications Mark Stanley said in a statement. “Lawmakers are going to have to make a choice, and the sides are clear. They can join with big cable companies that want to control the internet for profit. Or they can stand with the millions of Americans who rely on the open internet for news, entertainment and communication, as well as small business owners who depend on it for their livelihoods.”

Red Alert for Net Neutrality

Standard

970x90(1)

In just a few days, sometime mid-month, the United States Senate will vote on whether to block the FCC‘s decision to roll back net neutrality protections.  As you know, I testified at a Senate Field Hearing last week about this.  You can read my posts Participating in Our Democracy, It Happened This Morning and Senate Testimony Recap right here on my blog.  I believe strongly that net neutrality needs to be protected.  While I would prefer to see Congress enact permanent legislation protecting net neutrality, the Senate is taking the first step by voting on a Congressional Review Act (CRA) to block the FCC repeal.

Starting tomorrow, May 9th, many sites on the Internet will be going red to raise awareness and encourage consitituents to contact their lawmakers to express their support for this action.

Please take action by going to www.battleforthenet.com.  Thank you!

It Happened This Morning

Standard

SBC Logo

 

 

From Politico, May 3, 2018

TODAY: NET NEUTRALITY FIELD HEARING — Sen. Jeanne Shaheen this morning will host a Senate Small Business Committee field hearing that examines the effect of the FCC’s net neutrality rollback on small businesses. The panel, which will take place at the University of New Hampshire, will include testimony from business leaders including Zach Luse, CEO of Paragon Digital Marketing, and Lisa Drake, director of sustainability innovation at Stonyfield Farm. “Today, small businesses can reach customers throughout the world at the click of a button. Net neutrality has been a linchpin of that success,” Shaheen will say, according to prepared remarks. Thousands of small businesses have signed onto a letter that calls on Congress to preserve the FCC’s 2015 net neutrality rules by supporting a measure that aims to undo the agency’s repeal via the Congressional Review Act. We’re tracking.

I testified at this hearing this morning.  I will recap the hearing and post my written testimony later.  Stay tuned…

Should You Delete Your Facebook Account?

Standard

The following was published in today’s Foster’s and Seacoast Sunday.

Should you delete your Facebook account?

Probably not, though thousands of Facebook users are in the wake of the data-sharing controversy involving Cambridge Analytica, a British firm that specializes in data mining. In a nutshell, the firm scours the internet for your digital history and uses that information to build a psychographic profile of you others may want to purchase from it. In the case of the current controversy involving Facebook, the profile data was used by the Trump presidential campaign to influence voter behavior.

FB

In this April 2013 photo, Facebook CEO Mark Zuckerberg walks at the company’s headquarters in Menlo Park, Calif. Facebook is reeling after allegations a political consulting firm working for the Trump campaign got data inappropriately from millions of Facebook users. [AP photo/Marcio Jose Sanchez, file]

This is not a political article. I am not going to wade into the right or wrong, the candidate or conspiracy theories.

The fundamental issue is whether Facebook intentionally shared user data with Cambridge Analytica or if it was duped by Cambridge Analytica, which many believe took advantages of weaknesses in Facebook’s data privacy to assemble a remarkably detailed portrait of some 50 million Facebook users without necessarily having their permission.

How did this happen? You know those fun quizzes that pop up on Facebook and ask you to answer a bunch of questions like how many U.S. states you have visited? Those are driven by apps developed by other companies, not Facebook, but use the Facebook platform to get you to play along. When you do, you click to allow that app to access your Facebook profile. When you do, sometimes those apps are allowed to access profile data on your friends and possibly even their friends. This is how things spread like wildfire online.

While many users are angry with Facebook and deleting their accounts, that really doesn’t address the root of the issue. It may also cut off a useful communication tool that keeps people in touch across the globe. My family, which is large and dispersed around the world, relies on Facebook to stay in touch and share family stories, historical and in real-time. I don’t want to give that up. If you’re like me, here are some steps to take to secure your Facebook profile and not fall victim to questionable companies accessing your Facebook profile without your knowledge.

For this article, I’m focusing on using Facebook on a web browser on a computer, not a mobile device. The good news is Facebook announced this week it is significantly enhancing its privacy tools to allow users to take complete control of what is shared and what is not. This revamp will bring all these settings together on one screen and be seamless whether you are changing settings from a computer or mobile device. For now, you may have to hunt around some menus on mobile devices to find these settings.

Step one is to click on the down arrow next to the help icon (a question mark) and select Settings. Next, click on Apps near the bottom of the menu of options on the left side of the screen. The first section you will notice is labeled “Logged in with Facebook.” Here you will see a bunch of icons. Be sure to click Show All. You may be surprised to see how many outside apps you have allowed to connect to your Facebook account. This is where it starts. When you hover your mouse over one of the apps, you’ll have access to a pencil icon, to edit the settings for this app or a checkbox to select the app. If you are not sure what an app is there for, I recommend selecting it. Select all the apps you want to get rid of and click Remove to delete them all at once. Deleted apps will no longer have access to your Facebook profile. If you decide to click on the pencil to edit the apps permissions, you can select what parts of your Facebook profile you want the app to have access to. Finally, if you see Only Me, Friends or Public, that tells you who else on Facebook is able to see that you use that app. Only Me is your safest setting.

The next sections are more broad in nature, but critically important to taking control of your profile. I recommend you click Edit on each section and read the descriptions, so you can make appropriate decisions about whether to allow some of these settings to be on or turned off. Turning a setting off may prevent you from logging into non-Facebook services where you have used your Facebook profile as your login to that service.

Just this week, Facebook completely disabled the settings known as Apps Other Use. This was one of the primary vehicles used by Cambridge Analytica to get at so much data. This former feature allowed an app that a Facebook friend of yours used to access your profile and harvest that data, even though you may have never used that app. This is really what has people and regulators up in arms and Facebook has acknowledged the fundamental flaw in allowing this in the first place.

Facebook is making daily changes to respond to the outcry and reassure users privacy is important to the company. Whether it succeeds in regaining trust will take time to assess. For now, taking these simple steps to further secure your Facebook profile from prying eyes is the right thing to do. Don’t just do this once and forget about it. Keep watch for more developments on this and more ways to secure yourself online as the dust settles from this latest breach of public trust.

Recap: CyberSecure My Business Webinar

Standard

CSMB.png

Last week, I posted about a Free CyberSecure My Business Webinar that took place this past Tuesday, March 13th.  I wanted to follow up that post with a quick summary of what was presented on the webinar.

The webinar was presented by the National Cyber Security Alliance.  Presenters were from the National Institute of Standards and Technology, security vendor Trend Micro, the Small Business Administration and the Michigan Small Business Development Center.

The presented from NIST focused on the five major functions of the NIST Cybersecurity Framework.  The NIST framework is the defacto standard for defining cybersecurity needs.  The five functions are as follows:

  1. IDENTIFY assets you need to protect.
  2. PROTECT assets and limit impact.
  3. DETECT security problems.
  4. RESPOND to an incident.
  5. RECOVER from an incident.

The presented from Trend Micro talked about a new phenomenon they have termed the “Double Whammy.”  Esentially, this is when one cyberattack actually masks another and the second attack is the one that is designed to do the actual damage.  Another key point the presenter made was that if you get infected with malware, you can’t be confident that you’ve removed it all.  Your best bet is to replace the machine.  The presenter almost pointed to the website nomoreransom.org where some of the major cybersecurity companies have collaborated to publish decryption keys for known ransomware outbreaks.  Of course, the bad guys develop new ransomware faster than the site can keep up with, but this is a good start at what amounts to a crowdsourced defense.

The presented from the SBA shared the wealth of cybersecurity resources that the agency makes available to businesses.  He made a point to reference the SBA’s Social Media Cyber-Vandalism Toolkit, to help people maintain a safe social media presence for themselves and their businesses.

The presenter from the Michigan Small Business Development Center showed a web site they have put together to help their constituents address cybersecurity concerns.  This is part of local outreach activities that the SBA supports.

He also shared the following bullets, which are great reminders for any response to a cybersecurity incident.

Process to Follow:

  • Identify
  • Contain
  • Investigate
  • Remediate
  • Communicate
  • Review Lessons Learned

People to Notify:

  • Cyber Security Expert & IT
  • Employees
  • Customers
  • Partners
  • Vendors
  • Attorney
  • Law Enforcement

Technologies to Help Mitigate Risk:

  • Encryption (full disk, files, folders, email, VPN)
  • Mutli-Factor Authentication (MFA, 2FA)
  • Mobile Device Management (MDM)
  • Data Loss Prevention (DLP)
  • Security Information and Event Management (SIEM)
  • Intrusion Prevention/Intrusion Detection Systems (IPS/IDS)

Key Takeaways:

  • Have a Business Continuity Plan
    • Incident Response Plan
    • Disaster Recovery Plan
  • Identify Key Assets
  • Choose Protection Considering Based On:
    • Budget
    • Industry Requirements
    • Capacity
    • Legal Restrictions

I know there is a lot of information in this post.  If you were not able to make this webinar, I wanted to share a good summary to help you review your own cybersecurity posture.  Please check the links and leverage this great content to help improve your cybersecurity.  Stay Safe Online.

Tesla’s Cloud Systems Hacked

Standard

Tesla Logo 2One of the most upstart and well known tech companies of late is Tesla.  Everyone knows their name and their vehicles and battery systems have been very well received by the market.

Tesla not only produces technically advanced products, they heavily leverage technology to do so.  News emerged this week that security researchers have discovered that Tesla’s Cloud platform has been exploited by hackers to mine crtypocurrencies.  This took place within Tesla’s infrastructure hosted on Amazon Web Services (AWS).  The hack appears to have been done to leverage Tesla’s resources in AWS for other purposes.  However, there is a concern that some vehicle data was exposed as a result.

To Tesla’s credit, they responded very quickly and issued the following response to technology news site ZDNet:

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”

Good for Tesla for addressing this so quickly and tranparently.  They have done a great job of owning the issue and responding appropriately.  A good lesson for others to follow.

Olympic Technology is Going for Gold

Standard

This post was originally published in today’s Foster’s and Seacoast Sunday.

The Olympics taking place in PyeongChang is a spectacle of technology that is giving us a glimpse into our future. With technological powerhouses like Samsung being one of South Korea’s most well known exports, it’s no wonder technology is taking center stage.

Intel Olympics Drone TechnologyThis awesome display of technology is not without its pitfalls. On the first day of this year’s Olympics, hackers took center stage, breaking into some Olympic technology and causing the office website of the 2018 Winter Games to be taken down overnight. As of now, there does not appear to have been any serious breach, but investigators are still at work and we may not know what has really happened during the Olympic Games until well after the Olympic torch has been extinguished in PyeongChang.

One of the massive challenges for technology at an event like the Olympics is security. It’s even more of a challenge due to the nature of the event. A temporary sporting event that brings the attention of the world on a small part of the host country for a short window of time. Talk about a target of opportunity.

Olympic Games are put on by local organizing committees under the auspices of the International Olympic Committee, the IOC. Technology contracts are awarded to multiple companies by the local organizing committee and are often decentralized, meaning each vendor chosen must secure their own networks. This brings multiple players to the table and multiple vulnerabilities. Intel, Samsung, Visa, Atos, Korea Telecom, Comcast, NBC and more all have extensive technology infrastructures in place at the Olympics. Even clothier Ralph Lauren has introduced technology to Team USA’s uniforms for this year’s Winter Olympics. The jackets Team USA will be wearing include active heating technology to keep the athlete’s warm.

Multiple organizations and government agencies have warned attendees to steer clear of public WiFi and be on alert for all manner of cyber scams. Some have gone so far as to recommend turning off WiFi and Bluetooth while at the Games, to avoid what are known as drive-by attacks, where a hacker may theoretically access your device to steal information and use it as part of a larger attack.

There will be plenty of technological marvels on display, from Intel’s amazing drone light shows to Samsung’s robots. A robot even carried the Olympic Torch for part of the relay leading up to the lighting of the Olympic Flame during the opening ceremonies one week ago. Technology will also be available to the athletes to help them tune their performance and maximize their experience. Suits with smart sensors will provide a level of athletic performance feedback not previously seen. It will be interesting to see if any competitors make changes based on this new information that will be available.

Another first for these Olympics is that all of the technology systems running and broadcasting the games will be Cloud based. You won’t find the temporary data centers that powered past games. This year, critical systems will all be physically away from the games in Cloud data centers. There are some fifty critical applications behind this year’s Olympic experience, all out in the Cloud.

Even with this reliance on the Cloud, there will still be well over three thousand IT workers on the ground in PyeongChang supporting the games. Whether things are based in the Cloud or not, you still need an on-site IT infrastructure to enable everything from accurately capturing race times to broadcasting the events live online and to television viewers worldwide.

For spectators who are in PyeongChang, Intel is providing virtual reality experiences from the athlete’s point of view. Imagine putting on a virtual reality headset and finding yourself hurtling down a slalom course at 70 to 80 mph. You can if you want to.

I mentioned Visa earlier as one of the technology companies on display at the Olympics. Yes, Visa is a financial services company, mostly known for issuing debit and credit cards. In PyeongChang, Visa is showcasing payment technologies of the future. There are contactless payment terminals throughout the venues. Visa provided special rings to the athletes that have embedded payment technology, allowing an athlete to simply wave their hand over a payment terminal to pay for something. Visa even has smart gloves in use so that when you are outside, you won’t have to take your gloves off to pay for something. Just place your hand near a payment terminal and make your payment.

The Olympics are always a great event, showcases known and unknown athletes and great stories of triumph and defeat. Technology is giving us a glimpse into the future as well this year, except the future is now.

IT Themes for 2018 from CompTIA

Standard

The following press release was issued by CompTIA today.  I’m very pleased to have been quoted in the section on “From product sales to service subscriptions.”

logo-small_jpeg

 CompTIA Board of Directors Identifies Six Tech Themes to Watch in 2018

 Downers Grove, Ill., December 21, 2017 – Artificial intelligence (AI) will stake out a larger role; a greater emphasis will be placed on the user experience with technology; and protecting personal data and information will become more critical in 2018, according to the board of directors of CompTIA, the leading technology industry association.

The new year will also see technology companies focused on new government regulations and requirements, led by the European Union’s General Data Protection Regulation (GDPR); evolving their business models to rely more on the sale of “as a service” subscriptions; and taking new actions to combat cyber threats.

The CompTIA directors at a board meeting earlier this month spent time trading ideas and debating the impact of nearly 20 trends likely to impact the technology industry in 2018. Six themes rose to the top of the consensus list of technology trends to watch.

Artificial intelligence (AI) expands its presence – A recent CompTIA survey found that one in four companies make regular use of AI in areas such as machine learning, virtual assistants, workflow tools, and in the automation of processes and tasks. Another 19 percent of organizations expect to adopt AI in the next year.

More focus on optimizing the customer experience – Options for acquiring technology have expanded, driving providers to find new ways to maintain relationships with current customers and acquire new clients. Optimizing customer experiences with technology is a crucial step in maintaining and building relationships; but it requires a thorough understanding of both user expectations and business objectives.

“The emergence of technologies that enhance the customer experience will be an important tech theme for companies wanting to stay ahead of the competition in 2018,” said Dan Shapero, founder, ClikCloud Digital Marketing. “Companies using artificial intelligence, chat, call center and mobile web to enrich customer experience will reap the benefit of increased customer loyalty, greater efficiency and higher margins in the foreseeable future.”

Protecting personal privacy – The security and personal privacy challenges associated with how consumer information is collected, used, analyzed, and shared will grow in importance as millions of new interconnected devices come online through the expansion of the Internet of Things, smart cities, autonomous vehicles, and other innovations.

Government requirements and regulations – The pace of innovation greatly exceeds the speed at which governments can adopt, alter, expand or eliminate policies and regulations. This can create inherent tensions between technologies entering the market – often at the demand of customers – and governments’ ability to regulate. In 2018 one of the biggest regulatory issues technology companies will face is the General Data Protection Regulation (GDPR), the new primary law that will regulate how companies protect European Union citizens’ personal data.

“Government regulation becomes more stringent when it feels the need to do a better job of protecting people than it deems the industry it’s regulating is doing,” said Tracy Pound, managing director, Maximity. “The GDPR is intended to provide consistent enforcement of data protection rules that increase an individuals’ rights to control data held about them; and to ensure that companies holding data can demonstrate accountability for that data and have good governance processes in place. It applies to any company that processes, stores or transmits personal data belonging to EU residents. It will still apply to the UK post Brexit, making it a global issue rather than a European one.

“With industry surveys stating that less than 10 percent of companies are prepared for the GDPR, this is a significant opportunity for tech companies to reinforce being a true trusted business advisor by providing insights and services that help clients navigate the new regulation in order to help them minimize the risk of data breaches and to demonstrate compliance,” Pound continued. “With maximum fines of 4 percent of global turnover or €20 million, tech companies and their clients need to wake up to the volume of preparatory work in documenting systems, educating staff, bringing policies and procedures for processing data up to date and making changes to be ready for the deadline of 25th May 2018. Expecting this to go away and to do nothing is a game of Russian Roulette.”

From product sales to service subscriptions – The “everything-as-a-service” model is not a new phenomenon. But the subscription service model continues to evolve as businesses expand their reliance on the technology ecosystem. In this fast-changing market many companies – traditional technology firms and new market entrants alike – are striving to carve out their niche.

“As the ‘as-a-service’ model of technology acquisition continues to mature, traditional resellers are facing significant changes to their established business models,” said MJ Shoer, director, client engagement, and virtual CIO, Onepath. “While there will always be a need to make capital acquisitions of technology, subscription models are now the norm and some traditional customers are now procuring their technology from multiple sources. This requires that technology solution providers drive value by helping our customers understand and leverage this evolving market trend. We also need to help our customers leverage technology to improve their workflows and business processes to gain a competitive edge.

“Technology solution providers also need to adapt to the changing security landscape,” Shoer added. “While many traditional MSPs are building security practices within their existing business structure, this leads to concerns about the fox watching the hen house. How technology solution providers bring security services to their customers while ensuring the integrity of those services will be paramount to providing the type of services most customers will require, especially with increasing government regulation like GDPR and others.”

Cyber readiness – Video gaming communities, hotels, fast-food restaurants, retailers, healthcare providers, educational institutions, government agencies, and business services providers were just some of the victims of cyber-attacks and data breaches in 2017. Despite improvements on many fronts, threats show no signs of abating. In fact, evidence suggests that things will get worse before they get better, with the attacks growing in both frequency and virulence.

“Going into the new year we expect cybercriminals to stick with the malware that makes them the most money: ransomware,” said Scott Barlow, vice president, Global MSP, Sophos. “In fact, according to recent research by Sophos, 2018 could potentially bring the explosion of Ransomware-as-a-Service (RaaS). These hacking kits, designed to make cybercrime accessible to anyone regardless of skill, will drive global ransomware levels through the roof.”

As the leading trade association for the technology industry association CompTIA provides a vast selection of education and training materials, research and market intelligence, webinars and conferences, business best practices, member communities and advisory councils, and more on a wide range of technology topics. Visit www.comptia.org to learn more.

CompTIA: Building the Foundation for Technology’s Future

The Computing Technology Industry Association (CompTIA) is the world’s leading technology association, with approximately 2,000 member companies, 3,000 academic and training partners, over 100,000 registered users and more than two million IT certifications issued. CompTIA’s unparalleled range of programs foster workforce skills development and generate critical knowledge and insight – building the foundation for technology’s future. Visit CompTIA online, Facebook, LinkedIn and Twitter to learn more.

Contact:

Steven Ostrowski
CompTIA
sostrowski@comptia.org­
630-678-8468

%d bloggers like this: