Posted by Jack Doyle on Mon, Apr 29, 2013
If you own a local business in the Central PA / Philadelphia region and accept payment through credit cards, you should be familiar with filling out an annual Self-Assessment Questionnaire (SAQ) to keep current with your Payment Card Industry Data Security Standards (PCI DSS) compliance requirement. Depending on how your business accepts credit cards, whether it is through a Point of Sales system (POS), a web based e-commerce portal, or card-not-present transactions over the phone, adhering to the requirements of PCI DSS and becoming compliant may a daunting task. Businesses with payment card systems that store cardholder data are required to complete SAQ D, which is the strictest of all the SAQ’s. This form has 288 questions and requires many policies and procedures to be implemented. Qualifying for one of the other SAQ’s, which are basically subsets of SAQ D, would lessen the burden on becoming PCI compliant. But don’t confuse an easier SAQ with being less secure. The requirements of SAQ’s A, B, CV-T, and C require an even more secure infrastructure as it relates to PCI and cardholder data by not allowing any cardholder data to be stored on any system in the environment. So you ask, “How can I prevent the storage of cardholder data and move from SAQ D to SAQ C?” The answer is Tokenization.
Tokenization works by replacing cardholder data in your payment system with a unique string of characters called a token. This token is generated by a payment gateway, such as PayPal, and is sent back to the merchant’s payment system to take the place of the cardholder data. The gateway then completes the transaction with the acquirer or bank. Any future transactions utilize the token, removing the need to transmit cardholder data. By eliminating the card holder data onsite, tokenization greatly reduces the scope and risks associated with PCI security standards. While Tokenization does lessen the burden on your annual PCI SAQ, it is always best to consider all of the guidelines outlined by the PCI DSS. It is always recommended to implement as many security best practices as possible even if they are not required by compliancy.
While Trigon does not implement Tokenization directly (your payment system vendor or acquirer would assist you with this), Trigon can assist you with becoming PCI compliant. Trigon has extensive knowledge and expertise in securing data infrastructures and is proficient in vulnerability management.
If you have any questions or would like to discuss how Trigon may help you with your PCI requirements, contact Trigon today!
Posted by Aaron Pastor on Fri, Dec 07, 2012
The term pirate doesn’t invoke the same type of images that it once did. Instead of a bearded man with an eye patch and a peg leg, we now see a pirate as a young male hunched over his computer downloading the latest action movie or video game. Either description of a pirate is accurate but what you must realize is that a pirate can also be Jim, the new account manager, in his suit and tie sitting at his desk working away. More than half of all PC users globally admit to using pirated software either at work or at home. The biggest problem with all of this piracy is that some people just do not understand the dangers and costs of software piracy.
Why do people pirate software?
The reasons people pirate are as varied as the pirates themselves. Some people feel that the price for software is overly high. They look at the price tag on a program like Microsoft Office and recoil in horror. While $134.99 plus tax (the current price of Office 2010 Home and Student) may sound steep, you must realize that there are always low or no cost alternatives. For the price of an hour or so for setups ant tutorials, OpenOffice.org is a free (and legal) way to obtain a similar set of productivity tools that will surely suffice for a household’s word processing and spreadsheet needs. One of the other reasons that people pirate software is because they don’t see it as a true crime. If I take your watch and don’t pay you for it I have your watch and you have nothing. But if I copy your software we both (potentially) have access to the software whenever we want and nobody got hurt. Right?
Software Piracy hurts (everybody)
What is software? Software at its most basic is a compilation of code that tells your computer how to do something. It is a set of instructions that make sense of the trillions of ones and zeros that are the only thing that your computer really knows. Someone (or many people) had to sit down and imagine, develop, design, and write every single line of those instructions. The people who make the software get paid by what you buy. If you don’t buy then they don’t get paid. Also a developer receiving profits from a piece of software is much more likely to provide support for that software in the form of patches, bug fixes, and security updates. A developer with no revenue also does not release new software titles. That pirated copy of a productivity package may have just cost the world the next evolution in operating systems.
Pirated software can be dangerous
If a stranger in a mask walked up to you and handed you an unwrapped Whopper would you eat it? If you found a $200 program on the internet for free would you download it? The answer to both of those questions SHOULD be no and for many of the same reasons. Who is this person? Why are they giving me something for free? Why are they hiding behind anonymity? Did they do anything to it? Did they put something harmful in it? You don’t know the answers to those questions. You can’t know the answer to those questions. If you wouldn’t take the Whopper then you shouldn’t take the software. Any number of things can be imbedded in that “free” software. If that “free” software has coding in it that transmits your credit card numbers and bank information to someone halfway across the world and they steal all your money then was that software really “free”?
Pirated software can cost you your job
Using pirated software is illegal. There is no gray area. In the terms and conditions of every piece of commercial software made there is a clause that says that you may not make, distribute, or use non licensed copies of that software. If you use pirated software at work and the company is investigated they will be able to track every piece of software on every computer on the network. When they find that “free” software
Posted by Dan Rodden on Fri, Nov 09, 2012
Surge protectors and power strips are great things to have around the office because they enable additional productivity or leisure devices to operate. There are some important things to note, though, in case you have some of these lying around your office.
- They are not the same thing! A surge protector and a power strip are different devices. You’ll notice that a “power strip” is generally cheaper, and the reason why is because it is literally just a strip of additional outlets. A surge protector is designed to protect against sudden spikes in the electrical current, so it is important that a surge protector is used when plugging in your computers and sensitive electronic equipment rather than just a power strip.
- Using surge protectors or power strips does not increase the amount of available power, so using them to connect too many devices or a very power-hungry device could cause some issues that take all of your technology offline
- Surge protectors are not made to plug into UPS (uninterruptible power supply) batteries, such as what your server and network equipment should be plugged into. UPS batteries already have their own power conditioning built-in. If you need additional outlets on your UPS battery, you should consider purchasing an additional battery or checking with the battery manufacturer for a supported power strip that can be connected.
Posted by Jonathan Pentecost on Tue, Sep 11, 2012
According to the http://news.yahoo.com/t-mobile-launches-campaign-lure-iphone-users-160628339--finance.html?_esi=1 article, T-Mobile is the only one of the “Big 4” wireless carriers that currently does not offer the iPhone for new subscribers. The other three (AT&T, Verizon, and Sprint) all offer the iPhone for sale.
T-Mobile is hoping to be able to obtain older iPhone 4 models and begin selling them in stores once the new iPhone 5 is available (no official release date yet from Apple, but it is rumored to be Wednesday at an event in San Francisco). The company has already purchased a number of devices to place in stores for demonstration purposes but it hopes to be able to draw customers away from the other carriers once they are able to begin selling the devices.
As of now, the data transmission speeds, according to the article, will be much less than those available with AT&T but T-Mobile is hoping to change that once they complete their transition of frequency changes with the exception of only a few areas. Once the changes are completed, T-Mobile hopes that the data speeds might even exceed those available on the AT&T network.
I still am in love with my Android device, so I probably will not be switching to an iPhone. I enjoy the ability to find free applications on the Play Store rather than needing to pay for most of those available from the AppStore. So I can’t get all the fun apps that other friends of mine with an iPhone can, but I am OK with that. Almost all the time, there is a comparable free app on my Android.
What about you? Would you switch carriers with an existing iPhone or purchase a refurbished iPhone (once they are available) to be on the T-Mobile network? I am quite happy on the Verizon network with my Android, so I know I won’t be switching.
Would you like to know more about our Mobile IT Solutions for Philadelphia? Contact us and we can provide the solution that is right for you and your SMB using our Small Business Solutions for Philadelphia.
Posted by Aaron Pastor on Mon, Aug 20, 2012
As someone who has a love of technology I am always on the lookout for the next best thing. As a father I am always on the lookout for ways to keep my kids safe. Being able to combine the two is not always the easiest of tasks. I recently found 3 products that I am seriously considering testing out because I feel that they could be a great help.
The least expensive of the group, The Toddler Tag, is simply a remote activated alarm that is worn by your child and will automatically sound if your child is more than 30 feet from the transmitter or can be activated by pressing the alert button. On the plus side of this device there are no monthly fees and the initial purchase price is only $39.95 but on the negative end once you are out of audible range there is no tracking ability.
The Mid-priced solution that I found is the Amber Alert GPS. While this unit carries a price tag of $199 it does provide a multitude of features not found in the Toddler Tag. With the Premium $24.95/Month package Parents receive the mobile apps for Android and iPhone, up to 300 SMS messages per month and up to 15 minutes per month of 2 way voice communication for emergency situations. This device has the added bonus of an emergency button on the device that will allow a frightened child to initiate 2 way communications with Mom or Dad in the event of an emergency. The only con I see to this device is that the device itself is not disguised in any way. There are several accessories that are available to personalize your child’s GPS which to me brings an almost unwanted attention to the fact that your child is wearing a locator.
The highest priced of the child safety tech is the IonKids Child Monitoring System. This $299 two piece wireless system includes a watch-like bracelet worn by your child and the receiver/locator that is kept by the parent. There are a few really nice features on this unit including a tamper alarm and rotating frequencies. The biggest cons to this system are that, for the price, there is no GPS function and while the locator bracelet does look like a watch from a distance it would never hold up to close inspection.
For what it’s worth these three child locators are across the spectrum in price and features and even though they will hopefully help you locate your child in an emergency, nothing will ever replace vigilance.
Posted by Anthony Checchia on Mon, May 21, 2012
Maybe you’ve heard someone say that they rooted their Android device and you wondered what that even means. Well Android runs on top of the Linux kernel, and in Linux root access means to have administrative rights on the system. This is similar to administrator accounts in Windows. What this means for Android is that by gaining root access you are then able to control certain system level functions through the use of applications. A word of warning though by rooting your Android device you will be VOIDING THE WARRANTY on it. The reason behind this is that the phone companies cannot support the phone if system level changes have been made to it that they are unaware or untrained on. An additional risk is “bricking” the phone. If in the process of rooting the phone a step is not completed correctly you can risk doing irreparable damage to the software in such a way that the device cannot even boot. At that point the device will be nothing more than an expensive paper weight.
Now that the term rooting has been explained as well as the risks of rooting your Android device you might be wondering why people even bother with it in the first place. Well some people do it simply because they can. Others like having the capability of controlling the system more such as placing a software governor on the processor. By doing this you can underclock the processor thus improving battery life or you can overclock the processor which will speed the device up but reduce the battery life. Lastly some people like to flash new roms on their device. Since Android is open source people have created their own versions of Android which contain new features or tweaks to existing features.
I do have to reiterate though that by performing these functions on any Android device you are voiding the warranty and have the potential to break the device beyond repair. This article is not a recommendation to root your device it is merely information on what rooting is and what it can do. If while reading this you have any questions about what smart phones can do for your company then contact us and let us assist you.
Posted by Michael McLaughlin on Thu, Apr 26, 2012
Selecting an IT technology firm to assist your organization with projects or ongoing support is a huge decision. In an ideal world, your IT solutions partner is an extension of your company and a vital asset that is strategically aligned with your business’ processes and growth plans. When done poorly, it can have a disastrous impact on your entire organization’s morale and even its financial health. Here are 15 tips that will assist you with a smooth and successful transition to a Managed Services Provider (MSP):
1. The three rules of real estate are… location, location, location. However, does that rule apply when choosing your IT partner? Just because there is an IT firm that is one mile from your office, it doesn’t necessarily mean that they’ll react to your needs more promptly. A solid IT services firm can remedy most situations remotely and, even further, will be able to identify issues before they are a crisis. As far as location goes, decide on an acceptable service location (60 mile radius is usually the norm) that is acceptable to you and choose a vendor within those parameters.
2. The selection committee is usually not comprised of technical experts. That’s why you’re reviewing options to contract with an IT services firm in the first place! In conversation, ask your potential IT services partner about their last few engagements… size, industry and type of work performed. First of all, can they provide this information? More importantly, can they relay this information in a manner that is concise and that’s not too technical? Does the sales person use continuous industry jargon and acronyms? You can safely assume that the IT company’s support personnel will be extremely technical if the sales person presents in that manner as well.
3. Ask for references and feel free to qualify them very specifically. “I want a reference from a law firm with over 5 partners, specializes in immigration law and is located in Philadelphia”. They may not have an exact match but you can gauge their reaction and see how close they come to providing this.
4. Bigger isn’t always better. It’s great to leverage the economies of scale that you can get from a larger IT support organization. However, the larger the organization, the further removed from the strategic minds in the company, and closer to the resources of a commoditized Call Center. Also, large companies have more overhead… managers, non-billable support staff, investors, compliance concerns and real estate to name a few. You can expect to pay more if you contract with a large firm in most cases.
5. Don’t choose an IT support vendor that is too small either. You’re obviously going to get the personal touch that you’re looking for but you’re locked into their specific skill set and your business will eventually outgrow their availability. The “what if he gets hit by a bus” analogy is the most overused in business but it definitely applies here. It’s a risky move to put your business in the hands of a very small firm for potential cost savings. On this note…
6. Always ask your prospective Managed Service Provider for a Certificate of Insurance and take note of the coverage limits that are selected. Smaller operations will not have one at all, which should automatically preclude them from any further consideration.
7. It’s important to know what your contracted service will include. It’s equally as important to know what your monthly service does not include! Most service expectations and billing arguments can be remedied with a very straight forward conversation on day one. “If I get a new computer, is setting it up included in the monthly service?” This will ensure that there are no surprises when you get your first invoice.
8. Ask to schedule a site visit to the IT provider’s local office. First of all, if they refuse, something is amiss. This is a great opportunity to meet some of the people that you may work with and get a sense of company culture. It’s also important to see if they practice what they preach… Is the server room neat? Are there VOIP phones on the desk? Do they take pride in their achievements by hanging their certifications and plaques from their charitable causes in the office? Is the call center orderly and organized? Are the phones ringing off the hook chaotically?
9. Does your potential MSP sell hardware and software? If so, this is not necessarily a bad thing as many of them do. However, you should be careful of the “margin shell game” where they may decrease hardware costs in order to increase their recurring monthly services costs, or vice versa. Also, some providers will push the solution or product that yields the highest margin as opposed to choosing a “best of breed” solution that meets your business requirements.
10. Is there a delivery process? How do they typically engage with a new client? These are common questions and there should be a well-developed answer to this question.
11. Are the MSP’s owners or C-level personnel engaged in the sales process? This may not be possibly for all organizations. However, if the ownership or upper management doesn’t engage in this process, will you be able to reach them if you need to escalate an issue or provide feedback?
12. Is your IT vendor strategic? Do they bundle in quarterly visits to review your account, reports and work orders? An effective MSP should align with your business, not try to fit you into their business model. This is the business equivalent of jamming a square peg into a round hole and is indicative that this may be a one-way relationship as opposed to a true partnership.
13. Are you being presented with a multi-year contract? When this happens, you have to wonder why. It’s understandable when a telecom provider mandates a multi-year contract as they have to make commitments to their ISP and other carriers on the back end. In reality, what does the MSP have to commit to? There isn’t much merit in locking in long term contracts besides the lure of a small discount. Most reputable IT Solutions providers will ask for shorter term commitments and seek a renewal by consistently meeting or exceeding their service obligations.
14. During the sales process, are there any scare tactics employed? It is well known that fear can be a motivating factor in sales. However, this approach is an attempt to prey on an emotional reaction rather than a logical one. An IT consulting firm that is truly interested in partnering with your organization will look to educate and inform, rather than scare.
15. Do you trust the person / company that you’re interviewing to provide you with IT services? All relationships are based on this simple premise. In some cases, if there is an immediate need, this trust has to be established quickly and then built upon over time. The Managed Services Provider that you choose will have access to all of your data, your financials, passwords and, in essence, your reputation. Risks can be mitigated by thoroughly researching your vendor and ensuring that contractual terms protect both parties. However, at the core, the success of this relationship will simply be based on trust.
Posted by Dan Rodden on Thu, Mar 15, 2012
Did you ever wish that there was an easy way that you could connect right to your work computer? Do you have the Terminal Server blues because the desktop and the menu layouts seem strange or foreign when you login from home?
Well, if you have a Microsoft Windows Small Business Server 2003 or higher running your network, or are considering the purchase the software in the near future, this capability is already available to you in a secure and centralized manner right out of the box with Windows Small Business Server (although it may not be configured for access from the Internet just yet.)
Remote web workplace is a tool that gives you access to the following primary features from a single web page:
- Remote Workstation access
- Outlook Web Access
- Sharepoint and Company Intranet Access
Let Trigon know if you have a Small Business Server from Microsoft and are not yet able to utilize these capabilities but are interested in pursuing them, whether because your Small Business Server has not been configured or because you have not purchased one yet. Please note that Small Business Server offers a maximum of 75 users, so if your environment is near that size or larger you may want to consider a Remote Desktop Gateway as an alternative. Also, note that Remote Web Workplace is not compatible with the Mac OSX operating system and currently relies on Internet Explorer components to operate, so the solution will not work from a home Mac computer.
Posted by Anthony Checchia on Thu, Feb 02, 2012
Dnsmasq is a lightweight DNS proxy server that is also capable of handling DHCP requests and can act as a TFTP server which is a requirement for PXE boots. There are plenty of well-known DNS services available including Windows’ DNS service available on Windows Server as well as BIND which is for Unix based operating systems, so what sets Dnsmasq apart from these popular services? Well besides being multi-purpose it’s also geared toward home networks and large office workgroups by being easy to configure and allowing your machines to effectively communicate with each other. It works by reading the host file and integrating with DHCP to match hosts with IP addresses. You can also configure it to forward DNS requests to another DNS server such as your ISP or Google’s public DNS server. When the name is mapped to an IP address Dnsmasq will cache the results so the name can be resolved locally next time.
Since I run a Linux machine at home I decided to give Dnsmasq a try. I run Fedora 16 which already had Dnsmasq installed I just had to locate the configuration file which was located in /etc. I have to say that the configuration file was rather easy to work with. The comments were descriptive enough to help me understand what each line was for and what I needed to put into each line. After setting up the configuration file it was now time to test it. I used the Linux command Dig (Dig www.trigonit.com) which shows the time it takes to have the name resolved. Running it a second time after the name and ip address were cached resulted in much faster times since it was now being resolved locally rather than from a public DNS server. At the time of this writing I have not yet dabbled in the DHCP or TFTP features. Now a word of advice despite its relative ease for set up I would still recommend doing as much research as possible before attempting to configure it and also before touching the configuration file make a copy of it just in case something doesn’t work you can revert back to the original file. If you have any questions about DNS or why it’s important for your network environment please feel free to contact us today and we can assist you.
Posted by David Quiram on Tue, Jan 10, 2012
PowerShell is the tool that most of us don't use to its full potential. I know we have our excuses, the biggest one being "it will take me longer to figure out how to do (insert task) through PowerShell. I can just use the GUI and figure it out next time", so when is the next time?
Why use PowerShell? Oh my, there are many reasons.. Through PowerShell you can do anything that the GUI can do for the task you're completing and more...really more. You can create the commands and save them for use again...it’s like (gasp) scripting!
I find it most useful when trying to pull data out of Active Directory for reporting and for creating large number of users at the same time.
What are some of the things that one can do with cmdlets in with users in Active Directory?
-
Create user accounts
-
Manage user accounts
-
Change user accounts properties
-
Reporting on user accounts
-
Determine a user’s last log in time or those who have not logged in recently
-
Finding users who’s accounts are about to expire
-
Computer management
-
Join a computer to a domain
-
Rename computers
-
Finding computers of a particular OS
-
Group Management
-
Reporting on groups
-
Finding users and groups
-
Manage Service Accounts
-
Forest Management
-
Domain Management
-
Manage Password Policies
Oh and all these can be done remotely too!!! I read about one administrator who used PowerShell to scan a directory for a .csv nightly. The HR staff would drop in a .csv of the new users and they would be created at night automatically through the use of PowerShell. Get work done and sleep!!!
But where are all the commands to enter in to do all this? That, you will have to find for yourself, odds are you used a search engine to get to this point, take it a few steps further. All the commands and things you want to do have probably been done by someone else. Just make sure you find several versions of the commands you want to run and compare them. Don't be a script kiddy and just run the first one that you find. If you don't understand what you’re running, that is a huge risk. Risk is bad.
