Remember Holiday and Travel Safety

Many of us start traveling and have guests in town during the holiday season. Schedules get scrambled, everyone is busy and stressed.  So, now, before it all starts,  is a good time to take a few minutes to prepare for a safe holiday season.

In the office, remember to notify clients ahead of time of closures and support hours.  The Computing Center is traditionally closed the day after Thanksgiving.  We'll be open and available every other working day through the end of the year and will be open on January 2, 2018!

And at home, consider these winter holiday safety tips. Turn off lights at night, water your Christmas tree to reduce flammability, keep an eye on what's cooking, and more. And finally, during this time when we see our friends and loved ones, consider creating and discussing a family emergency plan.

 

Researchers Discover a bug in WiFi Encryption

Nearly everyone with a laptop, "pad" or smartphone regularly uses public and private Wi-Fi access points. Many have what's called WPA2 Security on them. We all dutifully setup a relatively complex password to get on these WiFi systems. Once done, our machines automatically connect to these networks when we're in range.  Perfect, easy, and secure - well not quite.

Several months ago, a vulnerability in WPA2 was discovered. Most of the big guys (Microsoft, Apple, etc.) quicly patched their operating systems, some even before the WiFi access point manufacturers. If your systems were automatically updated, you were likely fine. The non-technical press recently caught on to what's been going on and the articles started flowing and so did the phone calls and emails to us about the condition of clients WiFi systems. 

This article from the FTC does a good job of reviewing the issue in a non-technical fashion. Be cautious as always about how you access WiFi networks, particularly public ones.

You’ve read recent news stories about a vulnerability discovered in the WPA2 encryption standard. (Some reports refer to it as KRACK – Key Reinstallation Attack.) Should this be of concern to your business? Yes. Does it warrant further action at your company? Absolutely.

If you or anyone at your business uses a smartphone, laptop, or IoT device connected to a Wi-Fi network, the information sent over that network could be at risk. Researchers have found a bug that lets attackers “break” WPA2 – the encryption that protects most wireless networks – leaving data you send exposed.

The bad news is that this isn’t just a problem with a specific device or manufacturer. It’s a problem with the encryption standard nearly all Wi-Fi devices on the market use to scramble communications, prevent eavesdropping, and deter tampering. The upshot is that if anyone at your business uses a device to connect to a wireless network at work, at home, or on the road, this bug means they can’t rely on that connection being secure.

[More]

Mary Stazi - Talking Business over Coffee

The Computing Center and Mary Stazi were invited in late September to do a Podcast with Chet Osadshey, the Vice-President and General Manager of the Cayuga Radio Group in Ithaca.  In that podcast, Mary discusses our company, it's history, what we do, and the recent acquisition of the assets and employees of Sherpa Technogies, Inc.

Here's the Link to the entire Podcastt on WHCU:

While we were looking at the Podcast link, we noticed two additional Ithaca onnections:

  • The Podcast Series is sponsored by Ithaca Coffee Company, a long-time Ithaca Business and Computing Center client.
  • The Podcast itself is powered by SoundCloud. Part of Soundcloud's technology comes from an Ithaca based company that they acquired a couple of years ago.

If you're a new client of The Computing Center or wish to learn a bit more about us, this is a great overview of who we are and what we do.

Data Backup or Business Continuity - They're not the Same

We write about backup system quite regularly.  Over the years, the backup systems have changed; from diskettes, to removable media, to various kinds of tapes, to today's cloud based backup systems.  However fundamentally there are two very different ways of looking at backups.  

You know you need data backup, but when do you need a business continuity solution?

If you’ve been paying attention to the news, you’ll know that massive global ransomware attacks are only growing in scale and frequency. These attacks and other threats and accidents that cripple, ransom, or destroy organizations’ data are a convincing argument for a solid backup solution. Restoring from a data backup is often the only reliable way to recover from these events. Even smaller organizations and businesses know that they need some sort of backup solution. But when do you need more than a regular data backup? 

[More]

SSN For Authentication is all Wrong

There is much being written about digital identity these days.  This article, although a bit hard to follow, does a good job of explaining the difference between "identification" and "verification".  All important in our digital age.

Unless you were stranded on a deserted island or participating in a zen digital fast, chances are you’ve heard plenty about the massive Equifax breach and the head-rolling fallout. In the flurry of headlines and advice about credit freezes an important part of the conversation was lost: if we didn’t misuse our social security numbers, losing them wouldn’t be a big deal. Let me explain: Most people, and that mainly includes some pretty high-up identity experts that I’ve met in my travels, don’t understand the difference between identification and verification. In the real world, conflating those two points doesn’t often have dire consequences. In the digital world, it’s a huge mistake that can lead to severe impacts.

Isn’t it all just authentication you may ask? Well, yes, identification and verification are both parts of the authentication whole, but failure to understand the differences is where the mess comes in. However, one reason it’s so hard for many of us to separate identification and verification is that historically we haven’t had to. Think back to how humans authenticated to each other before the ability to travel long distances came into the picture. Our circle of acquaintances was pretty small and we knew each other by sight and sound. Just by looking at your neighbor, Bob, you could authenticate him. If you met a stranger, chances are someone else in the village knew the stranger and could vouch for her.

[More]

More Entries