To Make Hard-to-Crack Passwords, You Write the Rules

By now you’ve heard from countless experts that the best way to protect yourself online is to have hard-to-crack passwords for all your logins. “Don’t use any words that occur in the dictionary,” they say, “and don’t use easy-to-find information like your pet’s name or the street you live on. And while you’re at it, forget about memorable number combinations like your address, your date of birth, or ‘123.’” Great advice, but if you’re also told never to write anything down, how on earth are you supposed to remember a string of numbers, letters, and characters you’ve intentionally made as random as possible?

The trick is to invent a simple set of rules that’s easy to remember and replicable across all sites.

Here are some examples. You wouldn’t want to use these specific scenarios, of course.

• First letter of each word in a common phrase + four-digit number + ampersand. To change the password – something you should do every six months or so anyhow – just change the common phrase, or start using the second letter of each word.

• Site name + your first name backwards + four-digit number + same four-digit number with the shift key held down. To change the password, come up with a new four-digit number or start using your last name backwards.

• Take two words and run them together with a numeral at the beginning and a symbol at the end. So, “Gandalf” + “sesame” would yield 2Gsaensdalmfe#.

The trend these days is toward “pass phrases,” often composed of song lyrics or idiomatic sayings, rather than passwords. Why? Because password crackers can generate millions of guesses in a second. The more characters you have for them to work through, the longer it will take them and the greater the likelihood that they’ll move on to an easier target. In other words, length beats complexity.

Find out how you can leverage the power of Social Media to promote your small business at our free Webinar, “Social Networking: Uncovering the Hype.” It will be held on Thursday, April 29 at 12pm Central Daylight Time. Click here to register.

more info - http://cmitsolutions.com/centralsv

Tax Season Is Upon Us! Look Out For These Scams.

It’s tax-filing season, and as surely as the sun rises in the east and sets in the west, scammers will be crawling out of the woodwork trying to take advantage of this opportunity to steal sensitive business data. Here’s how to make sure your small business doesn’t have identity thieves and con artists to contend with on top of the usual taxes and paperwork…

1. Educate employees to be on the lookout for phishers, phone scammers, and email cons. People who would never open a suspicious-looking email in their personal inbox might not hesitate to turn over your Federal Tax Identification Number and names of key executives to someone posing as a representative of the IRS. The next thing you know, somebody has stolen the identity of your business and is taking out credit cards in your company’s name.
2. Pay your taxes electronically. If you drop a check in the mail, all an identity thief needs to do in order to access your bank account number, routing number, Taxpayer ID, and other information is snag the right envelope. In contrast, the Electronic Federal Tax Payment System (EFTPS) is a free, secure government website that uses the highest level of security available. Every user must have a secure Internet browser with 128-bit encryption in order to access the site. To log on to the system, an enrolled user must be authenticated with three pieces of unique information known only to the user: Taxpayer Identification Number (EIN or SSN), EFTPS Personal Identification Number (PIN) and an Internet Password. That’s pretty secure.
3. Pay your taxes, period. If somebody tries to sell you a package or kit that promises to help you avoid taxes by deducting personal expenses as business expenses related to a home-based business, don’t buy it. If somebody says the 16th Amendment was never properly ratified and personal income taxes are unconstitutional, ignore them. If you own a small business, you’re responsible for determining your personal and your business tax liability – and paying accordingly.

You can reduce the likelihood that you’ll have to deal with tax-related digital cons by using up-to-date spyware detection, antivirus, and antispam software. These should help to keep all those phony emails from making it into your inbox and prevent hackers from accessing sensitive business data. Go to to find out what security services CMIT Solutions offers.

Last-Minute Alert: Attend a free informational Webinar on Google Tools this Thursday, April 25th at noon CDT. Find out how you can leverage the power of Google to promote your small business – without spending a dime. Click here to register.

more info - http://cmitsolutions.com/centralsv

Don’t Trust Luck to Keep Your Computers Safe

This St. Patrick’s Day, while you’re busy celebrating "the luck of the Irish", remember – luck is a beautiful thing, but it’s no substitute for common sense and precaution when it comes to your computers.
In the world of IT, luck is not a strategy! And yet, how many of us still don’t listen to advice like this:

1. Don’t use obvious or easy-to-crack passwords.
2. Use a different password for every site or application that requires one, and change your passwords often.
3. Back up, back up, back up. Back up to at least two different media or locations, with at least one of them off site. And if you can’t remember to run a backup, sign up for a service that will run them automatically. Make sure you know how long it would take for your backup provider to restore all your data if your office was completely wiped out. Some backup services can take days or even weeks to ship a full set of disks; others may take less than 48 hours.
4. Update your antivirus software often and run a full system scan. Again, if you can’t remember to do it yourself, sign up for a service that will do it for you.
5. Write down all your software product keys, license numbers, passwords, configuration notes, and encryption codes and keep them in a locked safe -- preferably both on premises and off.
6. Write down a detailed plan for restoring data in the event of a loss -- that means figuring out the sequence in which applications, servers, and databases need to be brought back online in order for data to properly repopulate.

If this sounds like a lot of work -- well, it is! But putting in the time now can prevent you from some major hassles later. Or call CMIT Solutions, and we can help you get started on the path to complete disaster preparedness. We often recommend taking a serious look at CMIT Guardian, a backup and disaster recovery solution specifically tailored to the needs of small business. It’s affordable, reliable, and stores all your valuable business data securely on and off-site.

Don’t Forget! On Thursday, March 25 at noon Central Daylight Time, CMIT Solutions is hosting a free informational Webinar on Google Tools. Learn about the ways you can harness the power of Google to promote your small business – without spending a dime. Click here to register.

more info - http://cmitsolutions.com/centralsv

Use Google Alerts to Find Out What People Are Saying About You on the Web

There’s an easy way to find out anytime somebody writes about you or your business on the Web. Just set up a Google Alert and you’ll be emailed whenever your name turns up. And while you’re at it, you should set up a Google Alert for keywords such as your competitors’ names, trends you’re interested in, and your Web address. Adding all these things together, you can get a full digest of what’s going on in your world without having to visit separate Websites and wade through a lot of extraneous content.

Here’s how to set up a Google Alert:

1. Go to http://google.com/alerts

2. Fill in the relevant information. In the example below, we’ve set up an alert for CMIT Solutions, so we’ll know when our company name is mentioned online.

3. Selecting Comprehensive will let you monitor News, Blogs, Web, Groups, and Video. You can decide how often you want to be notified, and the maximum number of results you want in each notification.

Instead of getting Alerts delivered to email, you can have them go straight into Google Reader if that’s your preferred RSS feed.

Here’s how to do it:

1. Sign in to your Google account.

2. At the top of the left hand of the page, go to the more drop-down menu and then select even more >>.

3. You’ll see a long list of Google Products with Alerts at the top. Select Alerts, and you’ll see that same “Create a Google Alert” form. You’ll be able to select whether you want the alert delivered to your email inbox or Google Reader.


Want to learn more about other handy free tools from Google? Join us for a free informational Webinar on Thursday, March 25 from noon-1pm Central Standard Time. We’ll cover all the ways you can harness the power of Google to promote your small business – without spending a dime. Click here to register.

more info - http://cmitsolutions.com/centralsv

Use the Power of Google to Raise Your Local Profile

You know the old saying, “All politics is local”? Well, now it’s not just politics. All business is local – and if you’re not using Google to reach out to prospects in your immediate local area, you’re missing out on a huge (and free) opportunity to expand your customer base.

Over the past couple of years, we’ve seen a few convergent trends emerge. First, people are more interested in what’s going on in their specific city, town, or neighborhood. So-called “hyperlocal” blogs are proliferating even as national media struggle. Second, more folks are using their mobile phones to connect to the Internet and find local businesses and service providers. As a small business owner, you’ve got to make yourself visible to anybody searching in your area – whether they’re on a fully equipped desktop computer with a 20-inch flat screen display or whether they’re peering at a 2.4-inch BlackBerry screen.

If you take five minutes to set up a Place Page through Google Local Business Center, you can raise the visibility of your company to anybody searching for relevant businesses in your area. You can even create coupons that can either be printed on paper or displayed on mobile phones.

1. Go to http://google.com/lbc.

2. Either create a Google account or use your existing sign-in.

3. You’ll be taken to the Dashboard. Under Locations, click Add new listing.

4. You'll be taken to a page where you fill out preliminary information such as address, email, website address, and description. As you fill out the information, you’ll see your listing appear in the map to the right. Here’s an example for the fictitious business “Ray’s Pies” in Cambridge, Massachusetts



5. When you’re finished filling out that information, click Next. You’ll then be taken to a page that asks for more detailed info, such as hours and payment methods. You can even post a picture of your products or storefront. When you’re finished, click Submit.

6. And it’s that easy! Google will contact you to verify your information, and then your full profile will be publicly available on what’s called a “Place Page.” A Place Page includes not only all the information you just supplied, but also ratings for your business, reviews, related maps, nearby transit options, and the Street View preview of your location. You can get to your Place Page by searching on your business in Google and then clicking on "more info" in your Google Maps search results or "more info" in the info bubble on the map.


To learn more about Google Local Business Center, including how to create custom coupons, join us on our free live Webinar covering Google tools, to be held on Thursday, March 25 at noon Central Standard Time. Click here to register.

more info - http://cmitsolutions.com/centralsv

Five Nice Innovations in the Latest Windows Operating System (OS)

Windows Vista never quite caught on the way that Microsoft had hoped. The User Account Control (UAC) feature, which was supposed to enhance security by prompting users before allowing many programs to open, instead proved such an annoyance that users simply shut it off – leaving them more vulnerable than when they started. The “simplified” User Interface (UI), with its ribbons and tabs, mystified die-hard devotees of the old drop-down menu system. And the System Tray’s myriad of unused applets that acted, as one reviewer put it, “like belligerent squatters,” only added to the frustration (http://www.pcworld.com/article/172602/windows_7_review.html).

The Windows 7 OS, in contrast, has had a much more favorable public reception. Here are a few key changes that have reviewers cheering:

1. Faster feel. Users find that applications in Windows 7 open more quickly, and they don’t spend as much time waiting for processes to complete.

2. Libraries. It’s much easier to find documents in Windows 7. The new Libraries function in Windows Explorer lets you create a virtual location that can aggregate content from several locations at once. You can put network folders, SharePoint documents, and regular folders in your Documents Library, giving you quick access even to documents that are tucked away under several organizational layers.

3. Easy switching between Wi-Fi networks. Just click on the Wi-Fi adapter in your system tray to bring up a menu of available wireless networks, select the one you want to connect to, and you’re done.

4. User Account Control (UAC) without annoyances. You can now tweak UAC so that it’s actually helpful. Instead of just an on/off, where your choice is to be forever pestered by repetitive prompts or leave yourself open to the perils of the Internet, you can adjust the level of security you want. Two intermediate levels now exist between the “Always notify” and “Never notify” settings.

5. A simpler System Tray. The big problem with the System Tray in Vista was that software installers could just dump applets in there without your approval. This led to cluttered System Trays and flurries of word balloons every time you accidentally moused over the area. In Windows 7, applets (except for the clock) don’t go directly into the System Tray; they land in a holding pen and have to be dragged to the System Tray. And they can’t float word balloons unless you permit them.

Is your small business struggling with a mile-long "To-Do" list that lets important tasks fall through the cracks? Do you feel out of the loop and wish you had a simple way to get an overview of major projects? Have you ever had trouble closing the loop on purchase approvals, client service issues, or business-critical tasks? Sign up for our FREE WEBINAR on Thursday, February 25 at 12pm CST and learn how you can run your office more efficiently by keeping track of tasks and processes. Click here to register.

more info - http://cmitsolutions.com/centralsv

How Do You Know When You Need a Better Process Management System?

Closing the loop. Dropping the ball. Falling through the cracks. Pick your phrase, but it all boils down to the same problem: tracking every process from beginning to end and making sure that somebody is assigned responsibility for every task. This is a particular challenge with IT issues, which are often dealt with on an ad-hoc basis. Is there a way to streamline and manage the way your company deals with computer problems, so that you can quit worrying about computers and start paying more attention to your business? You bet!

If any of these scenarios sound like something you've dealt with lately, you need a better tracking system:

* An employee needs a new laptop, so they send the request to their manager. The manager sends the request to accounting, who says they need to fill out a PO and get executive approval. The approval sits on the executive's desk for weeks, the manager assumes that the order has gone through, and the employee still doesn't have a laptop.

* Your in-house IT resource has a completely full slate of commitments. Then they have a family emergency and have to take a few days off -- and that's when your servers are hit with a denial of service attack.

* You're a manager trying to set next year's budget. In order to find out how your employees have been spending their time, and where you should concentrate your investments going forward, you spend hours sifting through last year's emails.

* Your email won't work, so you can't send an email to your IT guy to have him fix it. Instead, you shout over to his cubicle and hope for the best.

* A link is broken on your Website. Somebody mentions this to your IT manager, who mentions it to your outsourced Web guru, who’s too busy setting up your new blog to deal with it. Two weeks later, the link is still broken.

* Your IT resource is so overwhelmed that you need to hire a second staffer -- but first, you need to make the case to your boss. She's demanding statistics, and all you have are a few anecdotes about how busy your IT guy is.

In all of these situations, the solution is a formalized system for tracking client requests, IT issues, and business processes. A system that keeps all stakeholders informed and closes the loop when the process is complete. A system that lets you see at a glance what each employee is working on. And one that lets you offload IT tasks to a third party when your in-house resource is overwhelmed or unavailable.

A ticketing system lets you break down processes into discrete tasks that are then assigned to individual employees. It helps you juggle multiple ongoing tasks, ensure accountability at every step of the process, and make sure that tasks are distributed in a sensible and equitable manner. Most issue-based ticketing systems are designed around managing IT problems -- but they can be used to handle a lot more than that.

Find out more about how to track and manage business processes at CMIT's upcoming Webinar on February 25 at noon CST. Sign up here. Click here to register.

more info - http://cmitsolutions.com/centralsv

When You're Running Security Updates, Don't Forget About Software

After years of reminders to run system scans and update your virus and malware definitions, you may finally be performing these tasks with some regularity. However, while you're busy installing updates to your browser and your security settings, make sure you're not forgetting to update Adobe Acrobat Reader, Flash, and other popular software products.

McAfee recently predicted that in 2010, Adobe would surpass Microsoft as hackers' primary target. Click here to read the full article from McAfee. Once again, popularity has invited the attention of crooks: Acrobat Reader and Flash are very common programs, which makes them low-hanging fruit for hackers. PDF-based malware, in particular, is on the rise.

The problem is compounded by people's tendency to ignore or forget the need to update the many different types of software they have installed on their machines. This may be due in part to the mistaken belief that as long as they have their antivirus definitions up to date, they're protected from intrusion. Add to this the fact that, historically, some hastily issued security patches from makers like Microsoft have caused as many problems as they were supposed to fix. Finish it off with a healthy dose of end-user skepticism about the legitimacy of spontaneous prompts to update your software, and you can see why many people still run outdated -- and vulnerable -- versions of common programs. To this point, Microsoft is releasing a record number of patches on February 9th, tying October 2009 for the most security bulletins released in a single month. You can read the full announcement at PCWorld.com.

At CMIT, we carefully review all recommended software patches before rolling them out to our clients' machines to make sure they function correctly. If you're not on one of our managed services plans and are installing updates yourself, do some research before you take any action. Is there recent news on any of the tech sites about new vulnerabilities in the program you're about to update? Does the update that you're about to download come from a trusted source? Make sure you can answer "yes" to these questions before you proceed.

If you're ever in doubt about whether to install a security patch or other update to Acrobat Reader, Flash, Internet Explorer, or anything else, go ahead and check with us. Chances are you won't be the first person who has asked about it!


Is your small business struggling with a mile-long "To-Do" list that lets important tasks fall through the cracks? Do you feel out of the loop and wish you had a simple way to get an overview of your major projects? Have you ever had trouble closing the loop on purchase approvals, client service issues, or business critical tasks? Sign up for our FREE WEBINAR on Thursday, February 25th at 12 pm CST and learn how you can run your office more efficiently by keeping track of tasks and processes. Click here to register.

more info - http://cmitsolutions.com/centralsv

How Will New Airport Security Procedures Affect Business Travelers?

After the attempted bombing of an airliner headed from the Netherlands to Detroit on Christmas Day, many travelers were left wondering how (or if) heightened security measures would affect future flights. This question is particularly urgent for business travelers, who tend to travel farther and more frequently than anybody else.

According to the TSA, increased checkpoint security may make lines longer for flights headed into the US from other countries. If you hold a passport issued by, or are traveling from or through what the TSA describes as "nations that are state sponsors of terrorism or other countries of interest," you may have to go through "enhanced screening." However, the rules around what you can and can't pack in your carry-on haven't changed.

If you're traveling domestically, you really won't notice much of a difference. One new development could signal easier traveling in the future: the TSA says that you do not have to take your laptop out of its case if it offers a clear and unobstructed view of your computer when it runs through the scanner. Some laptop-only sleeves can do this if they're packed correctly, but most laptop bags won't meet the standard. However, the TSA has encouraged laptop bag manufacturers to develop "checkpoint friendly" designs. You can read more about the TSA's "checkpoint friendly" laptop bag procedures here.

Until the day arrives when you can just toss your briefcase onto the scanner and be done with it, here are a few tips for traveling with expensive, easy-to-lose electronics:

1. Make sure you've run a full backup before you leave. You might consider keeping all your important documents on your corporate file server instead of on your hard drive, in case your laptop gets lost. If you do opt to keep your files on your hard drive, make sure it's password-protected and all your files are encrypted.

2. Invest in a biometric USB flash drive that requires an authenticated fingerprint to access files.

3. Remember that an ounce of prevention is worth a pound of cure. The best way to ensure that you don't lose your laptop at the airport is to give yourself plenty of time at the airport and keep an eye on your computer at all times -- a recent study showed that people most frequently lose their laptops at security checkpoints and at departure gates. Check out the full study here.

For more laptop travel tips, visit our recent blog article.


Is your small business struggling with a mile-long "To-Do" list that lets important tasks fall through the cracks? Do you feel out of the loop and wish you had a simple way to get an overview of your major projects? Have you ever had trouble closing the loop on purchase approvals, client service issues, or business critical tasks? Sign up for our FREE WEBINAR on Thursday, February 25 at 12 pm CST and learn how you can run your office more efficiently by keeping track of tasks and processes. Click here to register.

more info - http://cmitsolutions.com/centralsv

Add Movie Magic to Your PowerPoint Presentations

Anybody who has used - or sat through - a PowerPoint presentation knows how easy it is to get carried away with the program's many bells and whistles. Nobody wants to look at a presentation that's packed to the gills with extraneous whooshing sounds, animated stick figures, and garishly colored charts. However, PowerPoint offers one capability you might want to take advantage of: video.

Let's say you're doing a presentation for a prospective client. Along with your slides about the services you offer, you might want to include a collection of video testimonials from satisfied customers.

Here's how you do it.

1. Make the video and save it in a commonly used video format such as AVI, MPEG, or WMV. This will ensure that the presentation will play successfully regardless of what kind of computer you're using to access it.
2. Save the video in the same folder as your PowerPoint presentation.
3. In the PowerPoint presentation, go to the slide where you want the video to play. If you're on PowerPoint 2003, go to the Insert menu, select Movies and Sounds, select From File, and choose the movie you want. If you're using PowerPoint 2007, you have two options. If the slide layout includes a content placeholder, click the Insert Movie button in the placeholder. Or you can also click the Movie button in the Media Clips group on the Insert tab, pictured here:
4. Whether you're using the 2003 or the 2007 version, you'll be prompted to specify whether you want the video the play automatically or only when you've manually clicked it.

And that's it!

One important thing to remember: unlike pictures or drawings, videos are not actually embedded in presentations. They're linked files. The presentation has to know where to "look" when you ask it to play the video, and if you move the video after you set up the link in the presentation, PowerPoint won't know where to find the original video. So make sure the video is stored in a logical place before you link it. The most logical place, of course, is in the same folder as the presentation itself - thus Step #2 above. Keeping all the relevant files in the same place also makes for easy copying if you need to save the presentation to CD or other media.

The fact that videos are linked, not embedded, also presents some challenges if you want to send somebody a presentation by email. The easiest thing to do is use the Package for CD feature, which can bundle up all linked files and your presentation into a single ZIP file. You can then email the ZIP file.

more info - http://cmitsolutions.com/centralsv

Email Archiving 101

In the past few years, we've seen tremendous advances that allow people to communicate more effectively -- from smartphones to collaborative workspaces to content management systems, it's easier than ever for people to record and share ideas. And yet still, if you ask someone what communication technology is absolutely essential to their business, chances are they'll say email.

Email not only serves as many companies' preferred communication tool, but also as an informal repository of institutional knowledge. And that in turn makes it vital not only to the regular flow of business, but also as a component in the legal discovery process.

Email serves as evidence in many business-related legal proceedings nowadays and can be subject to subpoena just like paper files. If your business ended up in a legal dispute, would you be able to easily access and search several years' worth of archives in order to produce evidence requested by a lawyer or judge?

That's the idea behind email archiving -- making sure that all the content contained in email communications is readily accessible and searchable. You don't need to be involved in a lawsuit to recognize what a benefit that can be. An email archive can help you track down years-old communications and documents. It can also help you start operating again, quickly, in the event of a disaster.

CMIT Solutions is holding a webinar on email archiving -- what it is, why it's important, and how it works -- Friday, January 22, at noon Central Time. Learn how your business can structure its email services so that you can locate, recover, and ensure continuous access to email from anywhere. Go to http://cmitsolutions.com/archiving to sign up.

more info - http://cmitsolutions.com/centralsv

Stay Alert to the Newest Tax-Related Email Scams

Phishers and Internet scammers are always coming up with innovative new ways to separate victims from their money. One of their favorite tactics is to prey on victims' fears about taxes by posing as the IRS. It's natural to worry if you get an email from somebody purporting to be the IRS, particularly in the month of January when you're probably receiving a lot of legitimate communications from your employer and the IRS about filing. Here are a couple of tax scams that at first glance might seem official. Don't be fooled!

The "underreported income" threat. This scam features an email accusing the recipient of having underreported their income. The sender attaches what they say is a copy of their relevant page of their tax return. The "attachment" is actually an executable file that downloads a malicious file to the user's machine.

The "Making Work Pay" scam. This phishing email uses the Making Work Pay provision of last year's stimulus package to entice people into giving up their personal information. The email asks the recipient to go to a website and fill out a form so that the IRS can deposit money into their bank account. In reality, the Making Work Pay provision does not directly provide funds to taxpayers; instead, it gives wage earners a tax credit in the form of reduced withholding. This is nothing but an attempt by identity thieves to get your personal information.

The "refund" scam. This oldie but goodie promises the recipient a quick and easy tax refund if they provide their personal information and details about their financial institution. Instead of getting a tax refund, the victim risks serious damage to their credit by identity thieves.

Note that all of these scams arrive by email. Many of them will direct the victim to a web page or form that looks official and credible. Don't fall for it! The IRS never discusses official tax matters over the Internet - they use the good old-fashioned US Postal Service if they want to reach you. If you get an email that purports to be from the IRS, do not open any attachments or click on any links. Forward it to phishing@irs.gov, then delete the email from your inbox. And if you have any doubt about an email's legitimacy, you can always send it on to us at to get our expert opinion.

more info - http://cmitsolutions.com/centralsv

Five Easy Steps for a Safer, Happier Year in Technology

Get a good start on 2010 by embracing a few simple principles that can do wonders for your safety and productivity:

1. Run your backups. Everybody says they’ll back up their machines, but how many of us actually do it? And even if your workplace is running automated backups, you should still get in the habit of backing up your own work to an external hard drive or to the corporate server. That way you won’t have to bother your IT guy if you’ve been working for several days on an important project that suddenly vanishes from your machine.
2. Update your virus definitions. This is another task that people promise to do periodically, rarely actually get to, and are generally safe anyway because the service runs automatically. However, if you have your antivirus software set to update and scan during the day, it can slow your machine down to the point where you’re constantly suspending or cancelling the update just so that you can get some work done. That leaves you vulnerable to new virus attacks. So to be on the safe side, make sure your antivirus software updates regularly at night or during hours when you’re usually not working.
3. Clean your keyboard. Have you ever seen what’s floating around in there? Enough said.
4. Empty your temporary files. Temporary files are backup versions of open files created automatically by many programs. In the event that the program unexpectedly crashes or quits before a user has a chance to save their most recent changes, the temporary file will offer the most up-to-date version of the file. They’re handy for that reason, but over time, temp files can take up a lot of space on your hard disk. Look for the Temporary Files folder on your hard drive. Verify that you don’t need any of the files, and simply move them from the recycle bin.
5. Change your passwords. Even the most foolproof, uncrackable passwords should be rotated out once in a while. Just make sure you remember the new ones!
   
   

more info - http://cmitsolutions.com/centralsv