Wireless Displays

Wireless Display technology has been around for a few years, but it had a prominent showing this past spring at CES as several hardware manufactures released devices built on Intel’s new wireless screen sharing technology. Most recently, Google released a small device that is similar in function to media hubs that we discussed in a past article; however, this little device included a beta service that allows you to stream content wirelessly from any device as long as the content is running in a Chrome browser. While the service is low quality and limited to only content that can be played within a Chrome browser tab, it signals the hat of yet another technology giant being thrown into the ring. Apple is, in my opinion, ahead of the curve though still locking its users into the Apple only Ecosystem. The latest version of OS X includes the ability to use an HD TV or other display connected to an Apple TV as another fully functional monitor wirelessly.

Intel’s Wireless Display or WiDi technology is not much different from what Apple provides, though it does allow for more choices when choosing devices for running your wireless display. Hardware manufacturers like Netgear have developed set top media hubs that support the Intel WiDi technology, and Intel has even signed deals with several TV makers who now have sets that are being shipped with the technology built right in. On the computer side of the equation, Intel has 3 requirements to take advantage of WiDi. First is an Intel Core i3, i5, or i7 processor 2nd generation or newer. Second is an Intel video card that supports WiDi. Finally, a network card that has been certified to work with WiDi is also required. Right now, only a few network cards that are not Intel brand cards are available that support WiDi. Visit this site (http://www.intel.com/support/wireless/wtech/iwd/sb/CS-031059.htm) to see a full list of hardware capable of running Intel WiDi.

With Google jumping in the ring with Intel and Apple, alongside other smaller competitors in the space, I expect to see some rapid innovation in this technology over the next year or 2. What will really make this a must-have technology for everyone will be, like most other technologies, simplification. Whoever can make this technology work with the least amount of effort and additional hardware will jump out ahead of the rest of the pack. I am really looking forward to this technology taking hold mainstream and hoping wireless display becomes a standard feature for desktops, laptops, and tablets alike.

Email Security

Recently, I have been asked a lot of questions about email and email security. The simple answer to the question, “Should you be sending sensitive documents to other people via email” is no, email is not secure. It’s true that email is not secure; however, there are steps one can take to make it more secure. Before we go any further, I want to say that I believe that in most cases using a secure document sharing platform is a much better solution for securing attachments and data that may need to be shared with clients. If you must send data via email then read the rest of the article to find out what needs to happen before your email can be secured.

Securing an email requires that it be encrypted before it is sent then decrypted on the machine it will be opened on. To do this, you need a certificate with which to sign and encrypt email messages. Companies like Thawte and Comodo have SSL certificate products both free and for a small fee that will allow users to encrypt email from their email client, Outlook for example. Purchasing a certificate is different for each vendor, but in general you create an account when you purchase the certificate, log in, and download the certificate file. Once you have the certificate file, find it on your computer and double click it. A certificate import wizard will launch. Follow the instructions. Depending on the certificate, there may be specific steps you need to follow that will be provided to you by the vendor you purchased your certificate from. When finished importing the certificate into Windows, you will be able to import the certificate into Outlook. Open Outlook and click File, then Options, and Trust Center. Click the Trust Center Settings button then click E-mail Security. Select Add Digital Signature to Outgoing Messages. This will add the public portion of your signature to every email you send out so the recipient can add it to their contact info. The recipient need this signature to decrypt encrypted messages you send to them in the future. Next select Send clear text signed messages when sending signed messages This allows the recipients to read signed messages so they can import your certificate. DO NOT select Encrypt contents and attachments for outgoing messages. This will encrypt everything you send out which may cause issues for your recipients for whom you may not have a certificate for. Next click Settings and click choose next to Signing Certificate. Select your certificate from the list and click OK. Select the hash algorithm which will be SHA1. Now click Choose next to Encryption Certificate and select your certificate from the list and click OK. Choose the Encryption Algorithm, 3DES or AES 256-BIT. You should now be able to send signed email messages and receive encrypted messages from people with your public certificate. For you to send an encrypted message, your recipient will have to set up a certificate for themself and send you a message signed with their public certificate. You can save their contact info by right clicking their email address. This will save their certificate as well so that you can send them encrypted messages in the future.

As you can see, securing email is no trivial task to set up and it requires setup by both parties in order to encrypt messages both ways. Once it is set up however, all you need to do is tell Outlook to encrypt the message you are sending and Outlook takes care of the rest. I would also recommend that any attachments with sensitive information be password protected and encrypted before they are attached to an email and sent to add another layer of protection if possible. I still stand by the recommendation that a secure document sharing site is a better solution to sharing sensitive data with parties outside your business and recommend that no email be sent containing any personal or sensitive information written its text.

Microsoft Azure IaaS

IaaS stands for Infrastructure as a Service, which is a fancy way of saying your servers are being stored and run by some host off-site. Microsoft has been running full steam ahead into the cloud and shows no signs of stopping. Azure is a platform Microsoft is building a set of hosted services on similar to the Amazon Web Services that run in Microsoft datacenters, which are some of the top datacenters in the world. Azure includes web site hosting, Virtual Machine hosting, SQL Server database hosting, Virtual Networks and VPN, and the new Windows Azure Active Directory. All of these services are accessible 24/7 from the internet and backed up and maintained by engineers at Microsoft’s data centers.

Azure services integrate with on-site Active Directory databases in order to allow administrators to manage services and access in one place. The new Azure Active Directory is not a replacement for having a server for log in in your office. It is designed so that applications and services built within the Azure infrastructure as well as other 3rd party cloud services can authenticate users with a single-sign-on that is integrated with users Windows logon. Azure can be used to build or install enterprise applications to the cloud so users can access business data and services from anywhere, while reducing the overall cost in support and maintenance over having it all onsite. Azure can be used to backup virtual machines and run them in the event of a disaster. Azure can be used to store backup files off-site and restore from those backups. Virtual machines can be spun up in a matter of minutes and backups restored to these virtual machines in the event of a disaster. Azure allows companies to create secure virtual networks for applications and connect them to their onsite networks via VPN. SQL databases can be created directly on the Azure platform and accessed via an application built on Azure services.

All of these services are considered infrastructure because solutions can be built on them. This technology is great and opens up doors to some fantastic cost savings and innovation; however, if you are thinking of moving your entire network out to Microsoft’s cloud we just aren’t there yet. Today, most of what Azure does is geared towards developers; however, as more of the pieces fall into place products built using Azure services will be available to just drop in to fill the needs of businesses with minimal IT required. The IaaS over the Internet, Azure in particular, is not quite ready for businesses to move in fulltime yet, but based on what I have been reading and what vendors like Microsoft, Apple, and Cisco are saying the move is right around the corner…so get ready.

Windows Server Essentials 2012

Small Business Server, one of the “best deals going” for small businesses needing enterprise server services on a small business budget was discontinued after the 2011 version was released, but only in name. Windows Server Essentials 2012 has however taken up the banner for small businesses and looks to be a great replacement. Essentials 2012 is missing a few options that used to be major parts of the SBS package. First, is that there is no built in Exchange Server. From my point of view, this is a good thing. Taking care of Exchange can be a daunting task, and when Exchange isn’t working neither is the small business it serves. In Essentials, Microsoft has opted for the ability to integrate Active Directory (the database used to manage users on the network) with Office 365, allowing companies to manage users of both Exchange for Office 365 and network users from within Active Directory. Another option that is no longer available is the Advanced server option, which has included a license for SQL server or SQL Express. Since SQL Express is free and adding an extra server for Applications that use SQL is no more of a chore than adding a client computer, the only real loss here is the small discount Microsoft gave on the Windows Server Standard License.

This past month I migrated an office to Windows Server Essentials 2012. When the server booted, I was presented with a Windows 8 like Start screen. My first response was to just shake my head and wonder why. After some time getting used to the interface, I found that all the tools that I needed to continue with the setup and migration and thought no more about the new Metro interface being added. Getting around was no more difficult than it was in SBS 2003, once I got used to it.

Once I began setting things up, I discovered that the Wizards and Dashboards are the best yet for getting a quick clean installation up and running. The Server dashboard walks you through all of the initial configuration in a very clear and simple yet informative way. Many of the services were tested and verified to be working by wizard as part of the setup for the service being configured in that step of the process. The Dashboard also gives you access to tools to manage user, computers, automatic client computer backups, storage, and file shares. For more advanced configuration and monitoring, the Windows Server 2012 Server Manager is included giving administrators quick access to a dashboard that shows information about the health of services running on the server. From here, familiar tools to manage Active Directory and other services are just a click away. Again, it took some getting used to navigating each of these layers, but Essentials isn’t designed for IT admins like me — it is designed for small businesses with little or no IT support to be able to get a server up and running easily. With that in mind, Essentials delivers on that goal. It just works, and just about anyone could set one up.

Essentials delivers on everything a small business needs to get started with a first server or as a replacement for old Small Business Servers needing to be replaced. It sets up quickly and provides a minimal touch experience for getting a network set up with all the tools it needs to support users working both in the office and out. I give it 2 thumbs up even with the Metro interface, because like I said before it’s still just Windows – just like Windows 8.

Media Hubs – Home Entertainment Evolution

Our world revolves around media: pictures, movies, music, and even documents. Families are separated by their media devices, flung to the far corners of the house hunkered over computers, laptops, tablets, and other handheld devices. Each device is like an island, providing entertainment to only one person. In a previous article, I discussed how to share content like movies and music with multiple devices around the home. In this article, we are going to talk about devices that bring all of that media together in one place, the family room. These devices are sometimes referred to as media hubs.

For some time now, geeky folks like myself have been toiling away at getting all their movies, music, pictures, and DVR content in one place and sharing it around our homes, building computers that reside in our AV cabinets in the family room and using them to display this content on our TV. Our TVs and DVD players are now “Smart” and include some apps that allow us to connect to some of that media over the internet. Devices like the Roku box stream content from the internet, but also allow for other applications to be added to it that allow you to stream your personal media from a computer in your home. I am looking at building a custom solution that uses a hobby electronics device called a RaspberryPi to create a media hub for streaming content to my family room. Another new device that wants to be the only media system you will ever need is the new Xbox One. I know I talk about the Xbox in the security article of this newsletter, but it really is just that cool to make it into 2 articles. The Xbox One is a Blu-ray player, game system, video phone, TV tuner, DVR, content- streaming pile of cool. But it won’t be on sale till later this year.

There is a trend forming here, and I think Microsoft is on the right track. Being able to get to and view your content should be easy. It should in the words of Steve Jobs, “Just Work.” And people shouldn’t have to have 50 little boxes hooked up to their TV with an equally large number of remotes to operate. And while the family room has always been the hub of entertainment, the different methods of delivering that entertainment are going to converge into a single powerful media hub.

Biometrics – You are the Password

The weakest link in a chain is always the one that breaks, everyone knows this. Several popular TV shows are built on the concept of the weak link, finding it, and eliminating it each week to find the strongest competitor. Hacking a system is, in a lot of ways, the same. Run some test, poke the system with a stick, push on it, pull on it, and see where it gives – where it breaks. Securing a system is the same basic idea; however, instead of using that weak point to get inside, you eliminate it. Time and again, in system after system, network after network the human element is the most easily exploited point in a system’s security. I am not talking about users opening infected email or browsing infected web sites. I am talking about passwords. People always look for a way to use the simplest password to connect to a network, or email, or web site. I am as guilty as anyone else, but what if humans were not the weakest link anymore? What if we could forget about remembering a password to access a system?

If I don’t use a password how do I log in to my computer you ask? Biometrics… Bio-what? Oh yeah all that spy stuff that evil fictional governments use to protect their secrets and weapons. That’s all just fake, right? No, it’s real and it has been available in some form or other for years. There are thousands of laptops in use today with fingerprint readers on them. Several mouse manufacturers have sold mice with fingerprint readers on them at one time or another. USB fingerprint readers are available online right now for $20-$30. So, if this is old news that you can log into your computer with your fingerprint, what’s the big deal?

The big deal is facial recognition. At the Consumer Electronics Show earlier this year, several developers were showing off software that would let you log into your computer with your face. Cool, huh? Sit down, look at the camera, and your computer recognizes you and logs you in. Microsoft has integrated this feature into its new Xbox One — just look deeply into its cold digital eye and Xbox recognizes you. It logs you into the system and loads your preferences, and you are ready to enjoy the system. Well this is a far cry from logging into my workstation at the office, isn’t it? Again, the future is here. There are companies today that have software that they will install on your computer — for example, KeyLemon has a free application that will log you into Windows using your face. KeyLemon can also manage your other passwords for sites like Facebook or Twitter. Face it — this is the evolution of computer security. At least that’s what I think. I think this technology will continue to evolve and that with Microsoft using it in their Xbox One to identify system users, we should expect to see this feature become part of the Windows login experience out of the box within the next year or two.

Windows 8 – Don’t Worry, It’s Still Just Windows

Not too long ago some news outlets covered the impending release of an update to Windows 8 that is being called Windows 8.1. After this news broke, I was hit with an onslaught of questions. People telling me that they had heard that no one likes Windows 8, that Windows 8 doesn’t work, and asking will this update fix it all. For the life of me I still cannot figure out what needs fixing. I have tested Windows 8 and even run software on it that does not support Windows 8 — all without any trouble. The best theory that I can come up with is that, as a group, PC users abhor change and the new home screen that Windows 8 presents on start-up and Metro UI is too much for us to deal with all at once.

The new Windows 8 Metro style interface is a smooth, visually appealing, and easy to navigate space for storing tiles that provides quick access to our favorite apps and folders. Live tiles even provide dashboard-like features, allowing us to get a quick, up-to-the-minute overview on what is happening in apps like email, news, and social media without having to open the application. The native Metro style apps are just like the old apps we know and love — they just fill the screen completely, providing a more immersive experience for the app. New Metro UI apps are appearing on the Windows Store all the time, but Metro UI apps aren’t the only kind of apps Windows 8 will run. Windows 8 is more than happy to run all the classic Windows style Apps you ran on Windows 7. You can even place tiles on the home screen to these apps so you can access them easily.

Another question that still comes up is what happened to the desktop, and can I get it back. The desktop is still there. It didn’t go anywhere. It is just hiding behind the Metro UI, and to get there all you have to do is click or touch the desktop icon on the home screen and there it is, just like you would expect. You can even fill it up with icons just like you did before. You could say the classic desktop provides the bridge between the new user experience and the old, providing a framework for running the classic Windows style apps. Some of the tools you are used to, like the Control Panel, are even still found on the classic side of the bridge.

I won’t lie to you. Windows 8 takes some getting used to, especially if you have been managing and maintaining Windows systems for as long as I have. There is a learning curve to finding where some of the tools you used to set things up have moved. For most users though there are but a few new things to learn, like switching apps in the Metro UI, which requires using a fly-out that hides itself on the left side of the screen. On touch devices like tablets, the basic gestures like swiping, pinching, pulling, and so on are fairly natural, and if you have had any interaction with apple or android phones or tablets this will be a breeze.

If you are still running Windows XP your days are numbered. As of April, 2014, Microsoft will no longer support the operating system. That means no more patches or security updates. This will also mean other software like QuickBooks or Adobe will stop supporting their software on that operating system. If you have an application that will not run on anything other than Windows XP, you need to either find a new solution or really push the developer to update their software and start supporting current operating systems. If neither is an option, or there is some reason to extend the migration period for a piece of software, Windows 8 includes what Microsoft calls the client hypervisor. If you have been reading the newsletter you know what a hypervisor is. It is a piece of software that allows you to run a virtual computer inside a window on a “real” computer. A Windows XP virtual computer can be created and run on your Windows 8 machine to allow you to run your old application until you can complete your migration. Just remember that a virtual machine running an unpatched version of Windows is just as big a security risk as running a physical one, so I would not look at this as a permanent solution to running your legacy Windows XP software but a life raft to help you make it to the shore.

You have nothing to fear from Windows 8, it’s just Windows, part of the ever forward moving march of technology. Windows 8 is beautiful but more than that it is functional. Windows 8 is going to be the most secure version of Windows for your business, not because it is better but because it is the version being actively maintained by Microsoft. It is going to get the most attention and quickest response to threats from Microsoft’s development team. I don’t have all the details on Windows 8.1, but it is not bringing back the desktop because it never went anywhere. 8.1 is the first update to Windows 8 in a much faster development cycle. More updates will follow every few months as Microsoft continues to improve and add to the platform as part of their commitment to try and bring its customers the best operating system it can. If you are still staring down the barrel of a migration from Windows XP call me and let’s talk. You need a plan, and starting by evaluating Windows 8 with a partner is a good first step.

Rise of the Smart… Everything!

Some of you may have gathered that I like projects, especially DIY. There is a growing wave of interest around making things at home on your own, rather than going out and buying a commercial product. The people who are part of this growing trend even have a name — Makers. Inside the maker community is a thriving electronics community whose interests run from 3d printing to making wearable electronics fashionable. These tinkerers tend to like to keep their eyes on their creations, send information to them and even get messages back. Lately, some of these gadgets have started to not only talk to their Makers but to one another, sharing data and making decisions based on this data. Now the machines have not taken on a mind of their own, but have been connected as part of the grand designs of their makers. Over the last several years, there have been articles and books published about what has been dubbed the Internet of Things, devices that share information connected over wired and wireless networks.

Commercial manufacturers are starting to get into the act. Now I am sure if you have been into an appliance store recently you have seen the word Smart pinned in front of nearly everything you can imagine: Smart Refrigerator, Smart TV, Smart Coffee Maker, etc. All of these devices in general have one thing in common. They are “connected” or have some feature that uses a sensor or timer to do things for us to improve their operation or reduce their cost. One of the smartest devices on the market today, in my opinion, is the Nest. Nest is a smart thermostat that is connected to the Internet. It allows you to control the temperature in your home from a web browser anywhere in the world, but it is also smart. Nest will detect when you are away from home and adjust the temperature to conserve energy. It learns your routines and will adjust the temperature back to your preferred settings before you return home. Nest uses motion sensors to see if you are home and temperature sensors to detect the temperature in the house. I believe I even read it can check the weather and will make decisions about how to manage the temperature in the house based on the forecast. Smart, right?

More devices are coming to the market or are being built in the Maker community almost daily that connect to each other and make decisions based on our preferences in order to make our lives and experiences better. Devices that turn off the oven if you leave the house or, like the Nest that improves the efficiency of our heating and cooling systems. We are building systems of devices that coexist and communicate, moving us into a world that a few years ago could only be found in science fiction. Voice controls, facial recognition that recognizes you when you enter a room, touch displays that can manage it all and connect you to the Internet — the world of the future is here today. So when you are shopping, even though “Smart” might seem like the newest buzzword to move the latest kitchen widget, be aware that that coffee pot might just be smarter that you think. What’s next? Robots that do chores like in Star Wars? Oh wait, the Roomba does that!

Virtual Machine Disaster Recovery

One of the single greatest features of virtual machines is how easy it is to use for disaster recovery. If you can imagine that an entire server is nothing more than a file on a hard drive, you can easily see how easy it could be to backup and restore a virtual machine. Backup can be as simple as turning off the virtual machine, copying it to another hard drive, then turning the virtual machine back on. That’s it. No magic, no smoke and mirrors, just copy it and go just like a Word or Excel file. If you need to restore it, just copy it back, find the file with the Hypervisor software, and start it right up!

Ok, so maybe it isn’t quite that easy, because depending on how much data is packed into that file it could still take hours to make the copy of the file. What if you can’t afford to turn the server off to back it up, what then? Well, making a copy of the drive is not the only way to back up your virtual server. Backing up the server is also not the only way to recover from a disaster when you are talking about virtual machines. Virtual machines can be moved between physical servers over a network with no downtime. They can also be replicated on a regular basis to another location, and those copies of the virtual server be brought online quickly in the event of a major disaster at your office. You can force a virtual server or group of servers to move to another machine while you take a physical server down for maintenance like upgrading the memory or doing an update to the hypervisor without turning the virtual servers off and interrupting service, then move them back when you finish.

Another feature of virtual machines that helps reduce the risk of a disaster is the snapshot feature. A snapshot is a picture of everything on the virtual machine as it was when the snapshot was taken that can then be rolled back to if a problem comes up. An example would be you are installing a new version of your accounting software, you reboot the server, and before Windows loads it crashes every time you try to restart. Don’t worry. All is not lost, because you took a snapshot just before you started installing the software. Just choose the last snapshot you took in the hypervisor and roll back to it. Now it is like it never happened. If you have already experienced a bad software installation, you might consider making a copy of your virtual server and testing the installation on a copy inside a hypervisor on your laptop disconnected from your network to see if there are going to be any problems, before you do the installation live. For that matter, you could just copy the virtual machine files you tested the installation to back to your live environment and not have to go through the process of installing the software again. In this way, you have completely avoided any risk of a disaster caused by the software installation.

As much as I want you to be excited about how easy and how powerful virtual machines can be in a disaster recovery plan, it is important to note that every network is different and has different needs. The more complicated your data and applications, the more complex the disaster recovery plan will be. The plan may require all your files to still be backed up daily using standard backup software from within the guest server, or SQL databases require special scripts to be run to prepare data for backup prior to the virtual machine being backed up. There are dozens of variables that could complicate the backup and recovery process implemented for a virtual machine, and that is why it is important to work with your IT staff or a knowledgeable consultant you trust to develop and test your backup plan.

The Latest Facebook Scam

Facebook is a fantastic resource for collaboration, reconnecting with old friends, meeting new people, and discovering products and services from around the web that have a presence on Facebook. With all this new- found “connectedness” come many new ways for unscrupulous individuals to try and take advantage of the less vigilant. The latest of these attacks comes in the form of, what is called in the security world, social engineering. Social engineering is when an attacker tries to convince you of something in order to take advantage of you. An example in the real world would be an investment scam: “‘Give me money for this great company that doesn’t exist and you can’t lose!”

On Facebook, social engineers are making copies of profile pictures and creating dummy accounts using the same name as the person whose profile picture they have copied. These individuals then turn around and begin sending friend requests to the victim’s friends. Once the victim’s friends accept the request, the attacker begins posting ads and links to all manner of sites, hoping that the trust the victim’s friends have in them will lead them to click the links they post, thereby snaring their real target, the victim’s friends. This kind of attack could not only be detrimental to those who click on the links, but could also ruin the victim’s reputation with friends, clients, and colleagues they have connected with through Facebook.

To protect yourself from these profile hijackers, it is important to understand Facebook’s privacy settings and to know who can see your posts. Facebook has a resource in their help center to help users understand and use privacy settings to protect their profiles and identities on Facebook. The privacy section of the Facebook help center can be found here: https://www.facebook.com/help/privacy. Remember to always check out the profile of someone before you add them as a friend, and if you get a friend request from someone you know you have already accepted, check with them before accepting the request. As a general rule of thumb, you should never add anyone as a friend who you don’t know personally.