If you mention “OS X” and “virus” in the same sentence, you’ll get some weird looks from Mac users. Traditionally viruses and trojans on OS X were near non-existent, but there’s a Mac specific trojan, codenamed Flashback, that has affected more than 600,000 computers. This is big news as it shows that machines running OS X may not be as secure as first thought.

Many Mac owners are unsure of what exactly the Flashback trojan is, what it does and how to ensure they’re not infected. We’re here to help clarify the situation.

What is a Trojan and What Does Flashback Do? In general terms, a trojan is a piece of malicious software that infects a computer and gives control of part, or the whole computer to hackers. The Flashback trojan takes advantage of an OS X Java vulnerability and infects computers by tricking them into downloading a fake Java update.

When the program is installed, Flashback will download and install the main trojan code without the need for permission from the administrator. From there it proceeds to hijack your browser, redirect search queries to websites developed by hackers, and then take advantage of pay-per-click advertising.

Why Should I be Worried? While this version hijacks your browser, there are far more sinister things it could do. As this trojan acts as a downloader, there’s nothing stopping the developers from updating the malware to steal passwords, banking information and other confidential information.

How do I Ensure My Mac is Clean? Apple has released an update for machines running OS X 10.6 and later. The first step you should take is to update your computer to patch the vulnerability. To update your Mac:

1. Press the Apple logo, located in the top right hand of your screen.
2. Select Software Update...
3. Press Install and Restart.

While the patch will prevent Flashback from working, it won’t delete the program if you’ve been infected. The Internet security company F-Secure has developed a script that scans your computer and removes Flashback if found. Once you have downloaded the script, open and run it. The script will search your computer and place the infected files in an encrypted ZIP folder labeled Flashback_quarantine.zip.

Flashback has infected a higher number of Macs than any other trojan to date and goes to show that Macs also have security flaws. This also serves as a reminder that you should have a virus scanner and security program running on your Mac. If you have any questions regarding the security of your Mac or other devices, please don’t hesitate to contact us. We are here to help keep your machines secure.

Privacy of information is important to all people. Granted, some are a little freer with it than others, but there’s a limit to what people are willing to share. Over the past few weeks a disturbing trend has come to light: some companies have been infringing on potential employees’ privacy by asking for a little too much during interviews.

News agencies have been carrying stories about companies that have been asking job applicants for their Facebook logins and passwords before or during an interview. This is a slightly unsettling trend when observed from the job interviewee viewpoint.

It’s become a common practice of employers to look at the social profiles of potential employees to get to know the job seeker on a more personal level. Users have responded by ensuring that their profiles are private, much to the chagrin of would-be snoopers. So what have companies done? Some have started asking potential employees for access to their social media usernames and passwords. This new practice has the masses wondering, “Is this legal and am I protected?”

Currently there are no laws (in the US) that state that it’s illegal for employers to ask employees, potential or otherwise, for their social network usernames and passwords. There are however lawmakers in California, Maryland and Illinois who have introduced legislation that will bar companies from asking for account information. But this is by no means law yet.

Facebook has weighed in on this as well, “This practice [asking for passwords] undermines the privacy expectations and the security of both the user and the user’s friends. It also potentially exposes the employer who seeks this access to unanticipated legal liability.”

What Facebook means by this is that if a company does check into a potential employee, sees they are part of a protected group e.g., LGBT, and does not hire a person on those grounds the company could face claims of discrimination. Beyond that, Facebook also pointed out that giving out or soliciting passwords to your or another user’s account is a breach of Facebook’s Statement of Rights and Responsibilities.

According to most articles, this is a fiasco. But if you look at it from an HR point of view, you want to know that the person sitting across from you really is who they say they are. You are protecting your interests as much as the interviewee is protecting their privacy. Short of asking people for their passwords there are five legal actions you can take to find out more about an interviewee.

• Basic Internet search: Your results may return hits for other people with the same name. To get around this, narrow the search by adding an email address, phone number or address.
• Facebook: It’s perfectly fine to use Facebook to search for a job seeker’s profile and do a little social snooping. Don’t forget, there are other social media sites out there, LinkedIn is a particularly good source for discovering a person’s work history. A big boon of Linkedin is that users tend to be free with their work related information on this site.
• Conduct background checks: It’s a good idea to conduct checks, especially if you work with money or other high value items. If you don’t have time to conduct checks, there are companies that will conduct checks for you. It’s important to be aware of the law regarding background checks in your region.
• Ask for, and check references: Companies just don’t do this anymore. It only takes a few minutes to call or email each reference provided. If you call the referrers and ask the right questions, you could learn a lot more about the applicant this way.
• Prepare ahead of time: We are all busy, but it’s important that you look over a resume before the interview. Pay close attention to employment history and take note of gaps in employment or short stints (less than one year) at companies.

You will be able to find just as much information about a person by using legal means to research as compared with asking for their social media accounts. If you would like to learn more about Facebook or other social media sites let us know.

If you implemented an electronic medical record (EMR) in 2011, you’ll need to start your meaningful use process by July in order to get their attestation done in time. Don’t worry, gloStream can help, thanks to gloEMR and its innovative implementation process, gloDNA.

As you probably know by now, healthcare practitioners can earn federal incentives of up to $63,750 for meaningfully using a certified EMR.

To be a meaningful user of a EMR, you’ll need to meet 20 of 25 possible criteria. Some criteria are simple (such as recording demographic data), and some are complex (such as distributing clinical summaries to all patients you see).

The deadline to show compliance for 2012 is October 3, 2012, but it’s trickier than stating a date. That’s because in order to earn your incentives, you’ll have to comply with these meaningful use criteria for 90 days in the initial incentive payment year. So, if you started in 2012, you have to start 90 days prior to October 3, or the beginning of July.

Because you likely need some time to get your EMR set up and begin meeting the meaningful use criteria, you’ll probably want to start thinking about this now.

At gloStream, our EMR, gloEMR, comes with an innovative implementation process called gloDNA, which stands for “gloStream Detailed Needs Analysis."  During this process we gather information to help us create an ideal EMR solution you. It’s so proven, we offer a 15-day success guarantee. If we can't get your practice back to full patient load within 15 days of your glo-live date, we'll refund gloStream software and services.

With the adaptation of Stage 2, companies operating in the electronic medical records will shift their focus from the capture to exchange of health information. One industry insider has recommended 10 things your EMR needs to be truly interoperable.

1. Single sign-on (SSO). Applications tend to proliferate, and if you don't allow people to switch between these applications using a common login and password, users will get frustrated and give up.
2. Context transitions. As applications grow, and you need to integrate them into an EMR, SSO won’t be enough, because you’ll still lose the “active patient or task" being performed. You’ll also need to provide for the transition of context between applications.
3. Widget publishing. EHRs often have hundreds of functions, and if some are exportable or publishable as widgets, they become much easier to integrate into new user interfaces in the future.
4. Widget consumption. EMRs will become more like containers of cross-application functionality than innate functionality, so consuming widgets will be a basic requirement.
5. Mash-ups. EMRs should allow access to their content through the content management interoperability services (CMIS) standard, thereby allowing users to unlock content they have in various health records.
6. Customizable dashboards. EMRs should provide dashboards that can be tailored by organization, user role, or even user.
7. Interactive Voice Response (IVR). IVR, which allows an EMR to interact with users through phones and other voice systems, such as Skype, will improve collaboration with patients and other physicians who aren’t at a computer.
8. Voice recognition. This will help users conduct EMR tasks more efficiently.
9. Natural language understanding. Because most EMR data is entered by humans, an EMR must integrate with systems that can convert the spoken word or typed text to structured data.
10. Customizable data import and export. A good EMR must allow customizable importing and exporting of simple lists in common formats, such as Excel, CSV and XML.

Details about these tips, and an additional two not discussed above, can be found here.

In order for your IT department to be successful, you need a strategic plan that will both optimize your workflow and help to define your practice’s needs. The well thought out and executed plan will exhibit a focus on the experiences of your staff and patients. Here are five considerations that can help you develop your strategic IT plan.

1. Improve the patient experience. Many healthcare practitioners consider the patient experience a major challenge, yet don’t give much thought to how IT can improve it. Consider what you can do electronically to support patients, whether they're in your facility or not. Electronic forms? Email and text message reminders and confirmations? Kiosks?
2. Consider best practices. Technology can help you get to know your patients better. The Web, for example, can be used as a first point of engagement. Ask a few questions of visitors, then tailor your responses to their needs. A patient interested in a first consultation would receive different information than one preparing for his or her first round of cancer treatment.
3. Don’t forget the staff! Your staff needs successful workflows to interact effectively with patients. Common errors are multiple devices and different logins. Keep in mind how clinicians work to develop efficiencies. Your staff needs to be able to provide clinical care without being tied to a PC.
4. Use social media. Social media often isn’t included in IT planning, as it’s usually more of a marketing consideration. Without thinking about how it will be used, it will become difficult for patients and staff to have a singular experience. Your IT department needs to work with other departments to develop a social media plan that will yield a consistent presentation to the end user.
5. Use integrative planning. Typically, IT does its strategic planning in isolation. Ideally though, IT would plan with other departments. This “integrative planning” allows for a consistent plan supported by all parts of the practice.

In the past five years, there has been a significant rise in the sharing of files and information between computer users. Many businesses have also taken to sharing files using cloud services and peer-to-peer (P2P) networks, allowing users to share files with each other over the Internet. This brings about a number of issues, both with file recoverability and overall security.

With the seizure of a number of cloud storage and sharing websites, including Megaupload, and the seemingly omnipresent malware in P2P files and the shaky security in relation to P2P networks, businesses have had their hands full staying secure. Do you know what your options are when it comes to data security?

Cloud Services Knowhow The recent seizure of Megaupload’s files and servers by the US Government caught many people and businesses unprepared. While Megaupload’s main purpose was file sharing, it was found that a large number of organizations were using their services to store files. If you had files stored on Megaupload, the chances of getting the files back are non-existent.

It needs to be pointed out that many cloud services don’t guarantee that files stored on the service will be recoverable in the event of a crash, or disruption in service, e.g., a government seizing servers. If you read the user agreements of a number of major cloud services, they all have clauses stating that if data stored on their service is lost for any reason, it’s gone forever, and the hosts can’t be held liable for losses.

Risks of P2P With high speed Internet widely available at low prices, P2P file sharing has become incredibly popular, it’s almost uncommon to find someone who has never used a P2P service. If you or your employees use P2P at your office, there are a number of potential security threats you should be aware of:

• The unknown share: If you put a file in a folder that is shared on a P2P network, it’ll be shared with all other people connected to that folder and almost anyone can access it. This is normally done by mistake, i.e., not looking where the file will be saved when you save it. There’s also malware out there that will move files into a shared folder which the developer of the malware can find and upload with ease and without the user knowing it is happening.
• Open network: Typically P2P works on open networks: users give and share. What this means is that when using P2P on a poorly configured network, the whole network could be unsecure, allowing for access to other computers connected to the network.
• Untracked data: If you share a document with another person, and they then share it with others, there is potentially, an unlimited amount of people that can get the data. If you want to take it back, it can be impossible to do so, even if the original document is deleted.
• Storage hijacking: There’s news of malware that has been developed with the purpose of downloading illegal material onto your hard drive. This could pose a problem if the data is found, as you will be liable.

What Should I do? With regards to cloud services, as with anything that comes with a contract, the first thing you should do is gain an understanding of it by utilizing reading material such as blogs, news articles and Wikis. It’s a pain in the neck, but it’ll help you understand the boundaries of the program and your responsibilities. Remember that if you go to court to get files back from a company, and it becomes known that you didn’t read the agreement, you’ll probably end up losing that case.

Second, it’s not recommended to keep single copies of data on one cloud service. Chances are high that in your business, you store your data and backups in a place separate from the computer. This makes sense with the cloud as well - keep your data with a number of different cloud services. If it’s important enough, have physical backups of what you put in the cloud.

For P2P networks there are also a number of steps you can take to protect the data on your network:

• The most obvious one is to ban employees from using any file sharing services outside of your network.
• If you do allow file sharing, it’s a good idea to establish and strictly enforce a protocol for this. You should also set which users are allowed to share files, and what files are appropriate to share. Be sure that all staff are aware of your policy and the measures that will be taken in the event of any deviations.
• Develop a system to classify documents by whether or not they can be shared, and who they can be shared with.
• If you work in an office where you need to share files, but don’t want to use a P2P network or the cloud, and are unsure of other solutions out there, don’t worry. There are companies that specialize in document sharing solutions that should be able to provide you with assistance.

The most important thing is that whatever the situation is, you take action to try to solve the problem while frequently revisiting the actions to ensure that they are working. If you’d like to learn more about document sharing over the cloud, or via P2P networks, give us a buzz. We’re more than happy to help.

Smartphones have been a part of our personal lives for a while now. It’s no surprise then that we are starting to also use them for business purposes. In fact, many of us already check our work email on our personal device. As smartphones become more powerful and popular, employees are wanting to “Bring Your Own Device” (BYOD). Is your company prepared for this?

When employees use their own device for work, it can be hard for their company to manage what the user is doing, after all it’s a personal item. Add to this the growing number of malware programs aimed at stealing information from devices, and you’ve got an issue that’s not going to go away anytime soon.

What Exactly is BYOD? BYOD came about when businesses began to assign laptops to employees for use at home or on the road. Companies quickly came to realize that the laptops were not as secure as the desktops at the office, and that employees were also using the laptops for personal use. To address this, companies introduced security measures and procedures to keep data on the laptops safe, while limiting personal use. This worked well until the introduction of the smartphone, which has now given employees the ability to access their office data on their personal devices, and has moved them off the machines provided by the company. Because of this trend, companies are being forced to examine or implement a BYOD policy.

Pros of BYOD The most obvious benefit of BYOD is the fact that the cost of the the technology is shifted from your company to the user. Think about it: no more costly hardware upgrades and minimal to nonexistent upkeep costs, thus bringing about significant savings.

The next upside to BYOD is user satisfaction. If your employees are allowed to use their own devices, they’ll generally be more satisfied with the systems they’re using, because they’ve already made the personal choice to buy that particular device.

There are some ancillary advantages to BYOD as well, including having employees on the most up-to-date systems, as many employees will buy newer, or top of the line models. The other advantage is that the usually slow update cycle can be exterminated, employees will be in charge of keeping their devices current, not the company.

Cons of BYOD As with all stories, there are two sides to this one. The biggest disadvantage of BYOD is that you’ll lose control of the hardware, and employees will generally be more reticent in allowing other employees to use their device.

Another major issue to overcome is usage policies. As employees will be using their own device, it’ll be harder to tell them what is considered acceptable use. As opposed to when employees are using company devices you can implement a fair-use policy.

The final negative side of BYOD is of what happens when an employee leaves your company? If they’ve been using their own device it can be a chore to get the data back, let alone establish who owns the data in the first place.

So What Can I do? If you take a step back and observe, you’ll notice that smartphones are becoming more and more mainstream, and while in the short term you could say no to personal devices at work, it won’t work in the long term. It would be beneficial if you developed a BYOD plan that clearly states your expectations, and has a usage policy regarding network and data use. You don’t have to implement it right away, but it’ll help to have the plan ready, for when you do decide to allow employees to use their own devices. You could also set up a trial with some employees, observe how they get on with the devices and reevaluate your position after the trial period.

You should also establish a set point of security measures that are not optional. This is particularly important for companies that operate under set data security mandates, e.g., mandates regulating data storage in relation to point of sale and credit systems. Methods of increasing security include software that must be installed, and basic security measures such as a locked screen, or regular data backup.

It is also important to establish a process for when an employee leaves your company. Set up a policy regarding who owns what data and the steps to be taken at the end of employment. If your employee uses a device with a removable memory card, you could set up a partition - mini non-physical hard-drive within the larger physical hard-drive - on the card where data from the business is to be stored, allowing for easy access and retrieval.

Should your company go BYOD, or abstain? Be aware that this is a major trend and in the near future employees will start to push to use their own devices at work, if they haven’t already. If you’d like help setting up a BYOD plan or more information concerning security measures, please contact us.

No matter what industry your business is in, managers and employees will at one time or another need to give a presentation. Presentations can at times scare many employees, causing undue stress and poorly created presentations that could cost a company a key contract.

It’s important that you, that as a manager, you ensure that your employees are creating PowerPoint presentations that are effective. Here are a few tips you can give to your employees to help them improve their presentations.

Simplify and minimize The best presentations are simple and minimal, often shifting focus from the presentation to the presenter. Minimal presentations follow the 6-6-6 rule. There should be no more than: 6 bullet points per slide, 6 words per bullet and 6 slides full of words in a row. Being visual creatures, you should encourage your employees to create slides with engaging and related visuals. A caveat: be sure that you have the rights to use the images.

A great rule taught in business schools across the country is: KISS (Keep It Simple, Stupid). Refrain from using confusing words, jargon, uncommon acronyms and irrelevant information. Keep it short, sweet, and to the point. Following these rules will help engage the audience and hold their attention for a longer period of time.

Be consistent “Consistency is key” - a saying often used but rarely followed in the creation of PowerPoint presentations. You should ensure that grammar and spelling are all consistent, and errors are minimal, if existent at all. Have another employee or manager review it for errors and inconsistencies.

For the slides, use the same background and font throughout. The easiest way to ensure this is by using a template. A word of warning: don’t use templates that are heavily animated because they can cause significant distractions, and don’t choose backgrounds that are similar in color to your font. The best slides have a light color for a background with a darker font for your text.

Summarize The goal of most presentations is to build interest and inform or update the audience. In fact, the majority of audiences just want a short summary so they can develop their own questions to ask after the presentation, or at a later meeting.

When creating the presentation, be sure to keep the audience in mind. If a presentation is being made to IT managers, chances are it does not need to have advanced financial spreadsheets. If you are presenting on a topic that has lots of graphs, extra information, or appendices, put the most important information in the presentation and the rest in a handout. This will keep the audience’s attention on the presenter, not the slides.

Practice, preview, review Practice makes perfect. In an ideal world there would be hours and hours to practice and tweak a presentation. Normally, that’s not true. Schedule at least a comparable amount of time the day before a presentation for a dry run. Always review the presentation with your team and ask them for feedback. This will help encourage employees to keep improving and developing themselves.

For more tips and tricks on giving presentations using Microsoft PowerPoint and other Microsoft products, please contact us.

Many of us have had the pleasure of working with the Windows Operating System, more specifically, Windows 7. From time-to-time there is a problem and something stops working. When this does happen, our normal response is to hit CTRL-ALT-DELETE; restart the computer, losing what we were working on, and try to start from where we left off.

It can be extremely frustrating when you are working on an important document, Windows 7 stops working and you’re forced to reboot. Before you restart your computer, here are three useful things to try.

Using the Resource Manager If your computer starts to act sluggish or slow, and is taking a long time to open a program or respond, it may be because it’s taking up a large amount of processing power, forcing other programs you have open or running to use less - this is commonly known as a “bottleneck”. To figure out where the bottlenecks are when your computer is slow is relatively easy:

• Click Start and type: RESMON and select RESMON.exe. A window with all running programs and processes, graphs and tabs will pop up. This is called the Resource Manager.
• Under the Overview tab, you will see a list of programs. Click Status and the programs will be ordered by their status, an easy way to quickly figure out what is working and what isn’t.
• Once you have identified the bottlenecks, you can look for solutions using the Internet or contact the people responsible for your IT. It will make their job easier if you can tell them exactly what’s wrong.

If you want to find more information on why a program isn’t working, click the CPU tab, beside Overview. You will be presented with a dialog box similar to the task manager from XP. Select a program which isn’t responding, right-click on it and select Analyze Process. Windows will run an analysis and try to tell you why that program isn’t working. This goes a long way in figuring out what is happening, and also gives you more information if you have to call your IT team.

If you have a program that has completely stopped working:

• Open the Resource Monitor; click start and type RESMON.
• Click the CPU tab, and the program should be highlighted in red.
• Right-click and press Analyze Wait Chain.
• If there are more than two processes, the lowest one on the bottom is the process that isn’t working.
• Click the box beside it and select End process. The program should re-open.

A word of warning on the Resource Monitor: don’t go stopping programs or processes just because they take up what looks like a lot of processing power. They could be essential to the operation of Windows, and if stopped you could make the problem worse. If in doubt, make a note of the program, search the Internet for more information, or ask your IT department for help.

Open Program in New Process If you are working on an important project and would prefer not to have it crash when another program does, you could start the program in a new process. This essentially creates another window in the same environment. If one crashes, it won’t affect the other. To open in another process, hold down Shift and right click on the program, and select Open in a new window. The downside to this is that it will consume more system resources, so your computer will run slower.

Record Your Steps One neat and underutilized feature is the Problem Steps Recorder. When activated it will record mouse movements and clicks, key presses, folders opened and even take screenshots. When the problem is solved, it will put them all the recordings into a file and email them to you. This is extremely useful if a problem keeps happening, and you have your IT team come in to help. To turn on the recorder:

• Press Start and type in PSR, select PSR.exe
• Press record.

If all else fails, and you can’t fix the problem, then you can try restarting the computer or calling IT. As ever, don’t forget to save your work often, and ensure your data is backed up regularly. If you would like to learn more about Windows 7, or other Microsoft products, please contact us.

It’s hard to find someone who isn’t using social media in some way, or at the very least isn’t aware of its existence. Companies are becoming wise to this and are starting to utilize social media tools to build their brand, or bring in new customers. If your company does not use any form of social media, it may be time to look into getting your business out there.

Social media, once called a fad, has become the norm and is going to be with us for some time. A large number of companies already have an online presence, and are taking advantage of the benefits that social media can bring. Here are a number of things you can do to get your social media adventures underway.

Be Clear on Social Media It’s important that before you start looking into the different forms of social media that are out there, you are clear on what social media is, and what it isn’t. Social media is a way to meet people, and share content and ideas with them. For companies it’s a form of non-traditional marketing - think of it as soft marketing - it’s not meant to be the place where you flog your products, rather a place to develop interest in your company, so people will want to do business with you. By using social media you can show people who your company is, and connect with them on a more personal level. If you are clear on what social media is from the beginning, there’s a higher chance that you’ll be successful when you develop your online presence.

Before You Launch Into Social Media There are a number of things that your company needs to have either already done, or considered, before you jump in:

• Have a website: It’s a good idea to have a solid website with information about your company, contact information, products and services. Most potential customers will look at your website after looking searching for you online, and before they choose to do business with you, so your website needs to provide the relevant information they are looking for. If you don’t have a website, or feel yours is lacking, it’s easier than ever to get a professional looking site. With a quick search you will be able to find some competent designers.
• Get educated: It will be beneficial to educate yourself on current trends regarding social media. This can be done by simply going to social media websites, taking the free introduction tours and reading blogs related to the sites. Beyond that you should also research your competitors’ websites and Internet presence. Observe what content they have online, and more importantly: what they don’t have. It will also help to connect with and observe industry experts, see what they post online, and note the style and tone they use. This will help provide you with a sound knowledge base from which you can then create a more effective online presence.
• Set goals: As with any step in business, you should have a plan with realistic goals. Aim for results that are achievable for your company. If you’re a small, local IT company that focuses on providing support for banks, don’t expect to have the same massive hype that Microsoft and Apple do. Clearly set objectives and review periodically.
• Develop a focus: In real life, you can’t be all things to all people. The same goes for social media. You need to develop a focus on what type of online content you would like to share. You should aim to create content that your customers will want to share with people.
• Stake a claim: You should to go to the main social media websites - Google+, Facebook, LinkedIn and YouTube - and reserve your personal and business usernames. This is important because it will make you look more professional by having the same username across all sites, and users will be able to find you easier.
• Ask for help if you need it: While some companies make social media sound easy, it can be deceptively hard to master. If you feel lost, or are having a tough time with it, there are knowledgeable consultants out there who are happy to help.

Time to Get Social When you feel you know what direction you will take, it’s time to start developing your online profiles. It can be tough to decide which social media tools to utilize. Unfortunately there is no right answer. Most small businesses follow the crowd, and this means having pages on Facebook and Linkedin. This does not mean that you should join these networks simply because they have the most users. It is recommended that you follow what similar businesses or direct competitors are doing. If they are on one service but not another, do the same to begin with, but be on the lookout for new social media sites, or features being added to existing sites.

One Thing to Not Forget There is one really important thing we can share with businesses thinking of pursuing social media: it isn’t a turnkey operation. You can’t just, “set it and forget it.” To be successful, you need to be active by posting updates, news, and above all interacting with the people who reach out to you. After all, they are your customers. If you do establish your social presence but forget to keep it up to date, you will be the company that’s forgotten.

If you would like help with your social media strategy, please get in touch with us. We’d love to hear from you.