Thirty years of Windows is a lifetime.

Hillary Clinton’s use of a private email server when she served as US secretary of state has been a major issue for the 2016 presidential candidate. Here are the six most critical facts about it.

The FBI recently wrapped up its investigation into Hillary Clinton’s use of a personal email server while she was serving as secretary of state. FBI director James Comey called the actions “extremely careless,” but recommended that no charges be brought against Clinton.

She is now the presumptive Democratic nominee for the upcoming presidential election in November, and her actions relative to the email server have become a hot-button issue among her opponents. The situation, however, is nuanced; and there are a lot of details to understand about the scenario. Here are the most important facts.

1. What happened?

While serving as secretary of state under President Barack Obama, Hillary Clinton used multiple private email servers to communicate regarding government business, according to the State Department. Additionally, it was revealed that Clinton never had a government (.gov) email address while she was serving in her post—we’ll talk about which email address she used in a moment—and her aides did not take any actions to preserve the emails sent through her personal account. This prompted an investigation by the FBI to determine if Clinton intentionally put classified information at risk.

2. Why does it matter?

Clinton handed over 30,000 emails to the State Department, of which 110 contained classified information at the time they either were sent or received, according to the FBI’s findings. During the investigation, though, Clinton asserted that none of the emails she sent or received were classified at the time. The biggest implication has been the potential threat to national security. While the contents of the emails have not fully been released, if they had contained sensitive information it could have possibly fallen into the wrong hands. As noted by the New York Times, Comey said it was “possible” that enemy foreign governments had accessed Clinton’s personal email account.

The second biggest implication is that of transparency. The Federal Records Act requires that all communication in certain branches of government be recorded on government servers, and it forbids the use of a personal email account for government business, unless those emails are then copied and archived. However, there are a lot of technicalities involved, and there is evidence that other government officials had violated the act. As Alex Howardwrote for the Sunlight Foundation, there is also evidence that Clinton tried to control the discoverability of the emails under the Freedom of Information Act (FOIA), which could set a precedent for limiting public access to government records. It is also believed that Clinton deleted 31,000 emails deemed personal in nature before turning the emails over to the State Department.

3. When did it start?

When she was appointed secretary of state in 2009, Clinton began using the email address hdr22@clintonmail.com, tied to a personal server. Clinton’s personal email server was first discovered in 2012, by a House committee investigating the attack on the American Consulate in Benghazi. In 2013, hacker Guccifer claimed to have accessed Clinton’s personal email account and released emails that were allegedly related to the Benghazi attack.

The next year, in the summer of 2015, the State Department began asking Clinton for her emails correspondence, and she responded by delivering boxes containing more than 30,000 printed emails. In early 2015, the New York Times reported that Clinton had been using her personal email exclusively, and never had a government email address. A federal watchdog group issued an 83-page report condemning the “systemic weaknesses” of Clinton’s email practices in May. On Tuesday, the FBI concluded its investigation and recommended against any charges.

4. What tech was used

When Clinton was running for president in 2008, she had a private server installed at her home in Chappaqua, New York. The domains clintonemail.com, wjcoffice.com, and presidentclinton.com, which were registered to a man named Eric Hoteham, all pointed to that server. In 2013, a Denver-based IT company called Platte River Networks was hired to manage the server, but wasn’t cleared to work with classified information. The company executivesreceived death threats for taking on the contract. It was later discovered that multiple private servers were used for Clinton’s email.

Clinton used a BlackBerry phone to communicate during her tenure as secretary of state, including sending and receiving emails through her private server in New York. The State Department expressed concern about the security of the device. Clinton had requested the NSA provide a strengthened BlackBerry, similar to the one used by President Obama. But, her request was denied. Instead, the NSA requested that Clinton use a secure Windows Phone known as the Sectera Edge, but she opted to continue using her personal BlackBerry.

5. Will she be prosecuted?

Right now, it’s too early to tell whether or not Clinton will be charged for her use of private email servers. While Comey’s recommendation that no charges be brought will likely weigh in the decision, it is ultimately up to the US Department of Justice to make the call. However, a recent Politico analysis of multiple, similar cases spanning the past 20 years, seem to point to an indictment being “highly unlikely.” According to a former senior FBI official quoted in the analysis, the Justice Department tends to avoid prosecution in cases that are not “clear-cut.”

6. What can businesses and IT leaders learn?

The first lesson that IT can learn from this situation is that transparency is critical, at all levels in your business. This isn’t to say that the CEO should be broadcasting his or her emails to all employees every week, but steps should be taken to ensure that information can be accessed if need be. As part of adigital leak protection program, security expert John Pironti said that organizations need to know if users are using a personal email account to conduct business.

“This behavior is often a violation of acceptable use policies and can expose an organization’s sensitive information to unsecured systems and e-mail accounts,” Pironti said. “Without this visibility an organization may not be aware that their intellectual property, customer data, or sensitive data assets are not being protected appropriately and they also may be in violation of contractual agreements with their clients regarding the security of their data as well as regulatory requirements.”

The second takeaway for IT is that policies should be enforced from the top down. Sure, a CXO may get their support tickets expedited, but that doesn’t mean that exceptions should be made that could compromise the security or integrity of the organization for the sake of comfort or convenience. Leaders should model the policies that are in place to showcase the importance of adhering to them, especially regarding security and privacy policies.

Finally, the importance of records management should not be overlooked. In Clinton’s case, since multiple servers were used, the FBI had to piece together “millions of email fragments” before they could look into them. Proper labeling and management of all records will make for a more cohesive environment and assist in accountability.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Business leaders must prepare for disasters made by man or Mother Nature with extensive, practiced recovery plans to avoid system shutdowns.

A Delta ground stop was lifted Monday morning following a 2:30 a.m. ET power outage in Atlanta that delayed and cancelled flights worldwide. Businesses should view this as a cautionary tale, highlighting the importance of quality data center power and disaster control systems.

Delta cancelled approximately 300 flights due to the outage. As of 10:30 a.m. ET, it operated 800 of its nearly 6,000 scheduled flights. However, Delta customers heading to the airport on Monday should still expect delays and cancellations, according to a press release. As inquiries are high and wait times are long, there may also be some lag time in the display of accurate flight status from the airline, it warned.

Last month, Southwest Airlines cancelled 1,150 flights after a system outage. Though the system came back online within the day, hundreds of flights were backlogged.

Based on recent research, it’s fair to say that what happened to Delta and Southwest could happen to a number of businesses. Some 57% of small and mid-sized businesses have no recovery plan in the event of a network outage, data loss, or other IT disaster, according to a Symantec study.

“Planning and executing disaster recovery exercises is something that should be done on a regular basis to find out these issues before they may be impactful,” said Mark Jaggers, a Gartner data center recovery and continuity analyst. “The issue, which was also the case with Southwest Airlines, is not planning for partial failure scenarios that are harder to get to the root cause of and work around.”

To avoid shutdowns like Delta’s, company data centers should have redundant power and networking, preferably from a grid and provider, respectively, that are completely independent from the primary ones, Jaggers said.

“Data centers are a huge piece of a disaster recovery plan,” said mission-critical facility management professional Christopher Wade. “To have a reliable infrastructure, you have to minimize single points of failure.” Business leaders should also ask about the experience levels of data center staff, as many of these companies are currently understaffed, Wade added.

Usually, large companies have a primary data center in one location and an alternate in another that is far enough away so the two do not experience the same disaster at the same time, said Roberta Witty, risk and security management analyst at Gartner.

“In today’s world, the business expectation is that you’re up and running quickly after a disaster,” Witty said. “The ‘always on’ driver is changing the way organizations deliver IT in general, and so they are building out their data centers to be more resilient.”

Faster recovery times

About 60% of organizations are moving to a recovery time objective of four hours or less, Witty said. Doing so successfully involves extensive planning. First, determine what business operations are mission critical. Then, consider factors that impact recovery time requirements, such as revenue loss, safety, and brand reputation, and build your recovery infrastructure accordingly. As more companies outsource data operations, a key consideration should be the third party’s ability to meet your recovery requirements, she added.

Crisis management practices, such as the procedures Delta used to notify management and deal with customer fallout, usually get exercised every quarter. “The more you practice your crisis management procedure and communicating with your workforce, customers, suppliers, and partners, the better off you are,” Witty said. “A plan that hasn’t been exercised is not a workable plan.”

Disaster recovery can’t be something a company reviews once a year, Witty said, but rather an ongoing part of every new project.

“Your recovery environment has to stay in sync with production, which is where a lot of organizations fail,” Witty said. “Build disaster recovery into a project lifestyle—whether it’s a new product or a change in management, you have to go back and revisit your recovery plans.”

The 3 big takeaways for readers

1. Delta experienced a massive networked service stoppage Monday morning after a power outage in Atlanta, which offers a lesson in disaster preparedness and recovery for other businesses and data centers.
2. About 57% of small and mid-sized businesses have no recovery plan in the event of a network outage, data loss, or other IT disaster, but these plans are key for mitigating natural and manmade disasters and keeping business operations running smoothly.
3. Companies should build crisis management and proper communication into all new projects and management changes to ensure consistency.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Create a system image backup:

The surest way to recover from a data disaster, such as a system drive failure, is to restore that drive from an image-based backup. You’ll need an external hard disk–at least as large as the amount of space in use on the system drive and ideally the same size as your system drive.

The capability to back up and restore a system image is in the Windows 7 Backup And Restore program. That same program is also in Windows 8, 8.1, and 10, although it’s somewhat hidden. (In Windows 10, you can find it by typing backup in the search box.)

To start the program, press Windows key + R to open the Run box, type sdclt, and press Enter. Click Create A System Image from the column on the left, choose your external hard disk as the location where you want to save the backup, and click Next. On the following page, all partitions on the system drive should be selected. Just click Next and then click Start Backup.

Have questions?

For More Tips & Info from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

Microsoft is previewing Stream, a new service for publishing and managing business videos. One day it will be the default video publishing system for Office 365.

On July 18, 2016, Microsoft announced that a preview version of a new service called Microsoft Stream was available. Like most of you, I passed over the news with an indifferent “whatever” attitude. But later I realized that the news was actually more important than I had first thought.

Microsoft Stream fulfills a niche by providing a secure place to share videos created within, and for, businesses. By using a cloud-based service like this, businesses can reap the benefits of video communication without the threat of anonymous forum trolls trashing the brand or harassing employees.

Upload and forget it

While it is still a preview version, Microsoft Stream seems mostly ready for prime time. All you have to do is set up an account with a valid business email—One can use a personal domain email—and then log in. To test how easy Stream is to work with, you can make a 10-second video with a smartphone. Upload your video to Google Drive and then drag and drop it on the Stream portal website.

The web service processes the video while you give it a title and a brief description. Stream then asks if you are ready to publish and when you say yes, it publishes the video after a few seconds of grinding. It takes all of two minutes from start to finish and requires nothing more technical than knowing how to drag and drop a file.

Gone are the days of worrying about file format, aspect ratio, preferred playback applications, and all the other minutia we had to go through in years past to get a video published. You just take the video and then publish the video.

Video management

The key features of Microsoft Stream have to do with managing videos after they are published. Videos can be classified and placed into specific channels. Those channels can have their access restricted to certain individuals or certain groups, like a specific department, for instance. Access is controlled via the Azure Active Directory system.

According to the blog post, Microsoft plans to integrate Stream into the existing Office 365 Video system. Once the integration is complete, Microsoft Stream will be the default system for publishing video in an Office 365 environment.

There are plans in the works to add intelligent search to Stream by taking advantage of tools like audio transcription and face recognition. Developers are also working on ways to integrate Stream with other tools, like PowerApps, Microsoft Flow, and SharePoint.

Bottom line

We are aware of Microsoft Bookings and how that application attempts to cut out other third-party developers by integrating appointment scheduling for small businesses with the standard Office 365 subscription. By offering Stream, a secure video publishing and management service, Microsoft is attempting to execute the same strategy for video publishing.

Microsoft Stream gives businesses a secure system for publishing videos. Through Stream, businesses control access and manage who can see what and when they can see it. And because it is all handled internally, problems with anonymous forum trolls are likely to be reduced.

It seems that Microsoft’s grand strategy is to become the only software company a business needs—ever. The glaring application that Office 365 is missing now is a double-entry accounting system that includes payroll, accounts receivable, accounts payable, and the general ledger. Should we be looking for an announcement regarding those applications soon, Microsoft?

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

As ransomware increasingly targets healthcare organizations, schools and government agencies, security experts offer advice to help IT leaders prepare and protect.

Nigerian princes are no longer the only menaces lurking in an employee’s inbox. For healthcare organizations, schools, government agencies and many businesses, ransomware attacks—an especially sinister type of malware delivered through spear phishing emails that locks up valuable data assets and demands a ransom to release them—are a rapidly-growing security threat.

“We’re currently seeing a massive explosion in innovation in the types of ransomware and the ways it’s getting into organizations,” says Rick McElroy, security strategist for cyber security company Carbon Black Enterprise Response. “It’s a big business, and the return on investment to attackers is there—it’s going to get worse.”

While ransomware has existed for years, 2015 saw a spike in activity. The FBI received 2,453 complaints, with losses of over $1.6 million, up from 1,402 complaints the year before, according to annual reports from the bureau’s Internet Crime Complaint Center. And the numbers are only growing in 2016, the FBIreports.

“The Dark Web and Bitcoin allow almost anyone to sell stolen data without identification—cyber criminals understand they can make easy cash without the risk of being jailed,” says Ilia Kolochenko, CEO of web security company High-Tech Bridge. And hackers—most of which are located in developing countries—are growing more sophisticated, even developing downloadable ransomware toolkits for less-experienced hackers to deploy, according to the 2016 Institute for Critical Infrastructure Technology Ransomware Report.

“The days of grammatically incorrect, mass spam phishing attacks are pretty much over,” says James Scott, senior fellow and co-founder of the Institute for Critical Infrastructure Technology, and co-author of the report. Hackers can now check a victim’s social media accounts, and create a fake email address pretending to be a friend or contact in order to get them to click on an infected link or attachment. “It’s much more targeted, and will exploit a particular vulnerability in a device, application, server or software,” Scott adds.

A typical ransom demand is $300, according to a report from security firm Symantec.

Health threats

The healthcare sector is highly targeted by hacker attacks, due to antiquated or misconfigured computer security systems and the amount of sensitive data they hold, says David DeSanto, director of projects and threat researcher at Spirent Communications.

The large number of employees at most hospitals also makes cyber security safety training difficult, DeSanto says. Experts commonly see attacks occur through spear phishing—targeted emails with attachments with names such as “updated patient list,” “billing codes” or other typical hospital communications that employees may click on if not warned.

In 2015, over 230 healthcare breaches impacted the records of 500-plus individuals, according to data from the U.S. Department of Health and Human Services Office for Civil Rights.

A February ransomware attack launched against Hollywood Presbyterian Medical Center in southern California locked access to certain computer systems and left staff unable to communicate electronically for 10 days. The hospital paid a $17,000 ransom in bitcoin to the cybercriminals, says CEO Alan Stefanek.

Following security best practices can help healthcare organizations protect themselves. “The best way is to make regular backups of all systems and critical data so that you can restore back to a known good state prior to the ransomware being on the system,” DeSanto says.

Without security best practices, healthcare organizations may be left with few options to retrieve information. In these cases, healthcare organizations may choose to pay the ransomware fee. Some make enough money that paying the ransom for a few infected computers is low compared to the cost of maintaining the infrastructure to protect these attacks, DeSanto adds.

Schools and businesses

Hackers are gaining traction and using new methods across other industry verticals as well. In 2014, a large European financial services company (whose name was not disclosed) discovered with the help of High-Tech Bridge that a hacker placed a back door between a web application and a data set.

For six months, the hacker encrypted all information before it was stored in a database, undetected by company staffers. Then, they removed the encryption key, crashing the application, and demanded $50,000 to restore access to the database.

However, the company did not end up paying, thanks to mistakes made by the hackers, Kolochenko says.

Other victims are not as lucky, says Engin Kirda, professor of computer science at Northeastern University. “If the ransomware hacker does the encryption well, once the data is encrypted it’s nearly impossible to decrypt,” he adds.

Such was the case for South Carolina’s Horry County School District this February, when hackers froze networks for 42,000 students and thousands of staff. District technology director Charles Hucks tried to shut down the system, but within minutes, the attackers immobilized 60 percent of Horry County’s computers. The district paid $8,500 in Bitcoin to unlock their systems.

Tips for IT leaders

To prevent a ransomware attack, experts say IT and information security leaders should do the following:

1. Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.
2. Keep all software up to date, including operating systems and applications.
3. Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
4. Back up all information to a secure, offsite location.
5. Segment your network: Don’t place all data on one file share accessed by everyone in the company.
6. Train staff on cyber security practices, emphasizing not opening attachments or links from unknown sources.
7. Develop a communication strategy to inform employees if a virus reaches the company network.
8. Before an attack happens, work with your board to determine if your company will plan to pay a ransom or launch an investigation.
9. Perform a threat analysis in communication with vendors to go over the cyber security throughout the lifecycle of a particular device or application.
10. Instruct information security teams to perform penetration testing to find any vulnerabilities.

Mitigating an attack

If your company is hacked with ransomware, you can explore the free ransomware response kit for a suite of tools that can help. Experts also recommend the following to moderate an attack:

• Research if similar malware has been investigated by other IT teams, and if it is possible to decrypt it on your own. About 30 percent of encrypted data can be decrypted without paying a ransom, Kolochenko of High-Tech Bridge says.
• Remove the infected machines from the network, so the ransomware does not use the machine to spread throughout your network.
• Decide whether or not to make an official investigation, or pay the ransom and take it as a lesson learned.

“There is always going to be a new, more hyper-evolved variant of ransomware delivered along a new vector that exploits a newly-found vulnerability within a common-use application,” Scott of ICIT says. “But there are so many technologies out there that offer security—you just have to use them.”

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

The surprisingly useful Shutdown command:

If you want to shut down a PC, you can always use the Power menu on Start. But the Shutdown command, which runs from a Command Prompt window, can help with a few tasks you can’t do from any menu.

To see the full syntax, open a Command Prompt window and type Shutdown /? Here are a few options you might find especially useful:

• Shutdown /i – Show a graphical interface (note that this does not include all options available via command-line switches)
• Shutdown /s – Full shutdown
• Shutdown /r – Full shutdown and restart
• Shutdown /h – Hibernate the local computer
• For UEFI-based Windows 10 PCs, you have two extra options that can be invaluable:
• Shutdown /s /fw – After a full shutdown, opens firmware user interface on next start
• Shutdown /r /o – Restarts and displays the advanced boot options menu

Have questions?

For More Tips & Info from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

Web browsers don’t like the security and stability problems that come with Flash.

Another popular web browser has had it with Adobe Flash.

Mozilla said this week that it plans to gradually wean its Firefox web browser from Adobe’s ADBE -1.07% multimedia player. In August, Firefox will no longer support “certain Flash content” that it deems “not essential to the user experience,” although Mozilla did not specify what type of Flash content it was referring to.

Mozilla will still support “legacy Flash content” for an unspecified time, but the company urged websites that use Flash or Microsoft MSFT -0.25% Silverlight, another multimedia web player similar to Flash, for their videos or online games to adopt newer “HTML technologies as soon as possible.”

In May, Google GOOG -0.59% detailed its plans to end support of Flash for its Chrome web browser, and it hopes to completely rid itself of Flash advertisements by the beginning of 2017.

Google, like Adobe, is urging website operators to switch to the HTML5 coding language to display multimedia like video on their sites.

Flash is notoriously buggy and prone to many security vulnerabilities. Firefox believes that by ending support for Flash, its users will see “enhanced security, improved battery life, faster page load, and better browser responsiveness.”

Still, Mozilla is not totally cutting ties with Adobe. Mozilla said it would “continue to work closely with Adobe to deliver the best possible Flash experience for our users” as it phases the multimedia player out, and said that an engineering partnership between the two companies has improved some performance and stability in Firefox when it displays Flash content.

Last summer, Facebook’s FB -0.27% chief security officer Alex Stamos urged Adobe via Twitter to disable Flash because of its security vulnerabilities.

In April, Adobe issued an emergency update to Flash after security researchers found a flaw that allowed hackers to distribute so-called ransomware to owners of Microsoft Windows personal computers. Ransomware is basically a form of malware that lets hackers block people from accessing their computer or related computer networks so that a hacker can demand payment in return for access.

In 2010, legendary Apple AAPL -1.32% CEO Steve Jobs wrote a 1,700 word essay on Flash and why Apple’s problems with the multimedia player, which he claimed hurt the “reliability and security of our iPhones, iPods and iPads.”

Shake the clutter away:

On a modern Windows PC with gobs of memory, it’s easy to have dozens of windows open at one time. But all that multitasking can create a distracting mess of overlapping panes that makes it difficult to concentrate on the task at hand.

The solution is a little gesture that debuted in Windows 7. Bring the app you want to focus on to the foreground, point to its title bar, hold down the left mouse button, and make a gentle left-right-left shaking gesture. It doesn’t need to be violent; just make sure you move the window an inch or so in each direction. Do it right, and every other open window is minimized to the taskbar. Shake again to restore all windows to their previous position.

Want to minimize every window, including the current one? Aim for a narrow strip at the end of the taskbar, just to the right of the system clock, and click once. Click again to restore all windows.

Have questions?

For More Tips & Info from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.