The Crypto Threat

CryptoWall is a real threat. In the last two months alone I have dealt with two different customers. The experience of having all of you files encrypted and locked away and being extorted is dreadful to say the least. In case you have not heard of this malicious bug let me fill you in. Cryptowall is what is called "ransomeware" that first manifested itself back in April of 2014.  It targets all versions of windows. The "ransomware" scans your computer and targets various files and then encrypts them with an unbreakable public key.

CryptoLocker: Preventing and Eradicating The Latest Technological Vermin

by Lou Person on Dec 19, 2013 in Cloud Journey

CryptoLocker is the latest in criminally driven and aggressive virus technology. It first surfaced in 2013, and is essentially ransomware that targets computers that run Microsoft Windows. It is most commonly deployed into seemingly legitimate email attachments, disguised often as a tracking notification from UPS or FedEx. This infection can infect anyone anywhere in the world, so no user is safe. However, it should be noted that just opening the email is not what spreads the virus: it’s the zip file inside of it that holds the true assailant. Hiding within that zip file is essentially a booby trap: a double-extension file such as *.pdf.exe* that, when clicked on, begins the countdown to the threatened annihilation of personal files. The .exe file is what enables CryptoLocker run on your computer, while the inconspicuous .pdf extension camouflages the file’s true function so that you are unaware of what’s happening until it’s too late.

Contact Center Scripting

Posted by Lou Person on Apr 05, 2012 in Cloud Journey
Setting up call routing based on Area Code –
Steps needed –
1.    Setup database
2.    Setup Windows ODBC hook
3.    Setup ECC hook into database
4.    Adding some recordings to the ECC system
5.    Creating the needed Script
6.    Director and ECC director configurations to access script and test

Create a Microsoft Access database – with 3 colums. ID, RegionID, Delivery Area
You can name your database anything you would like. This name is only used when making the Windows ODBC connection. In the database the ID = Caller ID, RegionID = identifier to control routing, Delivery Area is a reminder of what location the ID is from.

Implementing a Business Continuity and Disaster Recovery solution using ShoreTel

Posted by Lou Person on Dec 18, 2011 in Cloud Journey

ShoreTel is a single image solution. This means, all sites, users, switches, phones and licenses are all managed through a central interface (called Director) and distributed to users at locations distributed across an organizations footprint. Some organizations are single site with all users at one location and some remote users who access the system while travelling or working from home. Other organizations have multiple locations which are connected together through a Wide Area Network (using such technologies as Internet VPN, MPLS, Metro Ethernet, etc).

Whether single site or multiple location, it is easy to add a Business Continuity/Disaster Recovery site to ShoreTel. The following is a high level overview of the components required and some suggestions and alternatives. Please contact me directly to discuss further. brightstack offers a hosted ShoreTel service where we can host your Business Continuity and Disaster Recovery (BC/DR) site as part of a Managed Services offering. Some companies realize that the BC/DR site effectively becomes a Hosted ShoreTel solution, and they decide to move production to the BC/DR site and have “built-in disaster recovery and business continuity” in their Headquarters Site now in the datacenter. They then carry voice traffic over the private network to the locations (sites with higher user counts often deploy PRI’s at the local site).

Wireless Device Acceptable Use Policy

Posted by Lou Person on Dec 17, 2011 in Cloud Journey
(This is an example Acceptable Use Policy.  Please consult with an attorney before using this.) 
 
Summary
Objective
The organization’s Cell Phone & PDA Policy exists to control costs, secure organization data and protect mobile devices from theft.
Audience
Every officer, manager, employee, contractor, temporary worker, authorized agent and volunteer is subject to the terms of the organization’s Cell Phone & PDA Policy.
Violation of Policy
Any violation of the Cell Phone & PDA Policy must be immediately reported to the Information Technology department manager.

Violating the Cell Phone & PDA Policy, or any of its tenets, could result in disciplinary action leading up to and including termination of employment and civil and/or criminal prosecution under local, state and federal laws.

The organization will provide cellular telephones (complete with PDA features and monthly voice and data service) for all employees at and above the level of Director. Employees below Director Level may request organization-provided cellular telephones (without PDA features) and monthly voice service with the written consent and approval of their manager.

Security in the Clouds

Posted by Lou Person on Nov 14, 2011 in Cloud Journey
“There is no security on this earth, there is only opportunity.”
General Douglass MacArthur

Think about it. If a five-star general with more than a passing acquaintance with the Sherman tank wasn't convinced security existed even after winning WWII, who can blame IT professionals for still having a few doubts about the safety of cloud computing? Unlike previous computing revolutions IT has weathered (mainframe to client-server, client-server to Web), cloud computing challenges traditional security assumptions and approaches. For starters, there are actually three models of cloud computing, each with its own level of exposure, risk and security needs.  Here’s a quick look at each and how the Cloud Security Alliance (CSA) describes their individual security concerns.

Smack down in the Clouds: Full-on Implementation or Technology as a Service

Posted by Lou Person on Oct 28, 2011 in Cloud Journey

But first, a word about terminology:

Heads up: Definitions can vary widely.  This is how we see things at brightstack and where this blog is coming from.  If you have questions, please call me at [212-812-9446] .

Disruptive  Potential

Cloud implementation
Today’s leading IT analysts often tout the business benefits of technological change. But many IT professionals would beg to differ. Fearing chaos, some flat out resist change, effectively trading progress for predictability. Fearing inertia, others mistake movement for momentum and jump from one thing to the next. Either way, it can be disruptive when fear of change, rather than its promise, is calling the shots.  Perhaps it should not be surprising that more than half of the IT decision makers who participated in a recent survey cited fear of change as the number one roadblock to cloud implementation. [1]

Cloud-enabled Technology as a Service
It is not necessary to idle or retire your existing IT network  to get the benefit of Cloud-enabled Technology as a Service. Although given that users could use the? Internet to access technology that is physically housed in brightstack’s data center, retiring it gradually may be worth considering. Reducing the size of your IT footprint can result in significant advantage, financially as well as in terms of sustainability. There is no need to fear a loss of data. 
_______________
2011 State of the Cloud Survey, Symatect Vision, Oct. 4, 2011

Clearing Up the Mystery of the Cloud

Posted by Lou Person on Sep 19, 2011 in Cloud Journey

Confused about the cloud? You are not alone. In a recent study of consumer awareness in the US [1]:

  • 78% of respondents said they were unfamiliar with cloud computing.
  • 76% of these same participants reported using an Internet-based (read: cloud-based) service such as Facebook, Gmail, Flickr, etc. within the past 12 months.

When you think about it, people’s disconnect makes sense. These days all kinds of professionals are weighing in on what the cloud is and does. Marketers, environmental activists, financial gurus -- everybody’s getting into the act. Especially technology analysts, as you can see below.