Blog

May 22nd, 2014

Do civil liberties still exist? Or is privacy dead?
How do you raise children in the era of Snapchat, smartphones and Google Glass?

Abstract:
Snowden, Anonymous, NSA, FBI, GCHQ, Boeing, China, Cisco, ATT, Verizon, Google, Facebook, GM, Ford, Apple, Amazon, Your doctor, Spouse, Grocer, iPhone, android, your child’s school. What do they have in common? Each and everyone is a spy. Individuals, corporations and governments have built the modern surveillance state.

Executive over reach, insufficient planning, systemic flaws, and blind faith in institutions has led to a global panopticon. Our jobs, social interactions and technology have made it extremely easy to become a spy…or a peeping tom. It’s much harder not to look, than to look.

App stores, vendors, governments have transmogrified society into the Truman Show. This presentation delves into how we got here, what lessons we have learned, what lessons we have yet to learn, and where we’re headed.

Based on 10 years of research, this presentation will delve into history, technology, the Bill Of Rights, EU Privacy Charter, George Orwell and others to discuss the origin and architecture of the modern surveillance state and what we can do about it.

This presentation will discuss the origin of the modern surveillance state and what we can do about it.
What’s the difference between the US & China? US & Russia? Come and find out.

  • Jun 3rd — NYS CyberSec, Albany
  • Oct 1st — ASIS60 / ISC2 SecureCongress, Atlanta
Topic Articles
May 22nd, 2014

According to leading security researchers, malware on the Google Android platform has increased 600% – and now has over 650,000 viruses and Trojans.

In more ways than one, Google is aping Microsoft.

Windows became the global desktop leader due to it’s low cost and compatibility with a wide range of manufacturers. Security wasn’t even an after thought.

Whereas Apple has kept tight control on the iOS platform (and as such, has seen 2 viruses in 4 years), Google has made Android open to all, with minimal (none?) security standards.

So, how do you protect yourself?

Just like windows, you need to install and run an Android Anti-Virus and Anti-Malware scanner.


My current favorite is the SOPHOS FREE ANTIVIRUS AND SECURITY app from the playstore.
Download it, install it, use it.

My favorite features are:

    1) SCANNER—this scans all your apps and identifies any infected ones.
    2) SECURITY ADVISOR—reviews the security settings on your android device and makes recommendations.
Topic Articles
May 22nd, 2014

  1. Did you know it is Candy Month? Go ahead and satisfy your sweet tooth – you’re supposed to!
  2. Also, the polar opposite: it is also Fresh Fruits and Vegetables Month.
  3. Aside from that, June is National Turkey Lovers’ Month. Americans consume more than 353 million pounds of turkey during National Turkey Lovers’ Month.
  4. Marilyn Monroe (Norma Jeane Baker Mortenson) was born June 1st, 1926.
  5. On June 19th, 1997, Cats became the longest-running show in the history of Broadway.
  6. The American War of Independence began in June of 1775 with the battle of Bunker Hill outside of Boston.
  7. The very first baseball game was played on June 19th, 1845, across the Hudson River in Hoboken, New Jersey.
  8. June 1st also marks the start of Atlantic Hurricane Season – be careful!
  9. And, of course, we can’t forget the holidays in June – Flag Day is the 14th, Father’s Day is the 19th, and the first day of summer also falls in June!
Topic Articles
May 22nd, 2014

  1. Don’t leave it lying around Although this is common sense, you’ve probably violated this rule more than once. Tablets are easy targets for thieves, so don’t let it out of your sight when in a public place – and don’t leave it in plain view in your car or you might end of up with a broken window in addition to a stolen tablet.
  2. Use a LONG passcode Although it’s not 100% hacker-proof, it will block unauthorized users from accessing your information. Forget the 4-digit pincode. Use an 8 or 12 character passcode.
  3. Consider enabling automatic data erasing You can configure your iPad to erase your data after 10 failed pass-code attempts. Clearly this is not a good solution for anyone who constantly forgets a password or for those who have kids trying to log in repeatedly. However, if you have a Microsoft Exchange account connected to your mobile device, your IT guy can remotely wipe your mobile device as soon as you report that it has been lost.
  4. Encrypt your hard drive On your iPad, simply enabling the password will turn on encryption. All iOS devices also come with a second layer of encryption (called data protection) that protects your e-mails and attachments. This protection can’t be broken, even if the passcode is stripped. On Android tablets, you need to enable hard-drive encryption in the security settings.
  5. Enable iCloud Find My Phone or Android Device Manager These are valuable tools to use when you misplace your tablet. Both of these services allow you to log in and find your tablet or even wipe it if you have sensitive data on it.
  6. Install software updates As with all software, make sure you have the latest security updates and patches installed to protect against hackers and viruses.
  7. Only connect to trusted WiFi networks Public WiFis are open territory for hackers and identity thieves. Whenever you connect, make sure it’s a legitimate, secure connection.
  8. Run AntiVirus on Android Tablets – see page 4
Topic Articles
May 22nd, 2014

This is probably one of the biggest and most costly misconceptions that many business owners have. Usually this is because they’ve been fortunate enough to never have encountered a major computer-related disaster, but that’s similar to someone thinking they don’t need to wear a seat belt when driving a car because they’ve never had an accident.

Computer networks are complex and dynamic systems that need regular updates and maintenance to stay up, running fast and problem-free. In fact, it’s surprising how fast a brand-new computer will slow down after a few weeks or months of use without proper updates and maintenance. Here are just a FEW of the critical updates that need to be done on a weekly – if not daily – basis:

  • Security patches applied – with NEW viruses and hacker attacks cropping up DAILY, this is a CRITICAL part of maintaining your network
  • Antivirus updates and monitoring
  • Firewall updates and monitoring
  • Backup monitoring and test restores
  • Spam-filter installation and updates
  • Spyware detection and removal
  • Monitoring disk space on workstations and servers
  • Monitoring hardware for signs of failure
  • Optimizing systems for maximum speed

A computer is just like a car: if you don’t change the oil, replace the filter, rotate the tires, flush the transmission and perform other regular maintenance on your car, it will eventually break down and cost you FAR MORE to repair than the cost of the basic maintenance – and cars are far simpler than a computer network!

Topic Articles
May 22nd, 2014

Most do not realize it, but there is serious and real danger with sharing too much information on the Internet and in particular, social media. Maintaining personal privacy is vital to keeping you from becoming a statistic. The social media generation do not seem to share these same fears or have the filters of private vs. public.

Social media concerns fall into two distinct areas: The fact nothing on the Internet will be deleted; companies mining information about users to market to them. Professionals in the industry point out that 16 year old students who share nude pictures of themselves across the Internet is just as likely to be branded a sexual predator as an adult. Many are clueless as to the severity of these actions, yet they continue to do so.

Here is a tidbit to consider, “there are district attorneys in this country who have jailed kids and have labeled them sexual predators for life even when they were in a consensual relationship with each other with parental approval. So now they’re branded as sex predators for life. They will not get certain jobs. They will not live in most neighborhoods, and Joe Average really doesn’t distinguish between 2 kids who are stupid at 16 who sent naked pictures of each other and a 40-year-old creep who rapes little girls.”

This issue is not going away. ID theft is on the rise, and public records are moving online. This means anyone can find information about potential marks. Posting personal and private information online can bring unintended and serious consequences as evidenced by the above. This is only the beginning of the problem.

Most of the youth of today think they are bulletproof and immune because they are online. This is not the case, as evident by the number of ‘cyber detectives’ who specialize in finding and prosecuting those who would download, post or view child pornography. It is a serious crime, and most children do not understand this. Being branded as a sexual predator is a stigma that will stick with someone for the rest of their lives, and the ramifications are severe.

While this is important, there are other aspects of social media and privacy many do not understand and never consider. One of the least understood examples, metadata, is another topic that people need to know about and be concerned about their personal safety and privacy. A good example is a person laid off from a job.

Raj Goel, the IT expert, sums it up like this, “Now that this person is laid off, they go home and post this information on social media. Now, red flags begin to pop up. Questions like, “Why were they fired? Is the business going under? Does my company need to continue working with this company?” Suddenly, there is a wildfire from a small spark.

Posting too much information on social media can have thieves triangulate your location for the perfect robbery. Posting one thing on Twitter, another on Facebook and LinkedIn can lead the thieves to your door at the best possible time to rob you completely blind, and you are clueless as to how it happened.

One of the best possible ways around this problem is to enact laws similar to Canada and Europe. Companies have to have permission to use any personal information and data, but the U.S. does not have this particular law. This is why credit bureaus are so frequently targeted for attacks, and why it takes such a long time to rectify the situation.

Email is another area that many do not understand, and this understanding goes beyond those of the social media generation. According to the 1986 Electronic Communication Privacy Act, email more than six months old does not require subpoena for access. This means Google/Yahoo/Microsoft routinely provide information to the government.

The solution is to be smart with what is done and how it is done. It is easiest to equate this to guns. A gun is safe is used properly; in the wrong hands, guns are dangerous.

Training children to use technology wisely is no different than teaching them to drive, or to continue the previous metaphor, use a gun. Goel continues, “Start with the basics and move forward. Maturity is the key to proper online behavior. Young people need to learn about the dangers of sending sexually explicit pictures to one another and the ramifications of being labeled a sexual predator for life. Using computers and technology needs to fall under the same lines as driving.

In driving, parents discuss the basics of driving, perhaps even while driving themselves. Then the young driver takes the wheel, slowly working their way up to more and more driving with varied situations. Finally, the young driver has the skills for independent driving.

To review: Parents need training and skills in dealing with today’s digital teenager and world. There is no generation gap with technology when it comes to parent and child, particularly when it comes to what is and what is not appropriate online or sent via text message.

Parents should be willing to take necessary steps to protect their children, even if it means taking away or severely limiting time online or on a cell phone. Just like any child, today’s Net generation needs to understand bad behavior and consequences.

Check out these three informative videos:

What To Teach Your Kids About Social Media – http://www.youtube.com/watch?v=HpOg1Sgmpok
What To Teach Adults About Social Media – http://www.youtube.com/watch?v=HpOg1Sgmpok
Why Cyber Civil Rights Matter – http://www.brainlink.com/de-volkskrant/

May 2nd, 2014

It’s that time of year—the weather is warming and you want to get out more. What better way to spend a sunny afternoon than on a picnic with family or friends! But what are picnics really and where did they come from? Find out here:

  • Originally a picnic was a fashionable social event to which each guest contributed some food.
  • In the first half of the 19th century, a Picnic Society met in London at the Pantheon, a place of public entertainment in Oxford Street.
  • In the year 2000, a 600-mile-long picnic took place in France on July 14 to celebrate the first Bastille Day of the new millennium.
  • The French started the modern fashion for picnics when they opened their royal parks to the public after the revolution of 1789.
  • The use of the phrase “no picnic” to describe something unenjoyable dates back to 1884.
  • The 1955 film Picnic, with William Holden and Kim Novak, was nominated for six Oscars and won two, for best art direction and best film editing.
  • Our word “picnic” dates back to 1794, exactly 100 years after “pique-nique” was first seen in French.
Topic Articles
May 2nd, 2014

Archiving is simply a process of removing old (but important) e-mails from your “active” inbox and folders to a compressed, encrypted backup, freeing up space in your inbox and preserving your e-mails should you need to dig them up at some point in the future. Should you archive? The answer is “Yes” for 3 important reasons:

Compliance Regulation: Obviously some businesses, such as medical offices and financial institutions, are affected by this more than others. However, all records pertaining to a company’s activities are subject to compliance regulation, including employee records and communications, e-mail threads discussing contracts or other negotiations and financial documentation. It’s inevitable that you will have e-mail messages touching one or more of these areas that you are required by law to keep for a period of time.

Litigation Support: Almost every company operating will, at some point, be implicated in a lawsuit. When that happens, the court may require you to produce all records and communications relevant to the case in a “timely manner,” no matter how far back the communications took place. If a good e-mail archiving solution wasn’t used, it could cost MORE to conduct the discovery than the cost of the case itself.

Storage Management: If you don’t want to be forced to delete current e-mails to make room for new messages, then archiving is a smart option. Of course, NOT all archiving solutions are created equal! Make sure you consult us on which one would work best for your company before making any decisions.

Topic Articles
May 2nd, 2014

Technology changes faster and faster than ever. Consider how much technology has changed since this time in 2005, just a few short years ago…

Can You Believe That These Technologies Didn’t Even Exist in 2005?

We lived in a world without smartphones, tablets, e-readers, Facebook, in-home Wi-Fi and Netflix. What did we do with all of that extra free time!

  • E-readers such as the Kindle and Nook did not exist yet and now 40% of consumers own at least one.
  • Smartphones did not exist. Now 62% of consumers have one.
  • Tablets/iPads were nonexistent. Now over 40% of consumers own one.
  • Netflix was merely a service to order DVDs in the mail.
  • Facebook was a small social networking service on the campus of Harvard.

Dying Technology

In 2005, most consumers owned VCRs and mobile phones. How much longer will it be before we only see these items in a museum?

Are These Technologies Here For The Long Haul?

Even with all of the technological advancements, the possession of many of these electronic devices has hardly changed:

  • Cable TV – Even with streaming services such as Netflix, Hulu and many other apps, the percentage of consumers with cable TV has remained exactly the same (68%).
  • DVD/Blu-ray Players – Ownership down only 3% over the last 9 years.
  • Desktop Computers – Down only 8% (interestingly, the ownership of laptop computers has more than doubled during this period).
  • Topic Articles
    May 2nd, 2014

    In today’s crazy-busy world, who doesn’t want to cram more “done” into your day? We’ve got 3 really simple things you can do to get more work done for the hours you’re putting in.

    1. Use dual monitors. According to a University of Utah study, you can increase your efficiency by 25% just by adding a second monitor. Perfor-mance measures included task time, editing time, number of edits completed, number of errors made, as well as usability measures evaluating effectiveness, comfort, learning ease, time to productivity, quickness of recovery from mistakes, ease of task tracking, ability to maintain task fo-cus, and ease of movement among sources. All of these factors combined show truly increased productivity.
    2. Block social media sites and/or other non-work related content online.THIS one won’t be popular for a lot of people, but if you want to get more done, then take the distractions out of your day. Of course if your job is “social media director” for your company, this doesn’t apply; for all the other workers in your office who don’t NEED to go on Facebook, Twitter and YouTube to do their job, this will remove the temptation to “snack” on so-cial media sites throughout the day, which add up to hours wasted on entertainment surfing. Con-tent filtering software can easily manage which sites you can and cannot go online to view, also keeping employees from gambling, searching for jobs, reading the news or visiting sex sites.
    3. Set up remote access. It’s incredibly easy to access files, e-mail and programs from home (or while on the road) these days using cloud technologies or other remote access applications. Not only does this allow people to keep working when forced to stay home with sick kids or to wait for the plumb-er to show up, but employees would also put in several more hours of work on their own initiative if they could easily jump on their home PC and put in a few hours.

    Each of these is an EASY fix for us to implement. If you want more details on how to get these implement-ed into your business, just give us a call at 917-685-7731 or shoot me an e-mail at raj@brainlink.com

    Topic Articles
    May 2nd, 2014

    You use your iPhone or Android for everything else.Your spouse even texts you to grab some milk at thestore or to tell you they’ll be gone when you get home.It’s quick, easy and gets the job done. Why not in business too?

    If you’re going to text for business purposes, followthese 7 texting tips to keep it professional:

    1. Consider if your message is urgent. Your text mayinterrupt your recipient…be sure there’s a good reason for that interruption.
    2. Is e-mail better? Most people prefer businesscommunications via e-mail as it better respectstheir time and ability to respond appropriately.Emails are especially important if you are sending orders or approvals. Text messages are easily lost if sent at a bad time.
    3. Do they only e-mail you? If yes, respond to them inthe same way. If they e-mail, send an e-mail. If they call, call them back.
    4. DON’T TYPE IN ALL CAPS. DON’T YOU FEEL LIKE SOMEONE IS YELLING AT YOU WHEN THEY TYPE IN ALL CAPS? DON’T SEND E-MAILS OR TEXTS IN ALL CAPS.
    5. Proofread your message. Ever hear of “Auto-Correct” in text messages? Some can be downright embarrassing. If you’re taking the time to write the message, take the extra seconds to proofread.
    6. No abbreviations! Your recipient shouldn’t have to decipher your text message with a decoder ring. Be as clear as you can with proper grammar and pronunciation. No sense in risking losing a customer who gets fed up with your messages.
    7. Include your name in the message. Not everyone knows who you are simply by your cellphone number. Assume that the person doesn’t know who the message is coming from.

    If you do text in a business environment, especially with a customer or prospect, follow these 7 tips to ensure that you are perceived as the true business professional that you are!

    Topic Articles
    May 1st, 2014

    How many do you know?

    A true mark of a gentleman, is dressing well.

    And in our modern, abundant economy, we can take for granted that the clothing is made well, functions well and projects the image you wish to convey.

    In a sea of khakis, corporate blue shirts, gray/black/pin stripe/etc. suits, how do you stand out?

    I prefer to use tie knots to make a statement.

    According to a recent research paper, there are 177,147 ways to tie a tie knot (see http://arxiv.org/pdf/1401.8242v1.pdf). According to AgreeOrDie.com, there are 85 classic tie knots. Thanks to Alex Krasny (@lexKrasny) for helping me up my sartorial game.

    My 3 current favorites are:

    ELDREDGE

    Perfect for long, SOLID ties. This is my go to tie-knot

    TRINITY

    Trinity is perfect for STRIPED TIES and DUAL-TONE ties (and if you work for JPMorgan Chase, it also resembles your corporate logo!)

    MEROVINGIAN

    This is a VERY SPECIAL tie knot that I reserve for rare occasions.

    Yes, it’s complicated, tricky to pull off, and requires a sweater or vest to really pull it together. On the other hand, if you watched that otherwise unwatchable Matrix Reloaded, then you know that what set the Merovingian apart (other than his French accent, his gorgeous wife Persephone and the evil henchmen), was his choice of tie knots.

    Your turn!

    1) Which of these 3 is your favorite?

    2) Which tie knot are you going to learn (ladies, which tie knot would you like the man in your life to master?)

    Email me at raj@brainlink.com and let me know.

    Topic Articles
    April 8th, 2014

    Raj Goel can add one more title to his already impressive list of credentials: Genius. Raj was named Genius of the Month by Robin Robins of Technology Marketing Toolkit, Inc., a national marketing and sales expert.

    In 2013, Raj travelled to 5 countries, spoke at 7 conferences, delivered 4 key-notes in 4 different countries, was profiled in the largest paper in Holland, and was on TV multiple times. Raj has also received high praise for his first book, “The Most Important Secrets To Getting Great Results from IT: Everything Your Computer Consultant Never Told You”.

    Of her newly dubbed Genius, Robin said Raj “…is more interested in making things happen than in making excuses. His book launch was nothing short of brilliant and something I would strongly recommend…” Raj also has high praise for Technology Marketing Toolkit, saying “Thanks to Robin’s strategies, we’ve experienced tremendous upsurge in revenues, profits and client satisfaction!” with a mission to help small and medium-sized businesses get a real return on their technology investments. His expertise has been sought out by Security groups such as ISC2 and ASIS, media outlets such as WPIX11, Geraldo, PBS, New York Times, Entrepreneur Magazine, ISC2s Infosecurity Magazine and many others. He is a highly praised public speaker nationally and internationally. He resides in Queens, NY.


    Topic Articles
    April 8th, 2014

    The best way to protect yourself from RFID and NFC skimmers is to keep your credit cards, passports, etc. in RFID-shielded cases.

    Here’s my favorite RFID Wallet: Royce Leather RFID Blocking Wallet

    http://www.amazon.com/Leather-Blocking-Passport-Currency


    Topic Articles
    April 8th, 2014

    A phishing e-mail is an e-mail sent by a hacker designed to fool the recipient into downloading a virus, giving up their credit card number, personal information (like a social security number), or account or login information to a particular web site. Often these e-mails are well designed to look exactly like an official notification from the site they are trying to emulate.

    For example, a recent phishing e-mail was circulated that appeared to come from Facebook stating that videos or photos of Osama Bin Laden’s death were posted online. These e-mails looked exactly like a legitimate Facebook e-mail and even appeared to come from “Facebookmail.com.” Once you clicked on the e-mail the phishing site would attempt to install a virus on your machine.

    And now due to recent security breaches with Sony and e-mail marketer Epsilon, phishing attacks are going to increase – and they are going to get more sophisticated and harder to distinguish from legitimate e-mails. That’s because the hackers that were able to access the private databases of the above mentioned companies now have the name, e-mail and interests of the subscribers, and in some cases birthdays, addresses

    That means a phishing e-mail can be personalized with relevant information that the user provided to Sony, making the e-mail appear to be more legitimate and the user more likely to click on the links provided and take the actions requested. Now more than ever it’s critical that you are wary of e-mail notifications and the actions they request you take. Even having good anti-virus software installed won’t protect you if you give your account information away freely.

    Topic Articles
    April 8th, 2014


    MICHAEL APPELL

    CEO, Appell Associates
    mappell@appellassociates.com
    917-821-2930


    Why you should meet Michael Appell:

    Mike and his associates have decades of experience in the NYC Real Estate market and can usually find the right solution for any client. Whether you’re looking to buy buildings, build hotels or navigate the city’s complex real estate market, you need to work with professionals.

    Mike also owns a fabulous apartment and has amazing art works. As a member of the “Greatest Generation”, Mike brings gravitas to any conversation. Both Mike and Shelley also attended CCNY (‘60) with Colin Powell, Andy Grove, Judd Hirsch and other luminaries. Mike has published artworks by Robert Rauschenberg and James Rosenquist. One of the things that brings a smile to Mike’s eyes is that he & Shelley produced the Broadway musical NINE. Talk about a renaissance man! Not content to sit on his laurels, Mike gives back by being very active in mentoring the next generation of CCNY graduates.

    - Raj

    Topic Articles
    April 8th, 2014

    I’m often asked about the ROI (return on investment) for technology. Truth is, I don’t believe you “invest” in technology. Investments are things that provide a measurable, quantifiable return for your money.

    Of course it can easily be argued that technology does provide a return for your money. If you don’t think so, try communicating with your clients and market without email or tracking inventory with pen and paper. And the right technology applied with a smart strategy can certainly give any business owner a strategic advantage in faster delivery of goods and services to customers, greater productivity, lowered production costs and the like. In fact, there aren’t too many businesses that can operate without a few core IT applications. But the reality is that your bank account is going to be a bit lighter after you install that new upgrade or technology, so how do you know if that IT upgrade or project is worth the money?

    The right way to look at the true price of any IT project or upgrade is to look at TCO or “total cost of ownership” and not just the PRICE of the project or upgrade. For example, if you buy a car, the price of the car is only one cost of owning it. You also have to consider insurance, gas and routine maintenance like new tires and oil changes to get an accurate look at what you’ll pay. Therefore, the total COST of owning a car is far more than just the price tag – and a cheaper car up front can end up costing more in the long-haul if frequent repairs are needed.

    In IT, the same principle applies. You have to look at the TOTAL cost of a particular IT decision, not just the price tag, when comparing options. For example, the real cost of not upgrading a network may actually be higher than spending several thousand dollars on new equipment and upgrades when you accurately assess the total cost of maintenance, service fees and poor performance. These days, many business owners are looking at “going to the cloud” because they want to save money. And in many cases, it will do just that, but the cost savings will often come in the form of cheaper devices, less maintenance and low (or no) upgrade costs over a 3 year period – not in a month to month service fee. So before you say “No” or “Yes” to that next IT project, make sure you are taking into consideration the TOTAL cost of your decision, and make sure you are talking to a true pro who understands the difference between the price of something and the total cost.

    Topic Articles
    April 8th, 2014

    • If you stand at the equator on the first day of spring, you will see the sun pass directly overhead. This only happens two times a year: the first day of spring and the first day of autumn.
    • Baby birds are born with the ability to sing, but they must learn the specific songs of their species. They are thought to acquire these songs between 10 to 60 days of age and begin to sing them the next spring, when they have matured at about 300 days old.
    • Spring fever is real! It commonly occurs when a sudden warm spell follows a long cold period. When the temperature rises, there’s a dilation or expansion of the blood vessels so that blood can be carried to the body surface where heat can be lost quickly. This makes some people experience an energetic feeling.
    • Spring cleaning often accompanies spring fever. And with the warmer weather, windows and doors can be open, which allows ventilation for dusting and the fumes of cleaning products. It has been suggested that spring cleaning dates back to the Persian New Year, when they practice “Khoneh Tekouni,” which means “Shaking the house.” Another possible origin can be traced to the ancient Jewish custom of cleansing the home in anticipation of Passover.
    • Children tend to grow a bit faster in the spring than during any other time of year.
    Topic Articles
    April 8th, 2014

    When it comes to backing up and protecting your company’s critical data, you need to know for certain – without any lingering doubts – that you could recover your files and be back up and running again fast after a natural disaster, server crash, hacker attack or other data-erasing event. Here are 3 critical elements you must have to guarantee a painless recovery when things go wrong.

    Critical Element #1:

    Secure, Encrypted Off-site Backup While we recommend that you have on-site backup, it’s absolutely critical to keep an encrypted copy of your data off-site as well. If a fire burns your office to the ground – or a thief breaks in and steals your server and equipment – or a natural disaster floods your office or makes it impossible to access your PCs and server – the on-site backup will be useless to you. And copying your data to an unsecure device and carrying it home every night isn’t the safest or smartest system either. Data needs to be encrypted to prevent it from falling into the wrong hands.

    Critical Element #2:

    A Data Recovery And Disaster Recovery Plan A HUGE mistake many business owners make is thinking that data backup is the same as disaster recovery – it’s not. Many business owners are shocked to find out just how long and arduous the process is to get all their data back after a disaster – and that’s IF they have a good, clean copy of ALL their data (most are surprised to find out they don’t). Just having a copy of your data isn’t enough; you need to have a plan in place to get everything restored quickly, which is something that many solutions don’t offer.

    Critical Element #3:

    Test Restores After you have a good backup system in place, you need to test it regularly to make sure it works. Point is, there’s

    Topic Articles
    April 8th, 2014

    Brainlink congratulates Cyberoam for their impressive 5-star review of the CR200iNG-XP firewall from SC Magazine. The CR200iNG-XP scored high marks for features, ease of use and performance.

    We are proud to work with industry-beating partners like Cyberoam to deliver advanced security solutions to our

    Brainlink is proud to salute technology partner Datto on winning 5 awards at the ASCII Newport Beach Area Success Summit. Datto, the leading global provider of backup, disaster recovery and business continuity solutions was honored with “Best in Show” and “Best Revenue Generator.”

    “To be recognized by the ASCII community of MSPs and VARs reaffirms that we’re on the right track,” stated Rob Rae, Datto Vice President of Business Development. “Datto is always innovating and developing solutions that enable our Partners to mitigate costly downtime for their business customers. Datto solutions and support further empower our Partners to expand their customer base and establish strong recurring revenue models.”

    Datto is the bedrock for our industry-leading backup

    Topic Articles
    April 8th, 2014

    What does a missing Malaysian aircraft, passports and IT security have in common?

    Recently, I was interviewed by WPIX-11 on “How to protect yourself against high tech passport thieves”. We discussed the privacy and security threats associated with RFID-enabled passports. Over the past decade, the US government has started embedding smart chips inside US passports, to enable better screening of US citizens. See the video at www.brainlink.com/aboutus/press/.

    On the face of it, this seems like a really good idea – let’s make passports smarter, harder to counterfeit. In practice however, the approach the US government chose is flawed. Unbeknownst to most, RFID was invented to deal with a logistics and warehouse problem. How does a company find the right part in a warehouse of million items? How do we track a shipping container from factory dock, to the truck, rail, ship, and ultimately to the retailer?

    In practice, this means Walmart, Amazon, USPS, FedEx and others have spent billions making RFID cheaper, faster, better.

    Notice that SECURE is nowhere in their design principles. RFID is the equivalent of digital barcodes. The very idea of shielding or blocking barcodes defeats their efficacy.

    What does that mean to me & you? If you travel with your passport, you must take special steps to protect RFID passports.

    Old-fashioned, paper-only passports required a thief to snatch your purse, pick your pocket or steal them from your hotel room. The RFID-passports however, can have their information stolen from several feet away. And you can’t tell when they’ve been read. The stolen information can lead to ID theft,

    A stolen passport (whether old-fashioned or new) is the ultimate in ID theft. A stolen US passport is one of the most highly sought after credentials in the world. On the black market, each one is worth anywhere from $300 to $10,000.

    Tips to protect yourself:

    1. Carry RFID passports, smart credit cards, NFC cards in shielded wallets
    2. Never leave your passport lying around
    3. Don’t flash it around – treat it as you would a $10,000 bill.
    4. Be wary of fake police officers, or corrupt ones, who try to steal your passport
    5. Be wary of strangers who try to buy yours in bars, restaurants and hotels
    6. Carry a photocopy of the main page with you
    7. In case of loss, contact the State Department or your
    Topic Articles
    March 14th, 2014

    NEW YORK (PIX11) – But revelation that two Iranian passengers on the flight were able to board using stolen passports – has not eased concerns about what appear to be gaping holes in the international security net that we all rely on once we leave America’s sphere of influence.

    As more information pours in regarding the two passengers in question investigators are now slowly turning away from any terror link.

    Interpol currently maintains a database that contains millions of lost and stolen passports.

    Only three countries – the United States, United Arab Emirates, and the U.K. run travelers’ information against that database.

    Sal Lifrieri is a terror and security analyst who tells PIX11, “So if you’re flying through a country, and that’s what we see with this particular case, you can fly into this country, and have a very minimal passport check – and move on to the next country.”

    So how can you protect your passport – especially if you’re traveling internationally?

    Technology consultant Raj Goel says the answer involves treating biometric, high-tech passports like cash.

    “Correct. It’s the same exact concept, except you use slightly thicker plastic. So that somebody walking by can’t just do a brush pass and do RFID cloning of my passport, driver’s license, credit cards – or whatever have you. It takes a few seconds,” said Goel.

    Keep it close, and remember that a criminal doesn’t even have to physically snatch your passport if it’s made with something called RFID technology in order to steal the information embedded in it.

    Read more: http://pix11.com/2014/03/11/how-to-protect-yourself-against-high-tech-passport-thieves/#ixzz2vvrEsqat

    Topic Articles
    February 24th, 2014

    “The age of personal surveillance is here…”


    NEW YORK (PIX11) -
    JAY DOW INTERVIEWS
    RAJ GOEL

    Once upon a time, when it came to hi-tech phone surveillance, the NSA used to be the only game in town.

    And while some of the capabilities exposed by former contractor Edward Snowden are indeed mind-blowing, these days anyone – from your best friend, to your worst enemy — now has the ability to listen into your most intimate conversations, and it’s only a few smartphone clicks away.

    One of the newest apps that puts that kind of once formidable processing power – in the palm of your hands is called Crowd Pilot.
    “It’s a loaded gun that there giving to people without a lot of controls on it,” says tech expert Raj Goel. “Ultimately, the question of privacy in our daily lives will need to be addressed by the user – not the technology.”

    “The age of personal surveillance is here. What the Stasi and the CIA could only dream of in the 50s and 60s now we can do with a two hundred dollar smartphone. And the real challenge for us as parents and grown ups in society is going to be, “are our laws up to date? Are we teaching our kids, and our business partners, and our spouses, girlfriends, and boyfriends proper behavior?” said Goel.

    Watch the video clip at: http://pix11.com/2014/02/21/why-the-nsa-isnt-the-only-threat-to-your-phones-privacy/

    Topic Articles
    February 24th, 2014

    Have You Heard This Before?

    “March comes in with an adder’s head, and goes out with a peacock’s tail.”
    - Richard Lawson Gales

    “Up from the sea, the wild north wind is blowing under the sky’s gray arch; Smiling I watch the shaken elm boughs, knowing It is the wind of March.”
    - William Wordsworth

    “Who in this world of ours their eyes In March first open shall be wise; In days of peril firm and brave, And wear a Bloodstone to their grave.”
    - Unattributed Author

    “Ah, March! We know thou art Kind-hearteli, spite of ugly looks and threats. And, out of sight, art nursing April’s violets!”
    - Helen Hunt Jackson

    “Slayer of the winter, art thou here again? 0 welcome, thou that bring’st the summer nigh! The bitter wind makes not the victory vain. Nor will we mock thee for thy faint blue sky.”
    - William Morris

    “March: Its motto, ‘Courage and strength in times of danger.’”
    - William Morris

    “Beware the ides of March.”
    - William Shakespeare

    “In fierce March weather White waves break tether, And whirled together At either hand, Like weeds uplifted, The tree-trunks rifted In spars are drifted, Like foam or sand.”
    - Algernon Charles Swinbume

    “With rushing winds and gloomy skies The dark and stubborn Winter dies: Far-off, unseen, Spring faintly cries, Bidding her earliest child arise; March!”
    - Bayard Taylor

    “All in the wild March-morning I heard the angels call; it was when the moon was setting, and the dark was over all; The trees began to whisper, and the wind began to roll, And in the wild March.. morning I heard them call my soul.”
    - Lord Alfred Tennyson

    Topic Articles
    February 24th, 2014

    The Target Corp credit card breach has been in the news for months, and it may end up reshaping how credit cards are issued and used in the US. While Target’s customers were the final victims, and ID theft is the largest white collar crime hitting Americans; Target itself was a victim.

    Target’s systems were broken into via a weakness in one of their contractors — Fazio Mechanical.
    From KrebsOnSecurity.com:

    The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation.

    (why it took the Fazio so long to detect the email malware infection): The company’s primary method of detectina malicious software on its internal systems was the free version of Malwarebvtes Anti-Malware.

    It doesn’t matter howFazio was selected as atarget — what mattersis what happenedafterwards.Due to lack of propersecurity tools, a lack ofsecurity managementand simple myopia,Fazio was broken into.Thru Fazio, Target wasbroken into.

    To be clear, Malwarebytes Anti-Malware (MBAM) free is quite good at what it’s designed to do — scan for and eliminate threats from host machines. However, there are two problems with an organization relying solely on the free version of MBAM for anti¬malware protection: Firstly, the free version is an on-demand scanner that does not offer real-time protection against threats (the Pro version of MBAM does include a real-time protection component). Secondly, the free version is made explicitly for individual users and its license prohibits corporate use.

    So, what lessons does the Target breach hold for contractors and consulting firms?

    1. If you are relying on free, unmanaged tools to protect your company — STOP. STOP RIGHT NOW.
    2. If you are relying on free or expired anti-virus software to protect you, STOP.
    3. And most importantly, no one is too small a target.

    Some facts:
    The long weekend bank hack has been the most lucrative attack against small
    businesses for the last 7 years
    Patco construction company had $588,000 stolen from their accounts and had to sue their bank to get some of the
    money back

    A medical billing firm declared bankruptcy after thieves broke in and stole files

    A $1.5 million cyber theft caused an Escrow firm to declare bankruptcy I’ll bet that Fazio’s management never thought they would be an attractive target to cyber criminals.
    The reality is that criminals are creatures of habit and seize opportunities, like any good business owner. The broke into Fazio using email phishing attacks, stole documents, credentials, etc. and accidentally discovered that Fazio had access to Target’s network. Or they did research on Target, identified their key suppliers, and kept attacking the suppliers until the weakest link broke.

    It doesn’t matter how Fazio was selected as a target — what matters is what happened afterwards. Due to lack of proper security tools, a lack of security management and simple myopia, Fazio was broken into. Thru Fazio, Target was broken into.
    And 110 million (that’s 110,000,000) credit cards were compromised.

    On top of it all, both Fazio Mechanical and Target received visits from the FBI, Secret Service and DI-IS. • Are you prepared to handle a visit from the FBI or Secret Service? How about a call from your largest client telling you that you were the source of their break-in? Do you have proper E&O, P&C and Cyberliability insurance? Do you have active defenses to Detect, Defend and Protect your users from criminals and themselves?
    The $ 1,000 challenge
    If you think all your ducks are in a row, let me interview you. And at the end of the interview, I will donate $1,000 to your favorite charity. If you don’t think you have everything, and need help in building a proper security and disaster recovery plan, then let’s meet. When your firm becomes a client, I’ll still write a check for $1,000 to your favorite charity.
    What have you got to lose? (except an unexpected visit from the FBI)?
    - Raj

    References:

    Topic Articles
    February 24th, 2014

    deadend

    This is it.

    No more patches. No more updates. No technical or legal protection.
    And you could be violating HIPAA, PCI-DSS, State & Federal Privacy Laws and New York State Ethics Rules 1.6 as it relates to client privacy.

    What does end of support mean to you?

    Running Windows XP 5P3 and Office 2003 in your environment when support ends may expose your company to potential risks. Therefore, any computer or server with these software programs installed will be completely exposed to serious hacker attacks aimed at taking control of your network, stealing data, crashing your system, and inflicting a host of other business-crippling problems you do NOT want to have to deal with.

    Top 7 Reasons to Upgrade

    1. XP has tons of viruses.
    2. XP is OLD. (Almost 12 years old!)
    3. XP is the least secure operating system.
    4. XP was built for a simpler time.
    5. XP is out of Band-Aids.
    6. XP support is ending.
    7. XP has more malware than ever.

    Negative Impacts if Action is Not Taken

    • No new security updates.
    • No more band-aids.
    • No hardware support.
    • No more free support options.
    • Elimination of paid assisted support.

    How do I begin my migration?

    Call Raj at 917-685-7731 today to develop a migration plan for the hardware and software upgrades you need to avoid a serious security risk to your organization and stay competitive.

    Topic Articles
    February 23rd, 2014

    NEW YORK (PIX11) –
    JAY DOW INTERVIEWS RAJ GOEL

    Once upon a time, when it came to hi-tech phone surveillance, the NSA used to be the only game in town.

    And while some of the capabilities exposed by former contractor Edward Snowden are indeed mind-blowing, these days anyone – from your best friend, to your worst enemy — now has the ability to listen into your most intimate conversations, and it’s only a few smartphone clicks away.

    One of the newest apps that puts that kind of once formidable processing power – in the palm of your hands is called Crowd Pilot.

    “It’s a loaded gun that there giving to people without a lot of controls on it,” says tech expert Raj Goel. “Ultimately, the question of privacy in our daily lives will need to be addressed by the user – not the technology.”

    “The age of personal surveillance is here. What the Stasi and the CIA could only dream of in the 50s and 60s now we can do with a two hundred dollar smartphone. And the real challenge for us as parent and grown ups in society is going to be, “are our laws up to date? Are we teaching our kids, and our business partners, and our spouses, girlfriends, and boyfriends proper behavior?” said Goel.

    Read more at http://pix11.com/2014/02/21/why-the-nsa-isnt-the-only-threat-to-your-phones-privacy/#axzz2txxsVWsR

    Topic Articles
    February 16th, 2014

    Building the ULTIMATE Marketing & Operations Machine

    The Holiday 2012 issue of The Economist had a fantastic article on the history of hotels (Hilton, Marriott, Ritz, etc) and it quoted J.W. Marriott, Jr.

    When I say that the company’s prosperity rests on such things as our sixty-six-steps-to-clean-a-room manual, I’m not exaggerating.
    J.W. Marriott, Jr. Former CEO, Marriott Worldwide
    From TheEconomist.com Be My Guest >

    That quote resonated with me. In 2013, we embarked on a mission to create a “SOP Culture” at Brainlink and I’m happy to say, we’re succeeding.

    DOWNLOAD RAJ’S MARKETING SOP HANDBOOK (or grab a printed copy from efolder’s boot in Nashville!)

    2014-05-15-Marketing_SOP_cover2014-04-30-Brainlink_Marketing_SOPs_v1h

    Stats:

    163 Operational SOPs created
    (we average of 2 NEW ones each week)

    31 Marketing SOPs created
    (average 1 every 2 weeks)

    Why Am I Sharing My Secrets?

    We’ve been fortunate to have a large number of mentors, coaches and well wishers who have contributed greatly to our success. I’ve learned a lot from my mentors…and have even more to learn.

    I firmly believe that we learn MORE by teaching and sharing, than any other activity.

    I also believe that those who have received have an obligation to give back to the community.

    This is my Pay It Forward process.

    Learn, implement, reap the rewards, pay it forward.

    - Raj

    Date

    Webinar

    Fri 2/21/14
    3 PM EST

    Building and Using SOPs
    How to systematize your newsletter creation
    2014-02-16-Ultimate_MARKETING_Machine_005-Building_and_Using_SOPs
    SOP_Template.doc
    2014-02-16-Ultimate_MARKETING_Machine_004-HANDOUT-Create_Project_Plans_In_Connectwise
    2014-02-21-Brainlink_Marketing_SOPs_Creating_Newsletters_SOP_v1b
    https://www2.gotomeeting.com/register/310261402Alternate recording:

    https://attendee.gotowebinar.com/recording/5011078477814407682

    Fri 3/7/14
    3 PM EST

    How To Write Your $1,000,000 Book
    How To Write Your $1,000,000 Book (PDF)
    Webinar Recording
    Recommended Vendors:
    - Book designVervante
    - Printing & PublishingCreateSpace

    Fri 3/21/14
    3 PM EST

    Deliver EFFECTIVE Security / Building a MSP SOC
    Deliver_EFFECTIVE_Security (PDF)
    Webinar Recording

    Fri 4/4/14
    3 PM EST

    Increasing Revenues without raising rates

    Increasing Revenues Webinar Recording
    2014-03-04-Ultimate_MARKETING_Machine_004-Increasing_Client_Revenues_v1b

    Fri 4/25/14
    3 PM EST

    Generate & Leverage AWESOME Testimonials

    Webinar Recording
    2014-04-25-Ultimate_MARKETING_Machine_003-Generate_AWESOME_Testimonials_v1b
    Topic Articles, Blog
    February 13th, 2014

    On Tuesday, Feb 11, The Friars Club unveiled a brand new chair.

    To say that I’m honored is an understatement.

    And thanks go to my wife for an AWESOME birthday gift!  (almost as good as bourbon and … oh wait, kids might read this….redacted…)

    Raj Goel Friars Club Chair

    Raj Goel Friars Club Chair

    Topic Articles, Blog
    February 12th, 2014

    A question that seems to come up a lot lately with clients, in some form or fashion, is “How should I properly budget for IT expenses?” While this is a great question, there are a lot of variables that determine the answer, so I can’t provide a “one-size-fits-all,” simple answer. However, below are some general guidelines that should help you figure this out:

    1. Hardware Refresh. No one likes the cost of a network upgrade, but it IS necessary approximately once every 3 to 4 years. PCs and servers older than that tend to run slow, crash frequently and generally become more expensive to fix and support than to replace. Therefore, your budget should include an IT refresh of all equipment every 3 years to be on the safe side.
    2. Maintenance. There is no “set it and forget it” when it comes to network maintenance. With cyber criminals becoming more sophisticated and aggressive, you MUST constantly monitor and update your network against cyber-attacks, malware, data loss, etc. A good general rule of thumb is <<$400>> per month for each server and <<$100>> per month per PC.
    3. Data Backup. Another expense you must account for is backing up your data to an offsite location (often called “cloud backup”). Since all businesses generate MORE data year after year, the backup will grow. Start by assessing the growth of your data over the last couple of years to uncover a trend. From there, forecast those additional expenses going forward at the same rate (don’t expect this to stay static year after year).
    4. Expansion. Another factor for your IT budget is upgrading software, line of business applications, CRM systems and accounting packages that can no longer support your growing company. As your company grows, systems, processes and data become more complex requiring more sophisticated (and often more expensive) software and systems. Make sure you are looking ahead year upon year to see this coming and to properly budget for it. There’s no “magic” formula for this because the timing and cost of your upgrade is unique to your company, situation and what you are trying to accomplish.
    Topic Articles
    February 12th, 2014

    100% of all hard drives will eventually fail. This is a fact. Some will fail prematurely due to manufacturers’ defects while others will fail because a mechanical part finally wears out. The question is, how long until that happens?

    Online backup provider Backblaze.com has kept 25,000 consumer-grade hard drives constantly running for the last 4 years, diligently noting whenever a hard drive breaks down. The results are very interesting.

    • 92% of all hard drives will survive the first 18 months. These failures are typically due to manufacturers’ defects (oftentimes called the “lemon effect”). Hard drives’ warranties are typically 1 to 3 years, which is basically the manufacturers saying that they are only on the hook to replace the lemons.
    • During the next 18 months, only a very small percentage of drives (~2%) will fail. These failures are from random “unlucky” issues and occur rarely anytime during the life of the drive.
    • Beginning in year 3, hard drives start to wear out due to usage. They are simply mechanical devices that are getting old. 80% of drives will make it to year 4 and then they drop off at about 12% or more per year thereafter.
    • As illustrated in the graphic, the failure rate is essentially a U curve with most failures very early on or after the 3-year mark.

    So, What Does This Mean?

    Simple. Back up your data. With a 1-in-10 chance that your hard drive dies in the first 3 years of its life and an accelerating chance of failure after that, there is no excuse for being caught without a solid backup. Ever.

    Make a plan. Build equipment replacement into your budget at least every 4 years for most devices, with a 10% equipment-replacement expense built in over the 1st year and then again starting in year 3.

    As for that 10-year-old PC in the back room still running Windows XP and your most critical reporting software, the clock is ticking …

    Topic Articles
    February 12th, 2014

    Quick, What Do You Do?

    Over the last couple of months, we’ve come across some alarming statistics that you should know. Studies show that as many as 16% of smartphones are lost or stolen each year with only 7% of the stolen devices ever being recovered. Despite the fact that 60% of the missing smartphones are deemed to contain sensitive or confidential information, 57% of these phones were not protected with available security features, leaving the company exposed! In fact, only 14% of companies currently have a mobile-device security policy in place. The bottom line is, no matter how careful your employees are with their smartphones, losing a smartphone (or having one stolen) is likely to happen to you or your employees at some point in time.

    In the hands of even a relatively unsophisticated hacker, all of your smartphone information can quickly be siphoned off. And time is of the essence for taking action. Criminals will remove the battery of your phone to prevent “remote wipes” of your data by your IT staff and then use a room without mobile access to break into the phone. This is akin to giving a thief the key to your data and the code to deactivate the alarm.

    Asking employees to be more careful IS a good step in the right direction, but accidents happen and thieves are always on the prowl. That’s why it’s so important to take measures to lock down and secure any mobile devices you and your staff use to access your company’s network.

    Here are just a few steps you can take now to be prepared:

    1. Strong Passwords. Enforce a strong mobile-device password policy and make sure your employees can’t leave devices unlocked and vulnerable.
    2. Enable Device Wiping. Prepare to be able to wipe both company-issued and personally owned devices that access company data. Make sure your employees are signing off on this before they add company data to their phones.
    3. Have A Plan In Place. If a phone is lost or stolen, act quickly! If you happen to find the phone again, then the data can likely be replaced; however, stolen data in the hands of a criminal can rarely ever be taken back!
    Topic Articles
    February 12th, 2014

    Amazing Facts About Love

    February is traditionally love month, so here are some random love facts (or myths) that might surprise you:

    1. People are more likely to tilt their heads to the right when kissing instead of the left (65% of people go to the right!).
    2. Falling in love can induce a calming effect on the body and mind and raises levels of nerve-growth factor for about a year, which helps to restore the nervous system and improves the lover’s memory.
    3. Love can also exert the same stress on your body as deep fear. You see the same physiological responses – pupil dilation, sweaty palms and increased heart rate.
    4. Philadelphia International Airport finished as the No. 1 best airport for making a love connection, according to a recent survey.
    5. Men who kiss their wives in the morning live five years longer than those who don’t.
    6. People who are newly in love produce decreased levels of the hormone serotonin – as low as levels seen in people with obsessive-compulsive disorder. Perhaps that’s why it’s so easy to feel obsessed when you’re smitten.
    7. According to mathematical theory, we should date a dozen people before choosing a long-term partner; that provides the best chance that you’ll make a love match.
    Topic Articles
    February 12th, 2014

    I read a moving article on CNN.com about modern day slavery in Mauritania (see http://www.cnn.com/interactive/2012/03/world/mauritania.slaverys.last.stronghold/index.html/). Yes, slavery still exists and 10-20% of the Mauritanian population is currently enslaved. What really hit me hard is that unlike traditional slavery involving chains and physical restraints, modern slavery is primarily mental. The hereditary slaves are born as slaves; they live in villages that have ceremonial fences. Anyone can walk away or run away, and yet very few do. They are so enmeshed in the culture that the thought of walking away doesn’t occur to them.

    To quote from the article:

    Fences that surround these circular villages are often made of long twigs, stuck vertically into the ground so that they look like the horns of enormous bulls submerged in the sand. Nothing ties these skeletal posts together. Nothing stops people from running.
    But they rarely do.

    And a similar form of mental servitude exists in (anti-) social media today. This month, the world celebrates the 10th anniversary of Facebook. What we’re really cerebrating is 10 years of ceaseless onslaught against freedom of speech, freedom of thought and freedom against self-incrimination – also known as the 1st, 4th and 5th amendments of the US constitution.

    You could say that I am being hyperbolic in my characterization of Facebook as digital slavery, or that I’m taking poetic license and it’s not really fair to those who suffered, and still suffer, from the shackles of physical and financial servitude. Fair enough.

    That said; let’s consider that in traditional slavery, the slave owner claimed ownership over the physical bodies and the output of physical labor from their slaves. Slaves grew cotton, sugarcane, raised cattle, etc and the masters took control of it.

    In the modern era, our wealth isn’t generated from our sinews. We don’t break our backs toiling in the fields. Our wealth is intellectual in nature, digital in its form and that is being acquired for free from the lords of the internet.

    • Facebook claims perpetual ownership on your posts, likes, dislikes, photos.
    • Twitter claims perpetual ownership of your tweets, thoughts and stupidities.
    • Instagram, Flickr, etc claim perpetual license on your images.

    As Attorney Craig Delsack notes “you grant the social media sites a license to use your photograph anyway they see fit for free AND you grant them the right to let others use you picture as well! This means that not only can Twitter, Twitpic and Facebook make money from the photograph or video (otherwise, a copyright violation), but these sites are making commercial gain by licensing these images, which contains the likeness of the person in the photo or video (otherwise, a violation of their “rights of publicity”).”

    Amazon controls what you get to read, and has deleted books from kindles remotely. Fittingly enough, the 1st book Amazon stole back from a paying customer was 1984. Apple claims similar rights on your iPhones, iPads, iTunes and has given itself the right to remotely block or uninstall books, movies, songs, etc.

    So what exactly are you buying when you “buy” eBooks.from Amazon or Apple? What are you “buying” when you buy songs from Apple, Amazon, and Google? You’re “buying” the temporary right to read that book, watch that movie or listen to that song until the overlords decide that you’ve somehow violated their rights by travelling to a foreign country, visited wrong parts of the internet, etc. And any of these are grounds for them to delete content without reimbursement.

    And how does Facebook fit into all of this?

    In the 1970s and 1980s, we protested against the Communists and held up East German Stasi as particularly pernicious. At the height of its power, an estimated 10% of the East German population spied on their neighbors.

    Today, approximately 128 Million Americans use Facebook. Every like, dislike, comment is private property of Facebook to be bought and sold like a commodity. Your thoughts, pictures, family photos and privacy are a good sold on the open market.

    And what does Facebook provide to its real customers – the corporations and governments?

    And that’s just a start…there’s much more that Facebook retains, and makes available to foreign governments.

    I hear you. I hear your complaints. Without Facebook, how will you have a social life? How will you go out on dates? Or keep track of family get togethers? Without Facebook, how will you share the family photos?

    Scholars find many similarities between modern Mauritanian slavery and that in the United States before the Civil War of the 1800s. But one fundamental difference is this: Slaves in this African nation usually are not held by physical restraints.

    Just like the Mauritanian slaves who are held on farms, not by physical shackles, but cultural and mental ones that keep them enslaved. Even though all they have to do is walk away.
    No violence, no guns, just put one foot in front of the other.

    Will you raise your kids as digital slaves? Or will you walk away…one mouse click at a time?

    References:


    4th Amendment issues – http://www.businessinsider.com/police-make-fake-facebook-profiles-to-arrest-people-2013-10
    1st Amendment Issues – http://www.huffingtonpost.com/tag/facebook-arrest
    5th Amendment Issues – http://www.digitaltrends.com/social-media/the-new-inside-source-for-police-forces-social-networks/
    1st, 4th, 5th Amendment issues – http://www.nbcnews.com/technology/careful-what-you-tweet-police-schools-tap-social-media-track-4B11215908
    Copyright and IP Ownership – http://www.nyccounsel.com/business-blogs-websites/who-owns-photos-and-videos-posted-on-facebook-or-twitter/

    Amazon erases 1984 from Kindle – http://www.nytimes.com/2009/07/18/technology/companies/18amazon.html

    Further Reading:
    http://www.brainlink.com/2012/10/free-video-protect-your-kids-from-facebook-social-media-threats/
    http://www.brainlink.com/2013/10/teach-your-kids-about-the-dangers-of-snapchat/
    http://www.brainlink.com/2012/10/prevent-your-kids-from-becoming-accidental-porn-stars/
    http://www.brainlink.com/de-volkskrant/
    http://www.rajgoel.com/tag/panopticon/

    Topic Articles
    November 26th, 2013

    Raj delivered keynote presentation at The Hague, Helsinki, Curacao, Dato’s Partner Conference and other events De Volksrant wrote an amazing profile

    WPIX-11 featured Raj as a cyber-security expert on 5 stories

    Shival Agarwal joined our team as Senior Systems Engineer
    Bernice Wright joined us as Marketing Manager
    Fabian Moy celebrated his 6th anniversary with Brainlink

    And most importantly, we welcome the following clients to our family:

    • John Gallin & Son
    • Alterman & Boop
    • Arbiter Partners
    • Philip Greenberg
    • Mel Lazar
    • Rachel Lurie
    • E W Howell
    Topic Articles
    November 26th, 2013

    Author, Speaker and TV Guru
    Raj Goel, CISSP
    Presents:


    Construction Industry Technology Day!
    Learn How To GROW Your Business!

    Register at: www.brainlink.com/constructionseminar/

    Thursday, Jan 23, 2014 8am ‐ 10 am
    The Friars Club

    57 East 55th Street, New York, New York 10022
    (55th Street between Madison & Park Ave)

    Topic Articles
    November 26th, 2013
    1. Backup Your Data Regularly
      Run at a MINIMUM Daily Backups of your Critical Data Automated Offsite Backups are Invaluable Check/Test your data backups at a MINIMUM Monthly Assure all critical data is saved in the backed up location
    2. Implement better banking practices
      One Account for Payroll & Taxes NO DEBIT OR CREDIT CARDS ASSOCIATED WITH THIS ACCOUNT One Account for Operations & Expenses AVOID DEBIT OR CREDIT CARDS ASSOCIATED WITH THIS ACCOUNT Monitor Account Activity, setup Alerts, Reporting, use strong Banking Passwords
    3. Upgrade Your Security
      Regularly Patch Systems—Windows, Applications, Java, etc. Use a current an -virus – If it’s expired or it came with your PC, it’s useless Implement a better firewall – Blocks viruses, drive-by downloads, tracks web surfing Password lock your iPhones, iPads, etc. Hardware is replaceable. Your & your clients’ privacy isn’t. Have your employees sign an Acceptable Use Policy
    4. Increase Your Productivity
      Give Your Staff The Tools They Need To Succeed Managed Support means they can call for tech support whenever they need it, without increasing your costs. Work with a fellow business owner, not just a tech-head

      Take More Vacations A week or more of no phone calls, emails, etc. Is highly recommended.

      Read My Book!

    5. Double check your insurance policies and ensure you have proper coverage
      Most general liability, Errors & Omissions and Malpractice policies do NOT cover the costs of forensic investigations, client notification costs, and cleanup costs.
    6. Hire Brainlink to conduct a Network Security Audit

      You need an expert to really assess the current state of your network and data security. And you need a business professional who specializes in building cost- effective, survivable security plans, disaster recovery plans, and business continuity plans.

    And most importantly, you need someone with deep contacts in law enforcement, so when a breach occurs, the FBI, Secret Service, NYPD Cyber Crimes and the NYS Cyber Crimes teams will treat your case with speed, respect and sensitivity.

    Topic Articles
    November 26th, 2013

    December is known around the world as a family me of celebration honoring cultures, religions and traditions that have been with humanity for hundreds of years. See below for a mix of the weird and wonderful facts about this magical month!

    1. An almanac prediction states that if snow falls on Christmas Day, Easter will be warm, green and sunny.
    2. The name December comes from the La n decem for “ten,” as it was the 10th month in the Roman calendar.
    3. December 12th is Poinsettia Day.
    4. Saint Nicholas, who would eventually be called Santa Claus, was originally the patron saint of children, thieves and pawnbrokers!
    5. December 28th is considered by some to be the unluckiest day of the year.
    6. The first artificial Christmas tree was made in Germany, fashioned out of goose feathers that were dyed green!
    Topic Articles
    November 26th, 2013

    On November 7, 2013, we hosted a breakfast seminar titled “Cyber Criminals Are Targeting Law firms”. Here are the cliff notes.

    George Schultzel , FBI:

    1. There are only 2 kinds of people.People who are about to be hacked; and those who’ll be hacked again.
      It’s as simple as that – either you’ve already been hacked and don’t know it (because most firms do NOT have the capability to detect breaches, data thefts, etc.) or those that are actively being attacked by their competitors, criminals and foreign governments.
    2. There are 3 types of assets you need to protect: Human, Intellectual Property and Financial Assets

    Some recent FBI cases:

    • a law firm has $7 Million stolen, and they didn’t even know about it.
    • a group of 12-19 year olds was actively hacking D-list celebrities, just because they could.
    • Several law firms hired hackers to break into their competitors

    LESSONS LEARNED:

    1. 90% of Zeus banking Trojan infections enter the network via email. You MUST invest in good spam filtering, network firewalls, and backups. And most importantly, keep a keen eye on your bank accounts.
    2. When you invite the FBI into your office, they conduct their investigations very discreetly.

    For nation-state attacks, with your approval, they will monitor the attacks. During criminal attacks, they will come in, forensically image the systems, and take evidence. They WILL protect client confidentiality. They will NOT fix or repair your systems.

    What can you to do protect your business?

    According to Maria Treglia, PBC, a division of HUB International, Businesses and Organizations have an obligation to keep people’s information private.

    Your existing Malpractice or General Liability policies do NOT provide appropriate coverage for hacks and cyber-theft.

    In a recent study conducted by NetDiligence,

    • Personally Identifiable Information (PII) was the most frequently exposed data (28.7% of breaches), followed closely by Protected Health Information (PHI) (27.2% of breaches).
    • Lost/Stolen Laptop/Devices were the most frequent cause of loss (20.7%), followed by Hackers (18.6%).
    • Small‐Cap ($300M‐$2B) and Nano‐cap (< $50M) companies experienced the most incidents (22.9% and 22.1% respectively). Mega‐Cap (> $100B) companies lost the most records (45.6%).

    The median number of records lost was 1,000. The average number of records lost was 2.3 million. Claims submitted for this study ranged from $2,500 to $20 million. Typical claims, however, ranged from $25,000 to $400,000.

    So, unless you have $500,000 sitting around, doing nothing, you’re much better off buying Cyber Liability policy like Privacy/101.

    Raj Goel, CISSP discussed several law-firm related case studies. Why are you being attacked? Because the criminals know you have valuable assets – sensitive data on mergers, purchases, law suits, etc. And because most law firms have the “I’ll never get hacked mentality”.

    Some recent cases:

    • A former employee of a Pittsburgh, PA law firm and her husband were sentenced for hacking into the law firm
    • China-based hackers broke into 7 different Canadian law firms to get insider info on the Potash Corp/BHP Billiton merger
    • A partner in a small law firm discovered he’d been hacked when the FBI knocked on his door.
    • According to the Wall Street Journal, Client Secrets Are At Risk as Hackers Target Law Firms

    Contacts:
    George Schultzel, Special Agent, New York Division

    Federal Bureau of Investigation
    george.schultzel@ic.fbi.gov
    Desk: 212‐384‐3250, Cell: 646‐430‐2358

    Maria Treglia, CPCU, RPLU

    Chief Sales Officer and Senior Vice President, Program Brokerage Corporation
    (PBC), a division of HUB International
    Office: 516‐496‐1345, MTreglia@programbrokerage.com

    Grab the slides from www.brainlink.com/lawfirmseminar/

    Topic Articles
    October 30th, 2013

    FBI Special Agent Kirsten Ohlson was the featured speaker at our October 3rd Seminar at the Friars Club. Here are key takeaways from her presentation:

    NYC is a target-rich environment for spikes and hackers. UN and “alleged diplomats” target NYC businesses, including Architecture firms for data espionage. They will chat you up to gather information, ask you for proposals, and conveniently ask you for employee lists and other info. Things that you might think are harmless, but aren’t. They have approached mid-level employees, janitors, staff, etc.

    Make friends with the FBI, Secret Service and NYPD Cyber Crimes units before you need them.

    Infragard can come to your business and provide free training on cyber security and protection for your staff. Learn more about Infragard at www.infragard.org

    Topic Articles
    October 30th, 2013

    We’ve discovered (and stopped) employees from:

    • Playing games
    • Downloading movies (which is illegal!)
    • Surfing “adult escort” sites
    • Downloading porn
    • Pirating software

    If you’re concerned about what your employees are doing online, or want to make sure they don’t put your business at risk, give me a call.

    My team can put together an effective internet security solution that blocks offensive surfing, puts you in the drivers’ seat, and give you daily reports on who went where, and when.

    - Raj

    October 30th, 2013

    Support is ending April 2014 (5 Months Away!)

    • No more band-aids, patches, updates or support from Microsoft.
    • Using Windows XP after April 2014 could be a HIPAA, PCI-DSS, GLBA, etc. violation.
    • Malware Everywhere – xp is by far the most vulnerable platform to connect to the internet.

    Windows XP is a relic from a different world. Use at your own risk.

    October 30th, 2013

    Cyber Thieves Keep A-Knockin’ But They Can’t Come In. A study presented at the International Conference on Dependable Systems and Networks showed that small-business networks are attacked every 39 seconds by some type of hacker or malicious software. Thankfully, having the proper firewall and office network security tools can prevent even the most determined cyber hacker from getting his hands on your network.

    Downtime Should Be A Thing Of The Past. Thanks to monitoring and maintenance tools that are openly available, any reputable computer company can now actually notice when things go awry and prevent your computers from having issues. Hot fixes, patches and security updates are generally items that, when maintained on a regular basis, keep a network healthy and up and running. If, for some reason, your network still has some kind of downtime, cloud-based remote management tools allow your IT professional to access your system from anywhere, getting you up and running more quickly than ever before.

    If Disaster Strikes, You Can Be Back Up & Running In Minutes Instead Of Days. In addition to lost data, many businesses’ operations would be completely down for days or weeks if a major disaster like fire, flood or theft ever occurred. Here’s where Backup & Disaster Recovery solutions (BDR) can help you feel very thankful indeed. Most of today’s BDR solutions include a “virtualization” component, which means an exact “picture” of your server and computers is taken throughout the day and stored elsewhere. If you ever need to get back up and running, your IT company simply restores that image…and you’re back in business.

    October 30th, 2013

    What do you expect from such simple creatures?

    • Your last name stays put
    • The garage is all yours.
    • Chocolate is just another snack.
    • You can be President.
    • Car mechanics tell you the truth.
    • Same work, more pay.
    • Wrinkles add character
    • Phone conversations are over in 30 seconds flat.
    • A five-day vacation requires only one suitcase.
    • You get extra credit for the slightest act of thoughtfulness.
    • Three pairs of shoes are more than enough..
    • You can play with toys all your life.
    • You can wear shorts no matter how your legs look.
    • You can ‘do’ your nails with a pocket knife.
    • You can do Christmas shopping for 25 relatives on December 24 in 25 minutes.

    No wonder men are thankful.

    Topic Articles
    October 30th, 2013

    HIPAA and HITECH have been around for quite some time. Even so, many companies covered by these laws are way behind the times when it comes to actual implementation. And when you really think about it, even companies not covered by these laws should have the requisite policies and procedures in place.

    1. Access Control Policy. How are users granted access to programs, client data and equipment? Also includes how administrators are notified to disable accounts when needed.
    2. Workstation Use Policy. Requiring secure passwords, monitoring logins and limiting unsuccessful logins are just a few of the basics covered. Policies also need to cover basic security best practices such as not allowing passwords to be written down or shared with others.
    3. Security Awareness Training. Organizations must ensure regular training of employees regarding security updates and what to be aware of. You must also keep an audit trail of your reminders and communications in case you’re audited.
    4. Malicious Software Controls. You must have documented policies for the frequency with which anti-malware and antivirus software are updated and what happens if an infection/outbreak occurs.
    5. Disaster Recovery Plan. How you respond to emergency situations (of all shapes and sizes) must be fully documented and tested regularly. A full Disaster Recovery Plan is something our company can help you with.
    6. Media Disposal Policy. How do you dispose of old computer equipment and data? You must have policies and procedures in place that cover exactly how all equipment is properly disposed of and logged.
    7. Review And Audit Procedures. There’s much more to HIPAA compliance than the 6 items discussed here; however, be certain also that whatever you do has a firm audit trail/log that shows that everything has been executed according to plan.

    These are just starting points. If you’re subject to HIPPAA of just want to make sure that your company is covered by these simple best practices, contract our office and we’ll be happy to review these areas with you.

    If you’d like to learn more, or conduct HIPAA/HITECH compliance audits, check out www.RajGoel.com

    Topic Articles
    October 30th, 2013

    Snapchat is a popular service for high-school & college kids to use in place of texting, and sharing naughty photos.

    The savvy kids know that sending SMS/texts or emails isn’t safe and more and more, they’re using services such as SNAPCHAT, WhatsApp, Vine, etc.

    The promise of Snapchat was that the texts, photos and videos were self-deleting.

    If Mike used SnapChat to send Jane photos of himself, as soon as Jane saw them, the photos were deleted.

    Great for sending nude/semi-nude and crude photos, right? Awesome for flirting and gossiping, right?

    WRONG!

    As SnapChat admitted in a recent blog post (at http://blog.snapchat.com):

    Storage

    As mentioned in our previous blog post, Snaps are deleted from our servers after they are opened by their recipients. So what happens to them before they are opened? Most of
    Snapchat’s infrastructure is hosted on Google’s cloud computing service, App Engine. Most of our data, including unopened Snaps, are kept in App Engine’s datastore until they are deleted.

    Retrieval

    Is Snapchat capable of retrieving unopened Snaps from the datastore? Yes—if we couldn’t retrieve Snaps from the datastore, we wouldn’t be able to deliver them to their recipients desired by the sender. Do we manually retrieve and look at Snaps under ordinary circumstances? No. The ordinary process of sending Snaps to their recipient(s) is automated.

    So what is a circumstance when we might manually retrieve a Snap, assuming it is still unopened? For example, there are times when we, like other electronic communication service providers, are permitted and sometimes compelled by law to access and disclose information. For example, if we receive a search warrant from law enforcement for the contents of Snaps and those Snaps are still on our servers, a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency. For more information, see the section of our Privacy Policy that discusses circumstances when we may disclose information.

    Simply put, from the moment messages are sent and until they are opened OR as long as Law Enforcement asks SnapChat to keep the messages, they will. Educate your high school kids, college kids and new hires that NOTHING IS PRIVATE ON THE INTERNET. Do NOT trust companies that promise to “hide” your communications.

    Topic Articles
    October 9th, 2013

    Live Seminars at The Friars Club

    1) Oct 3 – 8am – 10 am – FOR ARCHITECTS: DECLASSIFIED DEBRIEFING From The FBI – Cyber Criminals Are Targeting Architectural Firms. Learn How To Protect Your Business. www.Brainlink.com/architectseminar/

    2) Oct 25 – 8am – noon – CSSWorks, Chicago – Protect Your Family & Business From Cyber Criminals Raj is the guest speaker at CSS’s annual Technology Day. He will discuss security and cybercrime challenges facing companies in America’s heartland.

    3) Nov 7 – 8am – 10am – FOR LAW FIRMS: DECLASSIFIED DEBRIEFING From The FBI – Cyber Criminals Are Targeting Law Firms. Learn How To Protect Your Practice. Register at www.Brainlink.com/lawfirmseminar/

    4) Jan 23 – 8am – noon – CONSTRUCTION COMPANY TECHNOLOGY DAY. Declassified Debriefing From The FBI on threats specific to Construction Firms Register at www.Brainlink.com/constructionseminar/

    Topic Articles
    October 9th, 2013

    We’ve discovered (and stopped) employees from:

    • Playing games
    • Downloading movies (which is illegal!)
    • Surfing “adult escort” sites
    • Downloading porn
    • Pirating software

    If you’re concerned about what your employees are doing online, or want to make sure they don’t put your business at risk, give me a call.

    My team can put together an effective internet security solution that blocks offensive surfing, puts you in the drivers’ seat, and give you daily reports on who went where, and when.

    - Raj

    Topic Articles
    October 9th, 2013

    Support is ending April 2014 (6 Months Away!)

    • No more band-aids, patches, updates or support from Microsoft.
    • Using Windows XP after April 2014 could be a HIPAA, PCI-DSS, GLBA, etc. violation.
    • Malware Everywhere – XP is by far the most vulnerable platform to con- nect to the internet.

    Windows XP is a relic from a different world. Use at your own risk.

    Topic Articles
    October 9th, 2013


    Over a billion dollars are lost each year in the United States through “ATM Skimming” – far more than any losses from bank robberies – and it’s growing at a rate of more than 10% every year.

    ATM Skimming is a cybercrime where the criminals steal (or “skim”) your ATM/debit card data when you’re using a typical ATM machine. They do this by fitting a small card reader over the typical ATM card slot, thus capturing your information. Additionally, the criminals install mini cameras above or near the ATM to capture your PIN number. The data is then transmitted via Bluetooth to the cybercriminals somewhere nearby. The average skimming attack usually lasts only an hour or two during peak ATM usage times (i.e. lunch hour or after work). Meanwhile, you have no idea that you’ve just been had and are at risk. These cyber-criminals will then sell the data on the cards to others so that they can either clone your debit card or wipe out your bank account.

    6 Tips To Protect Credit/Savings Accounts

    1) Cover your hand as you type. Obstructing the view of your pin from any cameras will render your data useless.

    2) Pay attention to the area around the ATM card slot. If anything looks loose or out of place, pull to see if you can remove it.

    3) Be aware of surroundings. Be extra careful of ATMs in dark or isolated places.

    4) Does the machine look different? If anything looks out of place (extra signage, mirrors, etc.) then avoid the machine.

    5) Put a Transaction Alert & Daily Balance Alert on your account. Our bank texts us when any transaction exceeds $400 and they send daily balance alerts via email. (yes, this means I can’t surprise my wife with big gifts, but it sure beats getting cleaned out by crooks!)

    6) Review your transactions & balances daily. Notify your bank of any suspicious transactions immediately.

    Topic Articles