Sophos experts Chester Wisniewski and Paul Ducklin

I enjoy listening to their podcast each week and one of the topics that they talked about is what every manufacturer seems to be talking about which is the Internet of Things (IoT), Apple and the FBI and the Jury Duty Scam that is going around. You can listen to it here: Sophos Security Chet Chat

The US Court Service has warned about the a new scam that is calling people to tell them that they didn't follow through on Federal Jury Duty and are able to send you to a website that looks like it might be real, they are spoofing local phone numbers and it is absolutely not true. The Us Court System says that they don't make these calls and if you ever receive a call like this it is something that you should just ignore/hang up on. These can be scary and they can sound real. But don't be taken in. 


Petya Ransomware 

Follow this article from Arstechnica about a new Ransomware attack being found primarily in Germany, but I'm sure we will be seeing instances of it here soon. Take a look at the full article here


Vofore Linux Mini-computer

Hobbiests be aware of a new product that can be found at TweakTown Deals. And right Now it is on sale! $39 and free shipping, perfect for electronic projects. When I say it is small, I mean tiny. Just one inch square! Just look at these specs:


  • Dimensions: 0.98"L x 0.98"W
  • Operating system: OpenWrt 
  • System Memory: 32 MB RAM
  • Storage: 8MB SPI Flash (for firmware)
  • In-out voltage range: 3.3V to 6V
  • Power consumption: 200-220mA 
  • Processor: Ralink/Mediatek 360 MHz RT5350 MIPS 
  • Data rate: Up to 150Mbps
  • Dual band 802.11n Wi-Fi
  • Interfaces include: 
    • 5-port 10/100M Ethernet switch
    • USB
    • UART
    • Software I2C 
    • Hardware SPI
    • I2S, PCM
    • JTAG
    • Over 20 GPIO links

Note: Needs stable power input; 5.0V USB phone charger recommended. High temperature or static electricity will cause permanent damage. Solder maximum is 260C at 6 seconds.


  • VoCore computer
  • Dock
  • Full hardware design 
  • Full-source code including boot loader

Amazon Bans Poorly made USB Type C cables

USB C cables the new configuration of USB cable that is reversible and prevents you from plugging you from plugging in the coble incorrectly. Google engineer Benson Leung, has been on u crusade to prevent shoddy manufacturersof USB Ccables from marketing their productson Amazon. has added non-standardized USB Type-C cables to its "Prohibited listings" for the Electronics section of their site. In other words, at last, non-compliant USB-C cables, which can damage or shut down a device entirely, will be banned from sale on Amazon. This is a policy update though, and Amazon will need to police its seller community and shut down any who continue to offer non-compliant cables.

There has been issues with these shoddy cables actually damaging devices that they are plugged into. Hopefully Amazon and other marketing sites will continue to monitor these products so that consumers won't have to suffer damage to thin electronics caused by these rogue cables!


Microsoft announces at the Build Conference a new Windows 10 app converter

We always get a lot of interesting information from Microsoft from the Build Conference and this announcement should make some software writers happy to see some extra help coming from MS to convert the programs to be compatiblewith Windows 10.

"Project Centennial enables you to take your existing .NET or Win32 applications and distribute them through the Windows Store, while also enhancing them with the new device capabilities," said Microsoft Windows exec Kevin Gallo.

The "Project Centennial" app converter allows developers to easily convert legacy Win32 programs into Windows 10 compatible apps. This means that .exe and even .msi files used on older OS like Windows 7 can be seamlessly transformed into the AppX format used by Windows 10, and then be put on the Windows Store.

This should be available soon to members of the Windows Developer Preview Program. 


While we might not like the cost of the Microsoft Office 365 Subscription in some instances these products fit a great niche.

The issue now is that Microsoft is making it harder than ever to own Microsoft Office without moving into their subscription plan. If you qualify as a non-profit or educational customer, than your options are not bad. If you are a consumer or commercial client your options are a lot less. There are a couple of perrenial options with either Open Licensing Office Pro Plus or Standard (very expensive) or PKC products with either Home and Student or Home and Business. Let's look at the benefits of these options.


MOLP Pro Plus

MOLP Office Standard

PKC-Home and Student

PKC-Home and Business

What is included

Word, Excel, PowerPoint, OneNote, Outlook, Access, Publisher, MS Office Web Apps, Commercial Use Rights, Skype for Business, InfoPath

Word, Excel, PowerPoint, OneNote, Outlook, MS Office Web Apps, Commercial Use Rights

Word, Excel, PowerPoint, OneNote

Word, Excel, PowerPoint, OneNote, Outlook

How many machines can it be put on

Limited by device but includes the following: Work System, Home System and Virtual on the server using RAS

Limited by device but includes the following: Work System, Home System and Virtual on the server using RAS

1 PC only (once it is licensed and installed on a machine it is only allowed to be installed on that hardware)

1 PC only once it is licensed and installed on a machine it is only allowed to be installed on that hardware)


This is also a portable license which means that if you update your hardware you can reinstall this software

This is also a portable license which means that if you update your hardware you can reinstall this software









If you have more than one device then you might want to pick one of the Office 365 Subsciption offerings. One of the first benefits is that each user license allows you to install the Office desktop Apps on up to five of your devices. For example: Work Desktop, Notebook, Home Workstation, Mobile Devices like Apple iPhone, iPad and Android devices. You can also install it virtually on your network server to have it working from you Remote Access Server (RAS) and your remote desktop client. It can also give you access to Word, Excel, PowerPoint and OneNote Web Apps as well. You have a few choice here as well.

Business Essentials and Business Premium provide for up to 300 user licenses in an organization. Enterprise provides for unlimited number of users. So how do you choose which one is right for you? Easy, let's talk about several scenerios and see where you might fit in.

Hosted Exchange: This is one of the main reasons for us to move you into a Office 365 subscription. Over the years we had many customers that opted in for Microsoft Small Business Server because this product provided an Exchange Server as one of the many things that it did. In Microsoft's infinite wisdom they no longer have this product available and as the SBS server versions continue to become End of Life we have to make a decision on how to provide Exchange as we migrate to new hardware and software. For many of our clients moving to the cloud is the answer. Exchange Servers are a resource hog and require you to have larger servers to accomodate them. So how do we get around this issue? Hosted Exchange Servers. The entry level plan for this is Office 365 P1 and all that it provides is just Hosted Exchange. It costs around $48/user/year. For just a little bit more you can move into the Business Essentials version that provides you with Hosted Exchange, Skype for Business, Office Web Apps, 1TB of personal online storage, and Team Sites for Hosted SharePoint Services. The cost of this service is $60/user/month.

Office Desktop Applications: Always having the most current version of Office may be one of you goals. This gives you more consistant environments for your users to work in. The Office 365 Business Premium and Enterprise E2, E3, E5 plans provde Office for your desktop and laptop systems. 


Business Premium

Office 365 ProPlus

Enterprise E3

Enterprise E5

Desktop Apps

Word, Excel, PowerPoint, OneNote, Outlook and Publisher

Word, Excel, PowerPoint, OneNote, Outlook, Publisher, Access

Word, Excel, PowerPoint, OneNote, Outlook, Publisher, Access

Word, Excel, PowerPoint, OneNote, Outlook, Publisher, Access

Hosted Exchange





Skype for Business










Organizational User Limit





Annual Cost






Another Ed Bott trick! Software Licensing Secrets

Software licensing secrets

By Ed Bott 

Every version of Windows dating back to Windows Vista has included the Windows Software Licensing Management Tool, a script file found in the WindowsSystem32 folder as Slmgr.vbs. The script is designed for a local administrator to run in an elevated Command Prompt window.

Most people never need to use this tool, but it can come in handy when you're trying to resolve activation problems or upgrade a Windows PC. The secret is knowing which switches to add to the end of the command to achieve the desired result.

If you just type the command, with no switches, you get a series of five dialog boxes that list all those switches. Network administrators who manage a Key Management server for Volume Licensing will find a goldmine here. For the rest of us, the three most commonly used switches are the following:

Slmgr.vbs /dli Displays basic license information, including the last five characters of the product key

Slmgr.vbs /dlv Displays much more detailed license information

Slmgr.vbs /cpky Removes the product key from the registry so that it can't be copied and reused


Just started testing an interesting software tool to synchronize your Google and Outlook Calendars

I had looked at this a little bit earlier this month and I didn't really find anything out there to do this. Google had taken away their Google sync application couple years ago and I wanted to be able to synchronize my Outlook calendar with my Google calendar to be able to take advantage to some of the other things that I've added around the house, namely the Amazon Echo I purchased the middle of last year.

Today I had a customer SP if I knew of any program that would perform this function so I decided to go back out and look again and lo and behold I ran into this application from Zissis Siantidi and can be found here


As all of the information that I have in looking at shows positive reviews and now that I have working on my system appears to work fairly well. It was extremely easy to set up and the directions on how to do so very straightforward. The only issue that I see so far is that you can only link one calendar from Outlook to one calendar in Google. There might be a situation where you might want to link multiple calendars in both locations so this would be something that would be nice to see happen.
If you decide to use this program sure to send some money their way to show your appreciation. It is always nice to do that for authors of shareware.



Good Article by Ed Bott discussing why a Windows 7 reinstall from scratch is so time consuming...

We like Ed Bott's articles and if You are wondering why it takes so much time to reinstall Microsoft Windows seven from scratch he has written a great article that explains the painful process. Here's a link for that: Click to go to article


Sophos Road Show coming to Pittsburgh

Sophos | Security Made Simple.

Security made simple.
Security made simple.
Break a Hacker's Heart Security Seminar
Join us for a live interactive session to go beyond the hype and headlines and learn some of the most effective ways to prevent today’s increasingly sophisticated threats.
Know your enemy: breakdown and dissect today’s most prevalent attacks.
Security trends: learn how the industry is evolving to keep pace with advanced threats.
Technical overview: get a live demo of Sophos solutions, led by Security Expert, not sales.
Join us in a city near you!
calendar icon March 08-09, 2016 | Phoenix, AZ
Renaissance Phoenix Downtown Hotel: 50 East Adams Street, Phoenix, AZ
calendar icon March 15-16, 2016 | Toronto, ON
Toronto Marriott Downtown Eaton Centre: 525 Bay St, Toronto, Canada
calendar icon March 16, 2016 | Pittsburgh, PA
Renaissance Pittsburgh Hotel: 107 6th Street, Pittsburgh, PA
calendar icon March 24, 2016 | Louisville, KY
Louisville Marriott Downtown: 280 West Jefferson Street, Louisville, KY
calendar icon April 07, 2016 | New Brunswick, NJ
Bridgewater Marriott: 700 Commons Way, Bridgewater, NJ
Register Now
LinkedIn   Twitter   Facebook   YouTube
Sophos Logo
Getting too many emails?
Visit the Preference Center and receive the content you want or unsubscribe.
© 2016 Sophos Inc. All rights reserved | Privacy Policy
3 Van de Graaff Drive, Burlington, MA 01803.


ioSafe helps you meet HIPAA compliance

With the most robust disaster recovery in the storage industry, ioSafe NAS allows administrators to instantly create storage that assists with meeting HIPAA guidelines for any health care organization with many safeguards to keep data secure, accessible and protected from loss. With protection from fire, flooding and theft, ioSafe NAS offers the fastest onsite data recovery available all while keeping the data on premise. You maintain 100% control over the data’s location, access, encryption and firewall settings.

Download the ioSafe HIPAA Solution Brief



Resolved issue

Dear ZixCorp Customer,

At this time Zix engineers have resolved the database issues that we previously reported. Recipients should now have access to all messages they received via ZixPort, including those messages sent on March 7th between 1:30 and 5 PM.

Again, we apologize for any inconvenience this may have caused you or your recipients.

Thank you for your patience.


Recent ZixCorp outage on March 7th

Dear ZixCorp Customer,

ZixCorp experienced a ZixPort outage yesterday where customers could not access the portals during the afternoon hours. While the service has been restored, some messages are still not visible in the recipient mailboxes due to a database issue. This means some recipients that received a portal notification yesterday afternoon about a new message may not see it in their ZixPort inbox yet. These affected messages were delivered between 1:30-5 pm CT on March 7th.

Customers have two courses of action they can take:
* Let the recipients wait until the database issue is resolved. Our engineers are working on this issue, but we currently do not have an ETA for when this issue will be resolved.
* Resend the message. Messages that were sent after 5 PM CT yesterday are being delivered to the recipient's mailbox on the portal. ZixGateway customers can use the Dashboard reports to see what messages were sent to the portal during yesterday's issue.

We apologize about the inconvenience this has caused you and your recipients. We will provide further updates as we get more details from our engineering group.


ZixCorp Customer Support


Recent News of HIPAA Compliancy Audit Schedules being stepped up.

Imagine how awful your life will be if your office fails a federa HIPAA audit. The recent HIPAA Security Conference in Washington made it clear from the leaders of the Office for Civil Rights (OCR) that they are finally getting ready to schedule the audits that they have been promising for a long time.

Audits Coming Very Soon

  1. While audits have been discussed for a long time, they are imminent and 1,200 letters will be going out shortly. 1,200 out of the entire health care industry means the odds of you getting a letter are low. But if you do, the impact can be very high.
  2. If you receive a letter you will have only 10 – 14 days to provide the requested documentation. That isn’t enough time to overcome years of HIPAA neglect.
  3. A contractor has been hired to conduct the audits, and the OCR has been actively hiring attorneys. They aren’t there to help you.
  4. The audits will likely focus on areas that were identified as common weaknesses in the 2012 test audits – no security risk analysis, not addressing risks, unencrypted data, and lack of effective policies and procedures.
  5. Small practices will be targeted. In 2012, many smaller practices were found to be lacking in their compliance efforts. The new audits are likely to be skewed towards small medical practices, not large health systems
  6. Are you confident your Business Associates won’t cause you to fail the audit? When a Covered Entity gets audited the OCR will now examine their Business Associates. In our experience Business Associates are often clueless about their HIPAA responsibilities, beyond signing Business Associate Agreements. Have your Business Associates complied based on the 2013 HIPAA changes
  7. Patients’ rights to their records, especially the new requirements for electronic records, are not being followed by many HIPAA Covered Entities. This is a Hot Button with the OCR which is charged with protecting the rights of patients.
  8. Haven’t had a HIPAA incident? Most likely you have, and either don’t recognize them or aren’t giving them serious consideration. Data breach notification requirements have changed since 2009, and OCR wants to know if you have a clear policy and practice in place for notifications.


Encryption was probably mentioned more than 50 times. No kidding.

At the conference, Jocelyn Samuels, the Director of the OCR, announced a $ 750,000 settlement with a small cancer practice that had a bag that contained an unencrypted laptop and unencrypted backup media stolen from an employee’s car.

Deven McGraw, the new Deputy Director of the OCR for Patient Privacy, said, “The bigger problem with breaches involving lost and stolen unencrypted devices is that they are often a tip off for OCR that an organization has other more serious HIPAA compliance issues – particularly the failure to conduct a risk analysis that’s followed up by actually mitigating identified risks.” This is more than a subtle hint.

Other speakers stressed that encryption not only protects patient data, but it protects the Covered Entity against having to report a lost or stolen device. Encryption is much less expensive than HIPAA penalties. Check out this article HIPAA Enforcer Losing Patience on Encryption for more details.

So What Can You Do? PREPARE NOW.

Quickly obtain a thorough and accurate Security Risk Analysis, not a ‘checklist overview’ that will miss critical issues.

Should you do your own? The US Dept. of Health & Human Services says, “…doing a thorough and professional risk analysis that will stand up to a compliance review will require expert knowledge that could be obtained through services of an experienced outside professional.

This is coming from the agency that does compliance reviews and has failed many practices that have done their own risk analyses. As the famed oil well firefighter Red Adair said, “If you think it’s expensive to hire a professional to do the job, wait until you hire an amateur."

  1. Fix the problems identified in the Security Risk Analysis. HIPAA requires Risk Management for both security and compliance. Years of neglect may be expensive to correct. Encryption is an obvious starting point.
  2. Have an expert review your Notice of Privacy Practices and your Business Associate Agreements to make sure they are current and properly implemented. And your Data Breach Notification policies and procedures.
  3. Contact Semel Consulting. We’ll do a risk analysis, help you fix your risks, implement effective policies and procedures, and help you with any HIPAA questions or incidents. We have helped many organizations including small medical practices, large clinics, surgery centers, hospitals, nursing home chains, home health care, health plans, and many Business Associates.
  4. Be on the lookout for the audit letter. It won’t be good if someone who opens your mail misses the letter and you miss the deadline. Especially when you have made the efforts to comply.



Sophos XG Firewall Announcement

It seems everyone is talking about NextGen technology in the firewall but when you take a closer look it really doesn't compare with what Sophos has been working on with their Sophos XG Firewall.

Yesterday they announced the release of their new operating system on the XG series that incorporates a connection between the Firewall Protection and your Endpoint Protection on your desktops and mobile devices. This is a two pronged approach that hasn't been encorporated before that makes Sophos unique in the security business.

Highlights include:

  • Network Security Control Center. The innovative interface delivers instant network and threat intelligence so users can take action fast.
  • Sophos Firewall Manager. Full-featured centralized management that’s FREE for partners and managed service providers.
  • XG Series Appliances. A comprehensive range with options for every customer, including the new entry-level XG 85(w) and XG 750 high-end models.
  • Security Heartbeat. This unique capability links firewall and endpoint for the very first time, letting them share intelligence and enhance protection against advanced threats.

Sophos XG Firewall and Sophos Security Heartbeat™ will revolutionize the way we think about todays complete security solution!


To encrypt or not to encrypt?


ZixCorp has released a new ZixMail Standalone client

ZixCorp has released  a new version the ZixMail Standalone client.  This version has added some new features which address issues that some customers experienced when trying to connect ZixMail with their ISP's mail server.   In addition, this version no longer supports the option for using the ZixMail HTTP/SMTP relay to deliver mail.  

To download the new ZixMail Standalone client, go to the download section of the Zixcorp Support Center.

ZixMail standalone is available here:



Microsoft reneges on Unlimited OneDrive Storage

Ed Bott from ZDNet reported that Microsoft has annouced that they are rolling back on their annoucement of unlimited storage for users of Office 365. Microsoft blames a few bad eggs who have taken advantage of storing very large digital collections to the cloud after Microsoft announced on October 27, 2014 that everyone would be upgraded to unlimited OnDrive storage plans.

Here's the key part of tonight's announcement:

  • We're no longer planning to offer unlimited storage to Office 365 Home, Personal, or University subscribers. Starting now, those subscriptions will include 1 TB of OneDrive storage.
  • 100 GB and 200 GB paid plans are going away as an option for new users and will be replaced with a 50 GB plan for $1.99 per month in early 2016.
  • Free OneDrive storage will decrease from 15 GB to 5 GB for all users, current and new. The 15 GB camera roll storage bonus will also be discontinued. These changes will start rolling out in early 2016.

Ed Bott's article does a good job detailing out what has occurred and if you are interested you will want to give it a quick read.


Vertical Summit Phone System


Sophos Encryption Video (Encryption doesn't have to be difficult)



Page 1 ... 2 3 4 5 6 ... 54 Next 20 Entries »