Tech Support Scams

Posted on by ccsretail

Tech Support Scams

Lately, I have been receiving lots of pop-up messages on my computer that tell me that something needs to be “fixed” on my computer. The message may say that my computer is running too slow because it has registry errors or someone can “see” my information. Sometimes it tells me that a virus or malware has been detected on my computer. Often, a free “security” scan is offered, or a website is shown that I can access as a way to correct my computer’s “ills.”

The messages usually come from what looks like a legitimate company, complete with the appropriate logo, like Microsoft or Apple. Sometimes free software is offered that I can download, guaranteed to make my computer run faster and better.

Unfortunately, most of these pop-ups are from scammers. They want to convince me that I have computer problems so that they can sell me worthless software, try to enroll me in cheap computer maintenance or warranty programs, or trick me into giving them access to my computer so they can steal sensitive data, like usernames and passwords.

How do I know this? I already have my computer loaded with security protection from trustworthy companies. Some of it is free and some I purchased. I use these software programs regularly to keep my computer safe.

So how do you cope with these malicious pop-ups? Don’t click on messages that look questionable. Never go to an unknown website that is suggested in one of these pop-ups, or call a phone number that claims to be “tech support.” Make sure you are using appropriate, legitimate anti-virus software on a regular basis. And most of all, think before you act when it comes to anything unsolicited that pops up on your computer screen.

If you need help or advice on computer security, we can help you. Our number is 425-672-4806, or you can email us. Be safe, not sorry.

Marlene

PC Cleaners/Registry Cleaners

Posted on by ccsretail

PC Cleaners/Registry Cleaners

Although I do not advise using these software’s regularly, there are times when they are useful. Over the years I have found that these registry and PC cleaners sometimes cause more harm than good. For example, I have run into systems where these tools are run regularly and have problems installing or re-installing software, some of these programs even boast about cleaning or completely uninstalling software, only to find out it has left the main directory in place preventing the re-installation, or it has left the Windows service installed causing the same thing.

Depending on what you are trying to accomplish with these “cleaning” programs, I have never seen one speed up my PC. The times I do use these cleaning programs is usually after either an infection or failed hardware. But some manual cleaning is always required.

If your PC needs “cleaning” I would recommend using the built-in or downloadable tools from the programs manufacture to clean a program up. Most hard to uninstall software has a “clean up” tool available from the makers to make your uninstallation easier and actually clean your PC.

If you have any support questions or concerns, please contact the CCS Retail Systems support department @800.672.4806 or email us at support

-Bryan

Securing Your Network

Posted on by ccsretail

Securing Your Network

One of the things that you should do in securing your network, is to limit internet access to only the sites that a particular station needs. For example, a Point-Of-Sale workstation usually only needs to be able to access the internet in order to validate credit and debit transactions. When that is the case, then your firewall should be configured to only let those stations through to the sites they need for authorization.

By limiting the access of those stations to only the card processor site, it prevents users from randomly browsing web sites during slow times. Thus, they cannot be checking their personal email or checking out the latest funny videos. This is not to punish them, but rather to eliminate those common vectors of attack. It prevents those viruses and malware-bearing emails from being read, and their payload potentially being unleashed on your workstations. It also prevents those drive-by downloads from malicious sites, from doing the same.

Obviously, there will be stations that need to access additional sites. However, if these sites can reasonably be limited to just those sites that need to be accessed, they should similarly be limited. It may be possible to limit those stations to only your company email, vendor sites, your store web site, etc. Additionally, those stations should be restricted to use by only those users that need to be accessing the sites that the stations are being allowed access to. Those users should also be trained on what to be aware of when accessing outside sites. In particular, the user or users that are accessing the company email should be trained on how to recognize potential phishing, or other malware, type emails.

Limiting the avenues that expose your network to outside contact, can go a long way towards preventing the network from being compromised. Such limits are often evaluated from the perspective of limiting outside access in. Access restrictions should be evaluated, and restrictions imposed from your network out, as well.

Dave.

Tech Support Scams

Posted on by ccsretail

Tech Support Scams

Lately, I have been receiving lots of pop-up messages on my computer that tell me that something needs to be “fixed” on my computer. The message may say that my computer is running too slow because it has registry errors or someone can “see” my information. Sometimes it tells me that a virus or malware has been detected on my computer. Often, a free “security” scan is offered, or a website is shown that I can access as a way to correct my computer’s “ills.”

The messages usually come from what looks like a legitimate company, complete with the appropriate logo, like Microsoft or Apple. Sometimes free software is offered that I can download, guaranteed to make my computer run faster and better.

Unfortunately, most of these pop-ups are from scammers. They want to convince me that I have computer problems so that they can sell me worthless software, try to enroll me in cheap computer maintenance or warranty programs, or trick me into giving them access to my computer so they can steal sensitive data, like usernames and passwords.

How do I know this? I already have my computer loaded with security protection from trustworthy companies. Some of it is free and some I purchased. I use these software programs on a regular basis to keep my computer safe.

So how do you cope with these malicious pop-ups? Don’t click on messages that look questionable. Never go to an unknown website that is suggested in one of these pop-ups, or call a phone number that claims to be “tech support.” Make sure you are using appropriate, legitimate anti-virus software on a regular basis. And most of all, think before you act when it comes to anything unsolicited that pops up on your computer screen.

If you need help or advice on computer security, we can help you. Our number is 425-672-4806, or you can email us. Be safe, not sorry.

Marlene

New System Implementation Planning

Posted on by ccsretail

New System Implementation Planning

Some things that you can do to prevent complications related to new software systems implementation.

1. Verify existing hardware, operating system, and software infrastructure meets or exceeds the minimum requirements for the new software well ahead of time. Update to meet prerequisite beforehand.

2. Read all of the documentation related to the entire data migration process and software implementation process in advance. This allows you to be apprised of any issues that might adversely affect your staff.

3. Plan to have a thorough test migration done well in advance of the intended go-live date.

4. Get proper training on the new software in advance of doing either a test migration or a live migration. Enough time should be allowed between a test data migration and the final go-live date to do testing. Proper testing of both the software and data is critical prior to the final live data migration to get more familiar with the software and proof the software configuration and the integrity of the data migration.

** Testing should include end-users’ replication of normal work processed over several days of live data that was done in their old system. Limited generic test data may not reveal the subtler issues that will be encountered in actual use.

Data migrations can go awry for several reasons, most often these bad situation scenarios can be avoided.

Some examples include …

  • Data Migrations where excessive corrupt historical data is present.

The MIS person for a longtime Counterpoint version 7.5 user did an in-house test migration to the newer NCR Counterpoint software.

This particular company has a long-term policy to never purging history of any kind. At the time of their test, the company MIS person indicated it took him over a month of clean-up work before the migrated data could be considered usable. Further, he indicated that a lot of the corrupt data was related in older history records (and this was especially so with transaction dates). The company had detailed transaction history going back over 30 years. Typically, most retailers only keep around

2 years’ worth of sales history. Unless one has warranty related issues 30+ years of historical data may be excessive.

The migration plan was to start the live upgrade on a future Friday night and be live by the following Monday morning. This approximately 48+ hour time frame would be considered very aggressive even under the best of circumstances. The company required over a month just editing out corruption data from their test conversion. Other issues may arise that make 48 hours to go live difficult to achieve! A less aggressive plan would be a better approach.

  • Trying to use the new software on older hardware and unsupported older operating systems.

This approach can be a recipe for disaster resulting in migration failure with damage to your data.

In one recent example, a business owner copied his current updated software installation onto a really old server that was running an obsolete, unsupported operating system.

The software was failing due to insufficient memory and system resources. Software/operating system conflicts were also corrupting data. When attempting to run file rebuild utilities, and detailed history reports, the performance of the software was made the software functionally unusable. File rebuild operations on the obsolete system took 6 hours instead of less than 4 minutes on the current systems to be used after migration. Reports required similarly took hours rather than minutes as they could have.

  • Indefinite implementation postponement followed by the decision to go live without all of the appropriate parties being adequately coordinated.

A partially complete implementation project was on hold indefinitely. Months later the store was scheduled to go live on a specific date, but this was not communicated adequately to the rest of the migration team. The assumed prerequisite set-up and configuration work required had been not been performed beforehand. This massive amount of work could not be completed with the less than 12 hours prior notice considering it involved a complete redo/reconfiguration of the software and core data before it could be used in any form.

  • Incorrect or incomplete data being provided to tech support people.

Data provided to CCS tech support is imported into a test system for review. If Incorrect or incomplete data is provided it cannot be reviewed and prepared for use properly. On the scheduled go-live date required data may not be found on the system or corrupt data may be missed in the preparation tasks.

Some critical food for thought!

– John

Calling for Support

Posted on by ccsretail

Calling for Support

Having something go wrong with your system or software is often a stressful problem that costs you time, money, and physical distress. When you need our help, our aim is to give you fast, accurate, and worry-free assistance. We do, however, need a little help from you when you call in for support.

We know that your “hair is on fire”, but it helps us serve you better if you have, at hand, the information we need to get rolling:

  • Your name, and who to contact if a return call is needed.
  • Your company name.
  • Your telephone number and extension, if it is required. Remember that in today’s world, people call from landlines and cell phones, and from many different extension numbers! You may think our tech has your number already, but it may not be the one you’re using now.
  • The location of the store(s) having the problem (many of our customers have multiple stores).
  • A brief explanation of the issue. From this, we can determine who is available and can best handle the problem that you’re encountering. It helps if you can relate what task you were doing when the problem began.

Remember, when speed is essential in getting your problem addressed, it helps to have the necessary information gathered before you call for support!

Marlene

Where’s My Automatic Updates?

Posted on by ccsretail

Where’re My Automatic Updates?

Over the years I have seen people assume that a software manufacturer, software supplier, or support vendor should be doing something automatically.

Here are some fairly standard examples of things that are most often NOT automatic:

1. Operating System and Security

  • Installation of Windows Security Service Packs – While this can be scheduled for automatic download and installation, by default this is not turned on.
  • Installation of Anti-Virus And Anti-Malware Software Updates

These items may not be configured to auto-download, auto-install, or auto-notify of success or failure. If something in this area is only partially automated, one needs to take care that these processes are not going on while end-users are on the system and using applications that would be affected, especially if a server or workstation reboot was required. As examples:

  • Scheduling windows updates to only download and install in off-hours while users are not logged into servers or workstations.
  • An anti-virus update might be prompting for a computer restart to complete the installation of a specific update. If this isn’t addressed in a timely manner, your systems could be at risk of being compromised.

2. Application Software – Application Software Security Service Packs

  • MS Office Suites
  • Adobe Acrobat Reader
  • Adobe Flash Player
  • Java

There are regular updates for the above applications that should be installed. Failure to do so could result in security holes being present with these applications. While some of these installations can be automated, others cannot be.

3. Application Software Data/Usage issues.

Care should also be taken to make sure that certain updates are not auto-applied especially in situations where there are a lot of customizations.

  • Point of Sale – Sales Tax Rates, which are typically by state, or By Taxing Jurisdictions. The rates should be updated regularly so that the proper sales tax is withheld. While there are some
  • systems that update automatically, some do not.
  • Customers – Taxable Status. If Tax Exempt, the Tax ID number, and expiration dates may need to be updated. Doing this protects you in future tax audit scenarios.
  • Items – Taxable Flags, Item-Based Tax Categories – If tax Flags and item based Tax Categories are not assigned, the result could be incorrect tax amounts being withheld.
  • Payroll – Federal Tax Tables – This includes such things and Social Security and Medicare tax rates, and FUI, 401K Maximums; State Tax Codes – This includes SUI rates; Workers Compensation Rates.

If you have some specific issues or questions, please contact the CCS Retail Systems Support Department.

– John

Historical Data Migrations From Old to New Platforms.

Posted on by ccsretail

Historical Data Migrations From Old to New Platforms.

Data migrations can go awry for many reasons, however, most often these bad situation scenarios can be avoided with consultation with CCS Retail Systems Support and some careful planning.

Here are some recent examples.

  1. Data Migrations where corrupt data is present.

An IT person did an in-house test migration to a newer NCR Counterpoint software version. The company preferred to not purge history regularly. There were some known corrupt data records complicating the procedure. The company had some history that was over 10 years old. (A recommended policy is to try to keep 3 years of history at a maximum.)

The IT person planned to start the upgrade on a Friday night and complete it by the following Monday morning. This approximately 48+ hour time frame would be very aggressive when considering the scope and complexity of the conversion.

  1. Trying to using the current software on antiquated hardware and unsupported antiquated operating systems.

Attempting this sort of migration can be a recipe for disaster because damage to your data could occur from system architecture and software limitations.

For example, a business owner copied his current updated software installation onto an old server running an older, unsupported operating system. The performance of the software was then extremely inadequate for the task. Program completion times were decreased by as much as two orders of magnitude from current systems available.

  1. Some things that you can do to prevent the above-referenced scenarios are:

1. Verify that existing hardware, operating system, and software infrastructure meets or exceeds the minimum requirements for the new software. This should be considered mandatory

2. Get proper training on the new software in advance of doing either a test migration or a live migration.

3. Read all of the documentation related to the entire data migration process.

3. Plan to do a thorough test migration, This would include having end-users replicate normal processing work that represents a least several days’ worth of live data that was done in their old system.

4. Schedule CCS Retail Systems Support to do the entire data migration or provide your organization with assistance on the migration project.

– John

Recovering From a Ransomware Attack

Posted on by ccsretail

Recovering From a Ransomware Attack

Ransomware attacks are on the rise. It is getting more common to get random emails with subjects indicating they are package tracking, voice mails, photo edits, and so on. Many of these are attempts to get you to take the bait, click the link, and ultimately install ransomware. Much has been written about recognizing malicious emails, not opening mail from unknown users, and other good advice. What happens, however, if you are unfortunate and do get hit with ransomware?

We are assuming this is a true Ransomware infection, where an active payload of malware has been added to your system. Another type of Ransomware is Scareware masquerading as Ransomware. This latter Ransomware has no payload but threatens you with data encryption as well. It is best to assume any Ransomware threat includes a payload, at first. A safe mode reboot investigation can help you check if a payload is active. If the infection is just Scareware, you may be safe with a reboot and comprehensive malware scan to confirm there is no infection active.

First, be very suspicious of any unusual activity. One of the first signs, even before the ransom notice pops up, is that programs will stop working, or documents will disappear. This activity is due to the malicious software starting to encrypt your files. If anything like that happens, take immediate action. First, disconnect your computer from your network. That is, physically disconnect the network cable, or if you use a wireless connection, turn it off. Also, immediately shut down your computer. I do not usually advocate just turning off the power, but this is one time that it is not a bad idea. The idea is that if ransomware has started on your system, to limit the damage occurring.

Try to start your computer in safe mode, and begin investigating. Make sure you lookup entering safe mode in Windows on your version to MAKE SURE you do NOT get a normal boot or the Ransomware will be active again. Check for those programs or documents that suddenly disappeared. If there is a file with the same name, but the extension has changed, most likely ransomware is the culprit. In that case, be prepared to do some research, and possibly still lose some work. It depends on the active Ransomware variant since some have been Ransomware payloads have been cracked and there are recover utilities available.

Other Ransomware payloads do not have removal utilities, and you will have to go to your back copies. Before that, however, you need to make sure that the machine is cleaned of the ransomware programs or your system will be reinfected and you will need to start over again. If utilities exist to clean the Ransomeware for your system, they should be used immediately. If not, a lot of digging and experimenting will be required. If there is no cleaning utility you may need to reformat the infected drives, reinstall the operating system, and then restore from a full image backup, NOT just a file backup. In either case, spend a lot of time checking your system, before putting it back on your network and getting on with your work. You want to be very, very, sure that the Ransomware is gone, or you will be exposing the rest of the computers on your network to Ransomware infections.

Recovering from Ransomware is a critical task that can be very complex.  This blog is just a simple overview.  We recommend you contact CCS Retail Systems Support for further guidance and services to ensure the Ransomware is properly eliminated from your systems. Remember that if you comply with the Ransomware demands there is NO guarantee that your payment will result in any recovery of your system.  The best course of action is to defeat the Ransomware request NOT honor it.

Dave.

Purging Distributions

Posted on by ccsretail

Purging Distributions

As you use your Counterpoint SQL system, you will accumulate data. Sales history, purchasing, and receiving, all of the history is accumulated, and these tables can grow to be quite large.

One table that can grow very fast, is the distributions table. Everything that is posted will create distributions. Depending on the settings used, it can be many records for a single posting. In a short time, this can build into thousands, or millions, of records. Moreover, most people do not need most of the data in this table. If your interface to another accounting system, once the distributions are sent to that other system, one really has no need for them in Counterpoint. Also, many do not use the accounting function, either within Counterpoint, or interfaced to another accounting system. In that case, those records are never used and are just taking up space.

Fortunately, distributions are one of the areas that Counterpoint has a purge function. From the main menu, it is under System -> Accounting -> Utilities -> Purge Distributions. Under the event tab, select the Post Date range that you want to purge. You may have to use the customize function to find the post date option. Make sure that you select a range that will leave any records that you may want. In a lot of cases, leaving 30 days of distributions is appropriate. However, that will vary, depending on your use of these records, and your needs. You may be able to purge all records (for example, if you do not use any of the distribution information within Counterpoint).

Once you have selected the purge range and selected the purge option, you will get a report of the records that will be purged. Also, you will be asked for confirmation that you actually wish to purge the records. Once you confirm that you want to purge, the records will be removed. This can take several minutes, depending on how many records you are purging at a time. That is all there is to it.

Dave.