‘Tis the Season to be Careful!

‘Tis the Season to be Careful!

‘Tis the season to be jolly, right? That’s what the song tells us, but the holidays will not seem so jolly if you are victimized by a hacker! Although it may not be possible to eliminate all of the hazards, there are precautions that you can take to minimize dangers to your devices and your life! It begins with the recognition of where intruders are most likely to invade.

Cell phones and laptops are frequently lost, especially when people are traveling. Airports, hotels, restaurants, taxi companies—all report hundreds of unclaimed mobile devices that have been left behind. Being extremely cautious with your devices, and perhaps registering them with services that can locate, recover, and kill lost or stolen devices, will keep you safer.

Email greetings are sent in abundance during the holiday season. Not all email greetings, however, are what they seem! Cybercriminals have been known to disguise viruses and spyware into what seems like an innocent greeting from friends or relatives. Open attachments with great care!

Using social networking is a very popular way to reconnect with friends during the holidays, but these sites are frequently targeted for phishing attacks. Be careful what you click on—that new “friend” may not be a friend at all.

USB thumb drives, like cell phones and laptops, are often lost when people are traveling. USB drives are so small, making them easy to misplace or leave plugged into public PC’s; creating a hazard if those removable drives are not protected.

New gift devices, like smartphones and computers, are many times put into operation before security measures like anti-virus software are installed. Recipients are so anxious to use the new tools that they don’t take time in advance for necessary precautions. The lack of precautions makes the devices vulnerable to a host of problems.

Downloading games and free apps can expose users to malware. Be sure to examine carefully before installing them, and be wary of unsigned apps from unknown developers.

We hope your holidays are happy and safe. If the unthinkable happens, however, we’re here to help you. Just give us a call at 425-672-4806 or email us.

Marlene

Preparing for the Holidays

Preparing for the Holidays

The weather is turning colder, the clock has returned to Standard Time, and the holiday season looms before us. Already I am seeing candy canes on display in supermarkets! This makes me wonder if you are doing the necessary preparations in your business to make sure this holiday season is well-organized and profitable.

What can you be doing right now to get ready? Here are a few suggestions to get you started:

  • Make sure your inventory is stocked sufficiently and numbers are accurate. Eliminate errors now that could cost you sales later!
  • See those products on display are all labeled. Customers find it annoying when prices aren’t readily available.
  • Add needed information on your receipts, like return policy.
  • Clean up the store and arrange displays for best customer visibility. Polish that glass front door.
  • Make sure you have on hand sufficient gift cards; these are always a favorite for holiday gift-giving!
  • Update/prepare to use your customer information to send flyers and emails to advertise holiday sales.
  • Install newer, faster hardware, like printers or scanners. Waiting until the last minute to take care of your business “tools” could become a real hassle once the season begins.
  • Make sure that your security system is up to date. Remember, this is prime time for unscrupulous scamming.
  • Arrange for new employees’ training now to avoid problems later.
  • Consistently back up all of your files in case of the unexpected, like power outages from winter storms, or malicious ransomware attacks.

We can help you with many of these preparations, (but we don’t do windows!). All it takes is a quick call to 485-672-4806, or you can email us. We’re here to help you have a great holiday season!

Marlene

Passport Version 12.06 Update 2

Passport Business Solutions
Passport Business Solutions

Passport Version 12.06 Update 2

With the release of PBS 12.06, Passport completes a major infrastructure project on field expansions that were begun with the v. 12.05 release. Enhancements for PBS v.12.06 now include:

  • Expanded field sizes for both the name and addresses in Customer, Ship-to, and Contact files.
  • Field expansions in A/R, O/E, POS and Customer Order Processing in PBS Manufacturing.
  • Professional Time & Billing fields expanded.
  • PO # expanded to 30 characters to accommodate Amazon and other vendors.
  • Approximately 12-14 new Accounts Payable reports have been created
  • There are three new SSRS reports that replace CounterPoint version 7.5 related reports that were used with wholesale distributors.
  • PBS 12.06 includes a new runtime, version 10.2, so this is not an update-in-place, and requires exporting of existing data, a fresh software install and the use of EZ Convert utility to migrate your existing data to the new format.

Also, Passport 12.06 SQL installation has some significant software and configuration prerequisites detailed as follows.

  • Currently, for server environments, MS Server 2008 and MS Server 2012 are supported server operating systems.
  • MS SQL Server 2014 with MS SQL Reporting Services is recommended for Passport 12.06, MS SQL Server 2008 and or MS SQL Server 2012 with Advanced Tools are supported, however, MS SQL Report Service must also be installed prior to installing Passport 12.06.
  • Like Passport 12.05, the CashPoint interface for Passport 12.06 is NOT compatible with NCR Counterpoint version prior to version 8.5, so your NCR Counterpoint software may need to be upgraded as well

Please consult the CCS Support department if you have any questions on the above release.

– John

Beware of Fake Emails

Beware of Fake Emails

Recently, I have noticed a great increase of emails, both at home and at work, that appear to come from legitimate sources, but are bogus emails. Sent under recognizable names, either personal or professional, the sender wants you to open the attachment so your information can be stolen, a virus installed, and your computer shut down for a ransom.

The fake emails that come to me most often are supposedly from my daughter, who lives in another state and works for a university. The email address looks correct, yet the subject information is something that I know my daughter would never say to me. The first thing I did, before opening the first one like this, was to call her and ask if she sent me an email. When she said, “No,” I immediately set my computer to block further emails from this address. That worked for a while, but now they have returned with a small change from the original email address used. Hackers can be very sneaky.

Other malicious emails I have received say they are from UPS about a package that may have been lost, from the Internal Revenue Service about a tax I supposedly owe, and from DHL about a delivery.

The best way to deal with fake emails is to install a good anti-virus program, and also use extreme caution before opening any attachment that looks even remotely “fishy.” Carefully assess the email address, subject line, and even the language used. Ask yourself if this is an expected email, or something unexpected. Be careful and be safe!

If you ever think you may have been hacked, call us at once for help. Our techs can work with you to get you back on track! Our number Is 425-672-4806 or you can email us.

Marlene

Granting Administrator Privileges to users

Granting Administrator Privileges

Granting administrator privileges to users is one thing that I often see, that is done much more than it should be. The reason given is this simplifies those occasions when software needs to be installed or updated. However, in general, this is a bad practice.

The simplification of installing legitimate software will be exploited if you are ever the victim of malware or viruses. Since the user that the infection uses already has administrator privileges, the malware does not need to find anything to exploit for it to have access to your entire system. If the malware already has inherited the privilege from the user login and can wreak whatever havoc is in its payload.

On the other hand, if the user is given basic user privileges, and the malware is unable to find any way to exploit the system to increase its privileges, then the damage is contained to what the captured user can modify. While that is still upsetting, having to restore some documents, and change user settings is more desirable than having the entire computer system corrupted and compromised. Not to mention, the potential effect on other computers on your network, if administrator-level privileges can be leveraged against them.

With properly set permissions, users can do everything that they need, without elevated privileges. It can take some extra time to setup the appropriate permissions, but not nearly the time that it takes to recover from a malware attack that could have been limited in scope by a simple restriction of administrator level privileges.

Dave

New System Implementation Planning

New System Implementation Planning

Some things that you can do to prevent complications related to new software systems implementation.

1. Verify existing hardware, operating system, and software infrastructure meets or exceeds the minimum requirements for the new software well ahead of time. Update to meet prerequisite beforehand.

2. Read all of the documentation related to the entire data migration process and software implementation process in advance. This allows you to be apprised of any issues that might adversely affect your staff.

3. Plan to have a thorough test migration done well in advance of the intended go-live date.

4. Get proper training on the new software in advance of doing either a test migration or a live migration. Enough time should be allowed between a test data migration and the final go-live date to do testing. Proper testing of both the software and data is critical prior to the final live data migration to get more familiar with the software and proof the software configuration and the integrity of the data migration.

** Testing should include end-users’ replication of normal work processed over several days of live data that was done in their old system. Limited generic test data may not reveal the subtler issues that will be encountered in actual use.

Data migrations can go awry for several reasons, most often these bad situation scenarios can be avoided.

Some examples include …

  • Data Migrations where excessive corrupt historical data is present.

The MIS person for a longtime Counterpoint version 7.5 user did an in-house test migration to the newer NCR Counterpoint software.

This particular company has a long-term policy to never purging history of any kind. At the time of their test, the company MIS person indicated it took him over a month of clean-up work before the migrated data could be considered usable. Further, he indicated that a lot of the corrupt data was related in older history records (and this was especially so with transaction dates). The company had detailed transaction history going back over 30 years. Typically, most retailers only keep around

2 years’ worth of sales history. Unless one has warranty related issues 30+ years of historical data may be excessive.

The migration plan was to start the live upgrade on a future Friday night and be live by the following Monday morning. This approximately 48+ hour time frame would be considered very aggressive even under the best of circumstances. The company required over a month just editing out corruption data from their test conversion. Other issues may arise that make 48 hours to go live difficult to achieve! A less aggressive plan would be a better approach.

  • Trying to use the new software on older hardware and unsupported older operating systems.

This approach can be a recipe for disaster resulting in migration failure with damage to your data.

In one recent example, a business owner copied his current updated software installation onto a really old server that was running an obsolete, unsupported operating system.

The software was failing due to insufficient memory and system resources. Software/operating system conflicts were also corrupting data. When attempting to run file rebuild utilities, and detailed history reports, the performance of the software was made the software functionally unusable. File rebuild operations on the obsolete system took 6 hours instead of less than 4 minutes on the current systems to be used after migration. Reports required similarly took hours rather than minutes as they could have.

  • Indefinite implementation postponement followed by the decision to go live without all of the appropriate parties being adequately coordinated.

A partially complete implementation project was on hold indefinitely. Months later the store was scheduled to go live on a specific date, but this was not communicated adequately to the rest of the migration team. The assumed prerequisite set-up and configuration work required had been not been performed beforehand. This massive amount of work could not be completed with the less than 12 hours prior notice considering it involved a complete redo/reconfiguration of the software and core data before it could be used in any form.

  • Incorrect or incomplete data being provided to tech support people.

Data provided to CCS tech support is imported into a test system for review. If Incorrect or incomplete data is provided it cannot be reviewed and prepared for use properly. On the scheduled go-live date required data may not be found on the system or corrupt data may be missed in the preparation tasks.

Some critical food for thought!

– John

Minor Changes That Make a Difference

 

Minor Changes That Make a Difference

So you’ve had your new system for a while, and everything seems to be going along pretty well. You have noticed, however, that there are a few minor changes that you would like to make, but are unsure about how to go about making those changes.

Perhaps you would like your receipts to contain more information about your return policy or your product descriptions to be expanded. Maybe your labels are printing incorrectly, or your employees have not mastered how to change passwords.

Do you need a report, but don’t know how to go about setting it up? Do you have a new user and need help adding this person into your system? Maybe you need to purge files to speed up your system.

Don’t put off fixing those little ongoing issues that can make your business run more smoothly when properly addressed. We can help you with all of these things and much more! Call us today at 425-672-4806 or email us at support.

Marlene

Signs Your System Has Been Compromised

Signs Your System Has Been Compromised

Users need to be on the alert for signs that your system has been compromised. Let us look at some of the signs. One that often occurs is that icons on the desktop have been moved, or new icons have appeared. If new icons have appeared, and no software has been installed, as far as is known, it is a red flag that the system has been compromised.

Hackers will often install new software when they gain access to a system, to give them further control, or the ability to gather additional information from the system. Most times, there is no obvious trace of this additional software, but many times they are sloppy, and those surprising new icons are an indication.

Icons being moved is often also an indication. This is often due to the hacker going through and clearing those new icons. However, those icons moved some of your old icons when they were installed, and the hacker does not know exactly where the old icons were on the desktop. Or, the icons were subsequently auto-arranged, and are thus not in the location on the desktop that users had moved them to.

Another big indicator is that your system suddenly slows down. The screen may lag when you are typing, or processes that used to take a second or two, now take many seconds, to even minutes. This is due to the system having an increased load, due to the additional software that has been installed, and what it is doing to steal information or use the computing power for other nefarious activity, such as cryptocurrency mining. Cryptocurrency mining is using computing power to unlock cyber currency, such as Bitcoin. This takes a great deal of computing power, cybercriminals are farming this activity out to compromised systems, rather than using their own.

Basically, be alert to any change in the way that your system looks, or responds. While it may be due to legitimate changes, often it is a sign that unwanted people have gained access to your system.

CCS provides IDS products.  Contact our Sales Department to discuss the right solution for your operations.

Dave.

Backup, Backup, Backup – Do you have a backup plan?

Backup, Backup, Backup – Do you have a backup plan?

Backups are just as important as any other task related to your business.

Do you know what you would do if your Server crashed and will not boot backup? Do you know how long it will take to be back up and running?

Having a good backup could make this stressful event seem like a “glitch in the matrix”

When CCS sets up your Counterpoint software, we also setup an internal backup of your database. Although this is a backup, it is not a failsafe against a disaster. These backups allow CCS (or your support team) to get Counterpoint back up and running quickly. But what it does not do, is get your Server backup and running. These backups are stored on the hard drive of your system, and if the hard drive is not recoverable, either are your backups. That is why it is a good idea to have full system backups to another device like an external hard drive or even an offsite or cloud service to help with a quick recovery.

CCS has recently been testing a cloud backup service called MSP Backup. It allows for full system backups as well a disaster recovery tools like Bare Metal Recovery, which helps with the restoration of full systems to brand new hard drives.

It also allows for granular recovery of specific files that may have been accidentally deleted or infected.

MSP Backups allow for you, the customer to also manage and start a backup at any time (although not always advisable), restore from a previous backup, download a full backup to keep safe and many other tools and reporting features.

If you are interested in setting up a backup plan, talking about backups or just to see what is available for your system, give the CCS Retail Systems Team a call or email us at support

-Bryan

Monitoring your NCR Secure Pay activity.

Monitoring your NCR Secure Pay activity.

By, default, when one signs-up for the NCR Secure Pay Service, the notification email address that you provided will be used to automatically notify you of the success or failure of your regularly scheduled overnight credit card settlements.  You can also access the NCR Secure Pay Portal in order to check on the real-time open activity as well as the settlement history 24/7/365 from any location that allows you access to the Internet access.

Site access will require the link information, the NCR Secure Pay User ID and the required password to access the site. This Portal location information was provided in your original NCR Secure Pay sign-up email, however, if you no longer have this access information, please contact CCS.  The site has a built-in access limitation that will temporarily disable your login account if more than (3) three failed back-to-back failed access attempts have been made.

Currently, NCR Secure Pay keeps detailed Settlement History online on their servers for 2 years, after which time the site automatically purges the older data. You can also extract transaction detail to an ASCII CSV file for use in importing into other products such as MS Excel.

In the set-up and configuration area, the site allows you to change both the settlement status email address and time of day that the auto-settlement happens. Additionally, detailed information about your current merchant information and configuration, and options will be displayed.

If you have any question regarding NCR Secure Pay or need assistance with accessing the NCR Secure Pay Portal, please contact the CCS Retail Systems Support Department.

– John