Blog

September 11th, 2014

BI_Sep08_BWhen it comes to the success of your business, you likely rely, at least in part, on predictions made off of existing data. While simple forecasts are easy enough, it can be more difficult to set down long-term theories about what the future may or may not entail. That's why many businesses employ predictive analytics. While long used by enterprises, many smaller companies are also now starting to use these methods as well. At first glance, predictive analytics can be overwhelming, so, to help, here is an overview of the three main components.

Together, these three elements of predictive analytics enables data scientists and even managers to conduct and analyze forecasts and predictions.

Component 1: data

As with most business processes, data is one of the most important and vital components. Without data you won't be able to make predictions and the decisions necessary to reach desired outcomes. In other words, data is the foundation of predictive analytics.

If you want predictive analytics to be successful, you need not only the right kind of data but information that is useful in helping answer the main question you are trying to predict or forecast. You need to to collect as much relevant data as possible in relation to what you are trying to predict. This means tracking past data, customers, demographics, and more.

Merely tracking data isn't going to guarantee more accurate predictions however. You will also need a way to store and quickly access this data. Most businesses use a data warehouse which allows for easier tracking, combining, and analyzing of data.

As a business manager you likely don't have the time to look after data and implement a full-on warehousing and storage solution. What you will most likely need to do is work with a provider, like us, who can help establish an effective warehouse solution, and an analytics expert who can help ensure that you are tracking the right, and most useful, data.

Component 2: statistics

Love it, or hate it, statistics, and more specifically regression analysis, is an integral part of predictive analytics. Most predictive analytics starts with usually a manager or data scientist wondering if different sets of data are correlated. For example, is the age, income, and sex of a customer (independent variables) related to when they purchase product X (dependent variable)?

Using data that has been collected from various customer touch points - say a customer loyalty card, past purchases made by the customer, data found on social media, and visits to a website - you can run a regression analysis to see if there is in fact a correlation between independent and dependent variables, and just how related individual independent variables are.

From here, usually after some trial and error, you hopefully can come up with a regression equation and assign what's called regression coefficients - how much each variable affects the outcome - to each of the independent variables.

This equation can then be applied to predict outcomes. To carry on the example above, you can figure out exactly how influential each independent variable is to the sale of product X. If you find that income and age of different customers heavily influences sales, you can usually also predict when customers of a certain age and income level will buy (by comparing the analysis with past sales data). From here, you can schedule promotions, stock extra products, or even begin marketing to other non-customers who fall into the same categories.

Component 3: assumptions

Because predictive analytics focuses on the future, which is impossible to predict with 100% accuracy, you need to rely on assumptions for this type of analytics to actually work. While there are likely many assumptions you will need to acknowledge, the biggest is: the future will be the same as the past.

As a business owner or manager you are going to need to be aware of the assumptions made for each model or question you are trying to predict the answer to. This also means that you will need to be revisiting these on a regular basis to ensure they are still true or valid. If something changes, say buying habits, then the predictions in place will be invalid and potentially useless.

Remember the 2008-09 sub-prime mortgage crisis? Well, one of the main reasons this was so huge was because brokers and analysts assumed that people would always be able to pay their mortgages, and built their prediction models off of this assumption. We all know what happened there. While this is a large scale example, it is a powerful lesson to learn: Not checking that the assumptions you have based your predictions on could lead to massive trouble for your company.

By understanding the basic ideas behind these three components, you will be better able to communicate and leverage the results provided by this form of analytics.

If you are looking to implement a solution that can support your analytics, or to learn more about predictive analytics, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

September 11th, 2014

MobileGeneral_Sep08_BOur mobile devices are quickly becoming so highly integrated into our lives that it can be difficult to imagine life without them. But, there will come a time when you decide to upgrade to a new device. When this does happen, you may consider selling your old device. If you do decide to do this, one thing you should ensure you have done is to deauthenticate your apps.

What exactly is deauthentication?

Some apps, although not all, require that you authenticate your device in order for them to work. Many developers who ask users to authenticate their device do so in order to either prevent copies of the software from being created and utilized, or to ensure that the device and app can communicate securely.

Some examples of apps that ask for authentication include those that use multi-factor authentication, password managers, and apps that require a subscription or credit card information, etc. On some devices you even need to enter a code or key, much like installing software on a new computer, in order to activate all the features of the app.

The main reason many developers require authentication is connected to security. As security is becoming an ever more pressing issue, there is a good chance that we will see more apps asking users to authenticate their devices in the future.

The issue with this is that when you go to sell your device you will likely need to purchase the app again or the buyer of the device won't be able to set up their own account.

Common apps you should deauthenticate

Apps with subscription services: This includes apps like Google Play Music, Spotify, Office for iPad, cloud storage apps that you have linked your device to, etc. These apps are usually either linked with your device or your phone number so it is a good idea to deauthenticate them.
  1. Kindle app: The Kindle app is actually linked to your device and users who want to use the app will likely not be able to if the device is linked to your account. You can unlink devices by going to the Amazon site, logging in and selecting Manage your Content and Devices when you hover over your account name.
  2. Password management apps: These apps usually require that you authenticate your device to use a particular service. If you try to log in on a new device, these apps may not work properly.
  3. Chat apps: Some chat apps like WhatsApp or Line require that you register for the service using your phone number. If you are keeping your number, you shouldn't have to deauthenticate, but if you are getting a new number, you should go into the account settings of each app and unlink your number. WhatsApp for example has a feature that allows you to move your number to a new device.
  4. Any app or service that you have linked credit card information to: While you ordinarily don't have to physically deauthenticate these apps, as the information is usually linked to an account and password, it is a good idea to unlink your credit card with any app on your phone before you hand it over. This will help ensure that credit card information is not stored or accessible.
When it comes to the major app stores, e.g., Windows Phone Store, Google Play, and iTunes, you will often see that your device has been linked to your account. If you are going to sell your device, the best course of action is to reset using the factory reset option. This will delete all data and installed apps on the device. This will often be enough to deauthenticate all apps.

If you are looking to learn more about getting rid of your older devices, contact us today.

Published with permission from TechAdvisory.org. Source.

September 10th, 2014

iPad_Seo08_BMicrosoft has been making a steady push into mobile markets, especially when it comes to apps. One of their biggest, and most helpful, releases has been mobile optimized versions of their popular Office programs. While Office for iPad is useful for many business users, you do need a subscription to access all the features. Microsoft has recently announced that they have updated the iPad apps and added in-app subscriptions.

Looking at the recent subscription update

When the iPad versions of the Office apps were released, users could download the apps for free but needed an Office 365 subscription in order to use the full features of the apps. Those who didn't have a subscription were limited to only being able to read and print Office documents, and present using PowerPoint.

Those who wanted to use all the features of the app needed to sign up for an Office 365 account. In order to do this, they had to physically go to the Office 365 site and sign up. They couldn't sign up via the app. While this process isn't overly taxing, it did cause some frustration for some users.

To remedy this, Microsoft has recently announced that users will now be able to sign up for an Office 365 subscription directly from the app. According to an article posted on the Microsoft Office blog, "Starting today [September 2, 2014], you can buy a monthly subscription to Office 365 from within Microsoft Word, Excel, and PowerPoint for iPad."

The subscriptions you can purchase

While Microsoft has noted that you can purchase an Office 365 subscription in-app, you should be aware that the subscriptions are monthly and for the Home or Personal versions of Office 365.

A monthly Office 365 Home subscription costs USD$9.99 a month and can be used on one iPad and up to five PCs or Macs, while an Office 365 Personal plan costs USD$6.99 a month and can be installed on on iPad and one PC or Mac.

What about business users?

For the time being, users can only subscribe to individual Office 365 accounts via the app. If your business has an Office 365 for Business subscription e.g., Office 365 Small Business Premium, etc, you should be able to access the full-version of the iPad app without having to sign up for a Personal or Home subscription, just log in using the same username and password you use to sign into Office 365.

If you don't have an Office 365 subscription, then it may be a good idea to get in touch with us to learn more about Office 365 business plans and how they can be successfully implemented into your business.

Published with permission from TechAdvisory.org. Source.

Topic iPad
September 10th, 2014

Office_Sep08_BExcel is heavily dependant on formulas, and it seems like there is literally a formula for everything. For example, have you ever been working in Excel and needed to combine the contents of two different cells into a new one without adding them together? While you can copy and paste the content of the different cells you can also use the concatenate formula.

Using the concatenate formula to combine cells

If, for example, you have a spreadsheet with first names in column A, last names in column B, and want to combine them into column C to display the full name you can do so by:
  1. Clicking on cell C2 (or the row where the information you want to combine is)
  2. Typing =concatenate(
  3. Clicking on cell A2 and then adding a comma (,)
  4. Clicking on cell B2 and closing the formula with a closing bracket
  5. Hitting Enter
You should see the two cells are now combined in cell C2, with the formula for cell C2 reading:

=CONCATENATE(A2,B2).

The problem is, there will be no space inbetween the letters or numbers, so you will need to edit the formula to read:

=CONCATENATE(A2," ",B2)

The double quotations with a space in between them tells Excel to add a space to the cell in between the contents of A2 and B2.

If you have more than two columns you would like to combine, then simply add a comma after each cell. If for example you have three columns (A1, B1, and C1) you would enter the formula:

=CONCATENATE(A1 " ",B1 " ",C1) in column D1.

Combining two cells without concatenate

While concatenate works well, there is actually a shortcut that you can use which involves the ampersand '&':
  1. Click on cell C2 (or the row where the information you want to combine is)
  2. Type =
  3. Click on cell A2 and then type & in the formula.
  4. Click on B2 and hit Enter
You should see the contents of A2 and B2 combined together in C2. If you click on cell C2 and look at the formula, it should read: =A2&B2.

The only problem is, there won't be a space between the content. To add a space, you can edit the formula so that it reads:

=A2&" "&B2

Note the space between the two quotation marks. This tells Excel to add a space between the contents of A2 and B2.

Once you have the base formula on one cell, you can press the small box at the bottom of the cell and drag it down the row so that the other information can be quickly compiled. This makes it much easier than having to copy and paste the content individually. And, If you would like to learn more Excel tips, contact us today. We can save you valuable time and resources.

Published with permission from TechAdvisory.org. Source.

September 5th, 2014

HealthcareIT_Sep03_A

As of June 30, 2014, more than 1,000 data breaches affecting more than 500 patients each have been reported to the Department of Health & Human Services - for a total of roughly 32,000,000 people who have had their privacy compromised. And, according to the annual Redspin Breach Report, published in February of 2014, 7.1 million patient records were breached in 2013, a 137.7% increase over 2012.

And, the threat is getting broader. Once caused primarily by snooping or negligent employees, data breaches are now increasingly caused by cybercriminals who realize the potential financial value of medical records. Case in point: The Chinese hacker attack on the 206-hospital Community Health Systems which resulted in the breach of 4.5 million patient records, the second-largest HIPAA breach ever reported.

No physician practice should consider itself immune. While large hospital systems may be most attractive to hackers, Eric Perakslis, executive director of Harvard Medical School's Center for Biomedical Informatics, recently wrote in a New England Journal of Medicine article that 72 percent of cyberattacks have been aimed at hospitals, group practices and other provider organizations.

Perakslis recommends an "active learning approach” that involves real-time surveillance of emerging threats - and that includes an intimate knowledge of one's own network and vigilance at one's own practice. One of the most effective ways you can do this is to work with a company like ours who can help not only ensure security of your systems but also help teach you and your staff about common security issues.

Published with permission from TechAdvisory.org. Source.

September 5th, 2014

GeneralHealthcare_Sep03_AThe Drug Enforcement Administration (DEA) is making it more difficult for physicians to prescribe opioids, and in doing so, has necessitated changes to e-prescribing.

The issue stems from titles II and III of the Comprehensive Substance Act (CSA), under which controlled substances are classified into one of five schedules based on potential for abuse and likelihood of dependence. The DEA has rescheduled hydrocodone-combination products (HCPs) from schedule III to schedule II in an attempt to curtail abuse and dependence.

But, the regulations around schedule II drugs are much more restrictive than those around schedule III drugs. There will be only two ways to prescribe HCPs after the rule change becomes effective October 6: with a paper-based prescription handed to the patient or e-prescribing. Any other means of prescribing, such as phone calls or faxes, are not allowed.

For e-prescribing, some changes may be necessary at the electronic medical record (EMR) level and at medical practices as well as at pharmacies. EMR vendors and practices will have to implement the security that's required by the DEA in regards to identity management and factor authentication. As for pharmacies, currently only about two-thirds are ready to receive electronic prescriptions of controlled substances; the others will have to make some changes.

If you are one of the practices that needs to make these changes in order to meet DEA requirements, contact us today to see how our systems can help.

Published with permission from TechAdvisory.org. Source.

September 4th, 2014

Security_Sep02_BEveryone today seems to be constantly relying on their smartphones to help complete daily tasks which has resulted in the need to recharge subsequently increasing. And when you’re far from your charger, public charging kiosks can seem like a good substitute. However, this can lead to juice jacking of your smartphone. If this is news to you then let’s find out what juice jacking is and how you can avoid it.

What’s juice jacking?

Regardless of the kind of smartphone you have, whether it’s an Android, iPhone or BlackBerry, there is one common feature across all phones: the power supply and the data stream pass over the same cable. This setup allows for juice jacking during the charging process whereby user access is gained on your phone by leveraging the USB data/power cable to illegitimately access your phone’s data and/or inject malicious code onto the device.

The attack can be as simple as an invasion of privacy, wherein your phone pairs with a computer concealed within the charging kiosk and information such as private photos and contact information are transferred to a malicious device. However, on the other hand, it can also be as invasive as an injection of malicious code directly into your phone. According to security researchers at this year’s Black Hat security conference, your iPhone can be compromised within one minute of being plugged into a harmful charger.

Exposure to a malicious kiosk can also create a lingering security problem even without the immediate injection of malicious code. Once a device is paired to a computer, it can access a host of personal information on the device, including your address book, notes, photos, music, sms database, typing cache, and even initiate a full backup of your phone, all of which can be accessed wirelessly at anytime.

How do I avoid it?

The most effective precautions center around simply not charging your phone using a third-party system. Here are some tips to help you avoid using public kiosk charger:
  • Keep your devices topped off: Make it a habit to charge your phone at your home and office when you’re not actively using it or are just sitting at your desk working.
  • Carry a personal charger: Chargers have become very small and portable, from USB cables to power banks. Get one and throw it in your bag so you can charge your phone anytime you’re at the office or while on-the-go if you use a power bank.
  • Carry a backup battery: If you’re not keen on bringing a spare charger or power bank, you can opt to carry a full spare battery if your device has a removable battery.
  • Lock your phone: When your phone is truly locked as in inaccessible without the input of a pin or equivalent passcode, your phone should not be able to be paired with the device it’s connected to.
  • Power the phone down: This technique only works on phones on a model-by-model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.
  • Use power only USB cables: These cables are missing the two wires necessary for data transmission and have only the two wires for power transmission remaining. They will charge your device, but data transfer is made impossible.
Even the tiniest detail like charging your phone from a kiosk charger could affect the security of your device. While there are many substitutes to using a third-party system, ultimately the best defense against a compromised mobile device is awareness. Looking to learn more about today’s security and threats? Contact us today and see how we can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
September 3rd, 2014

BCP_Sep02_BBusiness operators know that when it comes to business continuity, everything is about time. It doesn’t matter if you can recover your business activities if this isn’t achieved in reasonable time. But what is considered “reasonable”? This is what the business impact analysis (BIA) determines. The BIA aims to find out what the recovery time objective is for each critical activity within an organization. With that in mind, let’s take a look at five tips for reliable business impact analysis.

Five tips for successful business impact analysis:

  1. Treat it as a (mini) project: Define the person responsible for BIA implementation and their authority. You should also define the scope, objective, and time frame in which it should be implemented.
  2. Prepare a good questionnaire: A well structured questionnaire will save you a lot of time and will lead to more accurate results. For example: BS (British standard) 25999-1 and BS 2599902 standards will provide you with a fairly good idea about what your questionnaire should contain. Identifying impacts resulting from disruptions, determining how these vary over time, and identifying resources needed for recovery are often covered in this. It’s also good practice to use both qualitative and quantitative questions to identify impacts.
  3. Define clear criteria: If you’re planning for interviewees to answer questions by assigning values, for instance from one to five, be sure to explain exactly what each of the five marks mean. It’s not uncommon that the same event is evaluated as catastrophic by lower-level employees while top management personnel assess the same event as having a more moderate impact.
  4. Collect data through human interaction: The best way to collect data is when someone skilled in business continuity performs an interview with those responsible for critical activity. This way lots of unresolved questions are cleared up and well-balanced answers are achieved. If interviews are not feasible, do at least one workshop where all participants can ask everything that is concerning them. Avoid the shortcut of simply sending out questionnaires.
  5. Determine the recovery time objectives only after you have identified all the interdependencies: For example, through the questionnaire you might conclude that for critical activity A the maximum tolerable period of disruption is two days; however, the maximum tolerable period of disruption for critical activity B is one day and it cannot recover without the help of critical activity A. This means that the recovery time objective for A will be one day instead of two days.
More often than not, the results of BIA are unexpected and the recovery time objective is longer than it was initially thought. Still, it’s the most effective way to get you thinking and preparing for the issues that could strike your business. When you are carrying out BIA make sure you put in the effort and hours to do it right. Looking to learn more about business continuity? Contact us today.
Published with permission from TechAdvisory.org. Source.

September 2nd, 2014

Web_Sep02_BA common trend among many businesses is the introduction of cloud-based systems. While the vast majority of business owners and managers are well aware of the cloud, and may have even integrated at least one cloud system into their business, it can be difficult to decipher the difference between all the types of cloud services out there. To help, here is an overview of the three more common types implemented in many businesses.

1. SaaS

SaaS, or software as a service, is a cloud service that revolves around, you guessed it, software. Easily the largest and most well known cloud-based service, SaaS uses the cloud to deliver software to users, which is then usually accessed via your Web browser. Unlike physical software that you install on your computer, SaaS solutions are hosted on a provider's servers.

This means that the provider is responsible for software maintenance and updates, which translates to the fact that users will all be using the same version of software and get updates at the same time. As a business owner this means that actually managing the software on all of your computers is made not only easier, but more affordable. Combine this with the fact that companies like us can manage these solutions for you and you can see why SaaS is highly popular with many companies.

If you are looking for a new software solution, many major types of software now also have SaaS options including: Office document creation suites, accounting software, email, HR solutions, content management, customer relationship management, and more.

2. PaaS

PaaS, or platform as a service, is a cloud-based service that provides users with computing platforms. Most companies who utilize PaaS do so to either host or develop their own software solutions, or to provide support for software used by employees.

The main reason many companies integrate PaaS is because it drastically reduces the costs and complexity often associated with buying, developing, configuring, installing, and managing the hardware and software solutions that are necessary for the custom-built applications that many businesses rely on.

While PaaS is gaining in popularity with many small businesses, most won't have a lot of first-hand interaction with this type of cloud, especially those who work with IT providers like us. Essentially, most providers will utilize PaaS in order to deliver custom applications and solutions to the end-user.

3. IaaS

IaaS, or infrastructure as a service, is essentially cloud-based computers and resources. The most popular and well known type of IaaS is the virtual machine which is a digital version of a computer or server that is accessed over an Internet connection. The infrastructure is physically kept off site, and usually managed by a provider, but you access and interact with it as if it is located on your computer or in your office.

In other words, if you are looking to virtualize your systems via the cloud, IaaS could be a good place to start as it allows you to move existing support systems into the cloud. Other solutions can then be migrated or introduced as needed.

While the cloud can offer a wide variety of benefits and solutions to companies, it can be a chore to choose the service which is best for your company's needs. We highly recommend that if you are considering a cloud solution, you get in contact with us. We can help find the best solution for the needs of your business and to also manage it, thereby ensuring proper migration and implementation, leaving you to focus on running your business.

Contact us today to learn more.

Published with permission from TechAdvisory.org. Source.

Topic Web
August 29th, 2014

Hackers are crazy busy right now, and WordPress websites are their favorite target! So far this year, hackers have broken every record to date. In 2012, there were roughly 192,000 WordPress sites worldwide. In March 2014 alone, a single hacker used 162,000 hacked WordPress websites in just one single attack.

A recent study by EnableSecurity concluded that 73% of the 40,000 most popular websites that use WordPress software are vulnerable to attack. WordPress is the most popular blogging and content management system in the world and powers 1 out of every 5 websites.

The main culprit in these vulnerabilities is violating the first rule of WordPress security – not running the most up to date version of WordPress. In fact, if you’re not running the very latest version of WordPress, then the chances that your site is vulnerable to any hackers using simple, free automated tools.

Here are 5 quick tips on keeping your WordPress website secure:

  1. Always run the very latest version of WordPress.
  2. Be conservative in your selection of plugins and themes (and run the latest versions of these).
  3. Make sure every user has their own strong password.
  4. Put a Web Application Firewall (WAF) in front of your website.
  5. Force logins and admin access to use HTTPS.