Controlling Our Data

In an April 6, 2018 article on National Public Radio’s website, the writer, Vanessa Romo never references the soon to be implemented GDPR in Europe. She believes Facebook COO Sanberg’s promise that if they find more examples of data collected by Facebook getting into the wrong hands, they will notify the public. She accepts Sandberg’s apology that Facebook “didn’t do enough” to protect their user’s privacy. The writer seems comfortable with Facebook holding “a massive trove of user data.” With all due respect, Ms. Romo is asking all the wrong questions.

Amid all the political noise about Cambridge Analytica, and the horse-race coverage of Facebook’s stock price, Big Data Collectors have managed to keep the narrative, the press and the politicians away from the real question:

Should Facebook, Google, Amazon, or any other entity be allowed to collect and store extensive personal information about private individuals for the sole purpose of leveraging that information for wealth and power?

In Europe, the General Data Protection Regulation (GDPR) has at least partly answered this question. For more information on GDPR, you can read our November 3, 2017 blog, but in short, the answer in the EU is that they cannot collect data without the specific consent of each individual whose records are being stored. The GDPR goes into effect in May, and with the current attention on Facebook, it is the perfect time for the United States to get proactive about data privacy.

The GDPR has set the groundwork that could be a roadmap for the US. The political gears turn slowly, but two of the six GDPR requirements would be overwhelmingly embraced by Americas, and if proposed would quickly gain public support. If Americans thought they could get the data protections going into effect in Europe, they would demand them.

First, we need to adopt the GDPR’s simple, explicit consent requirement. Before any entity could collect or store personal data, the owner of the data, the individual, would be required to give consent. Legal agreements in the US have become so long and cryptic that they retain little or none of their original intent, unless that intent is deception. Long legal disclaimers that require scrolling and then clicking “OKAY” would not suffice. Instead, we need clear yes/no statements, each that must be answered individually. Imagine these queries before Facebook could add your data to the stockpile:

Can Facebook collect and store the personal data you enter? Y/N

Does Facebook have permission to sell or use your personal data? Y/N

Can Facebook share your data with companies and political organizations? Y/N

Next, we need to require a personal right to have data forgotten or corrected. This again comes directly from Europe’s GDPR. The option to remove data must be clear and easy to find, not hidden behind pages and pages of menus clearly designed to camouflage the relief users are seeking. Currently to change any privacy setting on Facebook you are required to find the hidden settings link at the bottom of a long menu secreted away behind a tiny triangle on the right side of the menu bar. Once in Settings, privacy is in yet another menu. Even then, your privacy choices are significantly limited. When Facebook asks for your phone number, they say it is to “keep your account safe,” but once they have it, your phone number becomes publicly searchable. You can restrict who can search for your phone number and address to only friends, but you cannot make it private. Under “Who can look you up using the phone number you provided?” “No One” is not an option. You cannot delete your phone number. We need easy to find, simple ways to edit or delete our data, a link in a top-level menu clearly labeled “Edit Personal Data.” The choices need to be concise, like, delete my data, correct my data, and restrict my data. Companies like Google, Yahoo, and Apple have your data stored as well, but unlike Facebook, there isn’t an entry page. Google and Apple collect data every time you use your browser or phone.

It is easy to be discouraged that these simple privacy changes might never happen. The deck is certainly stacked against unaffiliated users. The UK Daily Mail reported that Google staff had 427 meetings in the Obama Whitehouse. There are many photos of Facebook’s Mark Zuckerberg with Barack Obama, and there are reports that Facebook staffers met with Cambridge Analytica employees attached to the Trump campaign in Trump Campaign offices. Amazon’s Jeff Bezos owns the Washington Post. Facebook has donated to 46 of the 55 members of the House Energy and Commerce Committee before whom Mark Zuckerberg will testify. The cards are not in the favor of our privacy. Still, it happened in the European Union. It could happen here, but only if the attention on Facebook moves away from the stock price and who will give the most sincere apologies. The question is not who had access to what. The question is do we want all of our personal information stockpiled by private companies that have no repercussions when they misuse it?

On April 9, 2018 TechCrunch reported that Trans-Atlantic Consumer Dialogue (a privacy watchdog), along with the Center for Digital Democracy in the US, and the Norwegian Consumer Council have sent a public letter to Facebook CEO Mark Zuckerberg urging him adopt the GDPR worldwide. The letter asks for GDPR guidelines as the “baseline standard for all Facebook services.” TechCrunch writer Natasha Lomas asserts, “These are protections that all users should be entitled to no matter where they are located.” Momentum is moving in the right direction, but we need something stronger than a request to one of several companies that trade in our data.

— ♦ —

From our offices in the USA and the Netherlands, Frontier Computer provides IT hardware, enterprise computing support, Peplink SD-WAN routers, and IP communications to the world.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Your Greatest Security Risk

Social Engineering Exploits Human Trust and Courtesy to Gain Unauthorized Access

When we talk about security everyone thinks about firewalls and brute force attacks, but most IT administrators have things pretty well locked down on the server side. Some of the recent headline attacks were because of people, not systems. Investigators traced the now famous Hilary Clinton email leak to a hack of John Podesta’s Gmail account, a result of him clicking on a fake Google security alert in a spear-phishing attack. Back-end security will not help when an employee at a work computer clicks a fraudulent link in Facebook, bringing ransomware in the virtual front door. The easiest way into your private information is probably through your employees.

Security Awareness Must be Taught

Social Engineering against human vulnerability is one of the most prevalent attack strategies used today by criminals and other malicious entities. Phishing, fake phone calls, attachments with malware, and even physical access are Social Engineering techniques used to get into your business. Since firewalls and other technical security countermeasures are difficult to bypass, criminals have moved their attacks to the easier, more vulnerable targets: Humans.

Common Social Engineering Attacks

Phishing scams seek to obtain personal or company information with embed links that redirect to fraudulent websites, which appear legitimate. They often use threats, fear, and a sense of urgency to encourage prompt action before thorough consideration. Many Phishing attempts are crude and obvious to spot, which lowers alertness to more sophisticated and refined attacks. Spear Phishing uses similar techniques but the attacks are targeted to a specific individual, often with one or two personal details from the recipient that add to the scam’s legitimacy and likelihood for success.

Pretexting: Attackers focus on creating a pretext, or a fabricated scenario, that they can use to try to steal their victims’ personal information. These attacks commonly take the form of a scammer who pretends that they need certain bits of information from their target in order to confirm identity. Pretexting attacks rely on building a sense of trust with the victim. This requires the attacker to build a credible story that leaves little room for doubt on the part of their target. Pretexting attacks will rely on entry and mid-level employees’ desire to appear courteous and helpful to gain information in small pieces.

Baiting / Quid Pro Quo offers the promise of information, goods, or service as a reward to entice victims. Baiters may offer users free downloads, links to prurient content, gifts, or deals just for logging in. The scams usually have the goal of capturing login information. One famous baiting swindle left USB sticks in a company parking lot. Curious employees picked up the USBs and plugged them into their computers, activating a key logger that captured login credentials. Quid pro quo attacks promise a benefit, usually in the form of a service, in exchange for information. For example, a quid pro quo attack will call random numbers inside a business posing as tech support. If they happen to find someone expecting or even desiring support they will develop a relationship to gain remote access or passwords.

Tailgating: Not all Social Engineering attacks happen on computers. Tailgating or “piggybacking.” is used to gain access to an otherwise secure facility. Tailgaters follow an employee into a restricted area by exploiting employee courtesy. An attacker, in a delivery driver costume, will arrive at the door with an arm full of packages and ask someone entering a secure portal to hold the door. In one case, a security consultant tailgated access to several floors, a data room, and eventually established a base in a third floor meeting room, out of which he worked for several days.

Water Holing: Like animals at a familiar watering hole, people let their guard down on sites they regularly visit. Water holing can be as simple as hiding a fraudulent link in a Facebook post, or on other social media sites, or any well-trusted, popular website. It can get much more complicated as well, exploiting any web location outside a company where that company’s employees regularly interact.

Find Your Social Vulnerabilities

Frontier’s Social Engineering Testing assesses the state of your staff by attacking them with the same methods used by social engineering hackers: e-mail phishing, phone calls and other methods. We then follow up with Security Awareness education to disclose how we were able to gain access and educate the staff on how to protect themselves at work and at home.

Contact Frontier

Human Security Inquiry

Contact Frontier to discuss your human security profile and schedule a security audit for your business.

Your Contact Information
CAPTCHA
Please wait...
for more information on securing your business from increasingly creative attacks.

 

Frontier Computer provides enterprise IT hardware, software, and security.

A Glossary of IIoT Terms

IIoT Alphabet Soup

This post is Part 2, please see: Industrial Internet of Things for Part 1.

The infusion of Internet protocol professionals into Industrial Machine communications has presented a new alphabet soup of acronyms and terms. Even some seasoned IT professionals are left scratching their heads when presented with the closed systems that have existed for years in industrial machine to machine communications.

Below are a few key acronyms for newcomers to industrial automation. While this list is far from exhaustive, and the explanations are basic, these common terms are a good starting place when diving into IIoT. These terms and acronyms are intertwined, and while this information is presented as a glossary, any chance at understanding requires reading through the entire list rather than expecting to fully understand any one definition in isolation.

ICS – Industrial Control System
ICS a general term for different types of control systems and their components used to manage industrial processes. They can range from a few modular panel-mounted controllers to large interconnected Distributed Control Systems with thousands of connections to process sensors and monitors. The systems receive data from remote sensors measuring process variables (PVs). The measured values are compared to benchmarks or set points (SPs) and commands are sent back to the controllers or Final Control Element FCEs, like valves and switches, to make adjustments. A Distributed Control System is an ICS, but not all ICSs are distributed.

DCS – Distributed Control System
A DCS is distinguished by autonomous control loops, where the remote control is decentralized and distributed throughout the system. The system still has central operator supervisory control, but individual processes have localized control. This is in contrast to non-distributed control systems where all control happens at the top levels. The DCS concept increases efficiency by localizing control functions near the processes themselves, with only monitoring and supervision centralized.

Distributed control systems were used first in applications with critical processes where interruption isn’t acceptable. DCSs allowed task level controllers to continue to function even if central control was interrupted. The manufacturers of Distributed Control Systems sold all the equipment as a package, with central control and task specific modules included, significantly reducing integration risk. Today the functionality of SCADA and DCS systems are very similar.

PLC – Programmable Logic Controller
A PLC is a ruggedized, industrial computer adapted for the control of a manufacturing process, such as assembly lines, or robotic devices, or any activity that requires high reliability control, site level programming, and problem or fault diagnosis. They were first developed for the automobile industry to replace mechanical devices like relays, timers, and sequencers. A PLC reports to a SCADA supervisor, but is still not the unit that completes a task. PLCs are usually used localy, where control is wired. They usually communicate with the Modbus protocol. There is significant functional overlap between PLCs and RTUs.

RTU – Remote Terminal Unit
RTUs are programmable, microprocessor-controlled electronic devices that interface sensors and other input objects in the physical world to a distributed control system or SCADA. Like a PLC, the RTU doesn’t do the work, but translates data to the SCADA supervisor. An RTU is usually capable of running programs and processing data before it reports to supervisory control. RTUs are more suitable to remote monitoring and wireless communications. RTU also may have proprietary tools for programming but will use common protocols, like Modbus, for communications. There is significant functional overlap between PLCs and RTUs.

FCE – Final Control Elements
An industrial process has several components, and the FCE is the part that actually does the work at the end of the line. FCEs include valves, dampers, couplings, gates and many others that are adjusted by the system to achieve or maintain a Set Point (SP).

PV – Process Variable

An FCE will have a process variable, an end value that is monitored or measured in an industrial system. For example, temperature or pressure could be Process Variables that are monitored. Each PV will have a Set Point or SP.

SP – Set Point
A sensor measuring a Process Variable (PV) will have a Set Point. The SP is a goal for the value. A process may have a temperature range with a Set Point of 38°C. The FCE will report the Process Variable to the PLC or RTU which will make adjustments to the FCE to achieve the Set Point.

HMI – Human Machine Interface
also MMI (man–machine interface) or HCI (human–computer interface)
While strictly speaking, a keyboard and mouse on any computer is an HMI, the term is generally used for the human control panel of an Industrial Control System. It is usually the human input panel at the local level for the PLC or the RTU, but it could be the control at supervisor level, although some would reserve the term Operator Interface Terminal for the main control. An HMI can be buttons, touch screens or a keyboard and monitor. Plain old computer keyboards and monitors are called UIs (User Interfaces) or GUI (Graphical User Interfaces) even if they are human-machine interfaces.

SCADA – Supervisory Control And Data Acquisition

To over simplify, a SCADA system is like a DCS but in a more modular form. The SCADA Control system architecture is above PLCs or RTUs (both local controllers) and the FCE, the things that do the work. The PLC/RTU will run the operation, but the SCADA sets the control points and levels for the PLC/RTU. Pretty much anywhere you look you will find a SCADA system. Even the multiple refrigerators at your local supermarket are probably SCADA controlled.

Modbus
Modbus is a serial communications protocol for use with programmable logic controllers (PLCs). While there is no document proclaiming it such, Modbus has become the go-to protocol for connecting SCADA systems. It is the common language for connecting industrial electronic devices. It has taken this role because it was developed for industrial applications, it is openly published, and it is royalty-free. Modbus is easy to deploy and maintain, and moves raw bits or words without placing many restrictions on vendors. Modbus allows mixing of sensors, RTUs, PLC, and FCEs from various sources.

DNP3 – Distributed Network Protocol
DNP3 is a communications protocol. It is more complex than Modbus. According to Wikipedia, it is used almost exclusively in utilities management, which is confirmed by the DNP3 Users Group, which has taken ownership of the protocol and assumes responsibility for its evolution. DNP3 was originally developed for the electric utility industry but is being used in water, wastewater, and oil and gas. Like Modbus, DNP3 is an open and public protocol.

In summary: A SCADA system is like a DCS (which is an ICS) that connects PCLs and/or RTUs and their corresponding FCEs to monitor PVs in order to maintain the SPs. The systems mostly use the Modbus protocols except in the utility sector where DNP3 is favored.

If the previous two sentences made any sense to you at all, take a bow. You are ready for the Industrial Internet of Things.

Frontier Computer provides IT hardware and enterprise computing support. As the World’s largest Distributor for Peplink and Pepwave, Frontier has solutions for M2M Data, IoT, and IIoT.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Industrial Internet of Things

Factory
Part 1: OT versus IT

At a recent Peplink Summit, Josh Varghese of Traceroute gave a presentation on IIoT, the Industrial Internet of Things. His talk included a basic description of Industrial IoT, a simple but essential clarification of Operational Technology—the core of IIoT, and an important glossary of terms. For the sake of this blog, I will split Mr. Varghese’s detailed talk into two parts. This first part will focus on the difference between IT (Information Technology) and OT (Operational Technology.) Part 2, next week, will be the glossary of terms that are essential for anyone stepping into IIoT. What follows is a summary of his explanation. Any oversimplifications, misinformation or plain old errors are in this retelling.

OT Versus ITHome and office IoT require new sensors and controllers for functions that previously did not exist. In the industrial world, Sensors and remote controls are nothing new. Since before the new millennium, industry has used the sorts of process controllers that are just now finding their way into the IoT world. However, industrial sensors have their own communications protocols and networks. The challenge for IIoT is the Internet part, moving all of those sensors from a closed, sometimes proprietary system to the common, more open protocols of the Internet. Security was rarely an issue for industrial control systems because they were closed, wired systems. If you couldn’t get into the room, or plant, or complex, you couldn’t touch the systems. The core of IIoT is Operational Technology, which is different in many ways from the Information Technology many communications engineers know.

OT – Operational Technology

IT is about data, its storage, and manipulation. OT does things, controls things, and runs things. Operational technology has different priorities than traditional IT. Primary IT concerns like security and bandwidth have been secondary to OT’s primary needs of 100% reliability and redundancy. IT worries about data security. OT worries about human and property safety. OT is a different world and IT professionals heading into the OT world need to make some readjustment in their thinking. The chart above explains more than several paragraphs.

To approach the Industrial Internet of Things, engineers must understand how the primary goals of Operational Technology have to be merged with the inherent risks of Information Technology. None of the security concerns or performance goals of either discipline can be abandoned.

In Part 2 we will define and clarify the alphabet soup of new protocols and connections of the Industrial Internet of Things.

Frontier Computer provides IT hardware and enterprise computing support. As the World’s largest Distributor for Peplink and Pepwave, Frontier has solutions for M2M Data, IoT, and IIoT.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Peplink Partners meet in Texas

On January 22, 2018, Frontier and Peplink hosted the first North American Partner Summit in San Antonio, Texas. The event was an opportunity for Peplink resellers from Canada, Mexico, and the United States to meet and discuss future technology with Peplink Engineers and staff.

The event kicked-off with Peplink CEO Keith Chau outlining the expected growth in the SD-WAN marketplace and continued throughout the day with new product introductions, technical explanations and significant feedback from the partners. In addition to Mr. Chau, Travis Durick, Erik deBie, Tim Simdorn, Kody Krier, and Adam Hasbargen represented Peplink. Josh Varghese of Traceroute presented an in-depth look at using Peplink in IoT. Later in the day, Niko Bradway of Google showed how Google is using Pepwave hardware to establish robust, temporary WiFi access for events around the world. In addition to the formal presentations, there were hands-on demonstrations of several new products ranging from the massive Pepwave EPX to the diminutive SpeedFusion engine.

Perhaps the most valuable portion of the summit was the opportunity for resellers to talk directly with Peplink about the innovations and changes their clients are requesting. Several new software and firmware updates will come from ideas directly generated at the summit.

As it has since 1976, Frontier Computer can provide IT hardware, enterprise computing support, and the best solutions for M2M Data, IoT, and International Data Roaming. Frontier is the World’s largest Distributor for Peplink and Pepwave.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

The Solution for International Data

We.Stream Launch

In the digital age, it is particularly easy to travel in the USA. We can go from one side of the country to the other oblivious to the flexibility we have in our mobile phone and cellular data connections. Verizon is Verizon in New York, the same as it is in LA. You can stream The Marvelous Mrs. Maisel from Texas to Minnesota. You’ll run out of episodes before you run out of network. Things are not so simple in Europe. Although Europe is only slightly larger than the US, there are places you cannot go 60 miles without going through three countries.

Europe may have one currency, but they do not have unified data networks. Still, compared to other places in the world, Europe isn’t bad at all. Trying to stay connected while traveling the world is a challenge, and even when you can navigate the various network connections, you are going to pay for it either financially or with security risks.

International roaming from major carriers is expensive, even if you arrange it in advance. If you want to use a computer, you will need a separate data plan for your laptop. The alternative for most travelers is to rely on public Wi-Fi. There are security risks with public Wi-Fi anywhere, even in the US, but if you happen to be in Estonia or Belarus and login to public Wi-Fi, you may as well invite hackers into your home. It’s a risk you might take to contact family on a vacation, but for business travelers the risks are too high.

Many seasoned travelers have resorted to SIM card bingo, using a different pay as you go plans in each country. The SIM card shuffle can be both a hassle and expensive. Until now, there was just no good cellular data option for international travel, particularly for business.

Things are about to change, and Frontier is proud to be part of it. European mobile data experts Mondicon are launching We.Stream, a remote data connection device that will revolutionize Internet connectivity for travelers. We.Stream will launch at CES in Las Vegas January 9, 2018. Frontier will be the first US distributor for We.Stream.
The teaser is here and Frontier will have more details about We.Stream after January 10.

As it has since 1976, Frontier Computer can provide IT hardware, enterprise computing support, Peplink SD-WAN routers, and the best solutions for M2M Data, IoT, and now International Data Roaming.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Boost Your Cell Connections

WilsonPro diagram

As of May 2017, More than 50% of US households no longer have a wired landline phone. They rely on cellular phones only. Although the percentage is smaller, a significant number of business also have no landlines and use only cell phones. Many technicians, field reps, sales staff, and other personnel in large businesses have only a cell phone for voice communication. Some of these workers exclusively use a cellular connection for personal or business data communications as well. And yet, cell connections are not always reliable.Say that Again?

Despite what you hear from Paul Marcarelli, the “can you hear me now?” guy, there are many, many places where cellular voice is spotty, and cellular data is unavailable. It is not because the Big Four are exaggerating their ability to cover the areas they claim. Rather, when they broadcast a signal, they cannot be responsible for all the things that get between their towers and the receiving devices. Unlike a wire, which can be installed around things and through them, cellular signals are subject to interference or at least degradation from both natural and constructed obstacles.

Cellular obstacles in the natural world include dense tree cover, terrain features like hills, and even weather. While sight lines may improve in winter when trees have shed their leaves, snow particles in the air can really mess with a signal. Natural obstacles are nothing compared to the ones we build to get in the way of cellular broadcasts. Brick, cement, layers of sheetrock, even window energy barriers can stop a signal dead in its tracks.

Cellular signals are measured in decibel-milliwatts, not bars. There is a dBm meter built into every phone. Learn how to find it here. The signal range is -50 dBm to -120 dBm. Minus fifty is a strong signal (5 bars, if you must), and -120 dBm is a dead zone. Anything under -110 dBm will make a connection more or less impossible. A good usable signal is down to -90ish dBm. You can have a decent cell call at -95 dBm, and maybe use data too. Yet, if you have -85 dBm outside you will struggle to get anything deep inside a structure. Even getting in a car, with its sheet metal body, can turn an acceptable outdoor signal into something marginal. The solution is to get that reasonable signal outside, inside of your structure.

In May of 2013 the FCC approved cell phone repeaters to take an outside signal and broadcast it indoors. The FCC rule also allowed boosting that signal on the way. With a correctly positioned antenna outside to capture the best possible signal, a cellular amplifier can create indoor spaces with full voice and data coverage. Since that 2013 rule, cellular amplifiers have become essential tools in many applications and several companies have jumped into the market that Wilson Electronics has pioneered.

While there are more than a few vendors for cellular boosters, Frontier Computer has chosen Wilson Electronics for our preferred distribution partner. We are offering the full line of Wilson cellular amplifiers to our resellers. Wilson Electronics is based in the United States and holds a number of patents in the radio technology space, including one of the best and most reliable methods for oscillation prevention and carrier cell site protection. In plain English, Wilson amplifiers will not interfere with cellular broadcasts, they will only extend and amplify them.

WilsonPro LogoWilson offers two distinct product lines. The WilsonPro amplifiers are industrial grade solutions from multiple antenna amplifiers for applications as large as 100,000 sq. ft. to small 4G LTE M2M units that can be built into ATMs or Sales Kiosks. One of these, the WilsonPro Signal 4G, has been paired with Pepwave routers frequently by Frontier Partners. Like Peplink and Pepwave, industry leading WilsonPro amplifiers are only available through Certified Technology Integrators with trained, experienced installers.

weBoost logo outlineUsing the same technology developed for the WilsonPro line, Wilson offers the weBoost products for homes, small business, and vehicles. All weBoost products are engineered, assembled and tested at the company’s headquarters in St. George, Utah. The weBoost amplifiers come in complete kits with everything needed for a self-install. Although the weBoost products are designed for end-user installation, they are still powerful tools that have application in many commercial setting, such as assuring a steady signal for cellular fail-over in networks or in vehicles for first responders. Many commercial installers will find applications for weBoost amplifiers.

To find a Frontier Partner WilsonPro or weBoost reseller, or to become one, contact Frontier Computer.

As it has since 1976, Frontier Computer can provide IT hardware, enterprise computing support, Peplink SD-WAN routers, SIP communications, and Wilson Cellular Amplifiers.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Instant Message Frontier on Skype

Skype Eraser

When the AIM servers shut down next month you will still be able to IM all of your Frontier contacts on Skype.

Last month we circulated a survey asking our clients and contacts what Instant Messaging platform they planned to use after AOL ends AIM service. The response overwhelmingly favored Skype at 65%. While 12% expected to transition to What’s App, there was no other platform receiving even a significant percentage. Many, if not most, people already have an existing Skype address so the transition should be fairly seamless.

We are receiving Skype IMs now.

Although you will be able to to reach all your Frontier contacts via AIM until December 15, we have already transitioned to Skpye and are receiving Skype IMs now. In many cases your Frontier contact’s Skype ID will be their regular Frontier email address, but since some Frontier staff have existing Skype IDs, it’s best to confirm Skype information through email or AIM (before AIM goes dark).

— ♦ —

As it has since 1976, Frontier Computer can provide IT hardware, enterprise computing support, Peplink SD-WAN routers, and IP communications. Reach us by phone, email, or Skype.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Frontier Computer Corp. is a leader in providing IT solutions worldwide.

A Personal (Data) Foul

Octo-Cookie

Last week, on Amazon, I bought a toothbrush kit for my dog Bissell. I bought it from home using a Galaxy Tab S2. Now, one week later, everywhere I go, on any device, I see ads for dog toothbrushes, even at work on my Windows PC. While I personally brush my teeth a few times a day, brushing beagle teeth is a twice a week proposition at best. I am not sure how many toothbrushes most dogs need, but I’m pretty sure one will cover us for a while. My dark side tempts me to click on some of those ads so the vendors serving them up will have to pay for their foolishness, but being petty takes time that I don’t want to waste.

It is going to be a few more years before web advertising figures out how to be truly effective. Currently they serve up thousands of ads that miss the mark completely for every ad that hits. The advertising field has changed so quickly that old school ad people are lost trying to figure out what to do. They are just happy to have any sort of numbers to report to their clients. There is also an army of young people being paid to play on social media all day, so they are not in a hurry to change things. Despite the status quo, something in on-line advertising is going to change, and the catalyst might be the EU’s new regulations on personal data.

In May of 2018, about 200 days from now, the General Data Protection Regulation (GDPR) goes into effect in the European Union, and for anyone outside the EU who does business in the EU. The list of affected vendors is long, but the obvious biggies come to mind: Amazon, Google, Apple, Microsoft, Facebook, JP Morgan Chase, Samsung, and your favorite multinational. Unlike previous “guidelines,” this regulation carries strong enforcement penalties, including up to 4% of profits. For companies that have become accustom to routinely stockpiling, using, and trading our personal data, it going to be a cold slap in the face.

Unlike US regulations that usually get their teeth pulled by the time they are law, the GDPR has clear language and built-in interpretations. In summary, the GDPR has six components.
1. Personal Data Definitions
2. Requirements for Stored Data Minimization
3. Individual Data Rights, including the right to have your data forgotten or corrected
4. Data Breach Notifications
5. Increased accountability
6. Explicit Consent requirements.

They are not fooling around. The definition of “personal data” is both clear and strong. I have edited out a few words, but no content: “Any information relating to a person who can be identified, directly or indirectly by reference to name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.” An “online identifier” includes browser cookies. Websites will ask you to turn cookies on if you have them off in your browser, technically asking you to consent when you allow cookies, but the consent in GDPR #6 is something new.

The Future is Clear

After May 2018 in the EU, there will be no clouds of legalese with a checkbox to gain consent to use your personal data. The regulation requires plain language. The GDPR website summarizes, “companies will no longer be able to utilise (sic) long illegible terms and conditions full of legalese, as the request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent – meaning it must be unambiguous.” Lawyers all over the country shudder when they hear those words. “Consent must be clear and distinguishable from other matters . . . using clear and plain language.” The law requires an affirmative opt-in for sensitive personal information.

It will not be acceptable to have statements like “Do you want to use cookies to improve your browsing experience?” pass as consent. Statements will need to be clear like this:

This website can collect and store my personal data to share it with advertisers. □Yes | □No

Also part of the rule on consent requires that it must be as easy to withdraw consent, as it is to give it. Therefore, the checkbox cannot disappear to be hidden away in a hard to find menu like the Facebook’s privacy settings. The law is clear that consent cannot be assumed, as it is now for nearly every app on most smartphones. The GDPR specifically states that insufficient forms of agreement include: “silence, pre-clicked boxes, or inactivity.” If a user does not give consent actively and affirmatively, there is no consent.

Tilting at Windmills

Anyone who has ever tried to stop ad tracking knows what a fool’s errand it has become. In an effort to clear the canine dental equipment from my personal history, I started with Firefox on my work computer. It took three different advertising opt-out tools to get the 131 tracking devices off my browser. Two of them, Kargo Global and Krux Digital (Salesforce), refused to let go. I made the fateful toothbrush purchase on Chrome with a different device, and it followed me to my phone, and to work, on multiple browsers in each device, without any affirmative action on my part. Conversely, to remove the Ad Tracking from my life I have to apply the Opt-out tools one at a time to every browser on each device. The trackers are smart enough to find me at work, but not smart enough to follow themselves back to my home. This will not meet the standard of being as easy to opt-out, as it is to opt-in.

Better control of ad tracking is just one, relatively minor positive advantage that GDPR will bring the Europeans. In the long run, they will enjoy much more secure personal data. In the US we will not enjoy these rights, yet there is still reason for optimism. The world is a much smaller place and with the EU setting an example of how personal data should be respected, we will learn the hurdles to getting there ourselves. Many of our on-line experiences come from multinational sources which will be required to respect the privacy rights of people in the EU. It will not take long for people in the USA and other countries insist on the same protections. I just hope it happens before Bissell needs a new toothbrush.

— ♦ —

From our offices in the USA and the Netherlands, Frontier Computer provides IT hardware, enterprise computing support, Peplink SD-WAN routers, and IP communications to the world. We also bring our dogs to work, which is why fresh breath is important.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Frontier Computer Corp. is a leader in providing IT solutions worldwide.

Rest in Peace, Old Friend
AIM: 1997 — 2017

Replacing AIM

AOL recently announced that it is discontinuing its AIM instant messaging service after a twenty year run. The reaction seemed rather ho-hum. Perhaps in the age of iMessage, WhatsApp and Facebook Messenger it’s not big news. However, for the many people who use AIM to connect quickly with customers and clients it’s a tsunami.

As we have asked around, we have found that some people believe that can switch from AIM to a different AIM client like Trillian or Pidgin. Those are not alternatives to AIM. Rather, they are user interfaces that handle AIM chats. When AIM servers are gone, so will any AIM function on a messaging client like Trillian.

Instant Messaging 101

Unlike email, which is served up with addresses that point to any server connected anywhere, IM messages move through a single system. You can only send AIM messages to and from the AIM server. AIM is still transmitted through the Internet, but always to the host server. Skype, WhatsApp, iMessage, Facebook Messenger, and others all work the same way. They are each their own closed system that only allow messages to move between their users.

There have been efforts to create a universal cross-server IM agreement but they have always failed. To make various IM platforms more user friendly, software like Trillian and Pidgin place themselves between the user and IM services. With an IM client application — I use Trillian — on my desktop, I can have AIM, Facebook Messenger, ICQ or other accounts all in one place. When a message comes in, I don’t even need to know which platform is sending the message. They are all in my IM client contacts. New messages all come into the same window on my screen even if they come from different sources. The client connections are so seamless that it is easy to confuse Trillian, Pidgin, and other IM clients with the IM platforms they serve up.

On December 15, 2017 any of your IM contacts who use an AIM address, including you, will no longer be able to IM. Trillian or Pidgin will still launch, but all of those AIM contacts will go dark.

What to Do?

There are many alternatives, with certain standouts. Skype seems like an easy choice since so many people use it already. However, for Skype IM is a secondary function. Skype is a calling app that will allow instant messaging. Also, since Microsoft has bought Skype, they have adopted typical Redmond isolation. One of their first steps was to remove SkypeKit, the API that allowed clients like Trillian to connect. If you use Skype, you are locked in to their interface for an all-Microsoft-all-the-time experience.

WhatsApp is another alternative. WhatsApp, now owned by Facebook, is primarily a cell phone app with a desktop interface. And it is based on your actual phone number. Road warriors may find the phone-centric application suits them well. For people tied to a desktop it is not ideal. There is an App for MacOS, Windows 8, and Windows 10 (it will load and work on Windows 7, but it’s not supported). However, it is not a stand-alone application. The desktop app must connect constantly to the cell phone hosting it. If WhatsApp is not running on the phone, or if the phone is not present, the desktop app does not work. At this time, there is no client software like Trillian to access WhatsApp. In addition, Facebook owns WhatsApp, so it probably won’t be long until WhatsApp is called back to the mothership.

Facebook really wants you to use Facebook Messenger. If you use Facebook at all, you know they have moved all communications to FB Messenger. If you use Facebook on your phone, it will prompt you to load the FB Messenger app repeatedly until you do, or until you die, whichever comes first. Although Facebook really wants to be your everything, the way they approach that goal makes Facebook Messenger exactly the worst business application. If your business contact buys a new pair of shoes, Facebook will see fit to tell you about it at work. That said, Trillian does support Facebook Messenger and there are third party workarounds to get it into Pidgin.

We’ll Miss Our Friend

On all of these platforms you will only be able to IM other people on the same service. The Benefit of AIM was that so many people used it for so long that everyone had an AIM ID. If you are getting the feeling that there is no single instant messaging application to replace AIM, you are right. AOL is probably shutting down AIM for the very reason it was so widely used. AIM was free. It was a simple platform that did one thing. It did not constantly shill for monetization. AIM didn’t push for more of your personal information to share with the world. Of course, all those things meant it also didn’t make any money for AOL, Time Warner, or Verizon.

Over time, something will emerge as the replacement for AIM users. For now, the best strategy is to find out what your most important contacts plan to do and join them on the new platform. In practice, we will probably all end up with multiple IM platforms if we hope to hold on to the easy, fast communication of AIM.

To that end, Frontier would like to hear from you. Follow this link to a simple one-question survey about your plans for AIM replacement. We will compile the results and share them here. If you share your email, we will send our findings directly to you (and nothing else, I promise).

— ♦ —

As it has since 1976, Frontier Computer can provide IT hardware, enterprise computing support, Peplink SD-WAN routers, and IP communications. Reach us by phone or email, but sadly, not AIM.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Frontier Computer Corp. is a leader in providing IT solutions worldwide.

Some Like it Hot

Hot-desking gets a bad rap. It was an experimental concept to reduce office space requirements that has been losing favor because it hurts morale, can cause social tension, and is arguably un-hygienic. In hot-desking, employees don’t have a single personal space. Employees check into vacant workstations with a login. Upon Login, their personal, virtual desks are immediately available. When their shifts end they log out and a new person uses the same space. If you know the origin of the term, you’ll understand the downside. The term hot-desking comes from the practice of hot-bunking on submarines. Because space is tight on a sub, up to three sailors can share the same bunk. When their shifts end they get into bunks that other sailors have just vacated, and the beds are still warm. Eeeewwww.

From the concept of hot-desking, however, comes a useful feature of VoIP communication, also referred to as hot-desking. When SIP phones are hot-desking enabled they allow the phone’s user to move a personal phone configuration anywhere there is an Internet connection.

Depending on the phone model, an SIP phone can have phonebooks, speed dials, key configurations, and even touch screen wallpaper stored as part of the user’s personal configuration. One of the key advantages of VoIP communication is the high level of personal customization and control each user has over his or her own phone workspace. Hot-Desking allows that personalized, highly productive configuration to follow the user anywhere in the office, country, or world.

I’ll Follow You Anywhere

With hot-desking, a sales representative could work at a main office in Cleveland on Tuesday, then sit down at a satellite office on Wednesday, and get not only new voice mail, but also the entire phone configuration. Unlike follow-me or call forwarding, there is no rerouting involved. The current login is the number. The phone number, configuration and everything about the user is in the current phone. The phone back in Cleveland is deactivated.

A VoIP administrator or user can even schedule hot-desk logins. An employee working in New York Monday through Wednesday could arrive at a desk in Tulsa on Thursday and have the personal phone configuration waiting.
The implications are significant. Many physicians will have two or three offices with rotating schedules. In the past, it meant complex and expensive forwarding and often maintaining a reception staff in an otherwise empty office. With hot-desking, the team can be in their Rochester main office Monday and Tuesday. On Wednesday, 30 miles away in Spring Valley, the entire phone configuration — with the doctor’s and each staff member’s personal phone set-ups — will be waiting when they all arrive at their rural clinic. Thursday Morning, when they are back in Rochester, everything will be back as it was when they left Tuesday evening.

SIP phone hot-desking has a role in nearly every modern office. For mobile staff, sales staff, telecommuters, or any company with multiple locations, hot-desking extends the productivity benefits of a familiar phone workspace anywhere in the world.

Frontier Computer Corp. is the world’s largest distributor of Peplink products, which are essential tools for establishing the solid connections needed for Voice over IP. We are also a distributor for industry leading SIP Phone Manufacturers Yealink and Grandstream. Both Grandstream and Yealink phones are ready for hot-desking. Visit Telephony.FrontierUS.com for an on-line catalog of SIP phones.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Frontier Computer Corp. is a leader in providing IT solutions worldwide.

Asset Disposition:
Are They Just Throwing It Away?

IT Asset Disposition

IT Asset Disposition (ITAD) is big business, and as with anywhere there is growth, lots of people want to jump in. It’s easy to set up a good-looking website to offer asset disposition, and then just haul stuff away. There is much more to it, and we know because we have been in the business for more than 40 years. Asset Disposition is not disposal, and a company with experience doesn’t only take away your IT hardware, they assure you get the value out of those assets.

Asset Disposition is a multi-step process that starts with an audit of the equipment to be displaced. Once there is an inventory of the assets, they need to be carefully removed, packed, and shipped. Packing and shipping matter because it’s not garbage being hauled away.

It’s not Garbage

IT hardware that is no longer useful to the original purchaser is not necessarily without value. When manufacturers classify something as end-of-life or end-of-service, the operational value of the unit continues. Even when IT hardware as a whole is truly obsolete, the component parts still have value. What is outdated in the United States may be in high demand as a complete unit or on the replacement parts market in other parts of the world. It isn’t just the third world. Our own government needs to source things link 3.5” floppy disk drives for special purpose equipment still in use. Again, we know because they get them from us. If your ITAD vendor is not talking about residual value, keep looking.

Perhaps the most critical part of the ITAD process is what happens after the hardware leaves your site. When your IT assets (or anyone’s) arrive at Frontier, they are immediately logged into our receiving area. From there we carefully unpack and audit them. Next, our technicians analyze and test every item.  Our testing sets Frontier apart, and allows us to get the maximum value from your unwanted assets.

We recently received a large shipment of HP and IBM servers from a major national ITAD company. They haul it away and send it off to a third party for the actual disposition. If these are your assets, and your vendor happens to turn to us, you can be certain we will deal with them properly and securely. However, the only way to assure we get your assets is to start the process with Frontier.

Doing it Wrong

This latest shipment came to us packed like scrap metal. The servers were stacked on top of each other like cord wood with no padding or protection. Pallets of the servers were shrink-wrapped and shipped. Shipping labels were stuck directly on the metal frames of the servers themselves. We received them broken and smashed, with parts that potentially had value destroyed in transit. It didn’t matter to that ITAD firm because they saw these items as waste.

Sadly, they mostly are waste now. We will properly dismantle and dispose of the component parts. The metal frames and cases will go to recycling. We will separate the damaged, unusable electronics for reclamation. At this point however, the only value left in most of these items will come from the raw materials. That was not the case when they left the original installation, but any real value left in that equipment was lost when the original owner chose the wrong ITAD vendor.

They are Still Assets

Equipment in a server room ages, but it isn’t destroyed from use. Most often IT assets are abandoned for upgrades, software incompatibility, or because a data center is closing. At Frontier, we know more about your surplus assets than the model numbers. We know what is inside them, and we know the world markets for the assets and their component parts. Throughout the ITAD process, we work with the assumption that there is value and it’s our job to identify it and return some of that value back to our client. In some cases, little or no value is truly left in assets, but we will determine that from both market analysis and careful testing.

Your surplus IT assets are more than e-waste. When you use Frontier Computer to decommission surplus IT, you will know you have gotten the maximum residual value from your assets, and that if there is truly no value left, all the materials will be recycled properly and securely.

As it has since 1976, Frontier Computer can ensure that you get the most out of your IT investment. Whether it is providing parts and service to keep things running smoothly or returning value when you decommission assets, our experience and expertise pays off. When you have unneeded IT assets Frontier should be your first and only contact.

Contact Frontier at
Your Contact Information
Browse...

Maximum size 10MB

CAPTCHA
Please wait...
866.226.6344.

Frontier Computer Corp. is a leader in providing IT solutions worldwide.