The functionality of Project Glass is very much a work in progress but Google has released a promo video of what they hope to accomplish, which you can view below.

The ease of use of the product as shown raised a lot of eyes as to the possibility that the entire project was nothing more than a late April Fool’s day joke but Google has collaborated that the product is very much real and currently in testing.

While the potential of the device is great it also begs many questions for long term functionality as well as safety.  With ever growing concerns that phones might cause cancer, having a wireless device strapped to your head at all times is likely to draw attention.  On top of that there is the always present danger of accidents caused by the ever present distraction of moving graphics and video.  Beyond the dangers posed by the device there is also the question of battery life, online privacy and the price and fragility of the device.  At this time Google has stated that they are simply gathering feedback from users and hopes that many of the concerns people have can be dealt with before larger scale testing can begin.

Regardless of the potential problems, Google is one of the few companies that could pull off an all-inclusive virtual media device so I suspect this won’t be the last we hear of Project Glass.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Some clients are sensitive to the monthly cost and would rather patch on a quarterly basis.  This is outside Microsoft’s recommendation and increases the risk to their system, but it is still a regular review of each server.

Some clients have no arrangement for patching and only patch after a security breach, data loss or other failure stops their business operation.  This is the painful and expensive way to go.

In the last three patching cycles (through February) there have been critical patches every month, and last month featured a ‘zero day’ fix.  Zero day bugs are vulnerabilities that have just been discovered and are considered extra critical to apply in a timely fashion.

The bottom line is if you do not have the ITCSNY managed services for patching, and you haven’t asked us to patch your systems in the last 3 months, there is no better time to ask to be patched.  You’ll receive the last three months of critical patches, plus last month’s zero day patches in one patch session.

- Dan Scolnick
IT Computer Support of New York
President and Chief Technical Officer

This year however, Google let their pride get the best of them and offered a $60,000 prize for anyone who could crack their code.  A Russian college student stepped up to the challenge during the Google hosted Pwnium event.  Sergey Glazunov submitted a hack that completely bypassed the security measures built into the Chrome browser.  ZDNet reports that a previously undiscovered exploit was used to bypass its “sandbox”—a restriction designed to stop hackers from accessing the rest of a user’s computer even if they do compromise the browser. When asked about the exploit, Justin Schuh, a member of the Chrome security team, revealed that the exploit was specific to Chrome and bypassed the browser security sandbox entirely.  ”It didn’t break out of the sandbox [but] it avoided the sandbox,” Schuh said in an interview.

Google was left embarrassed a second time as a French security firm showed that they had their own hack to bypass the browser; a feat that was accomplished in only five minutes.

Google is already working on fixes for the exploits and expects to have the solutions released within days as part of Chromes automatic system updates.  Regardless, Google can no longer flaunt Chrome as the hack proof browser and reinforces the adage that there is no such thing as a truly secure security system.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

VeriSign executives claim that they “do not believe these attacks breached the servers that support our Domain Name System network,” which ensures people land at the right Internet Protocol address when they type in a URL, but it did not rule anything out.  Whether VeriSigns Domain Name System was compromised or not the breach raises questions about the amount of faith businesses put in the security giant.  VeriSign possesses the registry information for millions of businesses around the world, including names, addresses and phone numbers.  While this information might be safe today there is no guarantee that another security breach won’t have a more disastrous result.

As with any technology it’s unwise to depend on a single solution but alarmingly there are currently very few backups in place for if the VeriSign system fails.  The best businesses can do is monitor their own systems and make note of any suspicious activity on their networks.  Already security authorities are scrambling to raise awareness of the problem and many hope that the government will offer assistance when business come under attack. With multiple cyber security bills expected to reach to the senate floor this year it will be interesting to see what new measures are put into place to improve online security.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

They are not taking into account the other company had completely different infrastructure, most of which they took with them when they left.  Infrastructure they were deferring upgrades and maintenance on for years (much like the company that is moving into their space).  Infrastructure on a shoestring, where no one left knows where the ‘patches’ and ‘work-arounds’ are.  That knowledge left with the other company.

Many companies use “we’ll leave the phone system” type of ‘bonuses’ to the new owners as some type of generous incentive.  The new owners somehow believe that this is a new state-of-the-art phone system, or perhaps even a serviceable one.  What turns out is that they are years, sometimes decades obsolete, and cost money to remove.

Existing wiring plants with no map or labels, which go to unknown places.  Sometimes it’s less costly to just replace them.

40 year old infrastructure where the service contracts have been left in place and are now a liability to the new company because the service contracts cost more than completely new infrastructure.  The old infrastructure, although it works, can be replaced with modern green equipment for a fraction of the cost of maintaining the old equipment.

Move into another company’s space, and assume the phones/IT/AC will service you because it serviced them.  I’m going to call the notion ‘hermit crabs’.

- Dan Scolnick
IT Computer Support of New York
President and Chief Technical Officer

Physicians that have not adopted EHR and achieved ‘meaningful use’ in 2011, have left $18,000 on the table.  Yup, that’s more than 1.5 years’ worth of car payments on a high end BMW or Mercedes.  Physicians that don’t achieve meaningful use’ in 2012 are leaving another $18,000 on the table.  In 2013 it will be $12,000 and by 2014 that number will drop to $8,000.

Physicians that pay a staff to submit insurance paperwork are also leaving money on the table includeing:

• The salaries of all the employees that are submitting claims.
• The insurance companies refusing to pay the first submission 50 percent of the time.
• The time that it takes for the checks from the insurance company to arrive.

Go through those stacks of paper and you’ll find checks that have NOT been deposited.
EHR and PM systems turn the claim refusals into >85% first time claim acceptance.

EHR and PM Systems eliminate the salaries of the clerks hired to submit paperwork.

EHR and PM Systems assist with insurance code changes.

EHR and PM systems reduce the time to get paid to 2 days – electronically.

EHR and PM systems eliminate lost and non-deposited checks.

And physicians that meet meaningful compliance this year, in 2012 receive a check from the government in:

• 2012 for 18k
• 2013 for 12k
• 2014 for 8k

That’s the carrot.   The stick is they are going to reduced Medicare reimbursements by a rising amount each year too. The good is that IT Computer Support of New York will make the cost of converting to EHR lower than the government reimbursement.  The bad is that if you don’t adopt EHR you will lose money – big time.  The ugly is you have to change to a new system, and we all hate change. But if you will change, isn’t it better to change now and reap the benefits earlier rather than later?

- Dan Scolnick
IT Computer Support of New York
President and Chief Technical Officer

ITCSNY specializes in what is called the EDGE. Regardless of what kind of computer technology you use, the edge is where you touch the workstations, iPads or laptops. It is the LAN (local area network) in the office from the receptionist to the exam rooms to the printers.

When a physician decides to use EHR software, research must be done. How do you pick the right EHR software? There are over 100 suppliers. Some write great software. All of them have sales people and large documents of tough to read content. What they all have in common is they take responsibility for the software and assisting the physician to reach ‘meaningful use’, and none of them take responsibility for the technology at the edge.

That means the physician is responsible for the choice, purchase, maintenance and troubleshooting of the equipment that the practice depends on to service patients and make money come in. It also makes the physician responsible for the bureaucratic process to receive the HITECH government reimbursement money.

It makes sense for a physician to join an EHR cooperative, where the choices of the EHR software can be vetted by an independent integrator with experience with the major brands. Where an experienced entity takes responsibility for the WHOLE system, operations and integration. Where the physician can get authoritative advice, make smart choices and focus on his or her practice without getting distracted by the technology.

It’s like a group for your technology, billing and government reimbursement wrapped up in one.

If you have 2 or more physicians in your practice,
And you plan to practice for at least the next 4 years,
Then the IT Computer Support of New York EHR cooperative makes sense.

- Dan Scolnick
IT Computer Support of New York
President and Chief Technical Officer

The security firm AccessData, recently compiled a report on many popular mobile devices such as Apple devices and cellular phones.  The firm discovered that while the devices had had their hard drives seemingly cleared of data, “they were still able to extract Social Security numbers, financial information, GPS locations, passwords, communications and other information that could be used for ID theft and other criminal activity.”

To prevent a similar security breach from happening to you choose an appropriate outlet to recycle or dispose of your electronics.   The Consumer Electronics Association has put together a list of websites to help you choose which route to go. Consumer electronics have different life spans (a smartphone’s is 18 months, while a TV is more than 10 years) and first you should look to extend the life through resale or reuse. See if there’s a worthy home for your small or large electronic devices at a local school, retirement home or community center.   Whichever you choose, make sure that you properly dispose of all personal information first.  If you take proper care of your devices and the data contained within then you and someone else can enjoy your gifts for years to come.

From all of us at IT Computer Support of New York, we wish you a happy and safe holiday season and a prosperous New Year.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Not only does this data support the idea that users are slow to apply patches but that many users never apply patches at all.  The fact that hackers and cyber-terrorists continue to target vulnerabilities that have long been corrected speaks volumes on the number of users who are ignorant or indifferent to the dangers.  Part of the reason Java based attacks have become so common is the fact that it is a nearly universal application across all platforms and devices.  Oracle, Java’s parent company reports that that application currently runs on over 3 billion devices.

While many security experts advise against the installation of Java in a corporate environment at the very least regular updates need to be scheduled and user awareness of potential threats needs to be made a priority. Because of the nature of Java, attacks can come in the form of websites, email attachments and even hidden within other software installers.  In most office places Java shouldn’t be a necessity for the majority of users, and if it’s not, always consider that the less software installed in a browser, the less likely an attack will be successful.

Because of the wide array of potential infection points and prevalence of Java across operating systems, it is advisable that system administrators and users should regularly update Java and be diligent about the updates. Additionally, as 64-bit operating systems become more common users and admins should pay extra attention as some systems may be running different versions of Java within a single environment.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department