County Star publishes story on Area-Wide’s acquisition of Code4 Technologies

The following article was authored by Christine Walsh and appeared in the March 12 edition of the County Star.  The article is reprinted with permission from Christine Walsh and the County Star.

PHILO: Some things have changed at a Philo computer company, but the new owners say the spirit of the business has not.

Code4 Technologies has been in business since 2005, formerly as Code4 PC. The company has two full-time employees working out of the office at 101 E. Washington St.

Code4, which caters primarily to home PC users, formally merged in August 2008 with Area-Wide Technologies, Champaign, which provides support to small- to medium- sized businesses. Prior to that, the two had an informal partnership in which they would refer clients to one another.

In January, Code4 CEO Dan Ault resigned to return to the Rantoul Police Department, where he had worked 15 years prior to founding the company, and to start another business.

Code4 offers retail sales, repair services, Web development, remote backup and I.T. consulting.

Area-Wide’s average customer has between 10 and 20 employees. The company offers security analysis, network design and administration, Web site design, offsite data backup and network solutions for businesses.

Code4 now offers more services, including a pickup service that saves customers a trip to the store.

“We want to reflect the community and population we’re serving as customers,” President and Chief Operating Officer Jason Facer said.

Facer said it is ultimately the company’s goal to help customers get more life out of their computers.

“Area-Wide’s biggest asset is its depth of knowledge,” Facer said. “We have specialists for every conceivable aspect, whether data backup or antivirus protection.”

Facer said that while some of Area-Wide’s competition has a lower overhead and therefore cheaper rates, that often comes with a lower level of expertise.

“A lot of businesses we compete against are one- or two-man operations,” he said. “We have the ability to assign a principal person and we get to know their network personally.”

Code4, while a smaller business, shares resources with Area-Wide.

“We have access to all the latest and greatest echnology,” Facer, a St. Joseph resident, said. “At the same time, our office here in Philo is staffed with local residents. We’re able to deliver high-tech solutions but deliver a small-town feel.”

That atmosphere helps customers trust Code4 with their computers that contain all of their personal photos and music.

“It’s more or less the same company with the same values,” Facer said. “We certainly recognize and embrace our core customer demographic. They’re looking to us for guidance and advice on what to do.”

After repairing customers’ computers, Code4’s staff gives them a folder containing the invoice and ticket you would expect along with suggestions and recommendations on how to prevent future problems and contact information for support.

“We’re very big into being proactive and preventative,” Facer said. “We educate and inform customers on the best possible solutions out there today. It’s a similar philosophy to getting a car’s oil changed. If you don’t do it, eventually you’re going to have a much more expensive problem on your hands.”

Last year, 53 percent of the company’s sales came from merchandise sales, while the rest came from service.

“We’re thorough believers in post-sales support,” Facer said.

That kind of support may be so important to the company’s management because of how Area-Wide started. Facer’s father, Jeff, was the chief financial officer for an insurance company in Rantoul for 25 years. He became frustrated by the lack of IT support available to companies like his and decided he would fill the niche by pursuing his interest in computer technology as a career. He opened Area-Wide in 1999.

Company plans for the future include expanding Code4 with a retail store in Champaign. In addition, Area-Wide has outgrown its current building and is looking to relocate.

Eventually, Area-Wide plans to explore regional expansion, possibly moving into the Bloomington market. Code4 may also open branches in other small towns, following the same business model of employing local residents.

April 2009 CIBM article: Lightning and virus strikes

During the last week in February, a sizeable portion of the Champaign-Urbana business community was affected by what the media referred to as the “Hallmark virus.”  Like virtually all viruses, this rogue program required the computer user to open and execute the file: in the case of the Hallmark virus, email recipients were informed that they’d be sent a greeting card by a friend or family member, and that accessing the card required clicking on a hyperlink embedded within the email message or opening a file attached to the message.

 

Unfortunately, the Hallmark virus is a particularly virulent program, and many antivirus software programs were not equipped to manage the threat at the time of the outbreak.  Ultimately, each computer infected with the Hallmark virus requires hours of hands-on attention before the threat can be considered completely neutralized.

 

As area business owners know, there are a handful of virus outbreaks and software security vulnerabilities each year that are potentially serious enough to warrant significant media attention.  What many decision-makers may wrestle with is knowing when to say “when.”  In other words, at what point does word of a virus or potential security vulnerability within Windows become serious enough to warrant preemptive action on the part of the business owner?

 

Ultimately, it never hurts to ask.  Contacting your company’s IT administrator or your third-party technology services provider is the quickest, most reliable way to determine the seriousness of the threat.  If proactive attention is required on your part, your IT administrator or services provider will outline the steps necessary to effectively neutralize the threat.

 

Of course, if your business is adhering to the technology industry’s best practices and performing routine maintenance on your technology infrastructure, chances are your company’s network is already equipped to handle the potential threat.  Most monthly maintenance programs include applying all operating system updates, security vulnerability fixes, and antivirus software updates, thus ensuring your company’s network is utilizing the most up-to-date operating system and antivirus software definitions—which, in turn, ensures you are protected against virtually every known threat.

 

Monthly maintenance programs can translate into significant cost savings for your business as well.  For example, most maintenance programs designate that an internal IT administrator or third-party services provider will perform the aforementioned duties on, say, the third Friday of each month.  Computer users throughout the office can keep a list of non-critical issues that arise throughout the month, then present this list to the individual performing monthly maintenance.  This procedure ensures your company is not requesting the utilization of IT resources each and every time an issue—no matter how minor—presents itself; indeed, a monthly maintenance program tailored to address the minor issues that add up over the course of a month can ensure your company’s IT administrator or third-party provider makes only one trip per month—instead of making a trip each and every time a minor issue arises—to address technology issues, thereby saving your business considerably when it comes to technology spending.

 

April Showers and Computers Without Power

In the May 2007 edition of the Central Illinois Business Magazine, Area-Wide’s owner and CEO, Jeff Facer, published an article detailing the steps businesses should take to safeguard their technology investments against devastating springtime lightning strikes.  Every spring since Mr. Facer’s original column, I’ve utilized a small portion of my column space to remind business owners that spring is a perfect time to review the measures they have in place to protect their network infrastructure against the awesome power of lightning strikes.

 

Perhaps the most effective means of protection your business can employ is the careful placement of surge protectors.  Of course, not even a surge protector can shield your network infrastructure from a direct lightning strike, but storm data shows that most power surges are the result of lightning striking a nearby transformer or piece of electrical equipment.  Surge protectors can help mitigate the tremendous amount of energy that surges through electrical wiring and telephone lines.

 

As I’ve mentioned before, I’ve seen firsthand the destructive consequences suffered by businesses unprepared for the awe-inspiring storms that darken Illinois skies from April through August.  Your internal IT administrator or technology services provider can recommend devices to help protect your network from the devastating fury of severe weather—and given the consequences of failing to ensure your business is protected, it’s never too early to contact the appropriate individual or third-party provider for an assessment and recommendations.

 

March 2009 CIBM article: The scourge of spyware

From time to time, someone will stop me in the grocery store or at the movie theatre and mention that they’ve heard me on the radio or have read one of my columns in the Central Illinois Business Magazine.  After an introduction and a handshake, the conversation invariably turns to technology, and I’m often asked: What is the most common source of frustration among your customers?  This question, of course, can be rephrased as: What is the most common cause of frustration for any computer user?

 

To be sure, the world of information technology becomes increasingly complex with each passing day.  However, the most frustrating computer problems are seemingly often the most mundane as well.  In fact, when asked to name the most common—and, consequently, the most frustrating—issue for the everyday computer user, my reply always makes mention of a nuisance with which many readers are—regrettably—very familiar: so-called “malware,” “spyware,” or “greyware.”

 

As Samuel Coleridge wrote, “Winter, slumbering in the open air, wears on his smiling face a dream of spring.”  Naturally, our thoughts this time of year have turned to warmer temperatures, longer days and shorter nights, and yearly rituals such as replanting the garden and conducting a thorough spring cleaning.  This year, be sure to include your computer as part of your spring cleaning ritual, and you won’t be bothered by the aforementioned source of frustration among computer users.

 

“Spyware” and “malware” are terms that are used collectively to refer to unwanted software that can, after being installed onto your computer (often without your knowledge or consent), wreak havoc and render your machine essentially unusable.  Unfortunately, in addition to being a nuisance, malware can also be used for nefarious purposes, including the theft of personal financial information or other sensitive data.

 

Malware often manifests itself in the form of annoying pop-up windows that continue to spawn no matter how many times you close them.  Other forms of malware will force your computer to perform unwanted tasks, such as directing your Internet browser to an adult Web site.  Furthermore, malware often disguises itself as the solution to the problems your computer is experiencing; in fact, a significant portion of malware is installed by users who innocently respond to prompts purporting that their machine is infected with spyware or viruses and can only be rescued through the purchase of the software product mentioned.

 

As a general rule, never click on or purchase software via a pop-up prompt that claims doing so will fix the performance issues plaguing your machine.  If you encounter such a situation whilst using your company PC, notify your employer’s IT specialist or your third-party computer support provider.  Unfortunately, such pop-up prompts often mean your computer has already fallen victim to an infection of malware.

 

If you suspect your machine is plagued by unwanted and problematic malware programs, have the machine scanned as soon as possible by your IT administrator or service provider.  Many spyware detection programs are available free via the Internet, but to ensure a thorough, comprehensive, and effective scan for unwanted malware programs, these scans should be conducted by someone familiar with the often complex process of locating and removing such software.  In a way, a computer overrun with malware is like that box of unsorted tools sitting in the corner of your garage, ready to be disposed of as part of the spring cleaning process.  In other words, you could probably lift the box yourself and spend time sorting through the tools, but such tedious, unpleasant work is better left to those that are accustomed to dealing with such headaches, right?

 

To ensure spyware removal doesn’t become a regular staple of your annual spring cleaning process, be sure to have your IT administrator or computer support company install software that proactively prevents spyware from being installed onto your computer.  Also be sure to conduct regular scans of your system to verify that no unwanted software has slipped through the cracks and installed itself onto your machine.  Like spring cleaning, staying one step ahead of malware and those who seek to use it for destructive purposes can be a hassle and a headache, but keeping your system clean with proactive vigilance will make any necessary cleaning a quick and easy job instead of an all-day chore.

From the Archives: Remote Backup Article

(Note from Jason: Due to the overwhelming response we’ve received regarding our AWT-Vault and managed remote backup services, I’ve posted the following article detailing some of the advantages of these solutions.  This article originally appeared in The Pantagraph‘s B2B magazine.)

The most valuable information technology asset a company operating in today’s sophisticated, technologically-advanced marketplace possesses is its data. Whether this data is internal, company information–such as yearly profit-and-loss statements, for example, or tax information–or, in most cases, customer-specific data, every business owner understands these fundamental truths: you can’t put a price tag on the value of this data. Should a company lose this data through human error, hardware failure or natural disaster, chances are the company will be out of business unless it has a quick and effective means of restoring the aforementioned data. In fact, surveys of American small businesses consistently state that the vast majority of companies that suffer data loss and are unable to restore this data in a timely manner are out of business within nine months.

 

Every business owner should know the answers to the following questions:

 

l        Is my data being backed up on a regular basis?

l        Is my data being tested periodically to ensure it can be restored should the need arise?

l        Is my data being stored offsite and in a secure location?

l        Is my data protected by more than one layer of security to ensure that, if something unexpected occurs, I have a backup plan for data restoration?

 

Generally speaking, most businesses utilize tape cartridges to store crucial company data. Ideally, the company’s backup software is set to periodically backup vital data to tape; these tapes, in turn, are rotated to create a tape backup library, and the tapes are stored offsite both for security purposes and to protect this critical information in the event something catastrophic occurs to the company’s business facility.

 

A consistent tape backup system remains the backbone of most companies’ data storage efforts, and for good reason. However, the development of newer technologies has produced a state-of-the-art means for businesses of all sizes to routinely back up critical data without having to worry about defective tapes, malfunctioning mechanical parts within the tape drive, overwriting backup tapes that were set aside to save, and relying on an employee to rotate backup tapes to ensure the backup job runs properly each and every time.

 

This new solution is online data backup.

 

Consider, for a moment, the advantages this exciting new solution offers:

 

l        Instead of purchasing a dedicated server, software and backup tapes, a company can ‘pay as it goes’ based on the actual amount of data being backed up.

l        The service provider configures the scheduled job and verifies that it has run successfully each and every time, taking this laborious concern off of your shoulders.

l        Your data is stored offsite in a secure, temperature- and humidity-controlled facility on cutting-edge hardware that is immune to the problems inherent in tape cartridges.

l        Multiple versions of your backup are stored, allowing for the restoration of single, specific files or your entire information store as necessary.

l        Your backup can be restored to another machine, allowing your company to get back up and running as soon as possible. Data restoration with this new technology can be accomplished in a few hours, unlike tape technology, which may take several days to complete.

 

Perhaps most importantly, a remote backup service can be seen as a second layer of protection for your company’s critical data. Disaster preparedness and recovery planning are often overlooked by companies when formulating a strategic approach to information technology. With online remote backups, your data is stored in two locations, at your business facility and in a security controlled data center. There are no hidden costs with tape drives, replacing tapes, tape drive maintenance and/or replacement, etc. 

For companies that want the assurance that their data is totally protected, stored in two secure locations, and have able to be quickly restored in case of loss, the online remote backup solution is worth considering.

January 2009 CIBM column: E-mail Spoofing

Spam and e-mail-laden viruses can take a lot of the fun and usefulness out of electronic communications, but at least you can trust e-mail that comes from people you know, right? Sadly, the answer to this question isn’t as straightforward as the everyday e-mail user might think.

 

Indeed, a favorite technique of spammers and other “bad guys” is to spoof their return e-mail addresses, making it look as if the mail came from someone else. In effect, this is a form of identity theft, as the sender pretends to be someone else in order to persuade the recipient to do something (from simply opening the message or an attachment to sending money or revealing personal information).

 

E-mail spoofing is possible because Simple Mail Transfer Protocol, or SMTP, the main protocol used in sending e-mail, does not include an authentication mechanism. Although SMTP allows an SMTP client to negotiate a security level with a mail server, this precaution is not often taken. If the precaution is not taken, anyone with the requisite knowledge can connect to the server and use it to send messages.

 

To send spoofed e-mail, senders insert commands in headers that will alter message information. It is possible to send a message that appears to be from anyone, anywhere, saying whatever the sender wants it to say. Thus, someone could send spoofed e-mail that appears to be from you with a message that you didn’t write.

 

Although most spoofed e-mail falls into the nuisance category and requires little action other than deletion, the more malicious varieties can cause serious problems and security risks. For example, spoofed e-mail may purport to be from someone in a position of authority, asking for sensitive data, such as passwords, credit card numbers or other personal information, any of which can be used for a variety of criminal purposes. Chase, eBay and Bank of America are among the companies recently spoofed in mass spam mailings. One type of e-mail spoofing, self-sending spam, involves messages that appear to be both to and from the recipient.

 

What can you do to avoid falling victim to spoofed messages? The most effective defense against spoofed messages is also the most obvious: be a discerning e-mail reader.  In other words, don’t simply take for granted that the message you’re about to open is from who it purports to be from. If something seems different—for example, if the sender’s name is spelled differently or is missing an initial, or if the font or writing style of the message is out of character for the sender—chances are you’re reading a spoofed message. Your best course of action at this point is to simply delete the message. Never, under any circumstances, should you open a file attached to a potentially spoofed message, nor should you reply or provide any sort of personal or potentially sensitive information to the sender.

 

At the technical level, your choices include using cryptographic signatures (e.g., PGP “Pretty Good Privacy” or other encryption technologies) to exchange authenticated e-mail messages. Authenticated e-mail provides a mechanism for ensuring that messages are from whom they appear to be, as well as ensuring that the message has not been altered in transit.

 

Similarly, businesses may wish to consider enabling SSL/TLS in their mail transfer software. Using certificates in this manner increases the amount of authentication performed when sending mail. You may also configure your

mail delivery daemon to prevent someone from directly connecting to your SMTP port to send spoofed e-mail to other organizations. Ensuring that your mail delivery daemon allows logging and is configured to provide sufficient logging will assist you in tracking the origin of spoofed e-mail.

 

Consider a single point of entry for e-mail. You can implement this by configuring your firewall so that SMTP connections from outside your firewall must go through a central mail hub. This will provide you with centralized logging, which may assist in detecting the origin of mail spoofing attempts to your company.

 

Lastly, educate your staff about your organization’s policies and procedures in order to prevent them from being “social engineered,” or tricked, into disclosing sensitive information (such as passwords). Have your employees report any such activities to the appropriate staff member—or, if applicable, your IT services provider—as soon as possible.