NAC – Network Access Control

What is NAC and is it right for your business?

Network access control (NAC), also called network admission control, is a method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy.


A traditional network access server (NAS) is a server that performs authentication and authorization functions for potential users by verifying logon information. In addition to these functions, NAC restricts the data that each particular user can access, as well as implementing anti-threat applications such as firewalls, antivirus software and spyware-detection programs. network access control also regulates and restricts the things individual subscribers can do once they are connected. Several major networking and IT vendors have introduced network access control products.
NAC is ideal for corporations and agencies where the user environment can be rigidly controlled. However, some administrators have expressed doubt about the practicality of NAC deployment in networks with large numbers of diverse users and devices, the nature of which constantly change. An example is a network for a large university with multiple departments, numerous access points and thousands of users with various backgrounds and objectives.

Getting started with NAC

To explore how NAC is used in the enterprise, here are additional resources:
Network access control — More than endpoint security: Learn how to gauge if your enterprise is ready for network access control (NAC).
NAC — Strengthening your SSL VPN: This tip explores why and how network access control functions are used to strengthen SSLVPNs, and their relationship to industry NAC initiatives.
Compliance in a virtualized world: Server virtualization and NAC security: Server virtualization presents challenges for network security, particularly NAC and compliance issues. Learn what these challenges are and how to overcome them.

Article Provided By:TechTarget

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at


The Best Home Security Cameras of 2017

security cameras

Security Cameras 2017

One of the biggest benefits of a smart home is being able to know what’s going on when you’re not actually there. Whether you’re checking in on your kids, pets, or an exotic jewel collection, a home security camera is a great tool for keeping an eye on things from afar.

Although capabilities vary from device to device, surveillance cameras allow you to monitor what’s going on in your home through live or recorded video. But not all cameras are created equally. Some have alarms or can send you notifications when they detect activity, some offer two-way audio, some are meant to monitor your baby, and some even double as full-on home automation hubs.

We’ve tested lots of home surveillance cameras over the last few years, so we know what’s important to look for. For instance, you want a camera that’s simple to set up and use. Additionally, one of the very first qualities we notice is an attractive—though discreet—design. It’s important that the camera looks like something you actually want in your home, but depending on your needs, you may not want it to stand out too much.

Device support is critical as well. Our favorite cameras allow you to check in from anywhere, whether it’s an app on your phone or a Web browser. Additional features vary from camera to camera, and each of our top picks offer just enough variety to set them apart from the rest of the competition.

Here are some other important factors to consider when buying a home security cam:

The View

Even though 1080p is generally the standard resolution for cameras we’ve tested, and you won’t find any that stream or record in 4K any time soon, there are benefits to cameras with higher resolution sensors. Few home security cameras have optical zoom lenses, but almost all have digital zoom, which crop and enlarge whatever the camera is recording. The more megapixels a camera sensor has, the more you can digitally zoom in and still be able to see things clearly.

Besides resolution, consider the field of view as well. All security cameras have wide-angle lenses, but not all angles are created equal. Depending on the lens’ field of view, it can see between 100 and 180 degrees. That’s a big range in terms of the camera’s vision cone. If you want to watch a large area, you should consider a camera with a very wide field of view.


If you want to keep an eye on the rooms of your home, there are plenty of options. If you want to keep an eye on your driveway, backyard, or front porch, you need to be more choosy. Not all home security cameras are rugged enough to be mounted outdoors. You need a camera that’s waterproof and can stand up to rain, snow, and sun, and survive the extreme temperatures of summer and winter. The Nest Cam Outdoor and Netgear Arlo are two models built specifically for use outdoors, while the Nest Cam Indoor and the Netgear Arlo-Q might not survive the next rainstorm if you mount them over your garage door.


Most security cameras use Wi-Fi, but not all rely on it exclusively. Some add Bluetooth for local control and easier setup through your smartphone, while others incorporate separate home automation networking standards to interact with other devices, like ZigBee or Z-Wave. For most cameras, all you need to do is follow instructions on an app to connect them to your home network.

Once your camera is connected, you’ll almost certainly be able to access it through your smartphone or tablet. The vast majority of home security cameras today have mobile apps, and many focus entirely around those apps for doing everything. Some have Web portals as well, which add flexibility for accessing your videos and alerts from anywhere.

Cloud Storage

The videos your camera records probably won’t be stored on the camera itself. Most home security cameras use cloud services to store and offer remote access to footage. Some models have microSD card slots so you can physically pull the video from them when you want to review footage, but this is a rare feature.

Keep in mind that not all cloud services are alike, even for the same camera. Depending on the manufacturer, your home security camera will store different amounts of footage for different lengths of time. This service is often a paid subscription on top of the price of the camera itself, though some cameras offer free cloud storage to varying degrees. Cloud storage service is usually offered in tiers, letting you choose between keeping footage for a week, a month, or more.


As you can see from our picks, most of the top-rated home security cameras on the market are roughly in the $200 range, but some of them also require an additional fee to store recorded video in the cloud. We break down any extra fees in our reviews, so it’s worth taking a look at each to find out which one fits your budget. Then again, you can’t really put a price on peace of mind.

Featured in This Roundup

  • Icontrol Networks Piper nv

    $279.99 at Amazon The Icontrol Networks Piper nv is a unique security camera that doubles as a home automation hub. This time around it offers night vision, a more robust camera sensor, and a faster processor.

  • LG Smart Security Wireless Camera LHC5200WI (With ADT Canopy)

    $199.99 at Amazon LG’s Smart Security Wireless Camera LHC5200WI doubles as a home automation hub and offers contract-free professional ADT monitoring at a reasonable price.

  • Nest Cam Outdoor

    $189.99 at Amazon The Nest Cam Outdoor security camera offers sharp 1080p video, crisp night vision, and motion detection alerts in a stylish weatherproof enclosure.

  • Canary All-In-One Home Security Device

    $149.99 at Amazon The Canary All-In-One Home Security Device keeps tabs on your dwelling with 1080p video capture and sensors for air quality, humidity, and temperature.

  • Logi Circle

    $149.99 at Best Buy The Logi Circle is an attractive and easy-to-use home security camera that lacks a few of the more powerful scheduling and programming features of its competition.

  • Nest Cam Indoor

    $192.75 at Amazon The Nest Cam Indoor is a dual-band Wi-Fi surveillance camera that offers crisp 1080p video, motion and sound detection, and integration with other Nest devices. It’s a snap to install, but you have to pay to view recorded video.

  • Netgear Arlo Q

    $161.66 at Amazon The Netgear Arlo Q is a pricey home security camera that delivers sharp, colorful 1080p daytime imagery and clear night vision video.

  • Netgear Arlo Security System (VMS3230)

    $269.99 at Amazon With Netgear’s Arlo Security System, you can place wireless cameras just about anywhere to keep tabs on your home, but you’re trading some functionality for battery power.

  • Petcube Play

    $179.00 at Amazon The latest security camera from Petcube, the Play, solves all of the issues we had with the original by adding a 1080p camera, night vision, cloud storage, and alerts.

  • Zmodo Pivot

    $99.00 at Amazon Want to keep tabs on what’s happening at home when you’re not there? The Zmodo Pivot camera gives you a 360-degree view, delivers crisp 1080p video, and goes one step further by including multiple security and environmental sensors.

Article Provided By: PC Magazine

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

eBay Launches eBay Authenticate to Prevent Counterfeiting

eBay Authenticate

eBay Authenticate

eBay is developing a new authentication program for some of its higher-end items to create a network of professional authenticators it can use to verify that products are legitimate.

Under the name eBay Authenticate, the program will begin with a pilot program in the US for top-end handbags. It plans to spread to more items throughout the year and hopes to grow the program internationally.

When listing an item in the target inventory set—such as high-end handbags—sellers will have an opportunity to opt-in to the authentication service for a fee. In return, there will be messaging on their listing that highlights that the item will be reviewed by a professional authenticator before it’s delivered to the buyer. If the item sells, a professional will authenticate the item. If the item passes inspection, the item will be forwarded to the buyer.

For listings in the target inventory set where the seller hasn’t adopted the authentication service, the buyer will still have the ability to utilize the service for a fee.

To further bolster consumer trust in the program, if a buyer receives an item following inspection and it’s found to be inauthentic, eBay will refund the buyer two times the cost of the original purchase price.

According to eBay, for sellers, the service will help them drive sales, promote products, and get top dollar for their items. For buyers, the service adds another layer of trust to allow them to shop confidently—no matter the price point.

Details on pricing for the service will be shared at a later date.

Article Provided By: Security Magazine

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

Access – Peace Sign Pics Could Give Hackers Your Fingerprints

AccessBiometric Access – Finger Prints

Researchers at Japan’s National Institute of Informatics have claimed they can accurately copy fingerprints from digital photographs, raising fears that the access security of biometric authentication systems could be undermined.

Isao Echizen from the Institute told the Sankei Shimbun that his team was able to copy firngerprints based on photos taken from as far away as three metres, as long as they’re in focus and with strong lighting, AFP reported.

“Just by casually making a peace sign in front of a camera, fingerprints can become widely available,” the researcher claimed.

He argued that anyone could do so—without the need for advanced technology.

Social media, especially in Asia, is filled with the images of individuals doing the two-fingered ‘peace’ sign, taken with the increasingly powerful digital cameras found on smartphones.

That could lead to fears over the security of fingerprint-based authentication systems, although it’s not clear how easy it would be to transfer a captured fingerprint into a form which could be used to authenticate.

Researchers famously ‘cracked’ Apple’s TouchID system in the iPhone 5 and 6 models, but the method required a laser-printed image of the fingerprint and then a convoluted process of creating a mould with pink latex milk or white wood glue.

The skill, patience and time needed to do so would deter most criminals.

However, some commentators said the research still serves a valuable purpose in highlighting the problem with static biometric identifiers.

Robert Capps, VP of business development at biometrics firm NuData Security, argued that humans leave fingerprint data behind on everything they touch, adding that researchers have also been able to use photographs to trick iris scanners.

“Once biometric data is stolen and resold on the Dark Web, the risk of inappropriate access to a user’s accounts and identity will persist for that person’s lifetime. As the most stringent of authentication verifications deploy physical biometrics, such as immigration and banking, physical biometric data will become very desirable to hackers,” he argued.

“We can expect more creative attempts by hackers to capture this information. The benefit of passive behavioural biometrics is that the information used to uniquely identify a user is passively collected and dynamically analyzed, and has an extremely limited shelf life of usefulness—making theft and successful reuse of raw behavioural signals nearly impossible.”

For consumers, another option would be to wait two years until the NII launches a new transparent film currently in development, which is designed to hide the wearer’s fingerprints.

Article Provded By: Info Security Magazine

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

Failing to Prepare is Preparing to Fail with Network Security

Network Security

Network SecurityNetwork security is now a more pressing concern for businesses than ever before. Indeed, the concern around security/compliance has been found to be business’ #1 barrier to deciding to adopt the cloud, and last year, a report from Cisco estimated that one million cybersecurity jobs would appear in 2016, highlighting a level of investment and dedication not yet witnessed.

What, though, can companies do to help ensure that they are protected against enormously damaging breaches? We take a look at how organizations can help ensure their networks, sensitive data and other critical infrastructure are safeguarded from the huge number of threats now in play.

Be sure to automate

How can IT security departments manually detect threats when users, devices and applications generate such an enormous number of network connections, data transactions and application requests? Indeed, it’s like finding a particular needle in a large stack of needles.

Here’s where security information and event management (SIEM) software comes in, allowing businesses to centralise syslogs and events from network devices, servers, applications, databases and users, while also helping to automate threat detection and offering corrective responses to mitigate risk.

Automation is just one of the vital tools in the fight against security threats, with firewalls, anti-malware, and threat intelligence all having a part to play.

Get your framework in place

A comprehensive security framework is an absolute must for helping to ensure the safety of your organization’s IT. With an audit of the available inventory, from the types of transactions to BYOD policies and account roles, your company can get the framework off on the right foot.

An IT security framework is only achievable with a significant degree of cooperation, with management, IT and many other business departments all playing a part. Indeed, it only ends with the technology used, and is comprised of the organization working together to evolve and help ensure better security standards 

Keep an eye on endpoint devices

A flexible workforce is becoming a more pressing need for the modern enterprise, with employers and employees keen to make use of the freedom this approach can offer. Yet such an approach represents a threat. Say an employee with malicious intent and access to confidential data on their laptop decided to share this, how could you stop it? 

By monitoring all endpoint devices, from laptops, to mobile devices to a USB drive, you can help ensure sensitive data is not leaving your environment. For example, if a USB device is ejected/blocked automatically as soon as any nefarious activities take place, and corrective action, such as account blocking, is implemented then you can minimize the impact of an attack.

Keep insider threats at bay

The example used in the previous entry on this list – of a malicious employee – highlights that the most damaging security compromise can sometimes happen from the inside. By monitoring which users attempt to access sensitive data, as well as network traffic, logs and credentials you can identify and combat any insider threats, with monitoring able to flag any user attempting to access something they shouldn’t. 

Analytics are a must

The importance of gaining insights from your data using analytics cannot be overstated. With access to real-time network data, a business can identify and act upon suspicious network activity, seeing whether there are seemingly threatening connection requests from outside sources, or an increase in web traffic activity on a critical router or firewall.

Data-driven analysis can also help investigate the cause of an attack after the fact. If you’re unlucky enough to have been breached, then analytics are vital in discovering how it happened through root-cause analysis, and will help you figure out how to prevent it in the future. 

Be PCI DSS compliant

By being compliant with regulatory standards, your business not only helps to ensure better data protection, but also helps avoid fines or even criminal charges. This is a particular concern in the payment card industry, for example, where data breaches can mean compromising data from millions of credit cards. 

Complying with standards such as PCI DSS can help ensure all of the above. However, being compliant does not mean you can rest on your laurels, so make sure to leverage this obligation to actually increase security, instead of just trying to tick the box for a regulator. There are many ways you can do this, for example, if you are required to produce a report of all admin activity, have your internal security team review it as well. Make sure you get the most out of being compliant. 

While there are a number of other steps businesses can take to help ensure IT security is in the right place, from enabling threat intelligence to practicing knowledge sharing, the above tips should stand your organization in good stead for the threats that lay ahead. 

With the right preparation, people, strategy and tools, your company can be confident that it is ready to overcome the new challenges it is likely to face.

Article Provided By: Info-Security Magazine

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

How to Quantify the Risk of an Insider Threat

Insider Risk


Never before have there been so many platforms that let a growing number of people touch, manipulate, download, and share sensitive data.

But there’s a dark side to all that access: It exposes a company to malicious intent and theft of information worth thousands, sometimes millions, of dollars. More alarming is the fact that less than half (42 percent) of all organizations have the appropriate controls in place to prevent these attacks, according to the Insider Threat Spotlight Report.

How do you get a handle on this threat? Mitigation begins with assigning risk levels to employee roles. Who has access to sensitive information, intellectual property, trade secrets, customer lists, and any other proprietary data? That’s the foundation of your risk model. Many companies use a simple numerical scale of 1-10, with 10 as the highest risk. Others may prefer simpler categories like Low, Medium, and High or yellow, orange, and red alerts.

It turns out that nearly 80 percent of employee fraud takes place in accounting, operations, sales, senior management, customer service, and purchasing. But it’s critical to establish a risk profile for everyone in the company, no matter which department. Take into account employees’ current roles, levels of privilege, and required access to proprietary information. Senior IT people and C-Suite executives obviously have more privilege and access than mid-level managers and clerical workers. And, of course, the higher the risk in a potential disaster, the greater the need to monitor an employee’s activities.

Prepare to update the risk profile of an individual. Organizations are dynamic, and employees regularly make lateral moves or get promoted. Someone who doesn’t touch sensitive information in one role may very well have access and new privileges in a different assignment.

Employees’ personal lives change constantly, too. A traumatic event, like a death in the family or divorce, psychological problems, or a shift in financial circumstances for the worse—any of these can cause behavioral changes in people. And they all may require re-evaluation of an individual’s level of risk.

Once you’re committed to the process, we recommend taking the following steps:

  1. Create an insider-risk team. While IT and its security team may oversee the monitoring of user activity, the process really requires support from the most senior ranks, as well as other departments. Your legal department help can help decide how to monitor while complying with the law and act as a critical liaison between executives and the security group. Human resources can help support the need and processes for monitoring, as well document employee cases—and put a “human” face on the operation.
  2. Designate risk levels. This, of course, is what I’ve been discussing in this post all along: using job titles to assign a scale of risk, depending on levels of privilege and access.
  3. Pinpoint inappropriate conduct. Just because you’ve assigned someone a high-risk level doesn’t necessarily mean that he’s committing an offense. Conversely, an employee’s inappropriate behavior can sometimes be misread as performance of normal job-related tasks. That’s why it’s critical to develop ways to identify truly improper conduct through changes in an individual’s communication and behavior. You can do that through software that is known as user-behavior analytics and, less technically, by means of procedures your employees can follow to report troublesome behavior.
  4. Set up a system of insider monitoring. When you’re establishing a system to keep an eye on employee activity and behavior, it helps to decide what level of monitoring goes along with the different risks they may pose to your organization. For example, someone in a low-risk category probably can’t interact with sensitive information and therefore needs little more than the less-technical sort of monitoring suggested above. Medium-risk employees do have access to proprietary data and, so, may require monitoring additionally with user-behavior analytics. So, too, with those high-risk individuals who should probably be subject to the most active monitoring and review.

Quantifying risk is just the start of mitigating insider threats. But if you develop the initial baseline—starting with job title and access to privileged information—you can get a better handle on which employees you will have to monitor during such critical periods as hiring, job title and personal changes, and the high-risk exit period.

Article Provided By: Info-Security Magazine

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

4 information security threats that will dominate 2017

Cybercriminals are becoming more sophisticated and collaborative with every coming year. To combat the threat in 2017, information security professionals must understand these four global security threats.

Security Threats

As with previous years, 2016 saw no shortage of data breaches. Looking ahead to 2017, the Information Security Forum (ISF), a global, independent information security body that focuses on cyber security and information risk management, forecasts businesses will face four key global security threats in 2017.

“2016 certainly lived up to expectations,” says Steve Durbin, managing director of the ISF. “We saw all sorts of breaches that just seemed to get bigger and bigger. We lurched from one to another. We always anticipate some level of it, but we never anticipate the full extent. I don’t think anybody would have anticipated some of the stuff we’ve seen of late in terms of the Russians getting involved in the recent elections.”

The ISF says the top four global security threats businesses will face in 2017 are the following:

  1. Supercharged connectivity and the IoT will bring unmanaged risks.
  2. Crime syndicates will take quantum leap with crime-as-a-service.
  3. New regulations will bring compliance risks.
  4. Brand reputation and trust will be a target.

“The pace and scale of information security threats continues to accelerate, endangering the integrity and reputation of trusted organizations,” Durbin says. “In 2017, we will see increased sophistication in the threat landscape with threats being tailored to their target’s weak spots or threats mutating to take account of defenses that have been put in place. Cyberspace is the land of opportunity for hacktivists, terrorists and criminals motivated to wreak havoc, commit fraud, steal information or take down corporations and governments. The solution is to prepare for the unknown with an informed threat outlook. Better preparation will provide organizations of all sizes with the flexibility to withstand unexpected, high-impact security events.”

The top four threats identified by the ISF are not mutually exclusive. They can combine to create even greater threat profiles.

Supercharged connectivity and the IoT bring unmanaged risks

Gigabit connectivity is on the way, and it will enable the internet of things (IoT) and a new class of applications that will exploit the combination of big data, GPS location, weather, personal health monitoring devices, industrial production and much more. Durbin says that because connectivity is now so affordable and prevalent, we are embedding sensors everywhere, creating an ecosystem of embedded devices that are nearly impossible to secure.

Durbin says this will raise issues beyond privacy and data access: It will expand the threat landscape exponentially.

“The thing for me with 2017 is I describe it as an ‘eyes-open stance’ we need to take,” Durbin says. “We’re talking about devices that never ever had security designed into them, devices that are out there gathering information. It’s relatively simple to hack into some of these things. We’ve seen some moves, particularly in the U.S., to encourage IoT manufacturers to engineer some level of security into their devices. But cost is an issue, and they’re designed to link.”

Durbin believes many organizations are unaware of the scale and penetration of internet-enabled devices and are deploying IoT solutions without due regard to risk management and security. That’s not to say organizations should pull away from IoT solutions, but they do need to think about where connected devices are used, what data they have access to and then build security with that understanding in mind.

“Critical infrastructure is one of the key worry areas,” Durbin says. “We look at smart cities, industrial control systems — they’re all using embedded IoT devices. We have to make sure we are aware of the implications of that.”

“You’re never going to protect the whole environment, but we’re not going to get rid of embedded devices,” he adds. “They’re already out there. Let’s put in some security that allows us to respond and contain as much as possible. We need to be eyes open, realistic about the way we can manage the application of IoT devices.”

Crime syndicates take quantum leap with crime-as-a-service

For years now, Durbin says, criminal syndicates have been operating like startups. But like other successful startups, they’ve been maturing and have become increasingly sophisticated. In 2017, criminal syndicates will further develop complex hierarchies, partnerships and collaborations that mimic large private sector organizations. This, he says, will facilitate their diversification into new markets and the commoditization of their activities at the global levels.

“I originally described them as entrepreneurial businesses, startups,” Durbin says. “What we’re seeing is a whole maturing of that space. They’ve moved from the garage to office blocs with corporate infrastructure. They’ve become incredibly good at doing things that we’re bad at: collaborating, sharing, working with partners to plug gaps in their service.”

And for many, it is a service offering. While some organizations have their roots in existing criminal structures, other organizations focus purely on cybercrime, specializing in particular areas ranging from writing malware to hosting services, testing, money mule services and more.

“They’re interested in anything that can be monetized,” Durbin says. “It doesn’t matter whether it’s intellectual property or personal details. If there is a market, they will go out and collect that information.”

He adds that rogue states take advantage of some of these services and notes the ISF expects the resulting cyber incidents in the coming year will be more persistent and damaging than organizations have experienced previously.

New regulations bring compliance risks

The ISF believes the number of data breaches will grow in 2017, and so will the volume of compromised records. The data breaches will become far more expensive for organizations of all sizes, Durbin says. The costs will come from traditional areas such as network clean-up and customer notification, but also from newer areas like litigation involving a growing number of partners.

In addition, public opinion will pressure governments around the world to introduce tighter data protection legislation, which in turn will introduce new and unforeseen costs. Reform is already on the horizon in Europe in the form of the EU General Data Protection Regulation (GDP) and the already-in-effect Network Information Security Directive. Organizations conducting business in Europe will have to get an immediate handle on what data they are collecting on European individuals, where it’s coming from, what it’s being used for, where and how it’s being stored, who is responsible for it and who has access to it. Organizations that fail to do so and are unable to demonstrate security by design will be subject to potentially massive fines.

“The challenge in 2017 for organizations is going to be two-fold,” Durbin says. “First is to keep abreast of the changes in regulations across the many, many jurisdictions you operate in. The second piece is then how do you, if you do have clarity like the GDP, how do you ensure compliance with that?”

“The scope of it is just so vast,” he adds. “You need to completely rethink the way you collect and secure information. If you’re an organization that’s been doing business for quite some time and is holding personally identifiable information, you need to demonstrate you know where it is at every stage in the lifecycle and that you’re protecting it. You need to be taking reasonable steps even with your third party partners. No information commission I’ve spoken to expects that, come May 2018, every organization is going to be compliant. But you need to be able to demonstrate that you’re taking it seriously. That and the nature of the information that goes missing is going to determine the level of fine they levy against you. And these are big, big fines. The scale of fine available is in a completely different realm than anyone is used to.”

Brand reputation and trust are a target

In 2017, criminals won’t just be targeting personal information and identity theft. Sensitive corporate information and critical infrastructure has a bull’s eye painted on it. Your employees, and their ability to recognize security threats and react properly, will determine how this trend affects your organization.

“With attackers more organized, attacks more sophisticated and threats more dangerous, there are greater risks to an organization’s reputation than ever before,” Durbin says. “In addition, brand reputation and the trust dynamic that exists amongst customers, partners and suppliers have become targets for cybercriminals and hacktivists. The stakes are higher than ever, and we’re no longer talking about merely personal information and identity theft. High-level corporate secrets and critical infrastructure are regularly under attack, and businesses need to be aware of the more important trends that have emerged in the past year, as well as those we forecast in the year to come.”

While most information security professionals will point to people as the weakest link in an organization’s security, that doesn’t have to be the case. People can be an organization’s strongest security control, Durbin says, but that requires altering how you think about security awareness and training.

Rather than just making people aware of their information security responsibilities and how they should respond, Durbin says the answer is to embed positive information security behaviors that will cause employees to develop “stop and think” behavior and habits.

“2017 is really about organizations having to wake up to the fact that people do not have to be the weakest link in the security chain,” Durbin says. “They can be the strongest link if we do better about understanding how people use technology, the psychology of human behavior.”

Successfully doing so requires understanding the various risks faced by employees in different roles and tailoring their work processes to embed security processes appropriate to their roles.

Article Provided By: CIO

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

Should Big Data Pick Your Next Doctor?

Big DataBig Data

This past spring, Owen Tripp, 37, was living the Silicon Valley dream. His latest company, Grand Rounds, had raised $100 million at a valuation said to be about $1 billion. He and his wife had a new baby, their third child. Sure, the noise from the kids–all of them under 6–meant he slept with earplugs, but so what? Life was great.

Then he woke up one morning convinced he’d left an earplug in his right ear. He checked. No plug. But he couldn’t hear anything in that ear. His doctor twice said it was just clogged before recommending an ear, nose and throat specialist. When he pulled up the specialist’s Web page, something didn’t feel right: Her expertise was in swallowing, not hearing. “I’m not feeling super-comfortable with the way this is being looked at,” he remembers thinking. “Why am I being referred to somebody who seems to be more versed in swallowing?”

Most people would just go to that doctor anyway. Or they’d call friends in the hope that someone would know a specialist. But Tripp is not most people: He is the co-founder of Grand Rounds, which is focused on matching patients with the right doctors. The company uses a database of some 700,000 physicians, 96% of the U.S. total, and merges it with insurance-claims data and biographical information to grade doctors based on the quality of their work. The idea is to help people find a physician who will give them the right diagnosis the first time around and link patients with experts who can give second opinions. For individuals, it costs $600 to get a doctor recommendation and $7,500 to get a second opinion.

Grand Rounds won’t provide revenue figures, but employers, including Comcast, Quest Diagnostics, SC Johnson, Wal-Mart, News Corp. and Jamba Juice, pay for the service on a per-employee basis because they believe it cuts down on incorrect diagnoses and unnecessary procedures. Some 3 million employees have access to the service, although only a small percentage use it. At Costco, for instance, 2% of employees used Grand Rounds this year and 60% of those who got a second opinion had their care changed.

The team at Grand Rounds matched Tripp with a doctor in San Francisco. She prescribed a specialized MRI. After the scan, the head radiologist at Stanford called and told Tripp there was a 2.6-centimeter growth–a tumor called a schwannoma–in the nerve that led to his ear.

“My wife is sitting right next to me, and we both start panicking,” Tripp says. “I mean, we’re cool under fire, but inside we’re wondering, How’s this going to work for the kids if Dad’s not here in a few years? We’ve got a 10-month-old child. He’s not even going to remember me. How are we going to talk to our 5-year-old?”

The tumor was likely to be benign, but it still required major surgery. Grand Rounds’ data scientists evaluated not just individual doctors but also entire surgical teams for their experience and skill with a procedure that is performed only 3,000 times a year in the United States. Tripp ended up with a team at Stanford, but he talked to surgeons around the country, who told him he’d have to make a difficult choice: between preserving the ability to move his face and the ability to hear in that ear. For a CEO the choice was obvious: He couldn’t imagine making deals with strange expressions on his face. He was under anesthesia for 11 hours as the tumor was scraped away from the nerve, layer by layer. When he woke up, he smiled broadly. His face wasn’t paralyzed, but he was deaf in his right ear. “I think [the deafness is] a critical reminder of where I’ve been and why we’re doing what we’re doing,” Tripp says.

In 2011 Tripp’s co-founder, Stanford radiologist Rusty Hofmann hatched the idea for Grand Rounds, originally called ConsultingMD, out of “pure frustration.” Hofmann’s office at Stanford was filled with FedEx packages containing medical records from desperate patients who were hoping he could help diagnose problems with blood clots in their veins, his area of expertise. He and his staff would go through the files at no charge. But there was little he could do, and the right records often weren’t included. Could there be a business in triaging all such extra work that came into every academic physician’s office?

Then the idea became deeply personal. In 2011 Hofmann’s son, Grady, developed aplastic anemia, a deadly disease. Grady needed a bone marrow transplant. Normally, marrow comes from a sibling, but neither of the other Hofmann children was a match. Rusty was. Grady’s doctors didn’t know if using his father’s cells would work, but Rusty called physicians at top-tier institutions and found some who had done transplants from parent to child–and they had worked. Grady got the transplant. Also, based on the advice of experts, Rusty cleaned the air-conditioning ducts in his house to cut down on germs in order to protect his son’s weakened immune system. Visitors had to get flu shots. Grady, now 13, has braces, goes to school dances and surfs.

Grand Rounds co-founder Rusty Hofmann. Credit: Tim Pannell for Forbes.Grand Rounds co-founder Rusty Hofmann. Credit: Tim Pannell for Forbes.

The strain on his family was immense. What do people do when Dad isn’t a doctor? “Every aspect of my life was feeling this pain,” Hofmann says. “This has got to change. This cannot be the way we continue for the next 50 years in this country.”

Hofmann had no clue how to turn his idea into a business. An early investor set up a meeting with Tripp at Tootsie’s, a cafe near Stanford. Hofmann thought it was just a meeting to trade ideas. Tripp, who had previously cofounded, which helps people clean up their online records, had an inkling it might be more. The two hit it off instantly. Tripp was the son of a pediatrician and had intended to go into medicine before he got involved with starting one of the first wide-area Wi-Fi networks, in the early 2000s, at Trinity College in Connecticut, where he was a student. He’d gotten addicted to tech. Now he’d found a problem he thought technology could handle. Where Hofmann saw a service to help doctors filter patients, Tripp saw an opportunity for technological disruption.

“I saw this guy who is in the business of saving people,” Tripp says. “That’s why he does it, and that’s what he’s really good at. But he is not scalable. There was just no way that this guy was going to be able to meaningfully reach all the patients who would benefit.”

Hofmann offered Tripp the CEO job that night on the phone, and they met for a follow-up dinner. Hofmann was convinced Tripp would turn him down. Instead, Tripp was so hyped about the meeting that he showed up despite the fact that he was shivering with a 102-degree fever, because he wanted Hofmann to know how excited he was. They didn’t shake hands for fear of sending germs home to Grady, who was still sick.

Grand Rounds’ first product would be to give second opinions, mostly to patients who had severe illnesses like cancer or who were considering big procedures like back surgery. The first 150 cases yielded a shocking surprise: Two-thirds of the time, Grand Rounds’ experts would change the existing diagnosis or prescribe a new treatment. Often the original doctor got it wrong.

Medical errors are estimated to kill between 100,000 and 400,000 Americans annually. That makes it sound like people are dying because of dumb mistakes, but many errors are cases of misdiagnosis or mistreatment. A 2012 study estimated that a third of the U.S. health care budget–then $750 billion–is lost on wasteful care. Yet medicine has resisted one obvious solution: getting an extra set of qualified eyes on every case.

In fact, medicine has gone in the wrong direction. Thirty years ago it was common for insurance companies to require a second opinion before a major surgery. Grand Rounds takes its name from a long-standing medical ritual, in which complex cases are presented to an audience of doctors so that ideas can be exchanged and physicians can be sure they get the right answer. In other words, it’s like doctors’ rounds on steroids.

Of course, Grand Rounds’ investors aren’t in this game just to improve health care. They see a huge upside. Bryan Roberts, a well-known tech venture capitalist at Venrock, thinks Grand Rounds might someday play a role every time a patient picks a doctor. A couple of years ago he started offering Grand Rounds’ services to Venrock entrepreneurs. “Within a couple months,” he says, “I’d gotten three or four e-mails from our entrepreneur CEOs saying things like ‘I think my dad’s alive because you bought Grand Rounds for us.’ ”

Bob Kocher, another Venrock partner, who played a role at the Obama White House in crafting the Affordable Care Act, started a Grand Rounds case on his teenage niece, who had cancer. The second opinion confirmed her diagnosis but recommended freezing her eggs before her ovaries were damaged by chemotherapy. Her original doctors hadn’t suggested that.

Grand Rounds employs a staff of 80 clinicians who interact with patients. The doctors’ job is not to make diagnoses or correct mistakes but to deal with patients directly to help them understand what the experts said. Just handing a sheaf of papers to the patient without explaining it, Tripp says, is not enough to have an impact.

These staff physicians connect with patients, getting medical records and asking key questions, like how far the patient is willing to travel. Then they use Grand Rounds’ database to match the patient with the right doctor. The company’s database grades doctors on factors like where they trained, which other experts they trained with and how often they perform certain tests and procedures, based on insurance-claims data provided by Grand Rounds’ customers. (Too many tests tends to indicate poor medical judgment.) The experts the company trusts are those who do best, according to a machine-learning algorithm, in literally hundreds of categories, including mortality data, readmission and complication rates.

Individuals can pay for Grand Rounds, but the company sees its big opportunity in selling its service to employers that want to reduce their health care costs. Like Costco (which, including part-timers, employs 218,000 people), many of Grand Rounds’ customers self-insure. This means that while Aetna manages its health benefits, Costco is exposed to a certain amount of financial risk. The number of patients who use the service is small but increasing quickly, from about 90 patient cases a month when Costco started using Grand Rounds last January to 150 monthly cases now.

Patients are more likely to trust Grand Rounds than their own insurers. When an insurance company denies a claim, employees just become angry; they’re willing to believe Grand Rounds if its doctors provide the same reason. “There’s nothing like an objective party that is different from the insurance plan,” says Donna Sexton, Costco’s director of employee benefits.

Sometimes, of course, the original doctors got the diagnosis and treatment right, in which case Grand Rounds represents a powerful tool for getting the insurance company to pay. Leslie Nava, a personal trainer, got access to Grand Rounds through Costco, where her husband works part-time to get health benefits. She and her son both have a hereditary disease called neurofibromatosis type 2, which causes noncancerous tumors to grow throughout the nervous system. A tumor on her son’s acoustic nerve was going to rob him of his hearing. The only thing that would preserve his hearing was regular treatment with the cancer drug Avastin. Aetna wouldn’t pay.

“I probably sat there crying for ten minutes,” Nava says. A nurse at the doctor’s office told her that her insurance included Grand Rounds and that she might try the service. She did and was amazed by the personal care she got from the company’s staff physician and relieved when the report came back saying that Avastin was, in fact, the best option. Aetna agreed to pay. “It definitely renewed my faith in the health care system,” Nava says.

Privately held Grand Rounds won’t discuss financials, but it seems to be growing fast. The service is now available to more than 3 million people through their employers. Tripp says that revenue has been increasing 100% a year for each of the past three years and that the company’s customers include four of America’s largest retailers and three major food manufacturing plants, as well as Autodesk and the Wahl Clipper Corporation. He’s particularly proud that Grand Rounds is offering blue-collar workers the kind of medical care once available only to the rich.

“I think that’s a frequent misconception that we are simply trying to help the 1% get 1% health care,” Tripp says. “In fact, it couldn’t be further from the truth. We’re actually helping the 99% or the 90% get the 1% health care solution.” If it works, it will be an amazing case of capitalism improving the world.

Article Provided By: Forbes

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

Home Alarm & Security Systems

What matters most?

SecurityFor many people, the price of a home security system is one of the most important factors in deciding which alarm system to purchase. There are three basic elements to consider: upfront (installation) costs, ongoing (monthly) subscription costs, and equipment costs. Be aware that many home insurance providers offer discounts (up to 20%) for homes with monitored alarm systems.

  • Upfront cost: Installation is either professional or do-it-yourself (DIY): some companies let you choose an installation method, while others offer only one option. Professional installation costs can run $100-$500+, while DIY is free but requires time investment.
  • Subscription cost: Subscription security systems – home alarms monitored 24/7 by outside companies – carry a monthly fee, usually in the $20-$60 range.
  • Equipment cost: You’ll catch a price break on monitored systems, which often offer equipment at reduced cost in exchange for signing a contract. If you purchase a system outright, expect to pay $100+ for a basic system and $500+ for top-of-the-line equipment.

Many home security companies offer discounted equipment in exchange for a signed contract, similar to how your cell phone company offers low-cost phones. Some contracts are more flexible than others, so read through the contract terms (and online reviews) before signing on the dotted line.

  • Length: Most contracts are for 2-3 year terms. Many allow for cancellation within the first 2-4 weeks of the contract’s term.
  • Terms: Pay special attention to a contract’s fine print: equipment warranties, cancellation clauses, etc.
  • Portability: Many companies make it easy to port your equipment to a new home, so if there’s a chance you’ll move during your contract, check first to confirm relocation possibilities.

There are two basic installation possibilities: professional installation and DIY options.

  • Professional installation: Many complex alarm systems, usually those that are hardwired into a home, require professional installation. This usually carries a hefty cost ($200-$500+), although some companies offer discount installation.
  • DIY: Do-it-yourself security systems are generally easy to install, often requiring just a few hours to read through the manual and place your sensors.
  • Third-party professional installation: If you purchase a DIY system but aren’t a DIYer, you can hire a local handy person to do your installation at an hourly rate.

Home alarm companies offer monthly monitoring via three types of connection: Internet (broadband/VOIP), phone line, or cellular service. Usually, Internet monitoring is the least expensive option, while cellular monitoring is the most expensive.

  • Internet: Monitoring via Internet is inexpensive, but be aware that if you have an Internet outage (or a power outage that disables your modem), you will be cut off from monitoring.
  • Phone line: Use your home phone line (landline) to connect with your monitoring company. Be aware that if a burglar cuts your phone line, your system will not work.
  • Cellular: Monitoring via cell phone connection is the most expensive option, but also the most secure.

Add-on features
Basic systems are just that: basic. You’ll most likely want to expand your system to meet your home’s specifications – number of windows and doors, outdoor lighting requirements, etc. – so look for a company with the add-on equipment and features that suit your needs.

  • Equipment: Equipment offerings vary greatly by company, so choose wisely before signing a contract.
  • Monthly plans: Monthly plans can range from bargain-basement monitoring via Internet connection to all the bells and whistles, including smoke detection, medical monitoring and home automation.
  • Service upgrades & downgrades: Lifestyle changes may require variations in your security needs; check with your company about the ease of adding services or switching monthly plans mid-contract.

Home automation
Home automation is a very popular feature of today’s home security systems – but one you’ll pay extra to access. Automation affords peace of mind and also keeps your house running efficiently (and inexpensively).

  • Security automation: Easily check that your alarm system is armed, your security cameras are functioning, your doors are locked, and other security features are engaged.
  • Energy savings: Adjust your thermostat while you’re out, double-check that your lights are off, conserve energy by pulling your shades down, and more.
  • Monitor the kids: Unlock the door for your children (or pet-sitter), check that the kids got home safely from school, and even ensure that they’re doing their homework instead of watching TV.

Remote access
Many security companies today offer remote access to the system via web-based dashboards and mobile apps. You can use the app to monitor your alarm or manage an array of home automation functions.

  • Internet dashboard: Log into your company’s website, e.g., to have one-click access to your system.
  • Smartphone apps: Monitor your home via a free smartphone app.
  • Tablet apps: Many companies also offer comprehensive tablet-optimized apps to access remote security settings.
Article Provided by: ConsumerAffairs

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at

The best Wi-Fi Audio speakers and music systems of 2016

Wireless audio has been around for years, but in the past few years, we’ve seen a big spike in systems and products using Wi-Fi, instead of, or in addition to, Bluetooth. It makes sense, after all: Wi-Fi generally offers better sound quality than Bluetooth, while allowing the same basic convenience of using a smartphone, tablet or PC as a remote control to browse your music collection — or an online subscription or radio service such as Spotify or Pandora.

Sonos has long been the king of the hill in Wi-Fi audio, and it continues to go from strength to strength, with its focus on usability and support for online music services. But the market has been upended by Amazon’s family of Echo speakers, which combine wireless audio with voice control and home automation. Echo’s success has Google following with the similar Home speaker, and Apple may be next to jump into the ring.

But in terms of bang for buck, our favorite Wi-Fi music player remains the diminutive Chromecast Audio from Google. At only $35 (£30 or AU$49), the tiny streamer turns any stereo with an aux-in port into a wireless music system, with multiroom capabilities and 24-bit/96kHz playback for the audiophile crowd. If there were ever a threat to every other company that produces a multiroom system, this is it.

Besides Chromecast, Echo and Sonos, however, there are now — finally — plenty of other viable Wi-Fi audio options. From the Bose SoundTouch system, to Denon HEOS 1 and its optional battery pack, to the Raumfeld One S, Wi-Fi audio options are exploding. That includes plenty of traditional audio/video brands (such as LG and Sony) with sound bars and other devices that are compatible with the Google Cast Wi-Fi audio standard (similar to but frustratingly incompatible with Chromecast, so far).

With all that in mind, here’s a quick overview of the Wi-Fi speaker landscape, including some of the best buying options right now.

Before you buy

In the list below we’ve focused on the individual hardware we like. Before you take the leap, however, keep a few key points in mind:

  • Make sure your prospective choice supports your favorite music and audio apps. Most products support Pandora and Spotify, but double-check first to be sure. Is your music stored in iTunes, Google Play Music or Amazon Music? You’ll still be fine with a Sonos (for instance), but other products may offer less than perfect support.
  • Make sure your choice works with your devices and operating system. Nearly all of these products are compatible with Android and iOS, but with differing levels of compatibility. For instance, Chromecast Audio works with every app on Android, but only a smaller subset on iOS. Likewise, Sonos’ Trueplay tuning system works only on iPhones, not Android devices.
  • Look at multiroom expansion options. Wi-Fi is better than Bluetooth for streaming music to multiple rooms in the home. If you’re interested in piping audio into two or more rooms, look at the prices and features of other products in the same product “family.” All Sonos products work together, as do Yamaha’s MusicCast, LG’s Music Flow and Bose’s SoundTouch products, to name but a few. Google Cast products are compatible across brands, but — weirdly — don’t yet work with Google’s own Chromecast Audio product.
  • Note that better performance and features may be only a firmware update away. For better or worse, all modern connected devices are now works in progress. What you get out of the box isn’t necessarily the final result. The better companies are always tweaking and updating their products, delivering anything from small usability enhancements to game-changing new features. For instance, a 2015 software update to newer Bose SoundTouch units added Spotify and Sirius XM support, as well as compatibility with high-res FLAC audio files. And Google made good on its promise to add multiroom support to its Chromecast Audio product months are it debuted, making an already great product even better. In other words, a product that is hard to use today could be our most recommended tomorrow with the right software.

The best Wi-Fi audio products right now

With those recommendations, caveats and suggestions firmly in place, here are the best Wi-Fi audio products we can recommend right now.

Chromecast Audio

The Chromecast Audio includes multiroom music capabilities, compatibility with Spotify and hi-res audio support across the board. On an Android device, with universal support for any audio app, it’s nearperfect; iOS users, meanwhile, just need to make sure their favorite apps are compatible — thankfully, Spotify, Pandora, iHeartRadio, Google Play Music, Deezer and dozens more make the cut. Those quibbles notwithstanding, it’s the best way we can think of to spend $35 on upgrading your existing home hi-fi. Read the review of the Google Chromecast Audio.

Sonos Play:5 (2015)


The Sonos Play:5 is the company's best speaker yet.

Photo by SonosSonos units are still king of the hill when it comes to a synergy between software and hardware. Sonos apps are easy to use, and the new Play:5 is the company’s best speaker yet. It’s expensive, but if you want set-and-forget sound, this is probably your best bet. Looking for a more affordable option? Check out the smaller Play:1 – or add other sibling products like the Play:3 or the Playbar sound bar for seamless streaming to multiple rooms. Read the review of the Sonos Play:5.

Amazon Echo/Echo Dot

Amazon’s Echo voice-activated speaker started slow in 2014,but has since ramped up to become the standard bearer for a whole new category: the smart speaker. The Echo and its new siblings — Echo Dot and Amazon Tap – can now have over a thousand “skills” that they can handle after the “Alexa” wake word is spoken. On the audio side, things have gotten better too. Besides the ability to stream any Bluetooth audio from a phone or tablet, Echo products are now fully compatible with Spotify’s music service (in addition to TuneIn, Amazon Prime Music, Pandora and others). And the new-for-2016 Echo Dot lets you listen from any speakers or audio system, offering a big improvement over the original Echo’s good-but-not-great sound quality. Read the review of the Amazon Echo | Read the review of the Amazon Echo Dot.

Bose SoundTouch

The Bose challenge to Sonos is multiroom-savvy and starts at identical price points, but adds a few additional conveniences. Unlike Sonos, Bose includes dedicated remotes with assignable shortcut buttons. And Bose also supports Bluetooth streaming in addition to Wi-Fi, so — like Echo — it can stream any audio source beyond the built-in services such as Spotify, Pandora, Amazon, Deezer and Sirius XM. We found the entry-level SoundTouch 10 to be a better deal than the SoundTouch 30, which costs two-and-a-half times as much. Read the review of the Bose SoundTouch 10.

Yamaha RX-V479 (with Yamaha MusicCast)

Multiroom music in a receiver? Why didn’t anyone else think of that? At a price that’s cheaper than the Sonos amplifier, 2015′s Yamaha RX-V479 offered an excellent home theater receiver and Wi-Fi streaming (plus Bluetooth), along with an easy-to-use app. Add more Yamaha MusicCast products if you want to extend the streaming to more rooms in the house. Read the review of the Yamaha RX-V479 | Read the first take of 2016′s RX-V381

Denon HEOS 1

With the addition of the optional battery pack, the HEOS 1 is the first portable, waterproof Wi-Fi speaker we’d recommend. While Google Cast compatibility is still apparently coming and the app could use some work, the Denon sounds good and offers more flexibility than any other speaker at the $299 price. But our enthusiasm doesn’t yet extend to the full HEOS family. Read the review of the Denon HEOS 1.

LG SH7B and LG LAS751M (with LG Music Flow/Google Cast)

Sonos, Denon, Yamaha and others make Wi-Fi-compatible sound bars. But LG has been delivering the best combination of sound quality and affordable pricing on its wireless sound bars in recent years. Products like 2015′s LAS751M and 2016′s SH7B (shown above) deliver a fantastic wireless audio feature set, with support for Google Cast and Spotify Connect, along with Bluetooth for good measure. Pair it with other LG Music Flow or Google Cast devices for multiroom support. Read the review of the LG LAS751M | Read the review of the LG SH7B.

Article Provided BY: CNET

If you would like to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at