|
Lasco Newsletter
Spring 2014 |
|
Greetings,
Many businesses and organizations, financial institutions especially, are being faced with a large regulatory burden, and Lasco is no exception. Because Lasco provides financial institutions with technology and support, we are examined on the same level as a financial institution by the FDIC, the Federal Reserve Bank and the State of Michigan. This may be considered a burden to some companies, but we recognize it as one of our assets. Our ability to know the depth of scrutiny as well as what it takes to pass the exams year after year with exceptional results sets us apart from other technology companies. We are continually researching and involved with the newest technology so we can not only offer the best technology, but also know any risks involved. As you are working with your technology company, consider what Lasco has to offer that others do not. We provide many services such as consulting, audit/exam prep, and system efficiency reviews to name a few. We don't "sell" you a piece of hardware/software just to "sell" you something; we analyze, research and recommend what is best for you and your business/organization. As always, I'm available anytime to sit down with you and answer any questions you may have to make your business or organization run more effectively and securely. Our goal is to see your team thrive in this difficult environment.
Regards,
Dennis VanLandschoot
President & CEO
Lasco
|
| Debit Card Fraud | | |
Debit cards were first introduced to consumers in 1987 as an alternative to checks, unlike checks, debit cards provided a quick swipe for purchases. With each passing year, debit cards became more widely accepted and used. In 1998 debit card transactions outnumbered the use of checks around the world for the first time. Their use continues to grow, and as debit cards have become more popular, criminals are developing more new and very sophisticated ways to use the cards and their information to steal from you!
With the wide use of debit cards and the increasing amount of Debit Card Fraud, it's good to know what to do if your debit card is compromised (or hacked).
Most compromises involve a criminal gaining unauthorized access to a merchant's or card processor's computer system (sometimes referred to as "hacking" into or installing "malware" to capture data on a system). If this happens, your card number could potentially be used by someone else.
According to most bank and card websites there are some important steps to follow if your card is compromised.
Check your accounts for unauthorized charges or debits and continue monitoring your accounts. This may seem obvious, but your first step should be is looking for any charges you don't recognize on your account. And be sure your bank has your updated Contact information. If they can't contact you, they can't ask about fraudulent charges.
Report a suspicious charge or debit immediately Contact your bank or card provider immediately if you see an unauthorized debit or charge. Follow up with a written letter. When you communicate in writing; be sure to keep a copy for your records. Report even a small charge right away, sometimes thieves will start with a small debit against your account and return to take more from your account if the first smaller one goes through. And keep paying attention-fraudulent charges or debits to your account might occur many months after the theft of your information during a data breach.
Submit a complaint if you have an issue with your bank or card provider's response Debit card issuers should investigate the charges (generally within 10 business days) and take action quickly (generally within 3 business days). FFIEC's Consumer Help Center--The Consumer Financial Protection Bureau (CFPB) handles consumer complaints about financial products and services. Consumers can submit complaints and find answers to questions at http://www.consumerfinance.gov or by calling the CFPB at (855) 411-2372.
Replace your card, change your PIN If the bank didn't already do this for you, if a thief charges items to your account, you should cancel the card and have it replaced before more transactions can come through. Even if you're not sure that PIN information was taken, consider changing your PIN just to be on the safe side.This will put an end to any more fake charges.
Ignore anyone contacting you to "verify" your account information by phone or email Unfortunately; when there is widespread knowledge of a scam, it perpetuates more scamming possibilities -- thieves posing as bank employees, etc. This common scam, referred to as "phishing". Banks and credit unions never ask for account information through phone or email that they initiate. If you receive this type of contact, you should immediately call your card provider (using a customer service number that you get from a different source than the initial call or email) and report it.
Unfortunately there is no way to completely protect yourself from Card Fraud, it's important to be informed on what to do if it should happen to you.
Sources:
https://secure.montereycu.com/newsletter/card_compromise_faq.htm#One
http://www.consumerfinance.gov/blog/four-steps-you-can-take-if-you-think-your-credit-or-debit-card-data-was-hacked/
http://www.ffiec.gov/consumercenter/ (FFIEC's Consumer Help Center)
Article written by Sandy Etelamaki, Bank Services Customer Support
|
| Security | | |
Wake Up, Baby!
Flaws are found in software every day. Some have more impact on us than others. Some aren't even known by the manufacturer of the software but are known by hackers.
How do we stay safe? How can we be confident that our information is secure? There have been a lot of headlines surrounding the security of the software we use and how that impacts us. More devices than ever before have networking capabilities integrated which raises the impact flaws can have. This creates an unprecedented situation were we start having to updating software on appliances such as tvs, refrigerators and baby monitors.
In fact, this was highlighted recently when a video baby monitor that was connected to the internet was "hacked". The version of the software it was running had a problem and this attacker was able to get into the video stream through it. He started screaming "wake up baby!" the parents came to the room and were really scared and confused when the camera moved on its own. They unplugged the monitor and later found out there was a flaw in the software and an update was available for it... rough way to find out.*
The flaw in OpenSSL known as Heartbleed was all over the news for what seemed like forever. This flaw impacted 17.5% of websites world wide. It essentially allowed an attacker to get information from the website that they shouldn't have been able to get. The biggest issue surrounded the ability to extract a "private key" from the website. This allowed another website to trick you into believing it was a legit site even thought it was a fraud. There are multiple steps that a successful attack would need to take but still this was very concerning as it violated the trust we have grown to have in the secure infrastructure of the internet. The flaw was introduced on New Year's Eve 2011 by a college student and wasn't found until two years later.**
Last week Homeland Security was advising people not to use Internet Explorer after a zero day vulnerability was found.*** The problem isn't just related to Microsoft's Internet Explorer, no web browser is safe from flaws. Zero day means that the manufacturer found out about it after it was already being used by hackers "in the wild".****
It is good and necessary to stay up to date and apply security patches but the fact of the matter is that there will be flaws we don't know about until it's too late. This is when thinking critically about what controls should be in place can pay big dividends.
Simple things like having complex passwords that rotate regularly and using multi-factor authentication when available can go a long way. Limiting access of websites to only the ones we need can be frustrating but it plays a critical role at significantly lowering your risk of being impacted by zero day browser attacks.
Some things like Heartbleed aren't preventable but once known it is important to fully understand what this really means to you, your company, and your family. Find a trusted source of balanced information and stay up to date.
Sources:
* http://www.nbcnews.com/tech/security/man-hacks-monitor-screams-baby-girl-n91546
** http://online.wsj.com/news/articles/SB10001424052702303873604579495362672447986
*** http://www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being
**** http://www.symantec.com/threatreport/topic.jsp?id=vulnerability_trends&aid=zero_day_vulnerabilities
Article written by: Ryan Valiquette, Logical Security Officer/Support Technician
For questions on this topic you can reach Ryan at 800-800-6197 Ext. 1056 or [email protected].
|
| Tech Tips | | |
Proper Disposal of Computers
As computer systems age and become obsolete, they must be replaced to keep work flowing. After replacing the old noisy PC box with a newer model, a question is raised: "What's the proper way to dispose of my old PC?" More specifically, this question is usually geared towards security: "What parts of the computer itself holds sensitive data and how do I get rid of it?" Inside most computers, the hardware that stores data when the PC is off is the hard drive. There are two ways to dispose of this type of media: data overwrite and physical destruction... and if you want to be sure - do both!
If you are the type who enjoys the occasional hardware demolition (and can do so safely), physical destruction of the hard drive is another option. Inside the hard drive, there are multiple round discs (called "platters") that contain the data stored on the hard drive. By removing the disc platters and defacing both sides of each platter, usually by briefly scratching with sandpaper, the data surface can be made impossible to read from. You should always exercise caution when using this method to avoid injury. Do not try to break or do anything to cause the disc platters to shatter as doing so may create extremely sharp fragments!
If you need help with disposal of hard drive data or would like someone to do it for you, give the Lasco technical support team a call. We can offer secure data destruction services to make sure your sensitive data is disposed of safely and securely.
Generally speaking, data overwrite is the easier (and often safer regarding physical injury potential) method of disposing of sensitive hard disc data. Through the use of software programs such as "Darik's Boot and Nuke" or "Active KillDisk", data can be destroyed by writing multiple layers of randomly generated data on top of the original data. This method is highly effective in making the original sensitive data completely unreadable. To use "Darik's Boot and Nuke", you can download a version that can be burned to a CD by visiting: http://dban.org/download.
Article written by: Tyler Moore, Support Technician
For more information on Disposal or Data Destruction please contact Tim Shandonay, VP of IT (800-800-6197 Ext. 1044 or [email protected]). |
| Virtual Wallet | | |
Alt-Currency: What Bitcoin Means for Banking
|
| Organization Tips | | |
Spring has finally arrived... Time to clean your office space!
Many clients as well as co-workers have a tendency to be "turned off" by a dirty or cluttered office. I realize that everyone functions differently, which includes those who operate well among clutter. However, clutter-lovers beware... If your work space is visible to co-workers or clients, you may need to create some cleaner habits. Below are just a few ideas to get us all started on a cleaner path:
Cleaning - Keep antibacterial wipes in the office and use daily or weekly to keep your space germ-free. Items that should be regularly cleaned are: desk, keyboard, phone - and any other item that is used frequently. If you work for yourself and just don't have the required time to efficiently clean your office every week, consider hiring a cleaning company to keep you on track.
Trash - goes in the can, not on the desk. If you have a constant collection of pop bottles/cans in your office, consider a second trash can for returnables.
New Habits - Every time you walk away from your desk, do a quick scan of your area to see if you need to discard anything. (Tip: This might be a good time to see if you need to take your coffee mug for a re-fill, or your pop cans to the break room for recycling, etc.) Clean as you go, the pros swear by it and it keeps you in a routine which is habit-forming... in a good way!
Valuable Desk Space - Having a favorite stress ball is one thing, having a collection is quite another. Pick one item to sit on your desk that doesn't have a high priority - the rest of your collection should be hidden from sight. Useful office tools: staplers, scissors, tape, extra pens... desk drawers are a great place to put these items, or you can invest in a small desktop organizer/carousel to keep things all together.
Papers - Use paper trays and label them to make projects easier to distinguish. "Inbox", "High Priority", "Working On", "File" - or a system that works on a time-basis such as "Today", "This Week", "Next Week", "Next Month", etc. A filing system is a must, this is just the front-lines of the filing war but don't neglect the rest of the system. Most of the papers that end up in stacks on your desk just need a home - so take a quick break and make a home for those items.
Too Many Copies - Often times, we print something that we have already filed electronically. If you don't need the printed copy - shred it!
Use Your Breaks - Many of us don't take breaks, there is just too much work. However, it's good to take a break from a project to work on something else. Use that time to be productive. File some paperwork that is sitting in your new "File" tray, take some coffee mugs or pop cans to the break room, sanitize your desk... you get the picture.
One-A-Day - Often when we have a mountain of clutter to tackle, we push it off. Just pick one item every day and before you know it, you'll have a cleaner office.
Plan Ahead - If you know when your slow season in the office is, plan a cleaning day or an organizing day. It's amazing what you can accomplish with one day dedicated and planned for, but make sure you have the tools you need for the tasks you have planned (cleaning supplies, filing folders/tabs, etc.)
In the end, a cleaner space is truly a more functional and efficient space. So if you invest a few minutes a day to keeping your space tidy and germ-free, you will eliminate all the wasted time searching for something that should have been filed in the first place. Remember, it takes 30 days to create a new habit so give yourself a some kudos for every small step in the right direction and before you know it, you will have a clean, inviting office!
Article written by: Emily Wright, Administrative Assistant
|
| In-House News... | |
 Lasco & Employees Donate to UPAWS
(Pictured from Left: Tim Shandonay, VP of IT with his dog Wynter, present check to UPAWS Manager Lareina Van Strien. Every Friday Lasco employees have the opportunity to donate $1 for the privilege of wearing jeans to work. Lasco matches the funds every quarter, then chooses a charity to donate to.
Gogebic Range Bank renews Master Contract with Lasco
Ryan Valiquette (Lasco's Logical Security Officer) was an invited speaker on a panel for the Michigan Cybersecurity Awareness Luncheon Series.
Great job Ryan!!!
New Employee: 
Please welcome Andrew Gale to Lasco's I.T. Department! Andrew's title is Senior Network Technician which is a new position within the company. Lasco is committed to creating jobs in Marquette County and helping the community thrive. |
| Employee Spotlight | |
Tim Shandonay, Vice President Information Technology, celebrating 16 years of employment at Lasco! Tim began working for Lasco part time while still a college student. He graduated from Northern Michigan University in 1998 with a BS in Business Computer Information Systems with a networking focus. Following graduation, Tim was hired as a full time support technician. Over the years he has gained a broad array of knowledge working through various evolutions of technology concepts while putting them to practice. He currently holds the position of Vice President of Information Technology. This position holds a number of responsibilities that include managing our staff of technicians, IT regulatory compliance, maintaining the infrastructure of Lasco's two data centers, long-term technology planning as well as being a key resource to customers for their technology needs and planning. Time away from work is spent with his wife and two daughters, running with his Alaskan husky (Wynter), various forms of outdoor recreation (mountain bike races included) and fixing broken cars.
Mark Niemi, Sr. Support Technician, celebrating 5 years of employment at Lasco!
Mark is an NMU Alumni with a Bachelor of Science in Computer Information Systems. He is charged with supervising Lasco's Helpdesk daily operations and many other roles within the company.
Out of the office, Mark loves spending time with his family and friends though he cherishes the most his time spent with his wife Kaley and his daughters, Lily and Olivia. He also enjoys being outdoors and his interests are in fly-fishing and archery.
|
| Quote of the Quarter... | | |
"If you can read this message, you are more blessed than two billion people who cannot read at all." *
*Source: "1: How Many People Does It Take To Make a Difference?"
by Dan Zadra and Kobi Yamada |
|
|
|
|
|
Join Our List |  |
|
|
