Security and Sochi

The Olympics are over, but fear and concerns dealing with the hacking of personal devices, such as laptops, cell phones, and tablets, will likely never be. Millions have seen the recent report, by journalist Richard Engel and Trend Micro threat researcher Kyle Wilhoit, which shows a computer and smartphone being hacked seemingly just by being turned on in public Internet services in Russia. There have been many rebuttals to this news report, which show that the individuals may have willfully downloaded malicious applications and disabled any safeguards in place to prevent malicious attacks from reaching their devices. Despite this being the case, the general public is still shaken up about the safety of their information on connect devices.
So how can you take the steps necessary to avoid these hacking attempts on your devices? Actually, it’s relatively easy. Let’s break it down by popular devices:

Laptop and Desktop PCs
So you have a laptop and don’t want it to get hacked. Good news! Most computers these days come configured out of the box with security features enabled. However, it is always a good idea to check and make sure that they are still enabled. If you are using a windows machine (Vista, 7, 8, 8.1), follow these steps:

1. Search your computer for a setting called “Windows Firewall” and open up the Firewall
settings page. A firewall essentially acts as a barrier, only allowing trusted network traffic through to your computer, and blocking anything it deems malicious based on a predetermined set of rules. Find the setting called “Turn Windows Firewall on or off” and ensure that the firewall is on for both private and guest/public networks.

2. Search for “User Account Control” and open up the “Change user account control settings” menu. Ensure that the slider is set to the top. This will notify you of any program trying to execute changes on your computer and requires administrator approval to continue. This can be annoying sometimes, but it’s a small price to pay so you can examine exactly what is trying to install itself onto your computer.


3. Other than those two, general security tips apply. Make sure you have an antivirus software installed (Windows Defender, avast, malware bytes) and that its virus definitions are up to date. The setting to update this is generally easy to find. In addition, don’t click on anything suspicious you find while surfing the web, especially links with no context. No, you are not the millionth customer, you haven’t won an Ipad, and he’s not going to send you half of his inheritance. Use your common sense.

The steps for a Mac running OSX are generally the same. If somebody tells you that you’re totally safe because you own a Mac, they’re buying into an outdated myth (though, you are less likely to contract a virus on a Mac). Ensure your firewall is enabled, and use your common sense. Having a Mac may decrease the likelihood of getting a virus on your computer, but it WON’T protect any of your accounts (bank, email) from being compromised.

Smartphones and Tablets
Let’s be real. Smartphones and tablets have found their way into the hands of most people. This is great for the advancement of technology, but not so great for those who are less tech-savvy. The good news is, Android and iOS devices operate differently than personal computers, and it’s relatively simple to secure your smartphone. Let’s start with Android.

1. DON’T install sketchy applications. The Google Play app store isn’t perfect, and malicious applications sometimes make their way on there. Here’s how you can spot them:

a. Check the reviews. If it has less than 3 stars, don’t bother with it. It’s either malicious or it doesn’t do what it’s supposed to anyways. You’re better off steering clear. Also, many Internet “knights in shining armor” will comment on malicious applications and tell other users to steer clear. Always, always, always read the reviews.

b. Check the permissions before installing. Each application has a set of permissions that the user must agree to before installing. Sometimes these are hidden and have to be expanded by tapping on a drop down bar during the pre-install process. Does that food recipes app really need access to your contacts and call history? You be the judge. Again, check the reviews.

2. Applications outside of the Play store:
Listen, unless you know what you’re doing, don’t install any application (signified by the .apk file extension on Android) unless you’re technologically savvy enough to know what you’re installing. If you do know what you’re doing, make sure the unofficial application is from a publisher you trust and that you found it on a reputable site or developer forum (preferably with user feedback associated with it). If you’re not technologically inclined, you can block you phone from installing unofficial apps (commonly referred to as “sideloading”) altogether. Just navigate to SettingsSecurity and uncheck “Unknown sources.”

3. Like with PCs, use your common sense.

Good news for iOS users. Apple doesn’t allow their devices to sideload applications, and their app store is heavily monitored and screened for malicious programs. This doesn’t mean you can be totally relaxed. All of the other Android security tips still apply. Also, common sense. Starting to see a theme here?

I know it might seem like a lot to take in, but a lot of these are one time steps (and probably enabled by default on a lot of devices). For the 24th time, just use your common sense and you’ll greatly reduce the chances of you being caught up in one of these hacking attempts. Good luck, and happy computing!

________________________________________________________________

Dominic Sellitto is a Masters degree student at the University at Buffalo on the Information Assurance track. He is also a passionate “first adopter” of any new technology he can get his hands on.

Posted in Disaster management, Management, Technology | Tagged , , , , , , | 1 Comment

Dashboards for Business Intelligence

Why do cars have dashboards, with so many meters – Odometer, Speedometer, tachometer and it goes on. But what purpose does it really serve? It is to provide the drivers of the automobile an idea to gauge certain related parameters such as the indicators to low fuel, problems with oil pressure, tire pressure, etc. Similarly, the concept of dashboards can be extended to aid businesses to make informed decisions – providing an overview of what is going right or wrong!

Dashboards offer a summary of Key Performance Indicators relevant to a particular business process. A dashboard should be designed to communicate easily, with little distraction, support business to make decisions by providing useful information. In management information systems, a dashboard is “An easy to read, often single page, real-time user interface, showing a graphical presentation of the current status (snapshot) and historical trends of an organization’s key performance indicators(KPIs) to enable instantaneous and informed decisions to be made at a glance”. Dashboards can be categorized as Strategic, Analytical, Operational or Informational. Each category of dashboard is designed to support different set of decision makers.

Now that we have understood what dashboard essentially means, does and looks like, we can then move over to where exactly this fits! The use of Business Intelligence (BI) has become an integral part of any organization. BI- what once started off as pivot to accumulate and provide details about the trends based on historical data has now turned into an arena which provides performance and analytical data to help decision makers in making informed decisions. This version of the BI is supported by our front-end – the Dashboard! Dashboard acts as the presentation layer which projects the analytical data in a simple manner, which is easy on the eyes and is extremely easy for people to communicate with.

To get the most value out of the dashboards, people using them need to invest time to understand the system, to mention the information they require, the format they requires it in, and the how they want to measure and monitor what kind of performance information. One of the most important features of the dashboard is the ability to monitor multiple performance measures and to be able to link these metrics to gain broader perspective into the performance of a business helping them in better strategic planning.

Thus, dashboard acts as a window to analyse and monitor the performance of an organization. But, this ability can be maximized only if the users understand and are able to identify the data they want, to collect the necessary data, analyse it and present the same on the dashboard in the format they want, the metrics they want to see and monitor. Is this good enough for the senior management to gauge the performance of various operations and make decisions and change their strategic planning based on this – Now this is something which is open for debate!!

By -

Aparna Dhanasri Jayaprakash, Himanshu Yadav ,Rachitha Bheemaiah Baliyada,Vikram Singh

Posted in Technology | Tagged , , , | Leave a comment

E-Commerce website using Drupal

Jump Starting an E-commerce Website using Drupal:-

The Internet is now an affluent industry. With the technology advancing at a lightening rate, more and more people are aware of computers and internet. In this day and age people have become aware and are using the Internet for their daily needs. Here E-commerce websites become a frontrunner, reaching out to the millions of people searching for product or services online.

E-commerce or Electronic Commerce in a general sense means buying and selling of goods and services on the Internet. The advent of e-commerce websites has brought upheaval in the process of purchasing and selling goods. There are various websites like EBay, Amazon etc. that largely use e-commerce to make sales revenue

The advantages of having an e-commerce website are:-

  • Revelation - The diversity of products displayed on a website, provides a huge exposure to the millions of visitors on the web.
  • Time and expediency - Time is one of the crucial factors in our lives these days. Customers may find it difficult to practically visit a store every time. On the other hand, if one has an online store, anyone can pay a visit to the store at their own convenience.
  • Cost effective – Establishment and maintenance of a store in a primary locality is highly expensive. Using e-commerce is a whole lot easier technique of showcasing and providing information about your products. Moreover promotion of a store and its products can be carried out on timely basis. Advertising through web sources are also less compared to print or other media sources like radio or TV.

In an e-commerce website all that one needs is a good website design, which has a look and feel equally capable as your competitor, Search Engine Optimization to rank a website with other competitors, and the annual hosting charges.

Commerce Kick start is the quickest way to develop a functional e-commerce website using Drupal Commerce. It provides the latest versions of Drupal core, Drupal Commerce, and the other modules. It also gives you a set of options to create a fully-featured demo store with an attractive theme, catalog and search configuration, and a custom interface. It uses the MVC architecture.

The Model View Controller (i.e. MVC) structure is the best design pattern for web applications. MVC architecture divides a web application into three primary layers. The model layer abstracts a domain-specific data model and interacts with the data persistence layer on its behalf. The Controller interacts with the user through an interface (e.g. a webpage). The Controller after receiving information or requests from the user routes these to the application and returns the application’s response to the user. The View layer adds presentation templates (e.g. styles, themes, etc.) to the data that comes from the model layer, before it is sent back to the user interface by the Controller.

 

MVC architectures perk up the development, scalability and maintenance of web applications by dividing their critical components into separate layers that can be enhanced or exchanged without affecting the other layers. It uses Drupal as the Content Management System (CMS) at the backend which performs the core functionality of ecommerce website development.

Source:-

Prabhneet Arora,

 

 

 

 

Linkedin Profile:- www.linkedin.com/pub/prabhneet-arora/55/9b5/32b/

“Prabhneet is an ardent technology and web designing buff. He has a strong software design and delivery experience in Banking Domain and an acute taste for Web technology.”

Posted in CMS, Content, E-commerce | Tagged , , , , , , , | 5 Comments

Internet Cookies

Winter is just around the corner in Buffalo and the weather is just right to think about cookies. Not the warm ones which entice your taste buds but definitely the ones which fire up your intellect. When I was analyzing browser cookies, I,as usual wit my attitude to digress, started wondering why the name Cookies? After a little  snooping around on Google, I  found some extremely interesting details. The Cookies for internet were developed by Netscape group way back in 1995.The word “cookie” originated from the term “magic cookie” used in programming for a piece of information shared between cooperating pieces of software. What’s does this have to do with the edible cookie? It has been an age old American tradition to give and share cookies and hence the name. As long as we are in the topic of cookies we might as well explore more of the cookie world.

                  

(Source : http://www.sodahead.com/)

 

The web cookies had a humble beginning at Netscape Communications as a means to enable e-commerce visitors to be able to add items to their shopping cart and proceed with shopping other items on the site. The concept was a brain child of “Lou Montulli” and patented in 1998. Though the initial purpose of cookies was enablement of site visitors, now it has become a nuisance for site visitors due to the targeted ads called “Behavioral Advertisement”.

More information would be found in the wall street journal video article about usage of cookies in Adshttp://live.wsj.com/video/how-advertisers-use-internet-cookies-to-track-you/92E525EB-9E4A-4399-817D-8C4E6EF68F93.html#!92E525EB-9E4A-4399-817D-8C4E6EF68F93. The video introduces the concept of Flash cookies, cookies which regenerate on deletion. This thought itself is scary.

            (Source : http://wirdou.com/)

 

Hopefully web cookies find a new usage in the future. I wish I could create a cookie of my choice and with provision to change what kind of ads I want to receive. Now that would be something!!Maybe.Maybe someday.

Abhiram Upadhya ,

Linked In Profile: http://www.linkedin.com/pub/abhiram-upadhya/6/b53/191

“Abhiram is an avid technology and physics enthusiast. He has a strong software quality assurance experience in Banking and Telecom Domain and is an avid reader on topics of IT Audit and Risk Management.”

Posted in Technology | Tagged , , , , , , | Leave a comment

Cloud Computing – Calculating Costs of Service Delivery

Identifying cost of delivery of the service is not as simple as it sounds. It involves a clear understanding of hourly labor effort, overhead incurred and also effort to support their customers. Hourly labor effort is calculated by dividing overall labor cost by 2080 weeks per year and overhead costs are calculated the same way. Hourly cost of delivery is determined by adding both these values. Customer support effort is an estimated value which would be obtained by employing mathematical models based on previous data and intuitive judgement. This multiplied with cost is now added with the actual cost associated with the cloud to arrive at the total cost of service delivery.

The organization should also keep in mind about the various kinds of cost they would incur while setting up the system; it will consist of both initial and on-going costs. Few of the examples for initial cost would be facility construction or acquisition, power and cooling infrastructure, server, network, storage hardware, software licensing, racks and cables. Whereas the on-going costs would comprise of features such as payroll, facility, software and hardware maintenance and fees of various types like accounting, legal and insurance.
With the aid of the simple straight line depreciation model we would be able to calculate the monthly expenses:

   Once the true costs of cloud service delivery are calculated, the next thing to focus on is the strategy for pricing the service to the customers or end users. The customers will be charged with respect to the billable items they consume which can range from virtual machine usage, server blade, network and security services, SLA’s to data and WAN services. In case of virtual servers offered over cloud, price points are virtual machine instance, support and back up. In case of data storage, prices would be decided based on GBs of storage acquired, and number of requests/ transactions processed on that data. The
company can go ahead with either the elastic based pricing method which deals with the usage and consumption of service or to go for the fixed based pricing methods that would charge the client on a fixed monthly basis.

This post is submitted by – Soham Bhaduri , Subramania Sheshadri, Pranati Abhyankar, Deepak Manoharan and Divya Rajasimha machani who were pursuing MS MIS at SUNY Buffalo.
Posted in Business, cloud computing, Management, Technology | Tagged , , | Leave a comment

Why Partial P2P in education?

Why Partial P2P in education?

Image Credits – http://alternative-educate.blogspot.com/2012/04/peer-2-peer-university.html

‘It is the mark of an educated mind to be able to entertain a thought without accepting it’ – Aristotle.

The learning experience to which a child is exposed to has vital impact on his life and shapes his mind for the future. It has been observed in PROBE (Public Report on Basic Education) survey in India that 25% of elementary schools face the problem of teacher absenteeism, 57% of students of 5th grade cannot solve a mathematics problem of 2nd grade. As Instructors are responsible for providing students with experiences that are immediately valuable and which enable students to contribute to society, their absenteeism is having detrimental effect on the students learning process. With help of technology available we hope to augment the teaching experience by digitalizing the tasks which are repetitive, eventually reducing the instructor’s role in the knowledge flow to the student. Continue reading
Posted in Peer to peer networks | Tagged , | Leave a comment

Migrating your infrastructure to Private Cloud – Part III

In first two articles of this series, we have discussed the different private cloud providers and what factors drive the organizations to migrate their infrastructure to cloud.

Migrating process is not a straight forward process and involves various challenges and risks. In this article, we will discuss the challenges faced by organizations while migrating to private cloud and business risks associated with the migration. Continue reading

Posted in cloud computing, Disaster management | Tagged | Leave a comment

Pervasive Computing in Home and Community

Pervasive Computing in Home and Community
During the past 20 years, the pervasive computing architecture in home and community has developed different technologies that make possible using sensors, computers, and wireless communication tools to be involved in everyday life objects, from computers and other devices to umbrellas and raining boots, creating and implementing a range of applications. While these applications have been useful and practical, during these years, the moment to develop the next generation of pervasive computing systems came on place. These future systems were created to give support to the applications in order to get a deeper view of end user necessities and their activities. The Intel Science and Technology Center for Pervasive Computing (ISTC-PC) has been developing technologies to give power to the next generation of pervasive computing systems in home an community. The pervasive computing architecture can be applied in home environment. This technology is used to empower people by presenting the information at the right moment and place based on their needs. What is the main reason to put these kinds of technologies at homes and what does it bring to the society? Continue reading
Posted in HealthCare | Tagged , | Leave a comment

Security issues in decentralized social networks

security issues in decentralized online social networksSocial networking is one of the most popular applications on the web with a massive user base of more than two thirds of the world’s Internet population. These sites were used as a medium to interact with people, whom they have networked offline. People readily provide their personal information in order to join these social networks. Studies reveal that users especially students spend at least 30 minutes per day in various social networking sites. The social networking sites works as a collaborative platform in which users both produce and consume information. Continue reading

Posted in Social Media | Tagged | Leave a comment

Migrating your infrastructure to Private Cloud – Part 2

Traditional data-center management tools tend to be costly and difficult to manage as it involves a lot of manual processing. Multi-tier cloud management orchestration makes it easier to manage applications and also reduces the cost by automating the repetitive tasks. Network downtime for customers is one of the main concerns for organizations that use a traditional data centers while migrating their existing setups. This problem can be solved by using high availability (HA) solutions that most modern world cloud management applications provide. How does the high available solutions work? System monitors the status of all the nodes periodically and maintains the backup nodes. In case of failure of primary node, the load will be switched to backup nodes. As the switching time is minimal, there is no or very less network downtime for the customers. Also, these solutions doesn’t require the same type of underlying infrastructure which means that migration can be done between two complete different systems which customer applications supports.

Continue reading

Posted in cloud computing | Tagged , | Leave a comment