Nashville Web Design | Programming | IT | Atiba.com

Archive for the ‘Security’ Category

GDPR: What Your Organization Needs to Know

man with computer

The European Union Parliament is set to enforce the most significant piece of European data protection legislation in 20 years. The General Data Protection Act (GDPR) goes into effect on May 25 of this year and could impact any organization that has or plans to have website/app visitors from the EU.

The GDPR replaces the Data Protective Directive of 1995 with the intention to harmonize data privacy laws across Europe. It is a comprehensive data law written to protect all EU citizens data privacy, and it applies to any organization that processes personal data of those residing in the EU, such as tracking their online activities. It does not matter if an entity does not have a physical location in the EU or is not based in the EU, if that entity is currently servicing people in the EU, or plans to, it must comply with GDPR.

Personal data applies to any information that can be used to directly or indirectly identify the person or subject.

Key Changes

The biggest changes that the GDPR incites are an increase in territorial scope and a change in consent laws

  • Territorial Scope: The GDPR encompasses a large amount of people as it does not matter where the company is located that is processing information as long as users reside in the EU.
  • Consent: The GDPR will strengthen the conditions for consent. Under the GDPR, conditions for consent must for given in an intelligible and easily accessible form. People need to know what they are giving consent for without having to decipher legalese. Explicit consent will be required for processing sensitive personal data, but for non-sensitive data unambiguous consent is permissible.
  • Data Protection Officer: A DPO is only required for public authorities, organizations that engage in large scale systematic monitoring, or organizations that engage in large scale processing of sensitive personal data.

Additional Rights

The GDPR also grants additional rights to data subjects, which includes:

  • The right to be informed. Data collectors must be transparent about how they are using personal data and must inform subjects of their data usage.
  • The right of access. This right improves data transparency and empowers the data subject to be informed whether a company is using their personal data, and how and why it is being processed.
  • The right of rectification. When possible and reasonable, data subjects will be allowed to have their personal data edited if they believe it to be incomplete or inaccurate.
  • The right to erasure. Data subjects have the right to have their personal data permanently deleted upon request. Reasons for deleting data include, but are not limited to, a withdrawal of consent or a lack of relevance of the data to the original request.
  • The right to data portability. Data subjects have the right to the data they have previously submitted concerning themselves, and the ability to resubmit that data to another controller.
  • The right to object. Data subjects are allowed to object to their personal data being used.

Steps to Prepare

To prepare for the implementation of GDPR come May 25, 2018, organizations should take the following steps:

  1. Determine where data currently comes from and resides. Figure out what is done with that data.
  2. Determine what data the organization needs to keep and what data no longer suits its needs.
  3. Put security measures in place to guard against data breaches.
  4. Review all privacy statements and disclosures to ensure they are in compliance with GDPR.
  5. Establish procedures for handling the new rights available to data subjects under GDPR.

Not complying with the GDPR will result in fines of up to 4 percent annual global turnover or $25 million, depending on which is higher.

World Backup Day

satellite dishes

lighthouse in a stormIt is estimated that 32% of all critical data loss is because of human error and 44% is from hardware or system malfunctions. No on expects massive data loss, and it can happen at any time and bring your business to a standstill.

Since 2011, March 31 has been declared to be World Backup Day. Now, we obviously recommend you backup your business data more often than once a year, but having a yearly reminder of the importance of backing your data up is never a bad thing.

If your data is stored on some type of hard drive, back it up to a separate physical drive, preferably in a different location, and as an additional safety measure, use a cloud based backup service. Also, you might consider migrating to the cloud entirely, where a company like Atiba that offers Network Management Services will make sure your data is always secure and available.

Five Key Attributes To Look For In A Custom Software Development Company

There are a variety of reasons people seek out a custom software solution for their business, and it is sometimes the biggest decision a business might make. The most common reason is that there is no software solution that solves the problem(s) they are trying to solve. It could be that there are software solutions, but they have poor functionality or just don’t fit exactly what they’re trying to do. It could be that there is a solution out there that is prohibitively expensive with many features the company would never use. If you find yourself starting on the journey to find a software development company, here are five thoughts to keep in mind as you get started.

1) Communication Is Key

Rare is a software development project that doesn’t require consultation and advice along the way. Look for a software development company that has been around a while and has the battle scars to prove it. And make sure they are good communicators so that if you request something they have tried in the past and found doesn’t work, they will not hesitate to communicate that experience to you. They should also be able to  recommend ways to solve your specific requirements. If you lay out your vision and come away thinking, “I have no idea what they are talking about, I guess I’ll just have to trust them,” you’re setting yourself up for possible trouble down the road.

2) Experience Counts

hands typing on a laptop keyboardIf you’re looking for a custom software solution, you’ve probably reached your last nerve trying to deal with all the available product that don’t quite solve your problem. That means you need software that will do exactly what it is you want it to do. This is where experience is an advantage for a software development firm. A company with leadership who have solved a variety of problems over the years bring institutional knowledge and wisdom to the table that greatly increase the chances that your new software will be successful. They don’t necessarily have to have already built exactly what you want for someone else, but they may have experience with some of the components and processes you are requesting. Plus, if they’ve been around, it shows that they’ve encountered plenty of problems and been able to come up with solutions.

3) Look For A Strong User Experience Development History

A user-friendly interface is vital to your new software’s success. The backend can function beautifully, but if users can’t figure out how to use it, the software is useless. Make sure the software development company you choose places an emphasis on user experience (UX), which includes rigorous quality assurance (QA) all along the development cycle.

4) They Have A Clear Support Policy

You’re getting a software solution that is being built from scratch, so you need to expect some bugs and quirks upon deployment. Make sure the company you choose gives you a clear picture of what support is included, and how much support that is not included is going to cost.

5) Check Their Work

A good indicator of future success is a rich history of past success. Take time to have them show you custom software development projects they’ve done in the past, explain the process and problems they went through, and, if possible, show you the end result. Not only is this an important step in your due diligence, it will give you peace of mind moving forward that your project is in the right hands.

Foil phishermen with two-factor authentication

Check out Atiba founder JJ Rosen’s latest column for The Tennessean:

Foil phishermen with two-factor authentication

“It’s a big idea, but we have to set a new standard for security.  The combination of a username and password is not enough.

Rosen’s column appears twice a month. You can view an archive here.

Based in Nashville, Tennessee, Atiba serves as a one-stop shop for strategic web design, web development, CIO consulting services and business intelligence, custom software development, mobile app development, IT support, network services and security. Atiba’s service divisions include Atiba Network, Atiba Software and Wheelhouse Marketing.

Atiba Network Alert: Beware new ransomware

We would like to alert our clients to a relatively new form of malware that can encrypt your entire hard drive.

The virus is called “Petya” and you can read more about it by clicking here.

If you are currently set up as a managed services client of Atiba Network Services we will be updating anti-spam and anti-virus systems to attempt to block Petya, but be aware that these types of attacks are often difficult to block.

The simplest way to prevent such attacks is to stay alert and decline to open files in messages from people you don’t know

Atiba Network Services provides a one-stop shop for computer consulting and expertise allowing companies of all sizes to have a single reliable source for client/server application development, internet browser based applications, web site and intranet coding, networking and support, and general computer consultation.

New Mobile App Developers

As Nashville’s top full-service technology consulting firm, we are proud to recruit the best and brightest in the industry to lead our network infrastructure, custom software development, web design, digital marketing and mobile app development projects.

JJ Rosen, President and CEO, has kept the team focused on the core philosophy of Atiba, “Our mission is to deliver the most customer-centric technology solutions in the marketplace. To effectively execute our mission and connect with our clients we’ve continued to hire the best programmers, engineers, designers and project managers in the business.”

Mobile App Developer PHP C+

Justin Gregory – Software Developer

Justin Gregory, PhD, is a new addition to our software development team.  Since joining Atiba, Justin has developed and deployed the GoVoteTN mobile app on behalf of the Tennessee Secretary of State – a mobile app for the people, by the people. With years of software development experience using C/C++, OOD, Unix, Erlang, Haskell, Labview, Python and more, Justin exemplifies the intelligence and self-motivated nature of Atiba team members. Justin earned a PhD in Interdisciplinary Materials Science from Vanderbilt University and a B.S. in Physics and minor in Computer Science from Lipscomb University.

Mobile App AGILE Project Manager

Mike Presley – Project Manager

Mike Presley, Atiba’s newest Project Manager, is passionate about mobility, apps, interactive design, and improving the overall look and effectiveness of the web.  Mike is dedicated to creating the next generation of web and mobile apps through better user experiences. Mike currently leads projects for  Dollar General, Worship Together, Patient Focus, Hamilton-Ryker and The Pasta Shoppe, to name a few. Mike received a Bachelor of Science from Vanderbilt University.

Mobile App Develpment PHP C+

Bryan Bodkin – Software Developer

Bryan Bodkin is an innovative computer engineer with a unique blend of software programming, project management, and hardware design skills. He recently completed work on www.WorshipTogether.com and Pan Oston projects.  Bryan holds a Masters in Computer Engineering from the University of Tennessee (Knoxville) and a Bachelor of Science Dual Major in Computer Science and Electro Mechanical Engineering Technology from MTSU.

JJ Rosen, Founder and Chairman says, “I am excited for the next decade with our new team members to support the ongoing growth and positioning of Atiba.  We will continue to keep our offerings innovative by hiring team members that are “half geek, half human”, enabling Atiba to demystify technology for clients and help their businesses thrive.”

IT Security: Top 5 Best Practices

2014 has been the year of the hacker.   Sony, eBay, Target – all great companies that were victims of major hacks.

As computer consultants, at Atiba we get to see a lot of the good and bad as it relates to IT security.   While nothing is 100% secure, over the past 20 years we have observed that there are 5 must have best practices that every company large or small should implement.

Here are our Top 5  Security Tips:

  • Use 2 factor authentication as much as possible.   Passwords are not enough.   Check out http://en.wikipedia.org/wiki/Two_factor_authentication for a summary of how this works.
  • Double check that all your corporate data in encrypted at all times.
  • Proactively test security from the outside in.   Using a 3rd party firm (like AtibaNetworkServices.com !) or 3rd party tools you can often catch a security hole before someone else does.
  • Use the cloud as much as possible.  The cloud is not a one-size fits all solution – but for smaller companies the Amazon EC2 Cloud and/or the Microsoft Azure cloud are generally more secure than on-premise systems.
  • Keep servers and network devices patched.  The risk of a patch causing problems is low compared to the risk of a security hole.

Stay secure!

 

 

Security Alert: Internet Explorer

Microsoft has issued a security alert to acknowledge a vulnerability in its Internet Explorer web browser.   Today, Microsoft released a patch to fix this issue.  If you use Microsoft Internet Explorer, please click here to access the official Microsoft statement and recommended steps to fix the reported issue.

What’s the latest on “Heartbleed”?

Today, the U.S. Government posted a warning that hackers are attempting to exploit the ‘Heartbleed’ bug in targeted attacks by scanning networks to see if they are vulnerable (source: Reuters).

New Smartphone Mobile Blogs on Tennessean.com

Our main man JJ Rosen continues to contribute solid blog posts to Tennessean.com, and in the middle of the holiday season, there’s plenty of mobile trends and news to talk about.