Other Ways To Connect

Thursday, October 31, 2013

Protecting Intellectual Property

Theft Is Too Easy Now

Property is property, whether it is real estate, cash or intellectual.  And getting ripped off is getting ripped off, whether you're being held up with a gun, are a victim of a financial scam artist or see your work copied or even sold on the Internet, without any payment to you.

In a very interesting article in last week's New York Times' Sunday Review, writer and cartoonist, Tim Kreider discusses the "special" way artists, whether writers, illustrators, composers or musicians, find their efforts viewed.  For some reason, while their work is valued, it's not valued enough to command payment.  Many people think that the artist will benefit from "exposure" or "eyeballs."  That's a serious problem because, as he correctly points out, exposure and eyeballs are not accepted currency at the grocery store.

He also argues that valuing intellectual property (IP) is a problem for many.  "People who would consider it a bizarre breach of conduct to expect anyone to give them a haircut or a can of soda at no cost will ask you, with a straight face and a clear conscience, whether you wouldn’t be willing to write an essay or draw an illustration for them for nothing." 

So, whether you are wildly successful or struggling, you've got enough of a problem getting appreciated (and paid) for doing what you love and what you're good at.  Don't make it any easier for the thieves.  Protect your intellectual property and do all you can to keep it safe. 

Protect Your IP Like It's Cash

If you had a pile of hundred-dollar bills, you wouldn't keep it on the front seat of your car, windows opened and doors unlocked.  You wouldn't keep the money in the oven, thinking that nobody would look there for it. You wouldn't just hand it to an acquaintance, thinking that you'd get it back whenever you asked for it.

You would get most of that money out of your house.  You'd deposit it in a bank or keep it in a safe deposit box.  But you wouldn't get it out of your house by mailing it in a clear envelope to the bank for deposit.  You'd take it there yourself.

Though we understand that our Intellectual Property can be as valuable as cash, we often don't treat it like cash.  We email it unencrypted to our agents or publishers, trusting that no hacker will have put a sniffer on a server, intercepting the email as easily as picking up a pile of cash from the front seat of an unlocked car.  We store it on our computer, where a hard drive crash or a malicious virus can destroy the property as easily as an oven can incinerate cash.  And we often think we are putting it in a safe place by uploading it to a remote server, sending it out unencrypted like cash in a clear envelope, and trusting that dozens of people, from the letter sorter at the post office to the bank delivery person will never be tempted. 

What Do You Do?

There are services available that encrypt your documents, store them encrypted, keep them off of your computer and scan them for viruses.  Not all are right for everybody, but take a look at them.  You will want a service that enables encryption both in storage and in transmission, provides a virus check, and encourages you to not just back up the file, but actually take it off of your computer so spyware can't get to it.

You will want a service that demands strong passwords and that keeps an audit trail of every time a file was uploaded, downloaded, viewed or modified.  You'll want to use the service as a substitute for unsecured email, meaning that you can give secure access to certain individuals like your agent, editor or publisher.  

And you are justifiably wary of "free" sites but you don't want to pay too much.

There are a number of companies that offer some of the services that may work for you.  We are, of course, partial to what our own company, SafelyFiled offers.  Check it out out here.  But no matter who you use, we urge you to think about your work as if it were cash.  Stay alert for the bad guys who want to steal it, from the people who simply don't think they are doing any thing wrong by copying it without your permission and from computer crashes and viruses.

It's your property.  Protect it likes it's cash.

Friday, October 18, 2013

Remembrance of Passwords Past

The weakest point of security in most systems is when you log in.  If the attacker can convince the system he is you, then fancy encryption and cryptography doesn't help.  

The act of proving your identity to the system is called authentication.  On most web-based systems authentication is performed by submitting a password.  Today passwords are a necessary evil, and we have discussed them in a couple articles in the past year: Password Frustration and  Password Perils.

Are you who you say you are?  Prove it to me!

The problem with passwords  

The tricky thing about passwords is they need to be hard for others to guess and easy for you to remember.  So there is a tension between complexity and randomness.  Your child's name is easy to remember, but also easy to guess for anyone who knows you.  Also any regular word is likely to be checked by an attacker with an automatic password checking script.

As a trade off you end up with a somewhat random password.  But your bank has different password requirements than your credit card company, and they both want you to change your password every 6 months.  So now you are tracking many passwords that change over time.

Remembering passwords 

In Password Frustration, Terri discusses her experience using LastPass to store all of your passwords encrypted and unlocked by a single password, but even a low tech paper-only password list can work.  This is my mother's solution.  In her home office she has a notebook that has a list of all of her accounts and the associated passwords.  A simple and effective solution.

Of course, there are downsides to a paper password list.  If an attacker gets your list, then he is in.  This is a problem if you are worried about people in your family breaking into your accounts.  But if you are worried about the far off Romanian hacker, then a paper list of passwords in your house is pretty safe (as long as there isn't a fire or a flood).

Resetting passwords 

Ultimately though, most of us will forget passwords and will need to get our passwords reset.  This password reset process is the other major weak link in most systems.  It is very vulnerable to social engineering or just a bit of research about your target.

The service provider wants to make resetting passwords easy for their customers.  After all, they want to keep you happy and using their service as much as possible.  But a good service provider will protect their customers from others trying to take over their accounts at the cost of some short term inconvenience.

Most services will reset your password if you can answer some security questions.  Sounds great.  No one should know the answers except the customer.  In general this may be true, but not if you are well known to your attacker.  An extreme example is a famous person like Sarah Palin.  An attacker was able to reset her yahoo email account password (and thus access her email) during the 2008 presidential campaign by researching the answers to her security questions (such as her high school and her birth date).

But even a regular person can have their account taken over through social engineering an organization's customer service.  Last summer tech reporter, Matt Honan, had his digital life erased in the course of a couple hours.  The key to the attack was getting customer service at Apple and Amazon to reset a password and give them some key bits of information.  Honan had "daisy-chained" his accounts, so getting into the amazon account meant that the attacker could use that account to get into other accounts (e.g. Apple then Google then Twitter).  Most of us have some daisy-chained accounts these days.  For example, many services will allow you to register with your Facebook ID.  If your Facebook account is compromised, those other accounts that use the Facebook ID are also compromised.

That is scary stuff.  What can you do about it?  Give up the Internet and hide in a cave?  Probably not.  Here are some things you can do to protect yourself.  
  • First, set your security questions on your online services, but think about your answers.  If the answer is something that is widely known or could be easily looked up (e.g. What is your wedding date?), come up with a scheme for adjusting your answer that you will remember (e.g. add 10 years to the date).
  • Second, review the password reset policies of your online services.  Read about their policies, or call customer service and see what data they need from you to perform actions or give you sensitive information about your account.  If it seemed too easy to access information, reconsider using that service.
  • Third, be careful of "daisy-chaining" your accounts.  This was what made the attack on Matt Honan so devastating. Once the attackers reset one account password,  they were into his other accounts as well. This daisy-chaining is very convenient (fewer passwords to remember) but as with most things in security has its risks.
In security, as in much of life, there are no easy answers.  The best thing you can do is be vigilant about where your data is and who has access to it.  Make the tradeoff between security and availability that works best for you and your family.

Wednesday, October 9, 2013

The Sandwich Generation

What is the Sandwiched Generation?

The definition from Wikipedia reads:  The Sandwich generation is a generation of people who care for their aging parents while supporting their own children.

According to the Pew Research Center, just over 1 of every 8 Americans aged 40 to 60 is both raising a child and caring for a parent.  In addition, between 7 to 10 million adults are caring for their aging parents from a long distance.
This number will continue to increase. US Census Bureau statistics indicate that the number of Americans aged 65 or older will double by the year 2030, to over 70 million.

Are you traditional, club or open-faced?


Carol Abaya from www.sandwichgeneration.com has even identified different types of situations, each with their own challenges.  Her definitions are amusing, yet very insightful:

  • Traditional: those sandwiched between aging parents who need care and/or help and their own children.
  • Club Sandwich: those in their 50s or 60s sandwiched between aging parents, adult children and grandchildren, or those in their 30s and 40s, with young children, aging parents and grandparents.
  • Open-Faced: anyone else involved in elder care. [1]

How do you manage and track important information for everyone? 

We all know that there are very important documents that we need to keep for our own household.  The USA Government website here gives some very detailed information regarding what files every household should keep and have available for different scenarios. Now multiply this by the other households (families) you're responsible for.  That is a lot of information you need to keep safe, sort, find and make available to others when it’s needed.  And sometimes, say during an emergency or sudden illness, it’s needed very, very quickly.

This is the very reason that SafelyFiled came to be.  Most of us at SafelyFiled are in the sandwiched generation.  We are executors of our parent's estates or are responsible for their care full or part time.  All of us have children or young adult offspring who are dealing with college or setting up their own careers.  We all have families who look to us for guidance and assistance, and some of us have grandchildren getting ready to move into the young adult stage or in one team member's case, depend on us for most of their care and well-being. These are big responsibilities and we certainly need all the help we can get.

There are ways to make it easier

You probably could have separate paper folders for each person, with all the important documents in them.  But what if you have siblings who help with the care?  Are you going to set up and maintain their files too?  Can you trust them to do it themselves?  It’s a lot of work keeping track of every change in medication, every immunization, and every password you use to pay bills online.  Do you need to notify your sister or brother every time mom changes her meds or you pay her taxes?

And what if you take a much-needed vacation or are traveling on business?  Your responsibilities don’t stop just because you’re not at home.  What if you needed an actual paper original?  Could you or somebody else quickly find it?  If you’re not at home, could you tell your spouse or one of your children exactly where to find it?

There is no way any one of us could easily organize, store and then find all the important documents in a paper-based system.  And the challenge is even greater when we are caring for family members who live hundreds of miles away. 

Secure, organized and sharable cloud (remote) storage

Unless you have attorneys or accountants on retainer and available to you 24/7, the only way to efficiently organize, manage, share and have access to all the files you need as a member of the sandwiched generation is to take advantage of the remote storage and organization services offered on the internet.  Take a look at them.  Whichever one you choose needs to be highly secure, lets you identify where originals are located, helps you organize, helps you share certain documents with siblings or others and is accessible from anywhere.

And please check out SafelyFiled.  We designed it for ourselves, sandwiched, responsible adults with too much to do, too much responsibility and too little time.  When you use it, we hope you’ll find, like we do, that it makes your life a little easier and that you’ll sleep better at night knowing that at least one of your responsibilities is fully under control

Wednesday, October 2, 2013

Nonprofits & SafelyFiled

There are great not-for-profit organizations doing wonderful things in and for our communities.  Here at SafelyFiled, we want to say "thank you".


It's hard to image where our country would be without the nonprofit organizations that are working behind the scenes in our communities.  People come together as volunteers to give of their time, talents and treasure.  This is a great testimony to the love that many have for their fellow man.  But it is not without challenges. 

One such challenge relates to proper storage, safeguarding and sharing of important and often times sensitive information.  This can be especially challenging for volunteer organizations where there is a constant turn-over of personnel.   The people leading or working on a team today may not be the same from yesterday or tomorrow.


Practices that make for profit business successful should be used for nonprofits as well


For profit businesses and organizations know that an important key to success is learning from past mistakes, keeping good records, and ensuring business continuity is in place. If something happens to members of their staff there is documentation in place to ensure that someone else can step in and keep things going. 

Unfortunately, these same disciplines aren't always applied in nonprofit organizations.  The cost of storing and sharing these files is a big factor.  Here at SafelyFiled, many of our team members are involved in nonprofit organizations and know first hand the risks and frustrations associated with records not being kept, accessible or effectively communicated with the appropriate people when needed.

So, in the spirit of sharing from lessons learned and providing a very inexpensive solution to the problem, we're offering the following information.   

Sensitive records are needed to be kept for historical, financial or tax purposes. They need to be kept safe but take up lots of storage space.
Scan those documents and store them in SafelyFiled for safe keeping that doesn’t take up space in your offices and are accessible only by authorized persons. (Not sure how long they need to be kept?  Check out our Doc Retention Checklist)
Teams keep changing and many things are reinvented because historical data isn’t available.
Keep meeting minutes, lessons learned, past project processes and other pertinent information in SafelyFiled and share those files with whomever is currently on the team.  Those person’s access can be removed at any time when they no longer need that information.
We need to track who reviews certain records or files
SafelyFiled provides activity logging that cannot be removed or edited in any way.  From the moment a document is uploaded, everything that is viewed, uploaded, downloaded or printed, is recorded in the activity log along with the date/time stamp, and the user’s login who took the action.
We have multiple different teams working on projects that need to share information for a short time.
With SafelyFiled’s Manage Sharing feature, you can grant access to folders or files on an as needed basis.  You can even send automatic reminders regarding certain files or records.
Sometimes we need to communicate sensitive information between teams quickly and email is the only solution for us at this time.
Email is not secure.  You can type in the wrong address that would put the info in the wrong hands and emails can be easily intercepted.  SafelyFiled provides a way for you to send a link to a specific document located within the account via email for quick notification.  The receiver then has to sign into SafelyFiled with their own login and password to access the sensitive information.  You also will have a record of that activity as mentioned above.
We have volunteers coming off and on projects frequently and we struggle with how to communicate information to them regarding those projects.
Again, with SafelyFiled, you can invite those new volunteers to participate in your organization’s SafelyFiled account, grant them access only to the project files they need to see, and at the same time keep all of that information in one location without risk of loss or damage.
Project delays happen often because key volunteers or project members are traveling with business or otherwise out of the area.
SafelyFiled is accessible from anywhere (as long as there is internet access), 24 hours a day, 7 days a week.  Simply send a link to the document you need that person(s) to review or comment on and they can log in and take the necessary actions. 
We have years and years worth of records and files, sometimes it is very hard to find what we’re looking for.
With SafelyFiled’s tagging and keyword features, finding needed information among thousands of documents is easy.  Everything that is input in the title, notes, tag(s), the location field (if a paper copy is needing to be kept and filed) and the "Relates To" field, are all searchable. 
We have lots of files that need to be scanned and uploaded to SafelyFiled
This might be another opportunity for volunteers to help. Start slow with documents that are important today and then build on that.  For documents that are not of a sensitive nature, you can use volunteers or even look around for paid services that are willing to do this for you. We have some listed on our Affiliations page.

Get the word out to nonprofit organizations you know!

SafelyFiled Pro Lite comes with a whopping 1 terabyte of storage and up to 50 sharing participants for the low price of $48 a YEAR!  Enroll and sign up and see more feature options here.

We are available to host one-on-one training sessions for nonprofits via virtual webinars if needed.

Thank you for volunteering and serving us all in our communities!