Category: business

I am not a computer geek and this review is intended for people like me. There are many technical support reviews examples on web that can make you learn but most of them will not go any deeper than explaining through examples. Recently I had to ask for some technical support from iYogi for my PC and my experience wasn’t that bad. I give a huge credit to the technician been provided to me.

The review of my experience with iYogi technical support might be worthwhile too. Their support options can be pretty affordable. Their professional support “list price” is $ 169.99 for one whole year for remote tech support. My experience isn’t necessarily representative of the kind of support you will get but you will definitely get an idea how does it work. All I can do is to educate people about the kind of support you will get.

Without any notice I had this weird freezing of my computer. I was almost in the middle of an important work and suddenly my computer crashed. I called iYogi for help as few days back I gone through their website and I found it pretty decent to ask help from unlike other technical service provider (I don’t want to take name though). The technician was pretty helpful and supportive too.

Tech support has always been a huge burden for most companies. But all you have to do is to browse through the net for tech support newsgroups, iYogi has many of them, and then you can quickly realize that most customers don’t even know how to put forward their questions. Mixture of different computers and other things makes any sharp and talented technician confuse and makes it impossible for them to resolve it.

Communication with the customers has to be real supportive, which u definitely get from iYogi. Technicians usually gets carried away with their troubleshooting and sometimes cuts off the customers when they speak or neglect their opinion of the issue because a user or customer only knows what it’s really about. Aside from this, an employee or technician should always be courteous and well mannered towards many customers because that’s their area. They should also make the customers understand about the troubleshooting so that the user gets familiar with it.

A real good tech support person has a lot of knowledge and training and it’s a valuable asset to ask for a good salary.iYogi does a lot to protect that type of talent and provide the essential and high quality tech support that some people need. To respond to this, iYogi is taking advantage of the fact that there really are a lot of iYogi people out there who are ready and willing and able to help the users. Some of them are the nicely paid tech support people with whom you might talk to on phone.

iYogi creates the website like iyogi, etc that makes it possible for people for customers or the users to communicate well and for also selecting the right program or plan for themselves. Instead of forgetting the websites that helped us out from the soup, I will suggest you to make a bookmark of these websites, for issues are always around the corner.

Since I went for the one year subscription plan, soon I received a call from a skilled technician over the phone. Though it took time for the technician to understand my problem but I still appreciate that I didn’t get that scripted response what we usually get for other free technical service provider, like after talking to those you feel like banging your head against the wall in frustration. The iYogi technician treated me like a customer but didn’t assume that I knew nothing. This made it possible to zero in on what to do remarkably quickly. After checking a few obvious possible ways, we set a remote connection to my PC so that the technician could work directly on my box.

The short version of my story is that, using emailed instructions the technician got to me right after that, and made me understand what actually causing the problem.

The enough good knowledge that is been taught by my technician was that when the computer cannot find an updated driver, it locks itself up and get freeze. The hardware drivers should be updated on a regular basis. It also helps in augment the computer’s RAM by increasing the PC’s virtual memory. RAM acts as a buffer to speed up access to your programs and files that are in use. Though all of your data is stored on your hard drive, RAM is much faster. Whenever your computer pulls up a file off the hard drive, it loads it into your system RAM so that it can continue to access it faster. The end result is a much faster interface with your computer. The more RAM you have the more programs and files your computer can keep stored in your RAM.

Since this is a virtual Basic site, I won’t be mentioning the brand name of my PC. If you are absolutely dying to know email me I’ll tell you everything. The technician updated my driver remotely and I’m up and cranking again on my PC.

After my whole remote session I have gone through their website minutely and I learnt that they have around 95% of customer satisfaction. I will definitely like to mention what iYogi is good at; employees of iYogi are good at working under supervision or within a team. The technicians are good natured personality and affable character and also help the team morale and team work. The personal traits and the characteristics can affect and individual’s output and team work much more than you can imagine. And they also leave a mark on customers mind.

If you roll your eyes towards the back of your head, you will realize that that you are not alone in making complaints for their computer. There always a tsunami of customer commenting on iYogi’s forum about their technical support. There are few praising and few are disapproving, maintaining all these by the technician and still giving you the satisfactory solutions is an appreciable job.

These guys diagnose the root cause of the errors with a device or hardware and if it can be resolved by manual resetting then they will guide the customers through the step by step process. They wait until the computer is restarted to ensure full resolution of the issue.

After I finished speaking with the technician I also spoke to his supervisor, to express how much I appreciated my technician’s work. The technician has this amazing knowledge of the situation, the courtesy and respect he showed and their diligence in resolving my problem was extraordinary and most commendable. I truly appreciated working with him, as I learned a lot from them. He was a real trouper and quitting wasn’t a part of his character. iYogi should be very proud to have this member of your staff on your team and in your organization. It was a truly great job.Techmaster60

Getting online computer tech support has various benefits. One is that you save a lot of time and get you box fixed as soon as possible. Another benefit is that through their PC tech support guidance, you get some training on how to fix the computer issue. In case the same predicament happens again, you would know what to do to fix it. There by saving you the costs on computer repair tech services.

I will also mention it’s amazing to get their 1 year subscription plan from iYogi, for which you have to pay once $169.99 and they provide you with the best technical support free of cost of whole one year. You have to make sure that your computer get the support maintenance and true tune up, it needs to perform well.

What best you can get customized technical support services at the time and place you want and at anytime 365 days. With the overall PC troubleshooting (as technicians call it) experience of around a decade, they not only gives you a deal on tech support but also familiarize you with the workings of your darling machine.

The community is always willing to lend an extra hand, with discussion boards and Q&A services, forums, troubleshooting support may not be real time or hands-on, but it is free and instructional.

Introduction

“Cardholder data continues to be a target for criminals. Lack of education and awareness around payment security and poor implementation and maintenance of the PCI Standards leads to many of the security breaches happening today” PCI SSC ‘PCI DSS 3.0 Change Highlights’ – August 2013

Card data theft is still happening so the third revision of the PCI Data Security Standard is as much a re-launch as a revamp.

Many organizations – even Level 1 Merchants – have yet to fully implement all requirements of the PCI DSS V2 or previous versions of the standard, so eyes may well be rolling at a new version of a standard which hasn’t yet been mastered in its previous forms.

This new version is more about refinement and clarification than any introduction of new techniques or technologies to help protect against card data theft, but while losses through card fraud are still on the increase, it is clear that something has to change.

How large is the problem?

In terms of the losses being experienced, you can see why card brands, issuers and banks would still be desperate for better care and attention to be applied to their card numbers. $11Billion was lost last year and that amount is increasing yearly. Bearing in mind that the total value of card payment transactions now exceeds $21 Trillion annually, there is still plenty of money being made from the provision of fast guaranteed payment products. However, any initiative that reduces that $11 Billion loss is worthy of some time and attention. From the most recent Nilsson Report on card fraud:

“Card issuer losses occur mainly at the point of sale from counterfeit cards. Issuers bear the fraud loss if they give merchants authorization to accept the payment. Merchant and acquirer losses occur mainly on card-not-present (CNP) transactions on the Web, at a call center, or through mail order”

PCI compliance isn’t just a card-brand problem that results in your organization having to spend time and money on, but is a way to protect your organization directly from serious risk. This isn’t simply a financial risk either: other factors such as brand protection and customer trust are also lost when a breach occurs.

PCI DSS Version 3.0 – Stick or Twist?

The new version of the PCI DSS isn’t available until early next month so this is an early reveal of what is quite an extensive re-working of the standard. Most of the requirements are carried over with some tweaks and additions which will be covered later but there is also a degree of refinement in the wording throughout the standard.

The overall intention is that the standard aims to promote thinking about security of cardholder data rather than simply driving compliance with the standard. The Security Standards Council are, of course, keen that security best practices are adopted and practiced as a matter of routine rather than just as a ‘once-a-year, big-push-to-keep-an-auditor-happy’ event – as if anyone would do that? J

New items will be considered “best practices” until June 2015, after which they will become official requirements. Furthermore, any organization compliant with PCI DSS 2.0 can stick until January 2015 before adopting the new version of the DSS.

What Has Changed in PCI DSS V3?

So what are the specific changes or new requirements? There are wording changes throughout to encourage more routine focus on the PCI DSS requirements, but there are some detail changes and clarifying language that we can highlight here.

Requirement 2: Vulnerability Management and Hardening

Requirement 2 has always mandated the need to harden server, EPOS, and network device configurations, removing default settings as a minimum, but encouraging the adoption of a NIST or CIS hardening checklist. Detail changes for Version 3 make pass phrases acceptable. Pass phrases make a good alternative to long, complex passwords, being easier to manage and remember, but with equivalent security protection. Hardening, vulnerability management and configuration control is one of the NNT ‘strong hands’, and more detail is available on our website.

Requirement 6: Develop Secure Applications

6.5.6 – Insecure Handling of PAN and SAD in Memory

Just like with Buffer Overflow Protection and SQL Injection Attack mitigation, this is an appeal for application designers to be on their guard. This requirement is aimed specifically at defending against memory scraping malware, and to design in safety features so that CHD and Secure Authentication Data is protected.

The call is to take a step back and consider using programmatic features that prevent unauthorized applications from accessing memory (some development environments are better than others for this). What happens to CHD or SAD during a program crash? (Many attacks take the form of disruption to the application in order to make it ‘cough up’ or dump data). Where possible, can the application completely erase data when no longer needed?

In other words, this is partly an application development challenge (hence being a Requirement 6 item) but also a malware protection issue too. An attacker will need a Trojan or other Malware to scrape memory, so low level FIM can play a part in underwriting coded-protection. In summary, get ready for some more challenging questions from your QSA, so ask your EPoS/eCommerce app providers or in house development team now what they make of this requirement. Potentially this will also prove to be a difficult requirement for a QSA to validate.

6.5.11 – Broken Authentication and Session Management

The detail of this new requirement appears to be asking merchants to mitigate the risk involved with client-side takeovers: assume that trusted clients could become attack vectors. Client-side attacks are one of the most common ways hackers get access to data and as ever, hackers will go for the weakest link. The requirement also intends to put focus on man-in-the-middle style attacks as well.

Interestingly there is also a suggestion that merchants who use re-directed services (like Worldpay for example) may also need to examine their application session management operation for vulnerabilities.

Primarily this is an application design issue (Requirement 6 prefix is a giveaway J ). It highlights a common ‘vulnerability vs. functional’ balance that is tolerated by developers because implementation can create user experiences that are compromised. For example, it is not going to improve sales from a retail web site if, when a customer leaves their shopping cart pre-checkout momentarily, they return to a “session timeout” message. OWASP knowledgebase is your go-to resource for development mitigation.

Requirement 8: Always Use Unique User IDs

8.5.1 – Unique Authentication Credentials for Service Providers

Standard security best practices within and outside of the PCI DSS are to always use unique access credentials for EVERYTHING so you know who is the perpetrator when something untoward takes place. It’s just standard, good practice.

However the need for this to be explicitly highlighted as a requirement suggests that service providers need a reminder that this does apply to them too. Most service providers will be operating securely but they still need to take the same basic precautions and ensure they are using unique credentials (and not just ‘customername+administrator as a username either!)

Requirement 9: Physical Security

9.9 – Protection of Point-of-Sale (POS) Devices from Tampering

Based on cardholder data theft statistics, card skimming and more elaborate variants thereof targeted on the POS equipment are still widespread. This is the ying to the yang of the previously covered, highly technical requirements, reminding Merchants that ‘low tech’ crime still works too.

Requirement 9 has always been intended to convey the message of ‘don’t let anyone touch any of the cardholder data processing equipment’. The Version 3 clarification here explicitly highlights protection of endpoints, leading to the conclusion that Requirement 9 has generally been interpreted as – rightly – being strongly oriented towards the ‘central site’ data center, but at the expense of focus on POS systems. Tech New Master

Requirement 11: Test Security

11.3 Develop and Implement a Methodology for Penetration Testing

This is another ‘new’ requirement that exists to emphasize focus on one of the standard practices that everyone already complies with, but maybe doesn’t do it as well as they might. A classic case of meeting the letter, but not the spirit, of the requirement.

It appears that the market for Pen Testing has become highly commoditized with most vendors offering cost-engineered, highly-automated services. This inevitably has led to tests becoming more superficial (more ‘checkbox approach to compliance’) so this new requirement is a ‘tug on the leash’, forcing the merchant to avoid bad habits and corner-cutting.

This is something very key to the NNT methodology anyway, in that we advocate that classic Security Best Practices are operated, which in turn help to minimize the ‘boom and bust’ approach to vulnerability management that the PCI DSS sometimes engenders.

For example, running annual or quarterly scans, then having to drop everything for a week in order to patch and re-configure devices before repeating the process 3 months later not only makes life hard, but may also render you unsecure for months at a time. NNT works on a continuous basis to continually track changes to devices and allow you to operate more of a ‘trimming’ process to vulnerability management. This approach is more effective, gentler on the network and hosts, and easier on your resources too!

Requirement 12: Maintain a Security Policy

12.9 – Additional Requirement for Service Providers on Data Security

And finally, a clarification of Requirement 12 concerning the use of Cloud or Managed Security Services. The intention is to ensure that service providers properly understand and operate their PCI requirements fully. The DSS places the onus on the merchant to ensure they have a statement acknowledging this and, in turn, Merchants should be indemnified of cardholder data protection by their service provider.

Conclusion

In summary, while there are new requirements, some of which may prove to be challenging to implement and test, nothing changes in terms of intent.

Data security has to be a full-time focus, requiring high levels of operational discipline, with checks and balances to ensure security is being maintained. The PCI DSS attempts to convey this, but has always fallen victim to the need to educate, clarify and mandate security best practices. Data Security isn’t an easy thing to describe or summarize, hence the DSS has ended up with 650 sub-requirements that the Merchant or Payment Processor find complex and ambiguous.

Samsung, a renowned mobile phone manufacturer is widely acclaimed for fashionable phones, especially the slim sliders. Gone are the days when Samsung was known merely as a universal mobile manufacturing company. Now it is gaining reputation of a niche handset maker in the industry. Samsung has come up with two new models catering to the expectation of new generation handsets. G600 and i780 are the two models which are the talk of everyone these days.

The newest model, G600 is the centre of attraction. This beautiful phone is equipped with the latest technologies, which can enable users with intrusion-free communication. The sliding format has replaced the clamshell as the most popular mobile format in the UK at the moment. The smooth opening and closing mechanism of the Samsung G600 is a breeze. This phone comes up with a 5 mega-pixel camera which matches with the quality of a digital camera with its high resolution images and videos. The camera also features an in-built picture editor, plus supports direct printing to a Pictbridge-compatible printer.

On the other hand, Samsung brings a masterpiece named as Samsung i780. It presents an unseen mobiling experience to the users. The phone comes equipped with a touch screen with 65k colours. Screen resolution is superior – it’s 320 x 320 pixels. Unlike Samsung G600, it has a relatively lower resolution camera which is of 2 megapixels. However, some other advanced features make this handset more fashionable. The phone carries the advanced GPS navigation system that helps the users in guiding them on the right track. With the unique TV output feature users can connect the phone with a TV and have a bigger experience of wide viewing. samsung 55au7700

Samsung G600 is superb in its music quality. The phone houses an integrated music player and a stereo FM radio. It gives a complete hurrah to the game lovers who want to play new and modern games on phone. It is embedded with Java games and other downloadable games which gives a real thrilling experience to the gamers. In addition to this, the phone is loaded with 55MB internal memory and micro SD memory card option. All the other features required for connectivity are available. With Bluetooth A2DP, USB, EDGE and GPRS, the phone gives the features like WAP 2.0 XHTML, mobile printing, email support, handsfree speakerphone, NetFront HTML, TV Output, etc. Thus, G600 is a complete package of entertainment in your hand.

Apart from the connectivity functions present in G600, Samsung i780 has some more unique features which make it like a mini computer. There is no more need to have a PC to view your Word, Excel, PowerPoint files, MS Office package, Windows Media Player, Email and instant messaging. It also takes care of business fast with HSDPA. You can download data at 3.6Mbps, update your corporate database and share files in real time. At the same time, with the help of the USB 2.0 in Samsung G600, you can transfer your favourite music at a lightning speed. The phone gives an opportunity to access the internet easily and wend or receive the emails instantly. 40 Mb of internal memory is enhanced through a 1 Gb memory card which can be used to store music, games and other latest software.

Samsung i780 vs. Samsung G600 is going to be a tough one with so many features under their belly. Both champion models have some attractive features to offer that make the rivalry to be a high-voltage one.