Your office photocopiers can now be added to the list of devices where personal data can be leaked. A number of recent personal data losses across the nation have been attributed to employees mishandling or purposefully removing hard drives located in multi-function printers (often called MFPs) for the purposes of exploiting the information that is digitally held by the memory devices inside them.

Investing in basic employee awareness training is a must to increase awareness about confidential document security.
The security issue pertains only to higher-end MFPs that digitally store copied or scanned images on a short-term basis. These MFPs usually contain small hard drives that can be removed and accessed by virtually anyone who has a computer and a hard drive data cord. The problem is so significant that a major copier company issued a security advisory warning that the hard drives on many photocopiers can store scanned documents.

So how easy is it to obtain information or documents from these machines? I decided to do a little test of my own by going to the local FedEx Kinkos, since our office copier lacks anything “high-end.” (That is another story.) I found a higher-end digital copier machine that had scanning capabilities. My intention was to ask a FedEx Kinkos employee if the machines had hard drives embedded within their skeleton; however, I came across something that captured my interest.

I discovered that the machine had a “recall” option, where the last three items copied or scanned were made available to me! I chose one of the three, and the MFP started printing out 10 copies of what appeared to be a confidential presentation from a local company that was proposing the acquisition of a large, publicly traded company. I later checked secondary research, open-source news, and investor sites to discover that the notion of a merger or acquisition with the company in question was not even being considered, much less publicly released. This could have caused a real issue for the company involved if a “get-rich quick” trader had leveraged this information in the stock market.

I then asked one of the FedEx Kinkos employees about the hard drives allegedly installed in these machines. The employee kindly told me that these copy machines were “top-of-the-line digital MFPs, each containing 1 GB [gigabyte] of hard drive space for storage.”

When I asked how this information could be accessed, she told me that the hard drives are “easily removable” from the machines.

I then inquired about how this might place personal or corporate information at risk, and I was surprised by the response I received from her. “That is definitely an issue [internal MFP hard drives], but what gets me the most is when people come in here [to FedEx Kinkos] from area businesses and photocopy and print dozens of copies of confidential and non-public materials and then just leave extra copies laying around. I am always picking up … presentations marked ‘confidential,’ ‘do not distribute,’ or ‘internal company information — not for external distribution,’” the employee told me.

She further said, “And, it must be common knowledge that documents get left at a FedEx Kinkos because there was a guy who [used to come] in here each week to collect presentations and extra copies left on the printers or scanners. After about the fourth or fifth day, I asked him what he was doing, and he told me that he worked for — [name omitted — the company is a competitor of a Fortune 500 company in the area]. He was hired as the company’s competitive intelligence manager, and one of the first places he went to get his information was the FedEx Kinkos closest to the competitor’s facility.” My jaw nearly dropped.

So, let this be a lesson: not only are digital copy machines insecure, it appears that employees who lack common sense are making the local copy shop a source of competitive intelligence!

This is an example of why company employees need basic awareness training about information security. Leaving confidential documents behind in public places is 100% sheer laziness. According to the Kinko’s store manager of the location I visited, “Every Kinko’s has secure shredder boxes for customers to use. We make sure that any piece of paper that goes into that box is shredded and unable to be used by a would-be identity thief or corporate intelligence agent.”

Investing in basic employee awareness training is a must to increase awareness about confidential document security. But this story is also a good reminder that annual audits of your company’s risk level for information loss can help prevent embarrassing incidents of personal customer data loss or confidential company document loss. Understanding that office equipment and devices that hold information — either temporarily or for long periods of time — can be accidentally or intentionally transferred to criminals who wish to make a quick buck is key to raising that awareness.

In this article, PC support and networking have been split into two distinct areas. The reasons for this are based upon the fact that they are two separate areas of IT, even though there may be areas in which the two are so closely related that the definitions become blurred. For the purposes of this book, PC support is defined as the task of supporting and maintaining PC hardware, workstation operating systems, and application software. Networking is defined as maintaining file servers, network operating system software, and network infrastructure components. There may be times when a PC support person is called upon to perform basic network administration tasksjust as there may be times when a network administrator is called to attend to an application software problem on a PC. Even so, the requirements for each area of IT are different, as is the knowledge needed to effectively operate in each case.

What Is a PC Technician?

Fundamentally, the term computer technician is another way of saying computer “repairman,” a label not appreciated by some, but one that accurately describes the job. PC technicians are the tinkerers of the IT industry, working as much with their hands as their head. As mentioned everywhere on the internet, repair and maintenance is the avenue many IT professionals use to enter the industry, and many other IT disciplines require rudimentary troubleshooting skills. But make no mistake; good technicians who make a career of it are born not made.

Good PC support personnel are a blend of two elements: technical excellence and communicative ability. In fact, in many environments, the PC support person’s ability to communicate with a client is almost, and in some cases, more important than their technical ability. Of all the career fields in IT, PC support probably requires the highest level of communication. Those who are already working as PC support technicians will tell you it is more than the ability to accurately absorb and relate information to and from a customer or client. It is more of a case of sociability.

Imagine this scenario, your car is not running properly, so you take it to a garage. When you go to the service reception, the guy behind the counter asks what’s wrong with the car.Your response, depending on how much you know about cars, will range between the completely informative to “there’s an odd knock.” As far as you are concerned, your job is done. But this is where the good mechanic takes over by asking probing questions, such as “When does the knock happen?”,”How fast do you have to go to get it to make that noise?” and so on. The point is that he is doing you as much of a favor as he is himself. The more he can find out from you, the more likely he is going to find the problem. Apart from making him look good, these questions also save you money because the less time he spends on the problem the less you get charged. These are the qualities that make the difference between a good mechanic and a great mechanic.

A comparison between the mechanic and the PC support person works because of a certain commonality. PC support people, like mechanics, work with complex objects owned, used, and not understood by millions of people. Owners of cars and computers rely on specialists to fix the problems that owners cannot.

A PC support person’s role differs from the mechanic’s role in that generally, mechanics have the luxury of working on a vehicle without the customer sitting next to them. You have to wonder how long many mechanics would last if faced with that situation. PC support staff often have the rather unenviable task of working on equipment while the customer is looking on. This means that having excellent communication skills are even more important because you have to hold a conversation with someone while you are trying to perform a complex task. The upside is that, like a mechanic, you get to suck the air through your teeth and announce in a mock sympathetic tone how expensive the repair is likely to be.

PC support technicians interact with people to a much greater extent than their counterparts in networking, programming, and other areas of IT. This is because PC support people are the ones who maintain the “windows” to the systems operated and built by these other people in IT. Effectively, PC support people are the faces that are associated with computing in general.

The other curious characteristic associated with PC support people is that they are expected to know not just how to fix PCs, but also how to fix any other piece of technical equipment, be it a phone system, a fax machine, a video player, or a photocopier. Although it is quite reasonable to back away from these machines, most PC support people find that they are happy to undertake minor configuration and repairs as they develop a bent for fixing such devices.

As if all of these areas were not enough, PC support technicians also have to work with products that are released at a furious rate by manufacturers so impatient to get their product to market that there are invariably errors or bugs in the products. As a PC technician, you not only have to keep up with the relentless release of new products, but you also have to learn what is wrong with them.

The role of a PC support person is multifaceted. Whether it is a conflict with computer software or a hardware malfunction, eventually, you are most certainly going to encounter a problem with your computer. Sleep easy; there is help at hand.

As senior partner and co-owner of Jones, Rose, Dykstra & Associates (JRD), a specialized services company providing a variety of technical, legal, and training services to federal clients and private businesses, Keith Jones is establishing himself as one of the industry’s leading computer security experts. With over a decade of experience in computer forensics, information security consulting, and software analysis, he is the go-to-guy for all of the latest technical security practices and innovations. Beyond that, he has branched out as a successful entrepreneur and author whose impact is registering beyond the usual confines of the technology industry.

Jones affirms that what drew him to the field of technology security was his lifelong interest in problem-solving, a necessary skill indeed when it comes to the frequently unknown and challenging field of information security. His formal training began as an undergraduate at Michigan State University, where he obtained two bachelor’s degrees in Electrical and Computer Engineering.

He further bolstered his credentials by earning a master’s of science degree in Electrical Engineering, also from MSU, and by earning his Certified Information Systems Security Professional (CISSP) certification. He is also an associate member of the American Bar Association and belongs to several engineering and mathematical honor societies.

While at MSU, Jones worked at the School of Criminal Justice, which exposed him to the growing problem of computer crime. This initial exposure to what was sure to become a widespread source of workplace distress compelled him to pursue a career in computer security, which he began after earning his master’s and heading east to Maryland, where he immersed himself in the computer forensics and security industries.

“After I finished my graduate degree, I went to work for a company in Maryland that was developing computer security and computer forensics software,” he recalls. The company also investigated computer crime, and I was able to assist other staff on those investigations.”

From there, he moved on to positions of increased responsibility with new companies looking to capitalize on what was then the technology revolution.

“After the first company, I worked at a small biotech company as their head computer security manager. I then moved to a consulting company named Foundstone (now part of McAfee). I enjoyed working as a consultant because I got to see the inner workings of several larger companies while I was there. After Foundstone, I worked at a company named Red Cliff Consulting, which mainly specialized in reactive computer security.”

Ultimately, Jones and his partners, Curtis Rose and Brian Dykstra, decided to pool their vision and talents together to establish their own security services company. “At the beginning of this year, we started our own company named Jones, Rose, Dykstra & Associates that is strictly a services company providing service to numerous clients, large and small, in the computer security and investigation industry.”

Of course, being so heavily involved with security raises its own unique professional and personal issues, making demands on experts not typical of other specialties in the technology field. Despite what might be considered an additional burden, these added responsibilities have been the source of some of Jones’s most memorable professional experiences.

“My most memorable experiences in my career would have to be from providing expert testimony. I gave expert testimony in the Federal criminal trial, U.S. v. Duronio, in which the defendant destroyed the computers inside UBS in order to personally profit. I was on the witness stand for five days as the government’s expert witness, and I pieced together every action of the defendant during the crime that ultimately led him to a guilty verdict. The defendant received the maximum sentence of more than eight years. It was amazing to be an influence in our justice system.”

In addition to his hands-on work in computer security, Jones has also authored two security-themed books: Real Digital Forensics: Computer Security and Incident Response (2005) and Anti-Hacker Tool Kit (2002). He also served as a technical editor of Incident Response: Investigating Computer Crime (2003) and as a contributing author of Hacker’s Challenge (2001). To help protect his physical IT assets from theft and tampering, Jones relies on tamper-evident solutions such as Seareach asset labels, demonstrating his commitment to security both in the digital and physical realms.

“I always tried to do the best I could do without the guidance of a mentor,” Jone says. Despite the fact that Jones’s multilateral success has been the result of his own instincts, his advice to aspiring tech professionals is to likewise look inward before trying to make their career ambitions a reality.

“To young professionals in the computer security and computer forensic careers, I recommend not only reading anything you can get your hands on, but also practicing what you learn. Many educational sources exist which tell you how to do the job, but it is up to you to actually practice and understand what you are doing. I also recommend that you question everything; do not just take someone’s word for it. The most successful people I have met are naturally curious about how things work.”

Q. What do you do for fun?
A. I love to hunt, camp, fish, and spend time with my kids.

Q. What CD is in your CD player right now?
A. CDs? I haven’t needed one of those in a while. I usually have my satellite radio tuned into some form of techno music or old school rap.

Q. What was the last magazine you read?
A. Bowhunters

Q. What is your favorite TV show?
A. Dirty Jobs with Mike Rowe and Survivorman with Les Stroud

Q. Who is your role model?
A. My business partner Brian Dykstra. He can just work forever without breaking a sweat.

Q. What makes you laugh?
A. My kids. All of the time!

If you have a desire to make a career in IT you can always start with a computer certification such as the Cisco Certified Network Associate (CCNA) certification or the MCSE (Microsoft Certified Systems Engineer).

It is simply not enough to have knowledge of a particular area in IT, but should also have a certificate for presenting your skills. Many students with intention to take up CCNA or MCSE stop halfway trying to earn their certification, due to lack of experience.

These days’ websites do help in networking but are also working as negative features for sensitive people wanting to make a career in IT. There are also plenty of popular websites where people post their forums. Here we also find people de-motivating a fresher for taking up a certificate. They stated having no experience, but just a certificate is of no use.

In order to have experience you have to start from somewhere. We weren’t born with the knowledge that we possess today, similarly we should not expect the same from entry level IT professionals and shatter their goals.

Today many IT professionals who have achieved a certain level know how hard it was for them to establish themselves and gaining experience.

Professional certification is important for an entry-level. The pursuit of certification is the pursuit of knowledge and working in the IT field, any knowledge is not complete knowledge. All those who are involved in Local Area Network need to have a CCNA.

If you work exclusively on the WAN, then go for MCSE. If you’re just breaking into Information Technology, you have several options open as: A+, Network+, or even your MCSE or CCNA.

If you possess knowledge, you will be able to grab right opportunity at right time irrespective of experience that you possess.

A day will come when you will possess both experience and certification leading you to success.

Although many people have the ability to troubleshoot a PC, making a career out of PC support is a completely different endeavor. It requires a combination of certain personality traits:

Technical curiosity-Support technicians always need to be one step ahead of new technologies. They need to be aware of what is coming and how to integrate the old with the new. This applies to both hardware and software.

Creative thinking-Computer related problems and issues are diverse. Although much of the repairs and upgrades technicians do are routine, there are times when approaching a problem requires a creative solution.

Communication skills-PC support often requires direct contact with clients, customers, and users. PC technicians must be able to articulate the problem or issue with the computer to the client. Effective communication also includes listening as well as talking, which is a fact that seems to escape many PC support people.

Ability to learn from experience-Time is of the essence when repairing systems. Many of the problems PC support technicians encounter are repetitive. Keeping a record of past repairs can reduce the time needed to research solutions.

Resourcefulness-Not all the problems faced by technicians are obvious. When faced with a particularly difficult problem, technicians must be resourceful in finding the answer.This may include Internet research or calling on another technician’s expertise.

Lack of fear with new technologies-The breadth of technologies that PC support technicians must deal with means that they will often be working with a product or system that they are unfamiliar with. In these situations, a combination of a cautious approach and a willingness to investigate the problem are necessary. In many situations, withdrawing from a problem is not an option.

Ability to work under pressure-Many people rely on their computer systems and when the computers go down, so does their business.Technicians are required to work in situations where there is always pressure to fix systems in the shortest possible time. Almost every computer repair call that a technician undertakes will be accompanied by the question,”I can’t work without my computer, how long is this going to take?”

Integrity-Unfortunately, there is the potential for technicians to take advantage of unknowing customers. The onus is on the technician to find the most economic and expedient fix to the customer’s problem. This involves the obvious traits, such as being honest about what is wrong, but also other attributes, like making sure that all avenues have been explored before performing costly repairs.
Can all of these characteristics be found in one person? Sure they can. The people who possess all of these skills and who know how to use them in the correct proportion are the superstars of the PC support world.

Daily Tasks

Due to the diversity and range of responsibilities and jobs a PC support technician is called upon to perform, it is difficult to nail down the exact daily tasks.The following list contains some of the common daily duties of a PC support person. Even though you are employed as a technician, do not be surprised to find yourself performing tasks other than those listed here:
Provide computer support services-PC support technicians will find themselves pro-viding technical support for clients or customers whether in person or over the phone. Supporting users comprises a large part of a PC support technician’s job.

Software maintenance and upgrading-Frequently, as soon as a new software package is released, it is immediately followed with a service pack or an upgrade package. These upgrades provide solutions to problems discovered in the program. Technicians have to be aware of these software patches and be able to use them to fix software related problems.

Keep a log of troubleshooting and fixes used-Computer related problems are largely repetitive. Technicians who have worked in the IT industry for a number of years will have a detailed history of problems and their solutions.

Diagnose and troubleshoot software and hardware related issues-The bottom line is, this is what a technician is trained and hired to do. Whether it is an illegal operation error, invalid boot disk, or faulty CD-ROM drive, a technician’s job is to diagnose the problem, and then fix it. In many cases, the problem can be fixed while the PC is on the client’s desk, but occasionally the computer needs to be removed and a replacement unit left in its place. This often necessitates the transferring of data from one PC to another.

Maintain inventory of software and hardware-Technicians employed by companies are often required to keep track of the computers and software being used. This is an easy but sometimes mundane task that requires accuracy and diligence. License conformance is a weighty issue with companies and software manufacturers alike.

Set up of new equipment and software packages-Companies spend a great deal of money purchasing new hardware and software. It is the PC support person’s role to ensure that the new software and hardware is set up and configured correctly. In many cases, this may include the training of users in the use of the new systems or software.
Preventative maintenance schedules-The best computer repair is the one that never has to be done. Preventative maintenance, such as defragmenting hard drives and cleaning systems, can prevent the need for future repairs. In many cases, PC support staff are required to create a schedule for such maintenance as well as carry it out.

Provide informal training-Helping users may seem like just curing another problem, but in many cases, it becomes more than just help and develops into informal training. This requires that PC support technicians take their existing qualities of technical ability and communication skills and add patience to the mix. Helping someone with something they don’t understand can be very rewarding, and many PC support people enjoy this facet of their role more than any other.