SimpleWan Staff Blog

October 7, 2016

Security as a Foundation By: Kyle

It use to be quite rare for someone outside of the tech community to hear about a large data breach; or someone hacking into a large corporation to cause damages. Nowadays, it is rare to find someone that hasn’t heard of some sort of cyber attack, regardless of their profession. But, one major aspect of security that is overlooked by most, is smartphone security. As smartphones become more and more integrated in almost every aspect of work & day to day life, these concerns are starting to be taken more seriously. Most people do not think of smartphones in the same way a person that wants to exploit them does. These things basically capture every move you make as you explore the internet, & even the physical world around you. Locational data, bank account info, private conversations, also, your camera & microphone, just to name a few. There are flaws in security that affect almost every aspect of your smartphone's functionality, and almost no one, outside of the industry, has a clue about it.

I want to talk about smartphones that are built from ground level with security as the main focus and goal. This trend is nothing new in the enterprise market, but the past options have fell short on many aspects, true security & privacy being two major ones. A few weeks ago i came across a company with these exact goals in mind, this company offers a set of devices that runs a very modified version of the popular Android OS. One of the major changes in this OS is the app permission & pre install scanning of downloaded items. In the settings menu, not only can you see a full list of all apps currently installed but also what aspects of your phone that these apps touch. Now this is nothing new to android but one feature found nowhere else is the ability to change those permissions. Say you don’t want google to be able to access your contact list; simply turn that specific feature off. Now most people aren’t too concerned about things like that, but let's say you found out that a specific app was accessing the microphone? Would this concern you? Another really useful and interesting aspect of this OS is triggered by default when downloading anything. From requesting a webpage, all the way to installing ‘approved’ apps from the app store. Everything aspect of what you just downloaded will be looked at in depth. The OS defaults to checked for any form of malware regardless of where the download came from. Now this will cause things to run a little slower then normal but when security & privacy are your main concern, i believe you can wait an extra few seconds.

Another major advantage to using this type of device are updates. To date there are only 2 other phone manufacturers that offer security updates as soon as they come out. These are Google Nexus phones and iPhones. More are starting to follow this trend but it is going to be a while until this is a standard. Since these phones are created by the same company that creates the OS that runs on them, they get to dictate when updates will be applied. Companies like AT&T & Verzion are often very far behind, sometimes a full year or more behind. With the current state of things, it’s been recommended to have security updates at least two times a month, if not more. This is simply not happening.

September 30, 2016

Why I love working for SimpleWan
By: Hayle

Lets be honest, there are a ton of really great perks for working for a cyber security company. We know all the stuff going down, our CEO talks to everyone in the media about the tech side of what is going on in our world, and when you mention that you work for a cyber security company people automatically assume that you are a tech savvy person. But there are so many other great reasons that I love working for SimpleWan.

Part of the company that never gets talked about, is our community service side. Our CEO has always made giving back to the community a huge priority at SimpleWan. We have given time, energy and lots of toys to so many charities over the years. Toy drives around the holidays; putting together Easter baskets for a children's hospital around Easter. Stocking toy closets at various medical facilities during the summer. Fundraisers that we get to attend for different organizations. To all the little things that SimpleWan does throughout the year.

What I also love about this giving back mentality, is that it is always rooted with children; children's charities, children's hospitals, children's organization. And I once had someone ask why that is? Why doesn't SimpleWan branch out and help other types of groups. The answer was really simple: With is being children's charities, we can get our families involved. Our employee's kids can come to all of it, they can help make Easter baskets for other children, they can help pick out toys to stock the children's toy closets. There is something very innocent and giving about children helping other children. And for this simple reason, SimpleWan works mostly with children's organizations.

It is a side of SimpleWan that we don't really talk about. It is not part of the media alerts that we are quoted in. It is not part of the elevator speech when we tell others about our company. It is not the part that is going to make it to news. But it is a hugely important part of our company culture. And personally one of my favorite things about working here at SimpleWan.

September 2, 2016

SimpleWan is a Cloud Managed Internet Security Company...And More!
By: Ryan

At SimpleWan, Internet security is our mandate. It's ingrained in everything we do. Our development staff are working to adapt and overcome the unending changing threat to business networks. Our sales staff is out delivering the SimpleWan security message at industry trade shows and conventions, and through our partner agents, dealers, distributors, and re-sellers. The front line staff is interacting with the above mentioned partners to make sure they are taken care of, with support questions, getting product orders fulfilled, and making sure daily operational tasks are completed. The management team are focusing on growth strategy, selecting the proper V/C partner or partners, and moving the bar up, exceeding our re-seller/customer expectations. These are things that SimpleWan is becoming known for. But, there is more...

For an increasing number of our customers, they are getting to know us for the additional services we offer over and above the physical security of their network. SimpleWan has a number of “add on” services that are patented and state of the art, with more are being developed all the time!!! Currently available SimpleWan service add ons are vMPLS, Content Filtering, Advanced PCI/Hippa Reporting, and Dual Wan Fail Over, which can all be part of our inclusive plan. Two additional services outside of the inclusive plan that can be added are: End User Help Desk/Support and Verizon 4G Fail Over. If you are thinking that all sounds technical and confusing, let me explain. Lets look at each add on service individually:

vMPLS- For those of you that have heard of traditional MPLS (Multiprotocol Label Switching), this is a SimpleWan patented virtual version of that for multi-location businesses. If you have multiple offices that are geographically disbursed, vMPLS allows you to set up a carrier neutral self healing network at a fraction of the cost of traditional MPLS. Carrier neutral, meaning you can be on multiple bandwidth providers. Self-healing, meaning that through our patented Smart Route technology, if a site looses its Internet, your other sites will be able to re-route data transmission seamlessly and automatically. If you are tired of dealing with the problems and security concerns of VPNs, check out the possibilities with our 1024 bit encryption vMPLS!

Content Filtering – Are you tired of seeing your staff on Facebook or Amazon during business hours, or want to protect yourself from the liability of workplace inappropriate websites being accessed at the office, or have an office,”bandwidth hog.”. This may be the service for you!

Advanced PCI/Hippa Reporting – Would you like to know that you are compliant and identify areas where you may not be? Get Advanced PCI/Hippa Reporting today!

Dual Wan Fail over – When your Internet service goes down, you can fail over to a backup provider so that your office is still open for business and you don't skip a beat!

End User Help Desk/Support – If you would like SimpleWan support staff to manage all end user questions or concerns. You can remove that item for your to do list!

Verizon 4G Fail Over- Similar to the Dual Wan Fail Over, except over a Verizon cellular connection for increased reliability and mobile capacity!

So as you see, SimpleWan is offering a number of phenomenal options to our customers to meet all of their Wan needs as well as fulfill their security requirements. We are always developing additional services to provide the ultimate security/Wan package for SimpleWan partners! Stay tuned to see what is next.

August 12, 2016

Who can you trust?
by Josh

In today's world, it's incredibly easy to not only access information online, but also very easy to publish our own content. Many services providers like BlueHost, MediaTemple and Godaddy offer affordable ways for users to have their own websites and publish their own content. With this ease of access, a platform rose to the top as the easiest to use for designing a site and publishing our images and blog posts; WordPress. 

It's currently estimated that WordPress powers 25% of all websites, which makes it very popular for good and bad reasons. It has literally millions of themes (for layout) and plugins (to add functions like contact forms). But it's also a target for hackers. Working in Internet Security, it's very common for me to come across hacked WordPress sites, in fact that's most of what I see on a day to day basis. But recently I encountered a very unique hack that could, and should, impact wordpress publishing standards.

As I mentioned earlier there are many add on's for WordPress; plugins being the most common. Plugins create new functions on you site like adding image sliders, creating contact forms, and allowing your site to sell items and take payments. Plugins are mostly free, but sometimes are paid for. Recently I was working on a WordPress site that as very obviously hacked. normally I can find the cause of the issue very quickly, within 15 minutes. On this particular hack, I had spent more than an hour trying to discover how the hacker had penetrated site. The conclusion was shocking for even a WordPress Veteran.

WordPress plugins are developed and programmed by normal users like you or me; and aren't always maintained. I could make a plugin today, create a website for it, and then give up on it a year later. Anybody using my plugin could would be out of luck on me ever updating that plugin. In the case of the site I was working on, that very thing happened. But some clever hacker had purchased the domain name the developer used to distribute the plugin. The same domain was used to update that plugin. The hacker re-setup the domain, and starting pushing new updates to the plugin with malware injected into the updates. 

A resource that can normally be trusted became an avenue for malware. 

This represents a new kind of attack. After consulting with several site security specialists, they had not seen this kind of attack previously. But it came from a common security issue; lack of interest and laziness. First was the lack of interest from the developer to at least keep the domain secure. The second condition was met by the site owner, they failed to check what updates where being installed, and failed to insure the plugin was still actively maintained. 

If you are running your own website, whether it's WordPress or another CMS, security should be a part of maintaining that site. Take the time to insure all your external and third party code sources are actively maintained and read changelogs before pushing updates. If this is beyond your skill level- don't be discouraged, there is many affordable services that can assist you in checking for these issues. Find one that meets your needs and make sure your website is safe!

July 29, 2016

OTA The Future Of Upgrading
By: Kyle

OTA, Over the Air, is a term used in quite a few aspects of computer science. The area most focused on is over the air software updates. This concept is nothing new to the industry but it is something that is becoming increasingly talked about and used by mainstream companies. Take Apple, they have been supplying OTA updates for iPhones and other product lines for quite some time now. One of the major companies to recently start using OTA is Tesla, they have been supplying OTA updates to their cars for basically since they started offering it.

One of the most recent updates was related to range of the battery and also performance enhancements. Yes, Tesla supplied an OTA software update that increased the 0-60 speed and also the amount of horse power supplied to the car.

Here at SimpleWan, we follow a similar path with our updates. Not only are our updates pushed OTA, they can also be scheduled, to a degree, by the actual reseller of that device. Meaning any unit under that reseller is set by them. Say you want to roll all online devices to the latest firmware version, in the past you would need to go to each site and upgrade each device. With the SimpleWan, you go into your reseller settings and change the FW version. Once set, the SimpleWan devices will upgrade their FW the next day in the middle of the night to ensure no site is kicked offline while the location is open. Conducting updates in this way massively cuts down on the need for human resources and also tightens all around security. If an exploit is found and a fix it pushed by the development team, you can upgrade all your device almost instantly. You can really start to see the value of these types of updates when looking at it from this perspective. Another use case would be the addition of a new feature. Once it has been added, simply reboot your device and now you have that feature. No having to wait for the IT guy to get out to your site so that you can listen to Pandora.

Another interesting aspect is the idea of releasing a product that is not using 100% of the hardware capacity. Meaning you are using about 50-70% of what that hardware can actually do. With OTA you could release a product and still continue to release updates that increase the overall performance of the hardware. This would allow companies start to gain revenue from a new product and not have to wait until it is at 100% capacity. A similar train of thought can be found in video game consoles. The latest Xbox1 had amazing hardware but it had horrible software. Instead of delaying the entire project they went ahead with deploying the consoles and made an announcement that they would be supplying massive updates to the software. Again, if this was just a few years ago, you would have been stuck with what you purchased.

July 22, 2016

SimpleWan Works with Ubiquiti
By: Will

As part of SimpleWan's goal to deliver reliable, remotely-manageable IT solutions at low cost, SimpleWan has recently rolled out a new feature called Ubiquiti UniFi® Cloud Controller. This is a hosted service which uses the off-the-shelf Ubiquiti Controller software, and lets customers use their own UniFi-brand wireless products without needing to purchase or install their own controller. Its login and security system has also been integrated into the SimpleWan Dashboard so that customers do not need to remember additional passwords or web addresses.

The installation process is very straightforward: simply enable the feature by editing the SimpleWan Site, and then visit the UniFi® Controller link in the site's management page. From there an Access Point may be added via its MAC ID, and within minutes the Controller will detect and adopt the new Access Point. One UniFi site and user is created for each SimpleWan site. Finally, a Wireless Network should be created inside of the Controller's Settings link. If alerts are desired, the user account may be edited to include an email address. Ubiquiti alerts are currently separate from SimpleWan alerts.

Overall, behavior of the hosted Controller will be identical to a self-hosted controller. Any questions about the service or device adoption process may be sent to SimpleWan Support, and any questions about the actual controller or UniFi products themselves should be sent to Ubiquiti.

We hope that this new feature will simplify wireless deployments for our customers, and offer a turnkey remotely-manageable solution that practically installs itself while being extremely reliable and affordable.

July 15, 2016

What Is SSL and What That Means To You
By: Erik

Most people don’t realize it but Google has had such a huge affect on many technologies; not just the things that Google is directly involved with. Many have heard of something called SEO or search engine optimization. It’s a process where you tailor your website to what Google wants to see and for the reward Google will move you up in the rankings of website listings. About a year or so ago Google added something called SSL to their SEO criteria to get good web page ranking results.

SSL is a form of encryption that is used on the Internet that secures your computer to the web server you’re talking too. This prevents anyone from viewing your traffic that is not you or the web server. Today this is the best way to keep your information safe and out of the hands of a third party. Google has now taken this to the next level, they want all websites encrypted, not just the ones that have credit or banking information. By giving sites that natively push your browser to automatically use this technology for all of their content, they are being rewarded by higher page ranks…

Old Firewalls are Dead..

Google just broke traditional firewalls that have anti-virus, deep packet inspection and content filtering built directly into them. This forced encryption is designed to prevent a third party hacker from seeing this traffic. Your firewall is also a third party to the activity. There are a few vendors out there that are offering decryption services on firewall devices, but that creates a whole other set of issues. For this to work, you would have to explicitly trust third party encryption and potentially breaks all web security. By doing this in a firewall that is on the public Internet you’ve also given a hacker a target that they can skim all the data out of. Lastly, to decrypt, scan and re-encrypt all the packets you’ve created a new bottleneck that also requires hefty and expensive hardware.

The future..

Just like we look at human behavior we will need to rely more on user analytics and data sharing in the future to protect against new threats. Its also important that people take a multi-tiered approach to security. Every technology has its place for protection. For email, use a service that includes an anti-virus/anti-malware on the server. For computers, they need to be running software based anti-virus so they can see everything once it's decrypted and on the PC itself. As for the firewall, big data, sharing intelligences between technologies as well as analytics will continue to be the future of detection and prevention. The last major hurdle is training, training people handling the technology is the best defense. Most organizations don’t spend near enough time on teaching employee’s what to look for in a threat. Any technologies out there offering a one-size fits all security solution probably isn’t doing a good job. Firewalls have been around 30 years, it's time we all take a step back and different multi-tiered approach to security.

July 8, 2016
SimpleWan's SD-WAN Solution - vMPLS
By: Ryan

Software-defined networking promises to redefine the static world of wide area networks, and the relatively new SD-WAN technology uses software and virtual network overlays to make WANs easier to design, build and operate, while helping users address the challenges associated with mobility, cloud and the internet of things. SD-WAN is estimated to be an $8.5 Billion industry by 2020.


1) Central and simple management. One of the biggest advantages of an SD-WAN is its ability to manage multiple types of connections - from traditional MPLS to broadband to the latest wireless technologies, such as LTE. SimpleWan vMPLS is entirely carrier neutral.

2) Better application performance and efficient use of bandwidth. With an SD-WAN solution, businesses can afford much more bandwidth per enterprise location. It allows you to tap into a greater abundance of bandwidth through your broadband connection, which allows even remote offices to more effectively leverage applications that help to transform the business.

3) Support for cloud and real-time apps. Real-time applications, such as live video, VoIP, interactive collaboration and predictive analytics, are requiring companies to make investments in their bandwidth. At the same time, more and more apps are moving to the cloud, thus making app management more dynamic and more complex. Consequently, networks that made sense in a client/server world might not be the best solution now.

4) More network at the same or less cost. SD-WAN technology can drive the costs of networking down by allowing businesses to complement traditional MPLS connections at headquarters or hub locations with cost-effective access for remote office locations. This creates a predictable and repeatable model to ensure that even the smallest or most remote locations can easily be added to the private wide area network. What’s more, SD-WAN technology enables these hybrid environments by using automated intelligent routing. Whenever broadband doesn’t offer the quality required for an application, the SD-WAN can direct traffic over the private link with guaranteed quality.

June 29, 2016

Security as a Foundation
By: Kyle

It use to be quite rare for someone outside of the tech community to hear about a large data breach or someone hacking into a large corporation to cause damages. Nowadays, it is rare to find someone that hasn’t heard of some sort of cyber attack; regardless of their profession. But, one major aspect of security that is overlooked by most, is smartphone security. As smartphones become more and more integrated in almost every aspect of work & day to day life, these concerns are starting to be taken more seriously. Most people do not think of smartphones in the same way a person that wants to exploit them does. These things basically capture every move you make as you explore the internet; even the physical world around you. Locational data, bank account info, private conversations, also, your camera and microphone, just to name a few. There are flaws in security that affect almost every aspect of your smartphone's functionality, and almost no one, outside of the industry, has a clue about it.

I want to talk about smartphones that are built from ground level with security as the main focus and goal. This trend is nothing new in the enterprise market, but the past options have fell short on many aspects, true security and privacy being two major ones. A few weeks ago I came across a company with these exact goals in mind, this company offers a set of devices that runs a very modified version of the popular Android OS. One of the major changes in this OS is the app permission; pre install scanning of downloaded items. In the settings menu, not only can you see a full list of all apps currently installed but also what aspects of your phone that these apps touch. Now this is nothing new to android but one feature found nowhere else is the ability to change those permissions. Say you don’t want google to be able to access your contact list; simply turn that specific feature off. Now most people aren’t too concerned about things like that, but let's say you found out that a specific app was accessing the microphone? Would this concern you? Another really useful and interesting aspect of this OS is triggered by default when downloading anything. From requesting a webpage, all the way to installing ‘approved’ apps from the app store. Everything aspect of what you just downloaded will be looked at in depth. The OS defaults to checked for any form of malware regardless of where the download came from. Now this will cause things to run a little slower then normal but when security and privacy are your main concern, I believe you can wait an extra few seconds.

Another major advantage to using this type of device are updates. To date there are only 2 other phone manufacturers that offer security updates as soon as they come out. These are Google Nexus phones and iPhones. More are starting to follow this trend but it is going to be a while until this is a standard. Since these phones are created by the same company that creates the OS that runs on them, they get to dictate when updates will be applied. Companies like AT&T & Verizon are often very far behind, sometimes a full year or more behind. With the current state of things, it’s been recommended to have security updates at least two times a month, if not more. This is simply not happening.


The Bliss of Ignorance
By: Chuck

According to SBA approximately 50% of business go out of business in the first 5 years. The odds are about the same for marriage. Yet in both cases, there are things we could do to that would mitigate this failure rate greatly. It seems to me that staying engaged in the entire process could make a huge difference. It's easy to be engaged with something that gives you immediate feedback and pleasure. It's much harder to be present in all aspects of a relationship, whether it's business or personal. We've all been guilty of it. Taking a loved one for granted until maybe it's too late. 

Business can be the same. As a matter of fact taking your eye off the ball in today's business arena can mean the death of you business. It's easy to do too. Most business owners are so busy with the day to day running of their business that it's easy to be dismissive about something like security. Even though 71% of data breaches are against small businesses. Another startling statistic is that 47% of business owners think a data breach would not affect their business. 

That's just crazy. 

Between the loss of reputation a business has to weather, and the loss of business as a result of that reputation hit, being compromised could be devastating. There are new rules and penalties for PCI/HIPPA compliance that in a lot of cases would put a company out of business.

That's also where SimpleWan's active monitored firewall makes a huge difference. It's on 24/7, 365 days a year. With our technology even if you have a "if I stick my head in the sand they can't see me" rationale you're still covered. It's automatic.

It pays to be vigilant in today's business environment. It's even better if you have automation that can do all that watching for you. SimpleWan can!

Finally, they say ignorance is bliss. Well,... that's also crazy. 


Stimulating Slow Network Connections
By: Will

If you're in IT or software development long enough, you'll hear reports of weird things happening when Internet connections get slow. It can be quite difficult to troubleshoot, however, because the problem usually fixes itself by the time you're able to test.

Or, maybe you're creating and testing service timeouts like in my previous blog post.

Both of these can be greatly helped by artificially slowing down your network connection, and fortunately there are tools available for every operating system:

First, for Linux, a script I wrote to automatically run the appropriate tc ("Traffic Control") commands for this purpose:

Secondly, for Windows, the commercial NetBalancer software has a highly-rated free version that is capable of limiting speeds and much more:

Finally, for Macintosh, Xcode Developer Tools includes a System Preferences add-on called Network Link Conditioner which you can access inside of Xcode by clicking on: Xcode > Open Developer Tool > More Developer Tools... > Hardware IO Tools for Xcode -- full tutorial available at:

With these tools, you can better simulate actual lag and fine-tune your timeouts, error handling, and diagnosis. For example, you may not notice the difference between connection timeouts and overall timeouts on your fast cable connection, but fine-tuning these values can make a big difference when a connection (or response) unexpectedly takes much longer to complete.


The Internet Speeds You Aren't Getting
By: Erik

Over the last few years I’ve had a lot and I mean a lot of phone calls and emails from customers and partners in all walks of life complaining about their Internet connection speeds. In recent years thanks to Google, many of the Internet providers are under the gun to provide faster connections at a lower cost. The bottom line is the user is being cheated (

We all know the world doesn’t work that way, if you want more for less, something has to give. You’re Internet providers have devised a plan to give you cake and eat it too… Or have they..? The modern Internet has made an expert out of anyone that can reach a speed test server. The end user doesn’t understand the overall experience of the Internet or how it works but they just want to make sure the number they see on the screen matches up with what they are paying for.

In the early days speed-tests were great and pretty accurate, however in today’s Broadband world it’s not the case. Most of the cable & DSL Internet providers now say “Up To” instead of an actual speed because they don’t want you to mistake what you are really paying for. In recent years to hit that message home, most of them have installed provisioning systems and equipment that let you “burst” up to a super fast speed often more then you are paying for; for a few seconds making that speed test look amazing. The only problem is most services you care about like VoIP, streaming video and of course don’t forget Xbox, require a streaming speed and that speed must be there 100% of the time for it to work well. Most of the Internet connection streaming speeds are about 20% or less of what the bust speed test speed is.

Anytime you go over that capped streaming speed with realtime services, they don’t work so well. But wait it gets worse, many of the speed test servers are not only sponsored by the Internet providers, they are hosted free of charge on the same network as your connection and don’t even really test access to the actual Internet.

At this point you should be upset and angry, the only problem is it's working… Most end users really believe they are getting the speeds their test display. Often when a professional show them the truth they still believe the test they see on the screen. So lets start by saying just about any speed test out there is lying to you! Those burst speeds don’t do anything for you at all unless you’re going to download really tiny files all day long. Second do yourself a favor run a real speed test that actually shows you your streaming speed, something with a large file like a 200MB file at ( The long term streaming speed is so important and will dictate how many phone calls you can have at one time and what quality of video you can stream and even if your music streaming service broadcasts in HD. Last stop believing what you see from a free online service, not everything on the Internet is true and your speedtest is a perfect example of one..


Great Common Sense Tips to Safeguard Your Business from a Cyber Breach!

By: Ryan

Like playing sports at a high level, it all starts with the fundamentals. Famed American Author and Speaker Jim Rohn said, “Success is neither magical nor mysterious. Success is the natural consequence of consistently applying the basic fundamentals.” Protecting or mitigating risk from breach liability is no different. Below, are a number of tips that every business owner should follow.

Ensure proper physical security of electronic and physical restricted data wherever it lives.

    -Lock down workstations and laptops as a deterrent.
    -Secure your area, files, and portable equipment before leaving them unattended.
    -Use a cloud managed firewall device to keep ahead of emerging threats and monitor breach attempts.
    -Don't leave papers, computers, or other electronic devices visible in an empty car or house.
    -Shred sensitive paper records before disposing of them.
    -Don’t leave sensitive information lying around unprotected, including on printers, fax machines, copiers, or in storage.

Laptops should be secured at all times. Keep it with you or lock it up securely before you step away, and make sure it is locked to or in something permanent.

Use extra security measures for portable devices, tablets, smart phones and portable electronic media containing sensitive or critical info such as:

    -Extra physical security.
    -Remove personal information data when it is no longer needed for business purposes. Minimizing the amount of sensitive data stored              reduces risk in the case of theft.

Report suspected theft of computing equipment to the authorities. Be sure to let them know if the stolen equipment contains any sensitive information:

    -Be sure you know who has access to folders before you put restricted data there!
    -Be certain you don’t put sensitive information in locations that are publicly accessible from the Internet. Double check. If you can                    access it online without a password, so can others.
    -Always transmit restricted data securely. This includes remote access and client/server transmissions.
    -Don't use open/unencrypted wireless when working with or sending this data.
    -Don’t email or IM (instant message) unencrypted restricted data.
    -Don’t forget about restricted data in attachments, screen shots, test data, etc. These need to be sent securely, as well.
    -Use good, cryptic passwords that are difficult to guess, and keep them secure.
    -Don’t share or reveal passwords.
    -Use different passwords for accounts that provide access to restricted data than for your less-sensitive accounts.

Change initial and temporary passwords, and password resets, as soon as possible whenever possible. These tend to be less secure.

Make sure all systems that contain or access restricted data have all necessary operating system (OS) and third-party application security “patches” and updates

    -Install anti-virus and anti-spyware software and make sure it is always up-to-date.
    -Don't click on unknown or unexpected links or attachments. These can infect your computer.
    -Monitor threats sent to you from your cloud firewall dashboard.

Don’t open files sent via IM or P2P software on a machine that contains restricted data – these files can bypass anti-virus screening. Don't install unknown or suspicious programs on your computer. These can harbor behind-the-scenes computer viruses or open a “back door” giving others access to your computer without your knowledge.

Don’t put sensitive information in places where access permissions are too broad.     

Destroy or securely delete restricted data prior to re-use or disposal of equipment or media.

Shred sensitive paper records before disposing of them. Do not re-use them where the information could be exposed.

Do not send or download personal information to an insecure or unknown computer.

Don’t use actual sensitive data in test or development systems, or for training purposes. If actual data is used, security for the system, test results (including screenshots), log files containing personal data, etc., must be equal to a comparable production system or data, including access controls.

Truncate, de-identify, or mask restricted data in these systems whenever possible.

Companies like SimpleWan can provide that data security that is desperately needed on any budget. Can be viewed at


Protecting Your Users

By: Josh

In this day in age, It’s hard to imagine a business (even a small one) not having an online presence. Besides Twitter and Facebook, chances are your business has it’s own website. Are you using the best tools and technologies on your website? Do your users feel safe using your site and it’s contact forms? Here I’ve outlined 3 ways you can protect your website and gain user trust when they visit your site.

SSL Certificates

An SSL Certificate does several positive things; they create a secure link between your site and visitors, protect information like email addresses and credit card numbers, and Google ranks sites with SSLs higher. Users  who know what to look for will see the lock in the URL and trust using forms on your site. Having an SSL with also prevent a hacker from seeing sensitive information you send and receive to a visitor, users will appreciate the extra protection.

Malware Scans

There are several services you can use to scan your site, all provide site banners to inform the user of the scan and when it was last run. The most popular is SiteLock. Their service can scan for file changes and help you restore files they see changes, they can also automatically delete malware files they find. Adding a service like this gives peace of mind to both you and your site visitor.


Google has been providing this as a free service for years; and with the newest version, it’s easier than ever for you to add it to your site. You mostly think of Captchas when you're submitting a form, however you can set them up to be required when visiting any part of your site. If you have a part of your site the contains secure information, or it loads massive amounts of information from a table, you can add a Captcha to prevent bots and spammers from seeing that information or overloading the database server.

If you're already using these methods to protect yourself and your users, then your on the right track. If not you can easily start using these methods to bring safety and comfort to you and your user base.


The Future For SimpleWan Is Bright!

By: Ryan

That thing that happens with young companies on their way to vast success is happening at SimpleWan! You hear people talk about, “the buzz,” and from the inside you can just feel it!

We are taking on new customer/partners daily. There is job candidate screening and hiring going on in all capacities. In fact, I was setting up prospective employee meetings for next week just yesterday. Our CEO is interviewed on TV, radio, print, and in social media multiple times weekly. Our phenomenal development staff is turning out product enhancements every week. New hardware and services are regularly being brought online. We are featuring at all of the large industry trade shows, and the list goes on and on! SimpleWan staff reminds me of bees in a hive, with lots of tasks to manage to facilitate this momentum that is being created. Anyone that is fond of books or cinema have likely heard of or read/watched stories of fledgling companies at their inception, through varying degrees of success. Movies Like Jobs from 2013 and The Social Network from 2010, and the book it’s based on called The Accidental Billionaires: The Founding of Facebook. A Tale of Sex, Money, Genius, and Betrayal by Ben Mezrich in 2009. To be clear, I am not saying that SimpleWan will grow to have $12B in revenue like Facebook in 2014, or $182B in revenue as Apple did last year, but, I am not prepared to say we won’t!

If you are reading this, and you question the size of our market space, read the following two quotes:

America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet. Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property. Although the threats are serious and they constantly evolve, I believe that if we address them effectively, we can ensure that the Internet remains an engine for economic growth and a platform for the free exchange of ideas.”

-President Obama

There are two kinds of big companies in the United States. There are those who've been hacked, and those who don't know they've been hacked.”

-FBI Director James Comey

Clearly, what SimpleWan does and provides is top of mind within the business community and at the top levels of government within the United States and the world. You cannot turn on the TV or read a news feed without hearing of another company that is heading down the path of lawsuits, management shakeups, multi-million dollar fines, and settlements like Sony, Home Depot, Target, Staples, Kmart, and JP Morgan to name a few. INTERNET SECURITY IS HERE TO STAY!!!

What is next for SimpleWan? As with the examples of Facebook and Apple depicted in the above mentioned books and movies, it is time for us to take it to the next level! It is time for SimpleWan to actively seek out the right fit for a venture capital Series A round and spur the growth we are experiencing exponentially. Capital infusion and acquisition is how companies turn into market powerhouses fast; this is no secret formula. I for one am so excited to be a part of it and to take these next steps! We know that the benefits of the capital infusion will just add to our speed and ability to become the best and biggest cloud based Internet security provider there is. We are thankful to all of our customer/partners for joining us on the journey!!! More to follow…


Evil Machines VS Evil People

By: Erik

Everyone is worried about smart evil machines; however, the biggest threat today is smart evil people controlling dumb machines. 

We keep reading in the news about high profile minds such as Stephen Hawking, Elon Musk and a hand full of innovators sounding the alarm about AI (Artificial Intelligence) and worrying about machines ending human life as we know it, in the not too distance future. Fortunately, we are most likely talking about a decade or two before those fears are the forefront of our reality. However, today we have a massive threat and it’s other humans controlling our dumb technology. 

Today we have technology in all aspects of our life. You can buy a washer and dryer, thermostat or refrigerator that connects to the Internet. Governments are inter-connecting power plants, water systems and traffic control systems for convenience and efficiency. All of these devices are dumb, meaning they can’t think for themselves but are deeply integrated and send enormous amount of data back to a central system. A hacker could hack your washer and dryer and flood your basement, turn off your fridge and ruin all of your food, or turn your thermostat down to 50 degrees in the summer running up thousands in power bills. While many of these are large inconveniences, on a larger scale disabling a power plant, contaminating a water supply or disabling a stop light could cause serious harm and even death on a massive scale. 

These threats exists today, not in twenty years or even next year, they can happen right now. The level of sleeper code being planted into the current infrastructure is incalculable. The level of scanning and looking for weak points in systems and storing of breached passwords, are happening every second of everyday. Today’s hackers are scanning for these weaknesses and making lists and then posting them online for sale. When someone finds a use or wants to target these devices, it all comes down to the highest bidder. To create a “Bot Army” you don’t need to know anything but how to stroke a check. The worst part of the entire problem is, as a country we have no idea how widespread the damage is or what is waiting for us in the near future.

Great minds need to start focusing on the threat that is right now before we focus on computer taking over the world. Computers have already taken over the world, but we should be really worried about the “Evil” people that want to control them.


Not Just Any Firewall. It's A SimpleWan
By: Ben

Everyone who uses a computer(s) needs to take computer network security extremely very seriously especially today's modern technology age. You rely on your computer on a daily basis and will want to get the most out of your computer as possible. This means that you will also want to protect your computer from danger.

The internet is basically a large network of computers which are all connected together. This makes it very easy for viruses to spread from computer to computer very quickly. If your computer is connected to the internet then you are at risk and must install the right security software. One essential piece of security software is a firewall.

A Simplewan firewall is a barrier between you and the internet. There are two main types of firewall: these are software or hardware firewalls. They filter the traffic from your home network and the internet. You need to use a firewall whenever you access the internet because it provides you with invaluable protection.

A Simplewan firewall separates the internet from the home network. This splits the network in two which makes it easy to decide which network traffic you should trust. Computer firewalls will help to protect you from viruses, DOS (Denial of Service) attacks, hacking and worms. These threats are always around on the internet and that's why you must use a firewall to protect you.

A Simplewan firewall will also help to protect your identity. Hackers may be able to access your computer and steal your personal information if you don't already have a firewall in place. Most firewalls will automatically start separating home and foreign network traffic. You might need to do some configuration before you can start using them but most of them will work out of the box with only minor configuration.

Why Do I Need A Simplewan Firewall?

You should know what a Simplewan firewall does by now, which is the main reason why you would want one. But you might not be aware of what it's actually doing. Whenever networking traffic is passed through the firewall it will decide exactly what to do. You can set the firewall up with a number of rules to block traffic from certain sources.

A basic firewall will only handle incoming software; but the best quality Simplewan firewalls will also screen outgoing connections as well as incoming connections.

The normal use for firewalls is to protect your computer from public networks such as the internet. Large companies will also need firewalls and antivirus applications and these can be hardware utilities instead of software tools.

With the advent of wireless Internet, more and more computer users are entering the world of cyber space. Yet, while these users are well aware of the importance of the protection of their computer when hooked up to regular internet providers, they are often oblivious to the fact that the same cyber dangers, and in fact even more, exist in the world of WiFi.

What you may not know is that same Internet connection that makes it possible to check your email from the comfort of your bed also makes it easier for hackers to access your personal information. It is for this reason, the sharing of the wireless Internet connection, that protecting your computer when wireless is even more important than ever before.

A Simplewan firewall has the latest security technology that is designed to prevent these breaches. Now that you know a bit more about firewalls and in particular a SimpleWan firewall, what are you waiting for? Get your network protected today. 


Malware from Anywhere By: Kyle

Strange cases of malware infections are becoming more frequent with the growing number of devices to infect as well as the growing number of mediums to deploy the infection. Earlier this year, I remember reading an article about a man that was suffering from a malware infection that no one could find the source of. The problems started with his laptop becoming significantly slower than before and strange software was being loaded onto his computer. He took his laptop to a computer store to see if he could have it cleaned and checked for malware. This fixed the mans problems for about a week or so before the problems returned and his computer was again infected with malware. He scoured the internet for answers to his problems, visiting an assortment of blogs and websites aimed at removing malware, he even went so far as to contact anti-malware software companies to ask for suggestions. The problems lasted about 2 weeks before he was able to get in contact with a tech support rep that was willing to help the man through the process of finding out what was going on. They spent hours going over every possible option that could be causing the problems and even went so far to ask for the domain names of websites he had been viewing. This all lead to nothing as they still had no idea what was causing the problem. They decided to try one last thing and the rep asked the man if he had made any changes in his personal life since the problems started happening. The man thought for a moment and informed the man of the changes he had made recently. After a little bit of brainstorming, the rep asked the man about a purchase he had made around the time of the first problem. It turns out that the man had purchased an electronic cigarette from China. Now this may seem normal but it turns out, the e-cigarette the man purchased had malware hardcoded into the charging portion of the device. Now for those of you that don't know, you can charge these devices by plugging them into the USB port of any computer. This means that every time the man would go to charge the device he was infecting his laptop with the malware that has been coded into the device. Although this was a very uncommon deployment of malicious software, it doesn't mean that attacks like these don't happen. This type of attack can be coded into almost anything that contains a computer; mouse & keyboard, speakers, even storage devices. There can also be many different type of malware that can be implemented though these, such as keyloggers, spyware, rootkits, and worms just to name a few.

    Although these types of attacks are uncommon and happen very rarely, it doesn’t mean that you shouldn’t pay attention to them. This attack came from the most common place object and most people wouldn’t have even considered it to be the source of the problem. As this becomes more commonplace it would be smart to do a little research about the product you are buying. Is this a trustworthy company, are there any bad reviews about the product you are buying. These questions could save you from falling into a trap. This time it was an e-cigarette, what will it be tomorrow? An SD card for you camera? The possibilities are quite endless as far as what item you can use, which is the reason that this could cause a very large problem.


Slow is the new Broken: Contributing to Open Source Projects
By: Will

In today's environment of cloud services and interconnected applications, it is no longer acceptable to build a slow service. Or rather, when you build an application that relies on a service, you need to program your application's interface with that service to "fail fast." 

Many of SimpleWan's recent projects have involved building real-time systems for processing millions of records, often obtaining or cross-referencing data on-the-fly from third parties. We could assume that a SimpleWan customer might tolerate a 3-second delay in the control panel, but this means our back-end systems need responses from third parties within one second; ideally within 100 milliseconds.

If a third-party's system is down or suffering from network issues, or if our architecture simply isn't optimized for the speed and size of data being requested, our back-end system may wait for a third-party response for multiple seconds -- sometimes even multiple minutes, if timeouts aren't configured correctly! By this point the customer, web browser, and probably even web server have given up on the request, so it's pointless to keep waiting for a response. It's much better to kill the request and log an error, thereby freeing up resources and giving us a chance to let the customer know what went wrong.

This means that every request, especially every third-party or off-server request, needs a timeout. Not just a timeout on the response, but a timeout on the connection or whole transaction, in order to prevent lockups during network incidents. And, that timeout should be low enough to still appear snappy to the customer, without being so low as to fail on minor hiccups.

But isn't this common sense? Why bother writing a blog post about this? Apparently it isn't common sense, because most of the open source libraries available for the third-party systems SimpleWan might use do not include timeout options. So, SimpleWan recently had the opportunity to contribute to a few open source projects, improving our customers' experience and helping the open source community.

To actually fix these libraries, the source code of the third-party library needs to be examined, new parameters for Timeout and ConnectTimeout need to be created, and these parameters need to be passed to the core or similar connection routine. Ideally, these parameters will be added in a backwards-compatible way (in an options hash, or at the end of function calls as optional arguments). That should be all that's necessary to get your application back on track; don't forget to share your improvements back to the community!


Would You Like To Get Rid Of Sensitive Data and Equipment…Free? Here’s How.

By: Ryan

At SimpleWan, we do everything we can to help our customers protect their sensitive information on their networks and over the internet. It is a critically important step toward protecting their businesses from the liability and damage to reputation of a data breach that we hear about far too frequently. However, this is not the end all be all to data security. What about the paper documents generated at your businesses? What about the aging physical hardware that stores data? Both of which can be every bit as damaging if sensitive information makes it to the light of day. Let me give you a real life example of an experience I had in 2007. I was working at a satellite office of a Fortune 500 company. Our office cleaners came twice a week to clean our office. My trash can was full and they would not be there for an additional day so I took it to the dumpster to empty it at the corporate park where we were located. In that dumpster were approximately1,000 files of former students of a well known online college located in that same corporate park. They contained names, addresses, social security numbers, phone numbers, Etc. You get the gist. I called over to the school and told a Director what I had found. They had 15 people there within 5 minutes to get all of that information back. Can you imagine the black eye they would have received, and the damage I could have caused if I meant to harm them or their students? Some employee had taken it upon themselves to clean out their file cabinets in a most inappropriate way. I know this is an extreme example, but, I bet your business is storing data in paper form or on equipment within your offices now that is no longer needed. What if you experienced a break in? That same data could find it’s way out and you cannot un-ring that bell.

Here is the part where I tell you how to get rid of it for free! SimpleWan Corporation is located in Phoenix Arizona, but, these events take place all over the country. For our Phoenix Metropolitan customers, there will be two free Shred-A-Thon events this next Friday 4-17-15 from 6AM to 6PM. Westech Recyclers will also be on hand to take unwanted computer equipment, electronics, and telephones among other items. A full list of items and details are below and at the following link:

If you are not in the Phoenix area, do an online search for Shred-A-Thon and see when these free events are taking place in your area. These are a fantastic way to responsibly and permanently destroy this data for free. Use them!!!

12 News Shred-a-Thon

2:50 p.m. MST March 31, 2015

12 News is excited to announce our semi-annualShred-a-Thon sponsored by Republic Services. This year's event will take place on Friday, April 17, 2015. There will be two locations in the Valley: University of Phoenix Stadium and Tempe Diablo Stadium.

12 News consumer protection unit, Call 12 for Action, is teaming up with Shred-ItWestech Recyclers, and Boys & Girls Clubs of Metro Phoenix to help local businesses and consumers minimize their risk of identity theft with the one-day Shred-A-Thon.

The first five boxes of paper (the size of a banker box) will be shredded without charge. Additional boxes will be taken at $3 per box. All proceeds from the boxes will be donated to Boys & Girls Club of Metro Phoenix.

Identity theft doesn't stop with just paper, thieves are targeting digital documents as well. Westech Recyclers will be onsite to recycle all your electronic components.

Due to the rising cost of CRT recycling there will be a $15 charge for CRT televisions and CRT monitors. All other electronic devices will be accepted without fee. Please see the following page for a list of acceptable items for e-cycling.

12 News will broadcast live throughout the day from the Shred-A-Thon locations in an effort to educate viewers about the dangers of identity theft. Please tune in and join us and Shred-It to help decrease Arizona's risk of identity theft.

University of Phoenix Stadium - 1 Cardinals Dr., Glendale, AZ 85305 (Hours 6am-6pm)

Tempe Diablo Stadium - 2200 W Alameda Dr., Tempe, AZ 85282 (Hours 10am-6pm)

Acceptable Items for E-cycling


PC's, Laptops, Flat Panel Monitors, Modems, Switches, Hubs and Routers, Storage Devices, Main Frames, Servers, Power Supplies, Tape Libraries, Circuit Boards, Power Cords, Printers, Wire and Cabling, Surplus Metals, Mice, Keyboards, Hard Drives, Floppy, DVD and CD Drives, Tablets, UPS Power Supplies, etc.


Credit Card Machines, Printers, Scanners, etc.


Telephones, Cell Phones, Switches, CSU/DSU Multiplexing Equipment, Phone Systems, Answering Systems, etc.


Printers, Fax Machines and Copiers, Calculators, Typewriters and Printer Cartridges


Stereos, Radios, Amplifiers, Projectors, Satellite and Cable Equipment, Video Equipment, VCR's, CD Players, Video Game Equipment, Surveillance Equipment, Cameras, Broadcasting Equipment, Communication Equipment, Flat Panel Televisions, etc.


Capacitors, Diodes, Resistors, Transistors and Integrated Circuits, etc.


Test Equipment, Lab Equipment, Medical Equipment, Cables and Wire, Connectors, Ballasts (without PCB's), Power Strips, etc.


Microwaves, Toaster Ovens, etc.



What Does Your Company Do For Others?
By: Hayle

Part of the company culture here at SimpleWan is to give back to our community. It has actually been part of our owners personal philosophy since he started his first company back in 2003. Here at SimpleWan, most of the charities that we work with are children's charities. There are several reasons why we choose to work with kids. However, the main reason is, when working with kids charities, not only can our employees be involved but their families. 

Every quarter, we pick a charity and do something for them. It is an event (yes an event) that everyone looks forward to every quarter. We close up the office for an afternoon, invite all the employees families; spouses, significant others, kids, the kid down the street; really everyone who wants to help, is more then welcome to. Then we go out as a big group to shop. 

Most of the time we do this, it is for a toy drive or back to school supplies. The whole company will go to the store, and everyone who goes gets a budget. You get to pretend to be a kid for the afternoon, shop for toys and all on someone else's dime. Our employees set up mini competitions to see who can spend all of their budget without going over. The line at checkout is always comical, as we have had many as 35 carts full of toys all going on one bill. And once we had so much we actually maxed out a register. 

This quarter, with Easter right around the corner, we always work with CRS; Children's Rehabilitative Services. It is my personal favorite event of the year. We get to not only shop for toys, but all the rest of Easter stuff. They need Easter baskets, for their annual Easter event. SimpleWan gets the honor of getting everything for the baskets and putting them together. Our office often looks like Easter has exploded in it. My kids love helping the "Easter Bunny", and it really brings a smile to everyone's face seeing our office covered in pink, purple, blue, yellow, and green baskets. Plus a little extra chocolate laying around always puts us in a better mood too. 


Who Protects YOU?
By: Jim

I have been focused on computer security, communications security, and data security since...well...since forever, it seems like. I was beating the drum about cyber threats at least 3 years before 9/11 and I personally take extensive precautions with my data and with my communications...just because it seems prudent. I have been called paranoid. I often hear: "I'm not doing anything wrong, so I am not worried." I've been told repeatedly that "we need this data in order to improve your experience." And all the while, the amount of data collected grows, and grows, and the extent that privacy in this society is now a myth, and security is vanishing. As I look at my writings from the late '90s (mostly on the Motley Fool), I find that I was quite naive. I recognized the threat, but only partially; it has grown to levels I only feared in my worst imaginings, and it is far from as bad as it will become. My response to people has always been: "what happens if this data gets into the wrong hands? What happens if people who would abuse it get control of it? How do you control your own narrative (being defined as how you present yourself to the world) when all this data is out there and accessible to anyone?" And now, increasingly, we see what happens when the data gets into the wrong hands. Blackmail. Identity theft. Reputations ruined. Individuals humiliated. Careers destroyed. Bank accounts robbed. Intellectual property strewn across the world. The cost is enormous...and this is just the tip of the iceberg; it will get much MUCH worse before it gets better, if it ever gets better. And, it is increasingly difficult to even control the problem. There are many, many horns to this dilemma, and they multiply daily. Not the least of these problems is the lack of commitment to security that we see among so many major corporations (Anthem or Target, anyone???). But it is not totally their fault; the rate of growth of the threats, and their sheer technical complexity, make it almost impossible for anyone to keep up. And it only takes one mistake to open up your systems, regardless of how careful or committed you are. When you combine these realities with the fact that there are simply not enough people in the world who specialize in cyber-security and are therefore available to help these corporations secure their systems - never mind helping the small business that needs the computer capability and has no idea how to secure them and could not afford to hire the experts anyway - what you see is that the situation cannot help but spiral totally out of control. This is why I am pleased to be working with Simplewan. Simplewan is addressing one of the major roots of the problem - the hoovering of the data - in what is perhaps the only possible way; by monitoring business traffic and identifying anomalous patterns or patterns matching known bad actors, then proactively cutting off those channels. This will not solve the problems, but this WILL greatly mitigate one of the major routes that makes the problem so dangerous; systems protected by Simplewan will not be nearly as vulnerable and therefore the data will stay where it is supposed to stay. It may be that I am standing guard over a corpse, that corpse being the corpse of individual privacy and security. But I continue to stand guard, and working with Simplewan provides me with an important weapon with which to stand guard. As time passes, I will have a lot more to say about safeguarding your privacy. Some of what I say will be relevant to Simplewan; most won't be. Stay tuned.


You Don’t Think A Data Breach Can Have That Big Of An Impact; Think Again!

By: Ryan

Yesterday, Target agrees to pay $10 million to settle lawsuit from 2013 data breach, (Reuters, 3/19/2015). They are further required to appoint a Chief Information Security Officer who was named today. It will be Brad Maiorino coming from G.M. to fill the newly created position. This was due to the much publicized attack that took place in November of 2013. Estimates were that 40 million credit cards were compromised and that as many as 110 million people’s personal information including e-mail addresses and phone numbers were stolen. That impacts nearly 1 of every 3 people in the United States! I know what you are thinking, because it is the same thing I was thinking. Target is a huge corporation and $10 million is equivalent to a slap on the wrist for a corporation that had over $72 billion in revenue last year. True, however that is only the beginning of what this really cost. Major credit card companies and banks have issued warnings and provided new cards to their customers who had made purchases at the retailer. The United States Secret Service and Department Of Justice opened investigations. Mortgages and car sales were impacted from plunging credit ratings due to identity theft, and the list goes on. For Target, their revenue dipped 5% attributed to the breach prompting Beth Jacob, who held the title of Chief Information Officer and Executive Vice President For Technology Services, to leave the company after 12 years of service. Next, It was Gregg Steinhafel, the Chief Executive Officer of Target that stepped down. True cost when taking into account lost revenue, legal fees, settlement fees, data security contractors, customer sentiment, and the $10 million settlement could be over $1billion for Target.

The difference between Target and the hundreds of thousands of small to medium sized businesses in the U.S., is target can afford to weather this type of storm. For the Mom and Pop companies that drive the United States Economy, many cannot. It is long past time that companies look at data security as much as a necessity as locks on the doors, alarm systems, security cameras, and security guards at their businesses. Companies like SimpleWan can provide that data security that is desperately needed on any budget. Can be viewed at