Banner
 

How to Move Images with Arrow Keys in a Windows WPF App

In Image Processing applications it is sometimes necessary to move a selected image (or part of image) to place at a specific position. For example, it is applicable to Form Processing, where predefined templates of different forms exist. When you select an image and place a predefined template on top of the image, it may happen that the position of the image needs to be adjusted to align it with the template. In such cases, you can use keyboard arrow keys to move the image horizontally and/or vertically.

We are exploring the same in a Windows app built with .NET, C#, and WPF. We have found several ways of moving the image when the image control is placed within a Canvas. Canvas is used as a container in WPF, where you can place several controls, but this case is a bit different. Here the image control is not placed within a Canvas – a different container has been used to place the image.

To achieve the image movement functionality, the PreviewKeyDown event can be used for Image control. This event occurs when a key is pressed, while the focus is on the image control. So, the first part is over, i.e., connect the arrow keys with the image control. The next question is how to move the image? For this set the image control’s margin whenever a specific keyboard key is pressed. Here is some code to alter the margin for the image control.

private void OnPreviewKeyDown(object sender, KeyEventArgs e)

{

    switch(e.Key)

      {

        case Key.Left:

                leftMargin -= 5;

                e.Handled = true;

          break;

        case Key.Right:

                leftMargin += 5;

                e.Handled = true;

          break;

        case Key.Up:

                topMargin -= 5;

                e.Handled = true;

          break;

        case Key.Down:

                topMargin += 5;

                e.Handled = true;

          break;

        default:

          MessageBox.Show(“Invalid key pressed”);

          break;

         }

      this.image1.Margin = new Thickness(leftMargin,

          topMargin,

          rightMargin,

          bottomMargin

           );

}

In the above code, say the image control currently has the focus and you want to move the image to the left. For that just press the left arrow key. Then the PreviewKeyDown event is called and it comes to the Key.Left case, which decreases the left margin by 5. In effect, you will see the image move to the left. The movements toward right, top, and bottom also work the same way.

Please remember the following points:

  1. The image control must have focus.
  2. Set the KeyPressEventArgs.Handled property to TRUE – it will cancel the KeyPress event; otherwise, the image control will loose focus and the PreviewKeyDown event will not called on arrow key press.

Enjoy playing with images in a WPF application on Windows.

Why Backup Data and How to Backup on Windows – A Simple Solution

WHY BACKUP DATA?

The most precious thing on your computer is the data. No, not the latest and greatest computer you have purchased recently. The most valuable asset on your computer is all the data stored on it, especially what you have created, collected, processed, organized for your work, learning, or even entertainment. Now here are some cold hard truth about data and the associated risks.

  1. More than 95% computer users have experienced data loss in some point of their life.
  2. Data loss cost US businesses $11.8 billion in 1998. 6% of all PCs will suffer an episode of data loss in any given year.
    Reference: http://gbr.pepperdine.edu/2010/08/the-cost-of-lost-data/
  3. An article from Boston Computing, provides the following statistics:
    • 30% of all businesses that have a major fire go out of business within a year. 70% fail within five years.
    • 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster.
    • 31% of PC users have lost all of their files due to events beyond their control.
    • Every week 140,000 hard drives crash in the United States.
    • A 2013 poll found that 30% of computer users had NEVER backed up their data.
    • According to a 2013 report, 55% of disaster-related downtime stems from hardware failure, 22% from human error, and 18% from software failure.
    • More than half (53%) of the SMB organizations surveyed revealed they do not conduct daily backups.
    • According to a survey of SMB organizations, 32% responded saying backup is not an efficient use of their time.
    • Simple drive recovery can cost between US$5,000-10,000 and still success is not guaranteed.

  4. Refer to a USA Today 2006 News article.
  5. Refer to an Information Week 2011 News article.
  6. For many businesses, data is their lifeline. Data loss can make them to go out of business.
  7. Accidental delete, virus attack, hacking, disk failure are some of the common reasons for data loss.
  8. Fire, earthquake, storm, flood are some of the natural calamities which result into data loss.

As it shows above, data loss has been known and documented to be a major problem for long time — for about 20 years (definitely a lot more than that). The volume of problems has increased with growing ubiquity of computers among households and businesses. The widespread use of mobile devices has made the risk potential even higher. Add to that the recent rise in malware attacks and cyber-crimes, e.g., WannaCry, Petya, Bad Rabbit etc. It seems there is no end in sight for security breaches, information leaks, and data loss / damage. All this is scary. So, how to address such risks to your precious data? The best option is to practice “Safe Computing” (outlined below), and also take regular backups, which is a simple defense against data loss due any reason.

Here are a few basic points related to backup:
a) In case of a data loss, recovery of an earlier version (that is close to the latest) is the main reason for backup.
b) “Sync” vs. “Backup”: Sync is convenient and popular, but Backup is more robust, dependable, and legally compliant.
c) Network Attached Storage (NAS), especially with RAID, is a common and good backup medium.
d) Regular backup is a legal requirement for businesses in some countries.
e) Backup, preferably automated / scheduled, should be part of every business’s Disaster Recovery plan.

Backup is in general of two types — full and incremental.

  • Full backup saves all the files and folders selected for the backup. It generates a bigger archive and takes longer, but has the full data snapshot.
  • Incremental backup saves only the files that have changed or are new since the last backup (full or incremental). It’s smaller in size and less time to complete, but it depends on the last full backup and any incremental backups in between.

It is a good practice to take a full backup after a significant number of incremental backups. E.g., if incremental backup is taken every day, a full backup can be taken once every month.

Earlier restoration involved restoring the full backup, followed by differential backup, and then all the incremental backups – a tedious and time-consuming process indeed! Now all that can be achieved in a single step, such as “Structure Restore”.

Here are some trends / observations for the data management and backup area:

  • With the prevalence of offsite / cloud-based email services, on-site email servers are reducing and email backup is becoming less important.
  • Permission issues and PC unavailability are the biggest reasons for backup failure.
  • Automatic data backup is much better than manual backups as the latter takes extra time and can be forgotten or skipped under pressure.
  • A well-defined data retention policy is as important as the backup policy and arrangement.
  • In general a business should have a different backup and data retention policy for each of its departments.

For the sake of your business, it’s a must to follow the Safe Computing Principles

  1. Use legal and up-to-date Operating System and other software
  2. Use a reputed and current anti-virus / anti-malware software
  3. Install the latest released stable updates to all your software, especially the Operating System
  4. Use automatic / scheduled regular backups of all important data
  5. Be paranoid… OK, just be super careful — do not trust random email attachments, links in emails, unknown websites / tiny URLs etc.

Please refer to Ransomware (in Wikipedia), in particular the “Mitigation” section.

Our two other posts related to this may also be informative and helpful:

  1. How to Handle Ransomware Threat: Be Cautious and Backup Data
  2. How to Create a Folder Accessible to only a Specific User (Data Backup User)

HOW TO BACKUP DATA ON WINDOWS?

SARANGSoft offers two software products for data backup on Windows:

  1. filexpertez for backup of individual Windows PCs and servers
  2. WinBackup Business for backup of all Windows PCs and servers in a Windows network (domain or workgroup)

SARANGSoft filexpertez is one of the first applications to
a) provide “Structure (one-click) Restore”, reducing the restore effort by up to 99%.
b) allow versioning of the backed up files.
c) enable backup to cloud as well as various local storage.
With the use of “Structure Restore”, the need for differential backup is almost eliminated.

SARANGSoft WinBackup Business performs decentralized backup with centralized control — providing best of both worlds.
a) The backup effort gets distributed across all the computers and is not imposed on a single computer. This results in more flexibility as well as faster backups.
b) The network remains clog-free as the files are not examined or transferred over the network.
c) Enables configuring multiple backups – use different backup specification for different computers or even for the same computer.
d) (Unlike many other backup products) Doesn’t force the users to put their files (to backup) in a single folder. Multiple folders on a user’s computer can be specified to backup.
e) No need to have a single folder-set apply to all computers. Specify a different folder-set to backup for every computer.
f) It’s a rare backup software that provides both Individual (flexible) and Common (easy to use) Selection of folders to backup — see more on that below.
g) Specify a different backup destination for each backup specification. It helps categorize the destination depending on backup contents or the department.
h) Get access to a number of important reports. Click on individual column headers within the reports to sort the data, toggle between ascending and descending order the same way.
i) To backup data locally (not accessible even to the administrator), set the backup destination to local storage media such as External USB Hard Disk / CD / DVD.

Individual Selection vs. Common Selection

Individual Selection
Specify a different folder-set for every computer to backup; not necessarily the same folder-set to backup for every computer.
Common Selection
(If Individual Selection is tedious) Specify a common folder-set for all the computers to backup.

NOTE: If there are permission issues in the network and you are unable to perform Individual Selection, you can still go for Common Selection of the folders to backup.
Individual Selection offers you flexibility, whereas Common Selection offers you ease of use. It’s you who decides what you want.

It is important to remember a few points about Backup Scheduling:

  • Use the same User Id to launch the “Admin Console” and configure backups as what was specified while installing WinBackup Business Server.
  • Scheduling may fail due to permission issues or unavailability of the remote agent computer. Use the ‘Failed Schedules’ report to retry scheduling at a more suitable time.
  • To re-schedule an existing backup, load it in ‘Manage Backup’, go to the schedule options page, modify the schedule, and click ‘Start’ on the Progress page.

CloudScape‘, bundled with WinBackup Business, helps upload backup archives to public cloud storage ‘Amazon AWS-S3’ and ‘Microsoft Azure’ for added resiliency and protection.
NOTE: The AWS and Azure accounts must be your own. SARANGSoft does NOT provide such accounts along with its backup products.

If you feel lost at any point, or do not find what you need, or for any other problem, use the context sensitive help on any topic by just pressing the ‘F1’ key on the keyboard or the ‘Help’ button on the toolbar.

Network Backup
There are two technology options for corporate level backup – push and pull.
a) Push mode backup: Backup agent runs on individual PCs to collect the files, packages, optionally compresses and encrypts, before sending to backup destination. It is more

  • Secure: data can be encrypted before sending over the network
  • Bandwidth Efficient: Data can be compressed before sending over the network
  • Faster: Backup effort is distributed across the workstations, thus achieving better overall throughput
  • Better Load Balanced: Backup effort is not put on a single machine and is distributed across multiple machines

b) Pull mode backup: Backup software pulls the data from individual PCs and then backs them up. All work is done by a single “Backup PC”.

WinBackup Business: Advanced Backup Options

  • Backup open files too (except on Windows XP, Windows Server 2003/2003-R2); no need to close files before backup.
  • Use Backup-on-the-Go for users who remain disconnected from office network for major part of the day (e.g., sales, field support team members etc).
  • Most backup applications fail to backup if the target computer is not in network at the scheduled backup time, but WinBackup Business backs up at the scheduled time to a local disk and automatically transfers the backup archives to backup destination when the computer is back in the network.
  • Configure for the powerful AES encryption for every backup, so that only the intended user can open the backup files.
  • Get email notification when the backup process completes on a computer.

WinBackup Business: Advanced Restore Options

  • Restore operation on a large archive can take quite some time. WinBackup Business can notify through email when restore is complete.
  • Restoration is decentralized, thereby enabling respective users to restore according to own requirements without bothering the administrator.
  • Restoration is made easy using Structure Restore. Restore the latest version of all the files in one go.
  • To restore an older version of a file, use the Restore Point functionality.
  • To restore all files created or modified on/before a certain date, use the Advanced Filtering option.

Backup is essential for computing. Some of the backup tools are hard to use, or inflexible, or expensive, or all of those. Now you have options that work well and do not cost much.

How to Create a Folder Accessible to only a Specific User (Data Backup User)

Data backup is like taking an insurance on your data. Just as we cannot predict what will happen with our life and property the next moment, and take cover of a good insurance, the same is true for our data too. Our precious data may be lost due to various reasons – natural disasters (earth-quake, flood, storm, fire), man-made havoc (theft, arson, violence), equipment failure, hacker attack etc. Backup acts as a good insurance against all such incidents. So, let’s make sure to regularly backup data.

It’s most common take backups onto another storage device, such as an external USB drive or a network share. It’s definitely a good step, but such storage also can be targeted by malware and virus. For example, if you map a network share to a drive (such as map \\myserver\backupshare to the drive x:) or attach an external USB drive to your computer, malware can identify such a drive and do the same damage as it does to regular drives in a computer. To protect the backup drive from malware attack, take the following steps so that the drive / folder is accessible ONLY to your dedicated backup user account as explained in our other blog post “How to Handle Ransomware Threat: Be Cautious and Backup Data“.

NOTE: Though the following set of steps use the folder name “BackupShared” as an example, DO NOT use such an easy-to-guess account name. Choose something suitable for your case that does NOT include your name, username etc.

a) Right-click on the folder (in this case E:\BackupShared as an example), and from the context-menu click on ‘Properties’ option.

b) Click on ‘Security’ tab to select it. You will see the dialog below.
Create Secure Drive - Step B

c) Click on the ‘Advanced’ button. You will then see the dialog below.
Create Secure Drive - Step C

d) Click on the ‘Disable inheritance’ button, which will show the following dialog.
Create Secure Drive - Step D

e) Select the option ‘Remove all inherited permissions from this object’.

f) Remove all ‘Permission entries’ (if any) from the following dialog.
Create Secure Drive - Step F

g) Now click the ‘Add’ button in the above dialog, and you will see the following dialog.
Create Secure Drive - Step G

h) Click on ‘Select a principal’ and you will get the following dialog.
Create Secure Drive - Step H

i) Specify name of the backup-only user created in step (b) above and click on ‘OK’.
Create Secure Drive - Step I

j) You will next see the following dialog. In the ‘Basic permissions’ section, select ‘Full Control’. The other options within this dialog should be as shown below. Then click ‘OK’.
Create Secure Drive - Step J

k) Now click ‘Apply’ in the following dialog.
Create Secure Drive - Step K

l) Change the ‘Owner’ by clicking on the ‘Change’ link in the above dialog. This should be the same as the backup user.

m) Click ‘OK’ to close the dialog. You will come back to the following dialog.
Create Secure Drive - Step M

n) Open the ‘Sharing’ tab, and click ‘Share…’.
Create Secure Drive - Step N

o) Then you will see the following dialog.
Create Secure Drive - Step O

p) If the “backup username” does not appear in the box, click on the dropdown list and select ‘Find people…’. Specify the “backup username” in that dialog and click ‘OK’ to come back to the File Sharing dialog. Then click ‘Add’. Choose ‘Owner’ or ‘Read/Write’ as the ‘Permission Level’ for the user.

q) Click the ‘Share’ button to share the folder. Click ‘Done’ on the following dialog.
Create Secure Drive - Step Q

r) Click ‘Close’ in the following dialog to complete the security settings.
Create Secure Drive - Step R

Yes, you are really done! It took quite a number of steps to go through, but now you have secured a folder / drive from unapproved access by malware and hack attacks. This is a safe destination for your backup data. Go ahead, start the backup process now.

How to Handle Ransomware Threat: Be Cautious and Backup Data

Why spend money on a backup program or bother setting it up? I know my data is safe.

This commonly-held belief was shattered by the recent WannaCrypt / WannaCry ransomware. The attack started on Friday, May 12, 2017, and has been described as unprecedented in scale, infecting more than 300,000 computers in over 150 countries. Some of the people had to pay up hoping to get back their data, while others just lost it. It is estimated that more than US$80,000 has been paid in ransom so far, but the total loss due to this attack might be as high as US$4 billion (according to CBS News).

“Ransomware” is a type of malicious software that blocks access to a user’s data generally by encrypting the files and displays a message demanding ransom payment. It won’t allow the user to get back the files until a “ransom” is paid (generally through untraceable ways of Bitcoin). Ransomware may also encrypt the computer’s Master File Table (MFT) or the entire Hard Drive. The WannaCry ransomware enters a network (an organization’s LAN) via an email attachment or from a compromised website. Once in the network, it uses a vulnerability in the Microsoft’s implementation of the Server Message Block (SMB) protocol to spread across the entire network. Back in March 2017 (i.e., nearly 2 months before the attack happened) Microsoft provided a fix for this security vulnerability for Windows Vista and higher. Recently Microsoft has released a patch for the outdated and out-of-support Windows XP Operating System too.
This ransomware encrypts the files in a computer and demands a payment of around US$300 in Bitcoin currency within 3 days or US$600 within 7 days. After 7 days, the files will become completely unrecoverable.

Wannacry Ransomware Screenshot
[By Source, Fair use, https://en.wikipedia.org/w/index.php?curid=54032765]

Ransomware attacks have happened before, and will happen again, and again. On May 19 another new ransomware, Xdata, has started spreading mainly in Ukraine.

So, how can we prepare to protect our valuable data from such attacks? There are two ways of handling this threat.

1. Prevent or minimize the chance of a malware attack.
2. Minimize the effect of being infected / hit by a malware.

The above two-prong proactive defense is important, because one of the possible ways of getting rid of the malware “industry” is to frustrate the players, who are not some intelligent-but-bored teenagers having fun, rather organized criminals are into this to make money. If they can’t break into enough computers, either to cause disruption (and thereby derive some perverse pleasure) or make money (which is the main goal), their interest will eventually fade. Let’s do our part to weaken, and over time hopefully get rid of, this menace.

1. Prevent or Minimize the Chance of a Malware Attack

There are some basic precautions all of us need to take to minimize (and hopefully eliminate) the threat of various malware.

a) Always use genuine software – Operating System (such as Windows) and applications (such as Office, Photoshop, browsers etc.) – from reputed companies and their suppliers. If you get pirated software (especially OS) from someone or download random software from the Internet, you are immediately vulnerable to different security threats.

b) Always keep your OS updated with the latest updates and service packs. Do not use an outdated OS.

c) Use a good up-to-date anti-virus to protect your system. Using an ineffective anti-virus is equivalent of using a door lock that anyone can open without the required key. Microsoft provides free download of its own anti-virus and anti-malware (Security Essentials and Defender). Also, regularly update the virus definitions.

d) Avoid using the computer by logging into an account with administrative privileges. It’s safer to do day-to-day work from a limited privilege user account.

e) Avoid visiting unknown or unreliable websites, and do not accept to run any script or application, if prompted by the websites. Also, use recent (preferably latest) version of one of the top browsers – Chrome, Firefox, Internet Explorer (11 only), Edge, Safari, Opera.

f) Avoid installing browser plug-ins or extensions from unknown providers. Keep vulnerable plug-ins or extensions disabled.

g) Do not open an email attachment from an unverified source, sometimes even from supposedly known sources such as friends or colleagues. Never run any attachment directly from the email client. Always download the attachment and run a virus scan on it before opening the attachment.

h) Do not insert any random media device (USB drive – flash or hard disc, SD-Card etc.) in your PC. Such media devices might been used on a compromised / infected computer. If need be, format it, or scan it using an up-to-date anti-virus before plugging it into your PC.

2. Minimize the Effect of Being Infected / Hit by Malware

In spite of all the precautions, it IS quite possible to still get infected / hit by some malware. For such scenarios, safeguard what the attacker is aiming for – your data.

NOTE: In such a case, you will need to re-setup the computer (such as reformat the hard drives, install OS and applications, reconfigure as per your needs), and then restore the data from existing backups.

First Rule of Safety – Take regular backups. Use a good backup tool to regularly backup your files and folders, preferably scheduled to run automatically. There are lots of backup tools at different price points for every OS. An application like SARANGSoft filexpertez for individual PC backup costs just US$19.95 (one-time license fee). More advanced network backup tool like SARANGSoft WinBackup Business starts at less than US$100 for 10 PCs. It’s a very small price compared to losing all your valuable data to ransomware as well as virus or hacker attack, natural disasters, equipment (such as hard disc) failure, or accidental deletion.

Take the following steps for a secure backup arrangement.

a) Dedicate an administrative user account for backup only: Create a user account for backup only and assign administrative privileges to it. Avoid logging into this account other than backup purposes. Choose a strong password for this account, e.g., use 10 or more characters, with a mix of upper and lower case, numbers, and special characters, and avoid your own name date of birth etc. Do not store / save the password anywhere in the PC.

NOTE: Do NOT use names like “backupuser” or “mybackup” or “backupadmin” etc. for the backup user account, which can be guessed by hackers. Pick something different and uncommon, but definitely NOT using your name, username etc.

b) Create a backup destination accessible only to the dedicated backup user: Create a backup destination folder, either in an attached external USB drive or in the drive of another computer within your network. Assign full access of this folder to the backup user account created in step 2(a) above. Do NOT provide access to any other user for this folder, not even to ‘SYSTEM’ account. If this folder is in a different computer of your network, share it only to the dedicated backup user account of step 2(a). Follow the detailed set of steps shown in our other blog post “Steps to Create Backup Destination Accessible only to a Specific User”.

c) Use cloud storage as backup destination: You can also choose to store the backup archives in a cloud storage such as Amazon AWS S3, Microsoft Azure or one of your choice. For example, SARANGSoft filexpertez enables direct backup to AWS-S3 and Azure as part of the backup definition process. Using local storage for backup is fast and convenient. Backup to cloud involves a little more work and recurring cost, but it also provides additional safety.

d) Schedule Automatic Backup: Schedule a backup to run periodically (e.g., every night) on the computer. Identify all your important documents and folders to be backed up and include those in your backup. Ideally, a full backup should be scheduled to run once a month or quarter and an incremental backup should be done every day. You can choose depending on your own / organization’s needs.

e) Run the backup manually once and also schedule to run it using the dedicated backup user account created in step 2(a) above. Avoid logging into this account for anything other than backup purposes. Chose the “Backup Destination” folder created in step 2(b) above to store the backup data (archives).

Now even if you lose your the data in your computer for any reason, including virus or ransomware attack, you are protected because you still have a backup copy of the required data saved in another location — in local or cloud storage.

Why use Optical Character Recognition in Various Scenarios

What is OCR?
Good quality Optical Character Recognition (OCR) is an unquestionably effective tool for extracting textual content in machine readable and editable format from a digitized image. The following steps are involved in the process – from scanning a paper document to getting the textual content out of the scanned image.

1. Use a compatible good quality document scanner to scan a paper document into suitable electronic format, such as JPEG, TIFF, PNG, PDF etc.

2. Preprocess the scanned document for skew correction, noise removal, and some mathematical transformations.

3. Perform Line Segmentation from the processed document, i.e., segregate each line from the scanned document.

4. Perform Word Segmentation, i.e., segregate the words of each line from the previous step.

5. Perform Character Separation, i.e., separate the characters of the segregated words from the previous step.

6. Perform Character Recognition, i.e., recognize each of the above segregated characters by looking into the pattern. Once the pattern are recognized the corresponding textual character is obtained. The pattern recognition may involve different types of methods, such as statistical analysis, neural networks, structural matching etc.

7. From character to word, from word to line, and from line to the entire document becomes recognized and its textual version is obtained.

In short, this is the main process and objective of Optical Character Recognition (OCR).

There are different OCR products – some commercial and some open source, such as the widely used / known “Tesseract“, which is distributed as part of various types of product offerings from different companies. SARANGSoft offers a version of Tesseract as a free download from its website. It enhances the functionality of digipaper (http://sarangsoft.com/product/digipaper) by adding the OCR functionality.

Different Types of OCR
OCR is available for different languages, including English. Several successful researches have already been done and are still going on. Sometimes a document may contain multiple languages (such as forms). In that case OCR become more complex. An OCR engine for one language, such as English, is not sufficient in that case. The output textual content also would show textual form of different languages / scripts. Hence, this is known as Muitisctipt OCR as opposed to Single Script OCR in the simpler case of only one language / script.

It is also important to keep in mind that the textual content may be in printed form, or in handwritten form, or both. Very few OCR tools are effective in recognizing handwritten text, and most OCR tools focus on and handle only printed documents.

Teeseract supports recognition of texts in multiple languages. However, our experience is more focused on the English language. From what we have noticed, Tesseract doesn’t handle mixture of languages too well.

Accuracy
No OCR tool can guarantee a 100% accurate output because of different reasons:

  1. A document might contains clean text or it can be a a bit fuzzy / unclear / noisy, especially if it’s an old document where the contents are fade. Unclear / noisy documents should be run through some preprocessing like color and brightness adjustment, noise removal, filtering etc. to improve its clarity. Cleaner the document, more accurate the OCR result.
  1. Documents in grid format (i.e., in rows and columns) may also cause problems in accurately recognizing the textual contents. At times some of the (printed) texts go across the gred cell boundaries, thereby being more prone to error during recognition.
  1. Scanning of the paper document is an important factor in the recognition process. If the document is shrunk or skewed by a significant level, the preprocessing may not always back the document in its actual form. This also often lead to inaccurate OCR results.
  1. Recognizing handwriting is always hard, especially it’s cursive, in which case special processing (including Neural Networks techniques) may be needed to recognize the characters from the flowing nature of the writing. Bad handwriting is hard to recognize (both by humans and machines).

Use
In the business world, OCR can be used for long-term digital storage of important papers, such as invoices, financial statements, reports, legal documents, applications, permits etc., especially if the volume of such papers grows too much. In some organizations, there are dedicated staff members to manually enter the details from those paper documents into digital formats (e.g., spreadsheets) to collect the data and make it available for processing. Another reason for digitizing paper documents is safekeeping and organizing for the long-term storage. If the digitized documents are properly “tagged”, an added benefit is the ease and speed of retrieving those when needed. However, manual entry of data and/or manual tagging is both error-prone, time consuming, and often inconsistent between individuals. Also, any error in manually entering data can cause major problems for the organization. OCR can be a great help in reducing the use of manual steps in the overall digitization process. The textual content from the scanned document images can be extracted using OCR. Then those can be put into appropriate places, such as in database fields, rows and columns of spreadsheets, or as “tags” for the concerned documents. Please note the word “reduce” above – a lot organizations think that by using OCR they can completely get rid of the manual intervention, which is a bit too much to expect. As no OCR is 100% accurate, output of OCR needs to be manually verified as appropriate for the case. That means instead of “entering” every data item manually, there is need “check” the correctness of OCR-generated data. It’s not safe to blindly trust the OCR output in a lot of cases.

In Banking sector, OCR may be used to recognize check number, account number, bank name, routing number etc. In Educational sector, OCR may be able to help with form processing. In any domain OCR can be used as a part of the digitization process to extract textual content after the scanning and use the textual content as (secondary) tags to later identify the documents.

In short, though OCR reduces manual data entry, thereby saving time and reducing / avoiding errors to a good extent, at the same time keep in mind that OCR output should be carefully checked before using it any ciritical purposes.

2016: IT Security Challenges

A recently published report by Gartner & Raytheon (Dec-2015) makes some security predictions for the year 2016. The picture is not comforting at all. The already scary level of attacks by cyber criminals will rise even more because of the cyber terrorists (including the “Syrian Electronic Army” or SEA in short), who will be working in sync with ISIS and other such groups.

1.  The US Elections Cycle Will Drive Significant Themed Attacks: The level of use of social and online media for US Presidential election process will exceed all earlier instances. The candidates have started opening websites with their own profile and are regularly updating those with campaign schedules, time tables, issue-based debates etc. They are also using facebook, Twitter, Instagram etc. as campaign tools. A 2014 survey showed nearly 74% of US adults use social networking. According to a recent survey by Pew Research Center, nearly 92% of the Americans are on social media. Of them 96% adults read news on Presidential election there. They have less interest and trust in traditional media like TV, newspaper etc. The candidates also are paying more attention to their Ads in social media sites.
This will make things easier for the hackers and spammers. Pretending to campaign on behalf of some candidate(s), they will present attractive / interesting topics or use offers as bait to trap / cheat users visiting social media as well as push malware, spam etc. in their email / computer.

2.  The attack on Google, Bing etc. will reach an extremely high level. There will be attacks through facebook, Twitter “friend” / “connection”. Serious attacks like Highly Transient Web Threat (HTWT) will also happen.

3.  Addition of the GTLD system will provide new opportunities for attackers: The top ten botnets like “Cutwell”, “Rustock”, “Mega-D” etc. will become even more powerful and active. They have been spreading spam to about 100 million computers around the world, which is 88% of all the 100s of billions of spam sent daily. In 2016, it might grow by 15 times or more!
Since multinational corporations and marketing agencies are becoming increasingly dependent on online services and web-based systems, there is big growth in “cloud computing”. Now the cyber criminals / terrorists are making “cloud computing” systems as their major target.

4.  The cyber criminals will attack the “traditional customer authentication” methods used for online banking and financial transactions to steal funds from bank accounts. There will be tremendous rise in the “Man in the Browser” (MITB) Trojan attack incidents.

5.  The cyber terrorists will also attach in guise of lucrative offers in emails (possibly as attachments) with attractive topics, pictures, invites as well fake web links, so that you step into their trap to reveal important personal information.

6.  The criminals will also use “BlackHatSEO” to get the fake sites and/or links in front of you in search engine results by suppressing the genuine websites. For this they will use various SEO techniques, including paid SEO.

7.  Fake Advertisements in the name of reputed media houses will be used to inject virus into those organizations’ websites. The hackers and spammers will use the still-in-use outdated technologies, such as unsupported and unpatched old software.

8.  The tiny URLs used in facebook and Twitter are quite popular among users. Since those are easy to utilize, the criminals will target the tiny URLs to bring people to malware-ridden 100s of thousands of fake websites.
According to an estimate from a few years back by a security software firm, nearly 300,000 fake websites are launched EVERYDAY just to lure unsuspecting users and infect their computers with malware and virus.

9.  The cyber criminals are going to use “SQL Injection” attack against the famous multinational banks, commercial and marketing companies around the world, including USA. Along with that they will use Phishing (stealing data through browser / email), Vishing (stealing data via phone calls), Smishing (via SMS to mobile phones) attacks.

10. There will be major increase in the cyber terrorists’ use of “foreign language spam” as well as “identity theft” attacks to steal our “digital signatures” for online (commercial / legal / financial) activities.

The only protection is to be super-careful (being paranoid is OK), even for individuals, because our own personal finances can be ruined by such attacks. A whole lot of people have already been burnt by “ransomware” (a kind of malware). Phishing and Vishing are still going on, and people continue to fall for those. On the other hand, a lot of computer users are oblivious about upgrading their software — Operating Systems, Applications, Browsers etc., even if free upgrades are widely available. There are a lot of people who derive extra pleasure in using pirated software, without understanding how dangerous it is for THEMSELVES. The big software companies can afford to lose a couple of billions in lost revenue due to piracy, but a compromised computer can terribly affect an individual’s life or a small business. It really doesn’t cost much when it’s spread over the lifetime of a computer and software. However, some people still find it necessary to avoid paying the dues and lead a risky life. Also, some computer users indiscriminately download and install “free” software from the Internet. Is “free” a business model for anyone? Yes, there are some legitimate “free” (mostly open source) software organizations, but they are well known. Why use software from a random company that pops up in a Google search? Does anyone buy any other thing like that? In real life do you use an item handed out by a complete stranger? Hopefully not.

It’s important to practice “Safe Computing”:
a)  Use ONLY legitimate software
b)  Use RELIABLE anti-virus from a REPUTED company
c)  Regularly update / patch software
d)  Monitor network to detect intrusion / infection
e)  Take automatic backup of all important data

The challenges are grave. The threats are real. The repercussions can be devastating. It’s worth being extra careful.

Threat to an IT Network from End User Activities

Background
A major goal of managing IT networks is to guard against security breaches. A hardware or software asset needs to be monitored on a regular basis, if possible continuously, so that appropriate preventive steps can be taken to keep the IT infrastructure running well as well as secured, because an organization’s success and reputation depends on its IT systems being protected. Though security threats may come from improper management of hardware and software assets, it is quite likely to be caused by end-user actions as well, such as unmonitored user activities.

What is meant by ‘Monitoring User Activity’
What does it mean to monitor “user activity”? It means checking for uncommon, unexpected, suspicious actions by users, including use of (specific) computers, network shares, applications, services, data etc. within the network. Being able to quickly identify any system misuse is an effective security mechanism, which might enable to stop an attack, and clean up any fallout.

In an IT environment users take many actions as part of day-to-day activities, such as run various applications, collect / create / process data, install & uninstall software, request to upgrade hardware & software etc. As part of managing the network, IT Administrators deploy new versions / patches of Operating Systems and applications, add and/or replace components / peripherals. The combination of existing software in the network and certain user actions might unknowingly open the door for security problems, such as attempt to hack the computers, copy / alter / delete data, download virus / malware etc. Sometimes these problems are inadvertent, but deliberate actions to compromise network security is possible, and are not uncommon. Effect of any such security breach can be devastating for an organization – ask the dozens of high-profile companies in the news for the wrong reasons over past couple of years! A potential problem indication can be as simple as a particular user logging into / trying to log into a computer (server / desktop) that is not expected or at an odd hour (beyond normal office hours), or a USB drive being plugged into a computer and such. At times it could be a genuine requirement, in which case the red-flag can be reviewed and discarded. In the other cases, that’s the main clue to track down and fix the problem. Being aware is essential to protect anything, or at least to assess and address any damage.

Challenges of monitoring user activity
Manual tracking of these events are hard to start with, and it gets increasing complex and time consuming. What is needed is an automated process that tracks users’ activities in detail as required. Every organization’s network has its own requirements, priorities, challenges. Accordingly, the relevant events can be setup to be monitored and alerts can be raised for review by the IT administrator.

But how to monitor effectively?
Finding the proverbial needle of security-threat in the haystack of activities is challenging. Automation is a viable way of identifying potential issues and narrowing down the list to actionable items. It’s not just the power of recording all possible actions & events in the network and analyzing those, the flexibility and ease of fitting the tool into an organization’s own requirement is just as important.

SARANGSoft SysExpertez is an application (Windows IT Asset management) that does this monitoring efficiently and with ease. SysExpertez enables the IT administrators to setup alerts on important user activities or even various status (e.g., a disk drive free space falling below a level, System Thermal State, System Power Supply State), so that all these events are reported with details, which can be reviewed as report as needed. A number of such reports are available in the ‘User Activity Reports’ section. Here are some of the reports generated on user activities in a network:
  • Currently Logged-in Users
  • Currently Logged-in Users by Computer
  • Users’ Login / Logout Times
  • Computer ON Status
  • User Logged into Different Computers
  • Users Logged into a Specific Computer
  • USB Device Plug-in
  • USB Device Plug-in by Computer

This variety of reports on end-user activities provide a good idea as to what is happening in the network related to the end-users. You can get a report as a whole as well as use ad-hoc queries regarding specific users or particular activities.

Detecting Prohibited Software

What is a ‘Prohibited software’?
Prohibited software refers to a software program or application, which is deemed inappropriate and not allowed to be installed in any computer in a specific IT environment. The reason in general are security vulnerability / threat that it can create to that computer or even to the entire IT environment. It’s a kind of banning or blacklisting a particular software for a specific IT environment. The reason for putting a software in such a category differs from organization to organization, depending on the domain of operation, data sensitivity, security concerns etc. Therefore, a software that is “prohibited” or blacklisted in one organization might be freely used in another, and vice versa. However, certain kinds of software are more likely to be marked as prohibited in workplaces.

Importance of detecting ‘Prohibited Software
Computer users of an IT network often install different kinds of software – within the organization (e.g., on a server share), from a friend / colleague, download from the Internet, and such. Many of these software turn out to be failing in the security standards and cause vulnerability / threat to the entire network. New software of various types and increasing complexity are emerging on a regular basis. There are a lot of free software available on the Internet that are quite useful. For example, Adobe PDF Reader, Internet browsers (Firefox, Chrome, IE, Safari, Opera), Skype etc. are from highly reputed software publishers and widely used at home as well as in small to large organizations. There are also many popular games, media players, chat applications etc. From our own experience, a widely used “free” media player app also tries to install a bunch of other software, and even if you opt out of all of them, they still silently slip in a couple of questionable software into your computer! First of all, these are unknown software, on top of that they sneak into your system. How comfortable / happy does that make you feel? In most cases, the adverse effect of such software on the IT system is unknown for a while. As a result, IT network security threat increases significantly as more such software are installed. Software from commercial software providers are regularly reviewed and updated, but some of the commonly used software do not go through proper follow-up and are rarely updated. Any security flaw in such software remains and create a backdoor for hackers and malicious programs to penetrate an organization’s IT network.
On the other hand, there are some popular software including gaming, media, and social networking, usage of which is likely to affect focus and productivity of employees. Presence of such software in workplace can also lead to various compliance issues. Also, if employees in an office downloads various software from the Internet and installs on work computers, it can lead to serious legal issues, such as license violations.
That’s why every organization needs to know what software are installed on its computers and if those are required and acceptable for business reasons. If not, such software should be identified as “prohibited” and arrangements made to stop those from being installed on any work computer. Controlling software installation is not a choice anymore; it’s a required step to address security, productivity, legal, and compliance issues.

Importance of ‘Software Asset Management’ in this regard
Detection of ‘Prohibited Software’ is a part of the bigger area ‘Software Asset Management’. Software asset management (SAM) is a business practice that involves managing and optimizing the purchase, deployment, maintenance, utilization, and disposal of software applications within an organization.
Proper software asset management is necessary for effective security practices to help combat cyber-attacks that can damage an organization in various ways. An effective SAM practice delivers intelligence on software across the network, providing clear visibility of entire network inventory that helps Network Administrator to take more informed software security decisions. SAM helps to minimize the attack-surface of an organization by detecting unauthorized and unsupported software and preventing them from being installed, or at least to be removed.

Methods of tracking ‘Prohibited Software’
Traditionally, the method known as ‘application blacklisting’ is used to track the unwanted applications. This method works by maintaining a list of applications that are to be denied system access and preventing them from being installed and executed. However, since the number, variety, and complexity of applications are increasing day by day, that approach is hard to follow these days.
The opposite approach to ‘blacklisting’ is ‘application whitelisting’. In this approach, an authorized list of applications is maintained. When a new application is going to be installed, it is automatically checked against the “authorized list”. If the application is not in the list, it’s not permitted to be installed. This depends more on the honor system.

Are these methods full-proof?
Nowadays applications are coming with increasing levels of complexity, variety, in increasing numbers. So, ‘application blacklisting’ process is not likely to be full-proof. On the other hand, the ‘application whitelisting’ method also might not be practical, because of the administrative resources required to create and maintain an effective whitelist often turns out to be inadequate.

Any way out of this problem?
Considering the possible threat to the IT network, it’s not recommended to rely on manual processes to detect the unwanted software. Rather we have to rely on an automated system that can detect such applications automatically without any manual intervention – a system that continuously monitors the IT network and immediately informs about the presence of any unknown or unwanted software.
SARANGSoft SysExpertez provides this functionality along with full-fledged IT Asset Management (tracking of hardware, software, and users) in a Windows network. Let’s see how SysExpertez helps detect the unauthorized / unwanted software within a Windows network.

Role of SysExpertez in detecting ‘Prohibited Software’
SysExpertez categories installed software broadly in three distinct categories.
1. Licensed: is associated with legal copies of commercially published software from reputed providers, license for which are purchased and budget is allocated for such software to be renewed / upgraded; e.g., Microsoft Office, SQL Server, Adobe Photoshop, Oracle database, AutoCAD etc.

2. Approved: There are many free but wonderful software available. Depending on an organization’s needs and policies, its IT team can identify some of those as “Approved”; e.g., Adobe PDF Reader, Skype, Firefox and Chrome browsers, some text editors (like Notepad++, TextPad) etc., which are suitable / beneficial for use in workplace;

3. Prohibited: There are some software that an organization might choose not to allow in its network for various reasons – security threat, productivity loss, legal / compliance issues etc. These generally include games, media players, chat apps etc. Any installation of such software within the IT network should be detected ASAP, and immediately acted upon (such as uninstall and prevent future occurrences);

SysExpertez helps put the known and relevant software into one of above three (3) categories – Licensed, Approved, and Prohibited. If any software outside these three lists is installed on any computer within the network, SysExpertez can detect that, classify it as an “Unknown”, and immediately notify the IT Administrator about it. The IT Administrator can investigate the case, and either

  1. Accept it as one of the first two categories (i.e., Licensed or Approved), or
  2. Put it in the Prohibited category and instruct the user(s) of the concerned PC(s) to immediately uninstall the software (and refrain from installing it in the future).

Monitoring of software assets helps keep the network safer and comply with legal and standards requirements.

How important is to know the network inventory?

What is ‘Network Inventory’?
An IT network consists of various types of hardware (client PCs, servers, printers, and other peripherals) and software as well as the users. The hardware and software are commonly referred to as Network Assets, which constitute the entire network inventory.

At the simplest level, network inventory is a basic list of devices connected within the network. However, at a more advanced level, it can evolve to contain detailed information about software installed, hotfixes applied, services, and much more.

How important is to know your Network Assets?
Managing the IT infrastructure of an organization is undoubtedly a challenging task. The assets in the network get deployed, updated, removed fairly frequently, and often without any set pattern, to support the operational needs of the organization and the overall computing environment (security issues, virus / hacker threats, product updates and enhancements etc.). Keeping track of the users and their access privileges is an integral part of IT management. One of the biggest challenges to managing the network is the lack of comprehensive knowledge and understanding of the network, which are essential for decision-making and planning about the growth and improvement of IT infrastructure.
If you are a network administrator, you have to face these common questions:
  • How many computers (client PCs and servers) are in the network (domain or workgroup)?
  • Which of these computers are active vs. inactive, have been added / modified?
  • What hardware components (CPU, RAM, motherboard, hard discs and partitions, network card / chip, video and audio card / chip etc.) are in those client PCs and servers?
  • What Operating System (Windows) version is running on each PC and server?
  • What Service Packs for the OS have been installed on each PC and server?
  • What software applications (including version, manufacturer etc.) are running on each PC and server?
  • What all services are running on each PC and server?
And many more like these. Without these details you will never know the actual state of your network. Proper network asset management is impossible without the knowledge of the network assets.
What exactly is “IT Network Asset Management”?

IT Network Asset Management (also called IT Inventory Management) is an important part of an organization’s business strategy. It involves collecting detailed hardware and software inventory information, which are used to make decisions about purchase as well as redistribution of hardware and software over time.

IT asset management helps an IT organization manage its systems more effectively, and saves time and money by avoiding unnecessary asset purchase and/or disposing off existing resources.

How do organizations manage their network assets? Is it sufficient for them?
It’s quite common for System Managers / Admins to manually monitor the entire network, at times with dedicated personnel. That’s a challenging task, which is repetitive, error-prone, time consuming, and to a high degree wasteful of qualified systems professionals. A tool that automatically monitors the network for such information and presents a consolidated view helps with the latest status as well as not take up important human resources for such tasks.

SysExpertez: A solution for network asset tracking, monitoring, and management
SARANGSoft SysExpertez is a comprehensive asset, domain, and operations management application with a number of exciting features that help manage IT assets, Active Directory domains, and operations in the network. It automates and simplifies the repetitive tasks and quickly provides accurate results through an easy-to-use interface.

It’s like a set of CCTVs within your network, so that you as the System Manager / Admin can get a full view through the “Admin Console”, as if sitting in a “Control Room”. The powerful Admin Console is super-easy to use with a simple menu-driven UI that also looks and feels great.

Preventing data loss on your computers

Introduction
Data have become intrinsic part of modern human life. We are constantly searching for data, right from the time we wake up every morning. While some of the data are live and online, a lot of data are collected, processed, organized, and stored for quick and easy access at any time. These data (stored in files and folders) are valuable for our personal needs. Those can be photos, videos, music, research outcomes, write-ups, important documents and so on. If those are lost for any reason, it would significantly affect our lives, professionally and/or personally (often emotionally). That’s why it’s easily understandable why we often fear of losing such data due to some unexpected problem.

Types of data loss and some precautionary steps
Though we often think about “data protection”, which includes guarding it against preying eyes and hands of hackers and such, “data backup” is intricately involved in the process. The term ‘data backup’ means to copy data files to another medium (such as a disk or tape) as a precaution, in case the original storage medium (generally the hard disk built into the computer) fails. Data backup is crucial for businesses as well as individuals.

There are many ways that your data can be lost. The common reasons are hardware failure, corrupted files, virus / malware, accidental deletions, and of course natural disasters (storm, earthquake, flood etc.) or man-made disasters (vandalism, theft, terrorist attack, arson etc.). Let’s look at few safekeeping approaches to prevent data loss as part of a comprehensive data protection plan.

a) Create a standardized file / folder organization
It helps to develop a standard way of organizing and storing your files, so that you (and your users) will know where a particular kind of file are expected to be. Once this first step is done, backing up data files will be more accurate and precise, and it will save time and hassle while retrieving any lost data to its original location.

Organizing files and folders is the key to a data protection and restoration plan.

b) Identify which (kind of) files need to be preserved
Once you have organized your files and folders, determine which are important for you. Though you are the best judge deciding what are your important files, here are some ideas for your convenience.

The following types of files are important:
  • The files you can’t do without
  • The files you will need in the future
  • The files related to products & services you sell (for businesses)
  • Files that you cannot re-create
  • Files that you can re-create but don’t want to
  • Files you regularly use and/or refer to and/or update

On the other hand, the following types of files are less important:
  • Files you have not used (not viewed or edited) for a few years.

The following types of files might be good candidates to not be included in backup (or should even be deleted from your computer to keep it clean):
  • Files you cannot remember why those are there.
  • Files you know are not useful for you any more or are known be outdated.

c) Avoid storing documents on the same drive where Operating System is installed
On Windows, most document editing applications save the document file in the ‘My Document’ folder, which is very well known. As a result, malwares and virus often target the files there, making the files vulnerable.

Whether it is a virus or software failure, the majority of computer problems affect the Operating System. Quite often the solution is to reinstall Windows, and at times after reformatting that drive. In such an instance, you must make sure to copy / backup all of your own files (not the system or application files) from the drive, including the ‘My Documents’ folder; otherwise everything on the drive will be lost. You can create a separate drive on the same physical hard disk, and store all your own files and folders on the second drive. If the OS drive needs to be reset, your data drive will still be unaffected.

It is also possible for the hard disk itself to go bad (disk crash), in which case all drives on that disk will be lost. You can replace the hard disk and reinstall Windows and the applications to get it back to working condition, but in this case your files and folders on the data drive has also been lost. To handle such cases, you can use an external hard disk to store your data files. Or you can just use regular backup from your data drive to an external disk.

d) Backup regularly
You can alert yourself to take a set of security measures to protect data loss, but if your data is not backed up, it’s very likely that you WILL LOSE IT. So, ensure that your data is backed up regularly, and test the backup to ensure that your data can be recovered when you need it.

How often should you back up? That depends on how much data you can allow to lose if your system crashes completely. A week’s work? A day’s work? An hour’s work? Depending on that you have to schedule your backups.
There are numerous backup programs with varieties of features. You can easily try out
  • SARANGSoft filexpertez (file-expert-ease) for backing up a Windows PC. It’s a comprehensive file and folder management tool for home, office, school / college, everywhere.
  • SARANGSoft WinBackup Business for backing up all PCs and servers in a Windows network (domain or workgroup) through a centrally managed arrangement.

Both the products are feature-rich and flexible, yet easy to understand and use. These do not cost much, and there is a no-obligation 30-day free trial available.

e) Automate your backup procedures
All of us are busy. There are too many things to do every day, and too little time! Even though you might be very sincere about regular data backup, it’s quite possible that you forget to run backup at times, and that leads to an inconsistent data backup arrangement. Ideally, backup should be arranged to run in a consistent manner without any manual intervention. Depending on the importance of your data, you may schedule the backup operation to run it automatically. The only thing you should bother about is to check that the backup are really happening. It helps if the backup program can send you a notification when it backup is done, either successfully or ending in failure (in which case you can look into the issue and fix it).

f) Encrypt your data while backing up
Using encryption during backup of your data is another layer of protection for the data.
Encryption changes the backed up data in a way to making it unreadable by anyone, except who has the password “key”, which allows him/her to decrypt the data back to its original usable form.
There are various types of encryption mechanism available, and some programs use it.

g) Create a local backup arrangement
All the important files should be backed up locally first. Make sure that the backed up files are available at your office / home. That ensures for easy access and recovery, as well as control of the data.

h) Create an off-site backup arrangement
It’s a great idea to arrange for a different location than your office / home to keep a copy of the backed up files. It provides “redundancy” as well as prepares for “disasters”.
If the local backup is damaged or lost for any reason, the off-site backup copy will save your day.

i) Use of “cloud” as remote storage for backed up data
Nowadays, it’s increasingly common to use cloud as the remote data storage. There are many benefits to using cloud storage, most notable being the virtual indestructibility of cloud storage and its accessibility. Files stored in the cloud are assured beyond any other level for reliability and those can be accessed at any time from any place with Internet access and your own user credentials. As far as the disaster recovery is concerned, data from cloud can be restored without any hassle. Also, the cost of cloud data storage and restoration is significantly lower than traditional data storage and restoration.
SARANGSoft CloudScape is a unique cloud storage browser for the Windows platform to seamlessly integrate cloud storage (AWS-S3 and Azure) with local storage (PC’s hard drive). Its Windows Explorer-like user interface enables easy transfer (including drag & drop) of files and folders to and from cloud, thereby making cloud storage an extension of your local PC storage. It maintains full folder hierarchy between a PC and cloud storage, which is not very common for such tools.

Ending Note
Making plans and implementing those takes time, effort, resources, and costs money. That’s why many of us defer doing it. However, the cost of not backing up data can be so severe, the upfront effort for the backup process is worth everything you put into it.