The Basics of Data Encryption

As the world becomes ever more connected, data encryption—once a topic so unsexy it almost seemed taboo—has slowly turned into a hot topic that we’ve come to rely on more and more. With your phone spouting off your credit card number and with people logging into Facebook at every public computer they can find, data about us is everywhere and it’s valuable. Data encryption is how programmers can make sure that our data doesn’t fall into places where it wasn’t intended to go. But how does it work?

Encryption was born out of cryptography, the science of secret codes. Just like if you wrote a note with a cipher and only someone with the same cipher could decode it, encryption requires a key. Quality encryption always has one common feature: the algorithm (aka the process to encrypting something) can be public, but the key will always be private. Even the smartest hackers in the world can’t break into encrypted data if they don’t know the key.

Encryption ciphers of today fall into one of two categories: secret key and public key. Secret key is also known as symmetric cryptography because both people (or computers) must have the same key, and it is usually used for sensitive or private data. Data Encryption Standard (or DES) was one of the strongest secret-key algorithms when it was first made available for public use in the 1970s.

Public-key, or asymmetric, algorithms use a pair of keys: one public key that’s to be shared with other people and one private key that’s kept in secret by its owner. This way, anyone can send the owner encrypted data by using the public key, but only the owner can decode those messages using the private key.

Secret-key ciphers are either stream or block ciphers. Stream ciphers encrypt data one bit at a time by writing a long string of bits with no repeats and hiding the message within it. One common example of this type of cipher is the RC4 (Ron Rivest’s Cipher #4), which is used by a large number of e-commerce stores. Other uses for stream ciphers include cellphone traffic and satellite TV signals.

Block ciphers, on the other hand, encrypt data in blocks of multiple bits. This results in an encrypted data block that is the same size as the original data block. For example, DES takes 64-bit blocks and returns another 64-bit block using a 56-bit key.

Other examples of block cipher encryption methods are Blowfish and AES. Blowfish was introduced by Bruce Schneier and uses huge keys. Its block size is 64 bits and it provides a good encryption rate with variable key length of from 32 bits up to 448 bits. AES, on the other hand, accepts keys of 128, 192 or 256 bits and uses 128-bit blocks—double the size of Blowfish and DES. AES replaced the aging DES in the 1990s as the standard symmetric encryption algorithm for the US government.

Data encryption is a big topic and encompasses the fields of mathematics, computer science, and cryptography. In its simplest form, encryption is just a way of changing information that makes it unreadable by anyone except those in possession of the key, which is what allows them to change the information back to its original form. Because the amount of data the world creates will likely never fail to increase and because that data must be protected from increasingly more sophisticated hackers, data encryption will continue to be a hot topic.

Kilobytes, Megabytes, and the Metric System

To understand how we measure data is to understand the metric system, which unfortunately is not a given in the United States of Inches and Feet. Our documents, photos, videos, and apps are all measured in bytes—the virtual building blocks of our data.
These days our files are too big to be measured in only bytes—a Blu-Ray disc, for example, holds 10 billion bytes of data—so we use the metric system to make the language more understandable. 1,000 bytes is a kilobyte*, 1,000 kilobytes is a megabyte, and so on.

Kilobytes and megabytes were large units of data measurement in the past, but now technology has moved on and consumers are now using gigabytes and terabytes, and perhaps in the not-so-distant future will start using petabytes.

*A kilobyte is actually 1,024 bytes, but for the sake of understanding the system, we’ll talk in intervals of 1,000.

Gigabytes (GB)

IBM built the first gigabyte hard drive in 1980, weighing 550 pounds and costing $40,000. But the first true gigabyte drive that people could and would actually buy was introduced in 1991 and remained the standard “large” until until the 2000s. A gigabyte is 1,000 megabytes and we still measure a lot of files that way today; movies, TV shows, video games, and apps are all measured in some range of gigabytes:

•     A movie at basic TV quality (480p) is 1 GB
•     A standard DVD holds 4.7 GB
•     A Blu-Ray disc holds 10 GB
•     Battlefield 4 for Xbox One is approximately 34 GB
•     A good solid state drive is around 250 GB

Terabytes (TB)

Fast forward to 2007 and Hitachi brings us the world’s first terabyte hard drive for consumers. Following the metric system, a terabyte is 1,000 gigabytes and it’s the unit in which we measure almost all modern hard drives. In fact, a hard drive is considered a letdown if it’s anything less than 1 TB. That’s why everyone wants the 1 TB versions of the Xbox One and Playstation 4 over the 500 GB hard drive. Even solid state drives are starting to produce in 1 TB, and the biggest consumer drives available are only made in 10–12 TB (and they’re very expensive).

•     212 DVD-quality movies or 125 Blu-Ray quality movies is 1 TB
•     Most “large” hard drives today are 2–4 TB

Petabytes (PB)

There’s no such thing as a mass-market petabyte drive and there won’t be for a long time. A petabyte is 1,000 terabytes and that is huge. Only data centers and some large IT servers measure in petabytes:

•     All US academic research libraries is 2 PB
•     The production of every consumer hard drive is 20 PB
•     All the printed material in the world is 200 PB

And finally, as a footnote, there is the exabyte—1,000 petabytes—which is so large we likely won’t see an exabyte drive in our lifetime. Just to understand the scale, every word ever spoken by human beings is 5 exabytes. Even if you wanted to own every movie and TV show ever made in ultra-high 4K resolution, you wouldn’t come close to filling an exabyte in your lifetime. Wow!

How Women Can Secure Grants to Jumpstart Their Business

Do you have a great business idea but need the cash to fund it?

Believe it or not, there are grants that might be able to help you jump start your business. There are ones that offer small business grants to women. That being said, it is not as easy as you think.

What about government grants?

Most might believe that the government has a lot of money to hand out, when in fact that is simply not true. Many federal grants for small businesses are for very specific things, such as development or research projects for rural areas. So if you’re looking to get a grant to cover startup costs or daily expenses, you might be out of luck.

However, if your business features a product or service that can positively affect women’s lives, you can try your hand at the InnovateHER Challenge, hosted by the US Small Business Administration. The top three national finalists can win up to $40,000. To qualify, you need to win a local InnovateHER challenge.

Because grants like the InnovateHER challenge can be very competitive, you might want to consider your state or local government grants. Keep in mind that the availability and types of grant differs depending on where you live, so you’ll need to do some research to find specific grant programs.

A good place to look is at your local women’s business centers. The Small Business Association (SBA) sponsors around 100 of these centers all over the country. They are specifically there to help females gain access to capital and with developing their business plans. Some of these places will actually lend you money directly. Others will help you figure out what kinds of grants you can qualify and apply for.

Another place to look is your local SBA sponsored centers. They are usually found at colleges and they offer free one-on-one business consulting. Simply set up a meeting with an adviser who can help you find grants in your area.

Are there any private grants?

There are a few national grant programs for women. You can win $500 from the Amber Grant Foundation. If you are a winner, you might be one of 12 grant winners to be awarded another $2,000. To apply, all you need to do is describe what your business is all about and tell them what you plan on doing with the money. After you pay a $7 application fee, you just have to wait and see if the foundation’s advisory board likes your story and passion.

Another grant you might want to look into is the FedEx Small Business Grant. They award 10 small businesses up $25,000 each annually. To apply, you need to explain what your business will be and how you would use the money. In addition, you need to provide photos or a video or your business. This one is not specifically geared towards women, but it doesn’t hurt to look into it.

If you need more options, a great website is Grants For Women. You can search through their database for grant opportunities, though you need to make sure the grants are specifically for businesses.

Conclusion

Grants are a great way to jump start your business. Again, understand that the grant money you receive might not be enough to cover all your costs, so try your hand at applying to as many as you can to help make your business dreams come true.

Happy Habits

In this day and age of lots to do and multiple devices to do it on, you might sometimes feel stressed. After watching family members, co-workers, and random strangers in the grocery store, gym, and other gathering places, I’ve come to the conclusion that we need more happy habits. Sure, most of us have developed some pretty good habits, but they’re not always happy habits. Often times, they’re more like responsibilities; you know, the kind of things we have to do (like cleaning the bathroom) or we’re supposed to do (like going to the gym every day. Or maybe that’s every other day?).

As I was thinking about my stress levels, I started making a mental list of my happy habits. It wasn’t long before I thought about one of my favorites: eating See’s candy. (Yes, I readily admit that my See’s habit is one of the reasons I go to the gym.) I have been enjoying See’s candy since I was a little kid. And when I say little, I mean little. Both sets of grandparents introduced me to the delights of See’s when I was just old enough to walk. Now that I look back on those early days, that’s probably why I learned to walk: “Brian, come here! Come on, walk to grandma! Come and get a piece of See’s!” Once I figured out what See’s was, I needed very little encouragement to walk.

One of my earliest and fondest memories of enjoying See’s candy was riding in my grandfather’s 1953 Chevy Bel Air 4 door to pick up my grandmother, who worked part-time at the nearby department store. This was in the days when seatbelts weren’t mandatory, so we kids were like dogs with our heads sticking out the windows, enjoying the cool Southern California breeze blowing in our faces. Picking up grandma also meant treats from See’s. Grandma would be waiting by the curb with a small white bag of those wonderful butterscotch lollipops.

On the drive home, my grandfather would honk the horn (which embarrassed my grandma, which only encouraged my grandpa to honk even more) any opportunity he got. Us kids thought it was the funniest thing in the world. It didn’t seem that life could get any better than those moments. Cool breeze, butterscotch lollipops, laughter, and being with grandma and grandpa. Those were good memories—happy memories to be sure. And that’s what I’m talking about: first, always be aware of opportunities to create happy moments with the ones you love. And then develop the habit of looking back to relive those good feelings when you’re feeling stressed. And even when you’re not stressed, happy memories make today a lot better, and they make our tomorrows a lot more enticing. While it’s true that you can’t relive the past, the sweet habits we’ve created because of them can sure help us minimize our stress levels. For me, a butterscotch lollipop confirms that.

Could Your Data Be Hijacked and Held for Ransom?

Hospitals were on edge recently when the Hollywood Presbyterian Medical Center was hit by cyberterrorists. After all, if this Los Angeles hospital’s information could be held for ransom, why couldn’t another’s? Which is, in fact, the reality: any organization, including medical, government, education, industry, etc. can be the target of a ransomware extortion plot.

If you didn’t hear about the incident, here it is in a nutshell: Hollywood Presbyterian Medical Center is an acute-care facility with physicians representing a wide variety of specialties, from cardiac and cancer care to fetal therapy and maternity services. A few weeks ago hackers hijacked the hospital’s computer system, preventing access to any data by encrypting it. Initially, hackers demanded $3.6 million in return for releasing the data. Although the attackers later decreased their demands to 40 bitcoins (worth $17,000) in exchange for a decryption key, they had made a point to the world: patient data and medical records are not safe from hackers.

A sobering lesson can be learned (again): important data must always be protected. Hackers don’t necessarily care who the data belongs to; they will do their best to exploit any weakness in the IT infrastructure to steal, damage, or hold for ransom an organization’s data. Like most criminals, cybercriminals are opportunists who seek out easy targets. Are you an easy target? Just for starters, consider this: Is your data unencrypted? Do you employ password protection policies? Are you using expired antivirus software?

Fortunately, organizations can safeguard their data by backing it up to the cloud. The more secure your data is, the more likely are cybercriminals to look elsewhere for better odds of accessing important or sensitive data. Don’t let your data become vulnerable! So, when looking for a service that backs up to the cloud, what should you expect? There are many points to consider, including the following:

•     Is your data encrypted in transit and at rest?
•     Do you have the option to use your own encryption keys?
•     Are backups automated?
•     Is the cloud service audited and certified?

Finally, ask yourself this question: In the event of hardware failure, theft, virus attack (including a ransomware extortion plot!), accidental deletion, or natural or man-made disaster, will my data be safe and recoverable quickly?

Organizations rely on digitized data more than ever. As such, all organizations—from the smallest business to the largest enterprise—must take the necessary steps to ensure that their data is securely backed up, accessible, and easily recoverable.

 

Most Prolific Hackers (infographic)

Money. Power. Politics. A new Porsche. Any one of those can be sufficient motivation for a hacker to ply his trade. These days, even with the most sophisticated security in place, hackers continue to break through the inner sanctums of government, industry, and business to steal secrets and other sensitive information like weapons technology and credit card numbers. These guys are so good that some end up making a legitimate profession by using their hacking skills. Let’s take a look back to learn about the most prolific computer hackers and the motivations behind their exploits.

As long as there have been computers, there have been hackers. Through the use of computers to gain unauthorized access to everything from radio station phone lines to government agencies, hackers have a wide variety of motives for their actions. Join us as we list the most prolific hackers to date.

Alias: The Homeless Hacker
Name: Adrian Lamo
Country of Origin: USA
Current Status: Threat analyst
Agenda: Unkown

Best Known For:

Using coffee shops and libraries as his command centers, Adrian earned his alias by hacking into The New York Times, Google, Yahoo! and Microsoft.

After an arrest and 6 months of house arrest in 2003, Lamo became an American threat analyst. He was one who turned in U.S. soldier Bradley Manning (now known as Chelsea Manning) for leaking thousands of government socuments, which shined the spotlight on the now infamous WikiLeaks website for the first time.

Alias: ASTRA
Name: Withheld from public
Country of Origin: Greece
Current Status: Inactive following arrest in 2008
Agenda: $$$

Best Known For:

This hacker has never been publicly identified, though it is suspected he was a 58-year-old math teacher. Astra spent over half a decade hacking into the aviation company Dassault Group’s inner sanctums to steal and sell weapons technology information.

Alias: Dark Dante
Name: Kevin Poulsen
Country of Origin: USA
Current Status: Senior editor for Wired magazine
Agenda: A new Porsche 944 S2

Best Known For:
Being the first American to be banned from the Internet and computers for 3 years after his release from a 5-year prison sentence for hacking.
Poulson hacked the phone lines of a local radio station to rig a competition in which he would be the 102nd caller, winning the grand prize.

Alias: Cumbajohnny, Segvec, Soupnazi, Kingchilli
Name: Albert Gonzalez
Country of Origin: USA
Current Status: Inactive, currently in prison until 2025
Agenda: $$$

Best Known For:
Starting shadowcrew.com, a website that gained up to 4,000 followers where stolen or fake passports, driver’s licenses, bank account information, debit and credit cards, etc. were bough and sold.
He hacked TJX Companies and Heartland Payment Systems to steal upwards of 45 million debit and credit card numbers. Gonzalez was arrested in 2008 for this crime.

Alias: The Condor, The Darkside Hacker
Name: Kevin Mitnick
Country of Origin: USA
Current Status: Security consultant and author of two books
Agenda: Social engineering

Best Known For:
Being “the most wanted computer criminal.”

Mitnick started his illustrious career by bypassing the punch card system on the city bus line in Los Angeles. Soon he was hacking Motorola, IBM, the Pentagon, and others.
In 1995, a judge placed him in solitary confinement, fearing Mitnick’s skills were so diverse he could start a nuclear war by whistling codes into a payphone.

Alias: c0mrade
Name: Jonathan James
Country of Origin: USA
Current Status: Committed suicide in 2008
Agenda: Unknown

Best Known For:
Being the first juvenile to be tried and sentenced for hacking in America.

At 15, James began hacking into the Miami-Dade School System, Bell South, the Department of Defense, and NASA. He also intercepted source code for the International Space Staion, causing NASA to shut down its computers for 3 weeks to fix the breach.

Alias: Unknown
Name: Vladimir Levin
Country of Origin: Russia
Current Status: Whereabouts unkown
Agenda: $$$

Best Known For:
Without using the internet, but instead, a telecommunications system, he was able to gain access to millions of dollards, which he siphoned off and split between his 2 partners. After serving 3 years in prison, he was ordered to pay back only part of the money because that was all that could be recovered.

Alias: Solo
Name: Gary McKinnon
Country of Origin: England
Current Status: Currently lives in England
Agenda: Looking for evidence of UFO’s

Best Known For:
Hacking into 100 American military and NASA servers from his girlfriend’s aunt’s house. He deleted sensitive software, files, and data.
Later he shut down 2,000 comptuers in the US Army’s Military District of Washington network in just 24 hours, making it the largest military computer hack of all time, rendering the US military network inoperable for days.

Alias: Syrian Electronic Army (group)
Name: Unknown
Country of Origin: Syria
Current Status: Active
Agenda: Support Syrian President Bashar al-Assad

Best Known For:
Hacking US President Barack Obama’s and the Associated Press’ Twitter feeds are just two of the high-profile altercations they’ve been involved in. The Syrian Electronic Army has also attacked political opposition groups, western news organizations, human rights groups, government websites, and US defense contractors.

Alias: Anonymous (group)
Name: Unknown
Country of Origin: Multiple
Current Status: Active
Agenda: Social causes

Best Known For:

Being a group of individual members (known as Anons) from around the globe who unite for social causes.

Anonymous has attacked government, religious, and corporate websites.  Among their targets are the Vatican, the FBI, the CIA, Paypal, Sony, MasterCard, and Visa , as well as the Chinese, Israeli, Tunisian, and Ugandan governments.

Make sure your data is protected offsite with Mozy Online Backup.

Benefits of SaaS

Most business owners face the ongoing challenge of reducing costs yet at the same time driving increases in revenue. One way for a business to reduce costs is to invest in SaaS applications. Not familiar with SaaS? Gartner defines software as a service (SaaS) “As software that is owned, delivered and managed remotely by one or more providers. The provider delivers software based on one set of common code and data definitions that is consumed in a one-to-many model by all contracted customers at anytime on a pay-for-use basis or as a subscription based on use metrics.”

You might be asking yourself, What are a few examples of SaaS applications? SaaS applications include but are not limited to, Google, Twitter, Salesforce, and Mozy cloud backup. Because SaaS applications have significant benefits, they are rapidly penetrating the IT market. Benefits include low cost, pay-as-you-go subscription model, and little to no maintenance for the business owner.

As already mentioned, cost savings is always front of mind for a business owner. SaaS applications can save businesses money on multiple fronts. The biggest cost savings come in the form of not needing to purchase any on-premises hardware. The SaaS provider supplies the appropriate software and resources to get the customer up and running quickly. Using Mozy as an example, the customer purchases the Mozy service and then downloads the Mozy backup software via a silent install. In a relatively short time, the customer can be securely backing up important files.

The pay-as-you-go business model is simple yet efficient. Pay as you go gives you the benefit of accurate budgeting practices as well as the ability to forecast accordingly on costs as you scale your business. Pay as you go also gives you the flexibility of not being tied down by lengthy contracts that can hinder your business operations.

An additional benefit of being a SaaS customer is that the provider is responsible for making sure systems are up to date and that security is handled effectively. This is a huge upside for the customer because the IT department can utilize its time and resources on business-critical priorities. Security is something that SaaS providers do not take lightly. For example, Mozy data centers are world class, embracing the highest of security measures, including 24x7x365 onsite monitoring and security, temperature controls, backup power supplies, fire suppression systems, and biometric scanners.

The benefits of SaaS go far beyond what we’ve discussed in this post. SaaS applications provide numerous benefits across many different industries making it one of the fastest growing industries. In October of 2014, EMC further showed its commitment to the SaaS industry by acquiring Spanning, backup for born-in-cloud applications such as Office 365, Google Apps, and Salesforce. If you’re not already taking advantage of SaaS applications, now is the time to be asking yourself, “What can SaaS do for me?”

Why Should You Be HIPAA Compliant?

HIPAA, otherwise known as the Health Insurance Portability and Accountability Act, sets certain standards for how you handle and safeguard patient data. If you are in the healthcare business, you are required by law to be in compliance. But what does that mean exactly and why is it important? Let’s examine compliance a little closer so you can understand why it is a must for your business.

What It Means to Be HIPAA Compliant

There are many elements that make up the security standards set forth by HIPAA. In order to be compliant, you must meet all of them and continue to evaluate your systems as you move forward.

Safeguards

There are two main types of safeguards that you have to put in place: physical safeguards and technical safeguards.

Physical safeguards cover anything physical, including limited access to the facility and strict controls on who gets access. These safeguards also extend to any company you are working with that has access to your facility and the electronic storage media you use as well.

Technical safeguards cover who, what, and how people access and use the health data stored on your servers. This includes various aspects of security such as unique user IDs, emergency access policies, automatic log off policies, and encryption and decryption methods and usage.

Network and Transmission Security

One of the latest safeguards put in place by HIPAA is network and transmission security. These regulations cover how you transmit data and govern everything associated with that data, including email, file transmissions, Internet, and more. These policies not only dictate how you handle transmissions from one network to another, but even how data is handled on private networks as well.

Technical Policies

These policies include how you handle data and media in your organization. Set procedures and plans must be put in place for things such as disaster recovery and offsite backups, and even include how IT will handle any media failures to ensure the integrity of patient data and the policies you will use to quickly retrieve that data if needed.

Rule Enforcement

In addition to your security policies, you must put in place procedures to follow to enforce the new rules put in place and include the penalties that can be incurred if employees do not adhere to the standards and procedures to the letter. You must also continue to enforce these rules as you move forward.

Breach Notification

HIPAA extends far beyond what you would consider traditional security. In order to be HIPAA compliant, you will need to put in place set policies and procedures to follow if there is a data breach. These policies include how you notify any affected parties.

So Why Try to Be Compliant?

Why bother agreeing to these complicated regulations just to reach compliance? The quick answer is that compliance is the law! If you are dealing with anything healthcare related, including patient records, you must be compliant in order to conduct business. Second, compliance can be a huge selling point for your business, even you don’t deal with healthcare data today. Security has become an increasing concern among both businesses and individuals, and if you meet the government standards for security, you will be able to advertise that to your customers.

Conclusion

HIPAA compliance is complicated yet must be followed and adhered to by any business or individual that handles healthcare data. The more familiar you become with these regulations, the less likely you are to fall out of compliance. As complicated as HIPAA is, there are benefits. Not only will your business be more secure,  it will meet important government standards that safeguard sensitive data. That’s peace of mind to your security-minded customers.

The Nuances of Cloud Computing

The cloud has already changed the way data is stored, and while cloud storage is the most common feature of cloud computing, it is by no means the only, or the most innovative aspect of this digital resource. Here’s a look at cloud computing and what it can do.

Storage and Computation
The cloud does a lot more than you might think. For instance, cloud computing is used for gaming, especially by Microsoft in regards to the Xbox One console. While the cloud is great for data storage, it can also be used for computing tasks via the Internet. The Xbox One may boast some pearly specs, but what makes it truly powerful is that it can outsource some of the computations to the cloud which in turn allows the console to deliver better graphics, a higher frame rate, and increased bandwidth.

Another benefit of the cloud is that it’s cost effective. If you use it primarily for storage, the amount of storage you get for the cost is the best deal on the market. If you were to buy external hardware for data storage, for instance, it would be a far larger investment.

The flexibility the cloud provides is its biggest benefit. Access extra computing power or any data anywhere you are. Whether your work requires travel, or you find yourself most productive out of the office, the cloud works for you.

Storage Encryption
When data is stored in the cloud it is encrypted at the point of travel and while at rest within the cloud’s physical data center. When the data arrives at its destination an integrity check is applied that compares the data sent to the data received. This weeds out any anomalies or potential tampering that may have occurred in transit. However, the true security is the cyber perimeter, hosts, and applications. While in-transit data is a concern, data centers are big targets for potential cyber threats. Sophisticated data center operations help ensure that your data is secure regardless of the type of threat its exposed to.

The Cloud and Businesses
The cloud has changed businesses forever. Boiled down, the cloud is a cost-saving technology. It is an easy way for businesses to share information, projects, and resources with employees, clients, and customers.

Not only has the cloud made the cost of operations lower, it has also made it easier to start a business. This has led to a influx of startups and entrepreneurship around the world. Small companies can share collective infrastructure costs in the form of  subscription-based cloud services, such as Mozy by EMC. Small businesses are no longer tasked with a grand initial investment in terms of computing infrastructure, which promotes creativity in terms of new startups.

Mobile workforces have become common. A central office is no longer needed for businesses, especially small ones, which cuts costs even further because the cloud can be accessed by employees anywhere. Quite simply, cloud computing has changed where and how people work in profound ways.

What do you want in 2016?

It’s 2016. That’s right, another new year is here. If you’re like most people, you probably feel obligated to come up with a resolution or two. You can do that by quickly analyzing the past year, determining what you did well, admitting what you didn’t do well, and then deciding what you would like to accomplish this year.

At this point, you probably should be asking yourself two questions:

  1. Do I want to change?
  2. How do I want to change?

Let’s start with the first question: Do I want to change? If the answer is yes, then move on to the second question, How do I want to change? If the answer is no, then do nothing. Just keep on doing what you’re doing. Face life as it comes at you. Nothing wrong with that.

Answering the second question requires some courage because if you’re being honest about where you are in life, you’re going to have to admit that you’re doing some things well and other things not so well. Or maybe you’re not doing them at all.

You probably already know what you’re doing well. Usually, those are the things you do with confidence and with endless energy and lots of enthusiasm. On the other hand, the things you aren’t doing so well aren’t always so apparent. This is where a good friend comes in handy. If you want to know what you aren’t doing so well, just ask a friend. But be prepared because you might not like the answer. And your good friend (at least for now) might even take things to the next level by telling you what you’re not doing at all but should be doing.

If after asking your friend what you need to work on convinces you that he or she is right, then take some quiet time to reflect on how you can make improvements. In some cases all it might take is a minor adjustment or two. Sometimes just being aware of what you’re not doing well or what you could be doing is motivation enough to get you to do it.

Answering the question “How do I want to change?” requires courage because you have to do more than just face life as it comes at you. You’re not just reacting to life. Instead, acknowledging that you want to or need to change requires action. Action is a verb. You’re deciding what’s important to you and you’re going to do something about it—now. In simple terms, you’re deciding that you want to get from point A to point B. So you come up with a plan. The outcome is important enough to you that you’re committed to that plan regardless of the challenges or the unexpected. You’re going to succeed! You’re going to make 2016 a great year!

From all of us at Mozy, best wishes to you in 2016. Your future is as bright as your commitment to make the changes you decide you want to make.