888 647 7002 info@above.care
How to Spot a Phishing Attack

How to Spot a Phishing Attack

Text from the e-mail sounds legitimate enough, but in reality, you may be the victim of a phishing attack. Identity thieves, masquerading as Royal Bank, PayPal, or other financial or Internet companies, try to dupe you into clicking phony links to verify personal or account information. You’re asked for home addresses, passwords, social security numbers, credit cards numbers, banking account information, and so on.

Bottom line: Never click links embedded in suspicious e-mails. When you hover the cursor over a link such as www.paypal.com, it actually leads elsewhere.

To lend authenticity to these appeals, the spoof e-mails often are dressed up with real company logos and addresses, plus a forged company name in the From line (for example, From: support@ebay.com). Phishing may take the form of falsified company newsletters. Or there may be bogus requests for you to reconfirm personal data.

So how do you know when the e-mail request you’re reading is really a phishing attack?

  • Obvious giveaways in some fake e-mails are misspellings, rotten grammar, and repeated words or sentences.

  • No company on the level is going to ask you to reconfirm data that’s been lost.

  • Reputable companies usually refer to you by your real first and last names and business affiliations rather than Dear Member or Dear PayPal Customer.

  • If you have doubts that a communication is legit, open a new browser window and type the real company name yourself (for example, www.ebay.com or www.paypal.com.) Your gut instincts concerning phony mail are probably on the mark.

Here’s an excerpt lifted from a phishing attack:

Dear TD Customer,

(URGENT) Your TD Online Banking has been suspended. To unlock your account, click here.

New Income Tax Forms for Canada

New Income Tax Forms for Canada

The new year brings some changes to personal income tax for Canadians. Here are the 2017 TD1 forms for you and your employees:

Federal TD1:  https://www.abovestudio1.com/forms/td1-fill-17e.pdf

Alberta TD1: https://www.abovestudio1.com/forms/td1ab-fill-17e.pdf

And for those not in Alberta, the forms for all the provinces can be found at:


For any of your Xero, WagePoint payroll or Apple Technology needs, please contact us.

Happy New Year!

Your team at Above Studio 1

above.care™ Managed Services: Terms of Engagement

above.care™ Managed Services: Terms of Engagement

above.care™ Tight Managed Services

Terms of Engagement

We like Plain English over heretofore and wherein. This document explains in plain english what an above.care™ Tight Managed Services membership is, and how it benefits you.

We update this document constantly as technology evolves and we improve our services.

These Terms address the maintenance of operating systems, network software, device configuration, security, safety, and reliability of your computing infrastructure.

Definition: Managed Services

“Managed services is the practice of outsourcing on a proactive basis management responsibilities and functions and a strategic method for improving operations and cutting expenses. It appears as an alternative to the break/fix or on-demand outsourcing model where the service provider performs on-demand services and bills the customer only for the work done.” — Wikipedia

We want to be on your bench as your I.T. department. There are 3 keys to giving you the best experience possible:

  1. Proactive Monitoring and Maintenance – Our cutting edge software agents for Mac are like Heart Monitors and Pulse Oximeters. We can often fix problems before you’re even aware of them
  2. Automated security and stability updates – Our software agents make it easy for your end users to be confident their systems are secure, safe, and completely up to date. They even monitor for Malware and Viruses, automating a response when necessary.
  3. Prescribed and Proven Methodologies – We recommend and support a curated line of business class networking hardware and software solutions, carefully chosen to make the finest level of support easy for all.

What We Do:

  1. Automated Health and Wellness monitoring of each Mac for which a membership is purchased.
    1. When our above.care™ Wellness Monitoring Agent is installed it will notify us of exceptions and irregularities.
    2. Response to irregularities or exceptions is free of charge if the effort requires less than :20 minutes.
    3. Our goal is to respond proactively to these irregularities or exceptions, when possible before you’re even aware there’s a problem.
  2. Manage Software Installations and Updates
    1. When installed, our above.care™ Tight Agent automatically installs software updates and patches including security updates to OS X and security updates to many common Mac based applications.
    2. We maintain and constantly update a large catalog of software for you, making it easy to find safe and secure software that is Mac compatible. These titles are available on any Mac on which our above.care™ Tight Agent is installed and can be found using the App “Managed Software Center”.
    3. We may enable the Virus Scanning feature of our above.care™ Tight Agent.
  3. Manage Your Server
    1. Where a Mac qualified with an above.care™ Tight Membership is a Server, we may provide Administrative oversight of day to day maintenance using secure remote access tools, specifically Apple Remote Desktop through a secure VPN connection.
    2. We use enterprise class I.T. Governance techniques, influenced largely by The COBIT, and set out in our IT Governance Baseline Checklist.
    3. We may provide a solution for off-site “Cloud Based” backup of a server if appropriate.
  4. Manage Your Network
    1. When you have your fleet of Macs enrolled in an above.care™ Tight Membership, and we provide recommended network infrastructure, oversight and management of that infrastructure is free if the response requires less than :20 minutes.
    2. Your network infrastructure (i.e. Routers, Switches and Access Points) must have been purchased through us and must be capable of remote or cloud based management (eg: Meraki, DD-WRT).
    3. If we recommend and implement an MDM (Mobile Device Management) system, ongoing oversight and management is free if the response requires less than :20 minutes.
  5. Maintain and Monitor a Server Backup
    1. Our above.care™ Wellness Monitoring Agent will proactively notify us of an exception to normal backup routines. Our response is free of charge if resolution can be completed in less than :20 minutes.
    2. An above.care™ Tight Membership includes a free cloud based backup of your server. We may recommend additional backup strategies if fast recovery is mission critical.

You agree to:

Communicate openly with us

We view our relationship as organic— our responsibility to you evolves. You count on us to keep you informed of emerging concerns, and we rely on you to keep us informed of problems or changes to your IT environment.

We can solve most any problem if we’re aware of it.

Pay our fees

We sometimes like to say “you pay us not to see us”. If we’re doing our jobs the way we like, we’re sheltering you from complexity, and keeping things safe, healthy, and functional behind the scenes.

You agree to pay $60 per month for each Mac enrolled in our above.care™ Tight Managed Services Membership. Custom pricing may be negotiated when membership quantities exceed 5 Macs.

For Macs with an above.care™ Membership, if we can provide a resolution to your support question in less than :20 minutes, it’s free. Support time in excess of :20 minutes is billed at our “members rate” of 50% off our standard rate (currently $160 per hour).

Use our electronic support tools when possible

We provide a means for you to ask for help electronically— this approach allows us to be efficient, documenting issues thoroughly and repurposing the knowledge when appropriate.


We don’t enforce a contract. We believe you’ll recognize value in maintaining your above.care™ Memberships, and we work hard to ensure that.

Either of us can terminate membership with 30 days notice.

The Personal Apple ID in a Corporate World: an FAQ for employees

The Personal Apple ID in a Corporate World: an FAQ for employees

Helping companies change their world is an exciting responsibility. When a small or medium sized business invests in a fleet of Apple devices, we sometimes have to help people understand why things are done a certain way. Confusion around Apple IDs and how / why we recommend they be used happens all the time.

This is a DRAFT that may help other business people have the right conversations with their employees when iOS devices are being managed using our preferred approach– this document will evolve and your input is invited.

iPhone / iPad FAQ:

Introduction — Your Apple ID is the email address and password you use to sign in to Apple services including iCloud, the App Store, the iTunes Store and more. Apple takes the privacy of your personal information very seriously and employs industry-standard practices to safeguard your Apple ID.

Why do we get iPhones and iPads? — We want you to enjoy the best and most secure technology available. We know that Apple devices hold their value better, and that the “return on investment” is higher than with other devices.

Why do we have to use an Apple ID on these iPhones and iPads anyway? — iPhones and iPads get many of their capabilities from the “Cloud” based infrastructure that Apple has built. This includes things like the App Store, iCloud email, Pages, Numbers and Keynote (word processing, spreadsheet, and presentation software programs). The only way to have the best experience with iOS devices is to use an Apple ID.

Just how secure are Apple IDs and my information in the Apple “cloud”? — Apple IDs are like Social Insurance Numbers, and Apple has designed these systems with the ultimate security and privacy in mind. This design means that even if they wanted to, they couldn’t decrypt your information without your blessing. You can make your Apple ID so secure that the instant anyone TRIES to access your information, you’re made aware of it— that’s part of a feature called Two Factor Authentication.

Why do want us to use our own Apple ID? — We want you to have the best experience possible with your company owned iPhone. Using your own Apple ID keeps it simple for you. None of us have to babysit a bunch of different passwords, and you get the benefit of Apple’s iCloud eco-system which includes Music, Apps, Photos, and more. Note that you CAN create a new Apple ID, strictly for use on your company Apple devices— it’s up to you.

If I use my own Apple ID, can you see any of my information? — No. Apple takes the personal privacy of it’s Apple ID account holders very seriously. We, nor any governmental agency can access your private information, including your photos, messages, iCloud emails, contacts, or iCloud drive documents.

Can you see where I am, or what I’m doing? — Not reliably. Because of concern for YOUR Privacy, Apple does not provide this capability to us. If necessary, we can TRY to see where a phone is located geographically using a management tool, but it’s only accurate under very specific conditions.

So exactly what CAN you see then? — Only things directly related to the safety and security of the device itself. It is an expensive company asset after all. The question is, what are we INTERESTED in seeing?… we want to make sure the device has up to date software, so we can see what version of the operating system is installed. We want to feel confident that the devices are being used mostly for work related purposes, so we can see what Apps are installed. We can see some health related metrics about the device like battery life, network strength, how much storage space is available, and whether information is being encrypted properly.

And what ELSE is happening that I should be aware of? — We want to prevent company secrets from being compromised, so the devices are being prevented from having Company related information inter-mingled with your Personal information. We want to be able to remotely erase the device if it’s lost or stolen, so we can send a signal “over the air” for the device to do that to itself. We have used a security feature of the Apple eco-system called Supervision, which prevents the device from being activated by anyone else if it’s lost or stolen and we can’t recover it. We configure the devices to enforce the use of a Passcode. We may also block the installation of some known “inappropriate” Apps. Later, we may “invite” you to install Apps that WE pay for.

Speaking of devices being lost or stolen, what’s the right thing to do if that happens? — First, tell someone. We may ask you to try to use Find my iPhone to locate, lock, or wipe the device. That alone is a compelling reason for you to use your own Apple ID— as the “rightful end-user”, you have the ability to fairly reliably see where the device is on a map—- if you recall, we do not. If that doesn’t work, we may then try to remotely lock or wipe the device using our management tools. If we’re fortunate enough to recover the device, we can unlock it again.

Early Adopters Eat the Others for Breakfast

Early Adopters Eat the Others for Breakfast

There are lots of opinions about the importance of constant improvement of your business operations, but no on puts it as succinctly as Andy Lark, CMO of Xero.

I’ve seen it over and over. Small businesses spend some time and money implementing a system that’s monolithic in nature, overly bulky, expensive, and inflexible. “That’s what our accountant said we should use”. Or “I saw the ad on TV during The Masters”.

Companies like SAP, Sage, Intuit, or even Microsoft spend millions convincing you that their product is what you need. Instead, talk to us about a better approach. We can save you money, AND make your company more agile. We’ll show you how to innovate, navigate change, and evolve your business technology constantly, so you can be one of the sharks.