TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Security

What Happens To Stolen Data After A Breach?

Michael Menor is Vice President of Support Services for Tech Experts.

Data breaches have become so common that virtually everyone has been impacted by a breach in some way. Breaches at big retailers make the news, and replacement credit cards ominously arrive in the mail from our banks.

However, there is a lot more to most data breaches than meets the eye, as is the case with more traditional robberies, the theft of data is often just the beginning of the crime. If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.

Understanding the Criminal Infrastructure
While “hacktivist” groups will periodically expose data to further an ideological cause, the vast majority of breaches are perpetrated by criminal groups focused on financial profit. Since very few of these attacks result in the direct theft of currency, criminals need a way to turn their stolen data into money.

Even in the simple case of stolen credit card information, criminals either need to sell the cards to other criminals or use the cards directly to commit fraud. In either case, the card data itself is a precursor to future fraud.

This may seem incidental at first, but there are important consequences. Specifically, the ability to monetize stolen data requires a very different set of skills than those needed to breach a network in the first place.

Data Protection on Red Keyboard Button.A network breach can be a relatively targeted operation perpetrated by a few attackers. However, once a breach is successful, the scale of the operation changes entirely. Whether the stolen data is personally identifiable information (PII), payment card data, or login credentials, the attackers face a challenge of scale. Millions of individual records need to be monetized either by reselling them or using the data directly for profit.

The sheer volume of data makes it impractical to do these tasks manually, and this is where cybercriminals need help. In most cases help arrives in the form of botnets that can automate the processing of individual records, and a larger ecosystem of organized crime that can consume the stolen data. Here are a few examples.

Direct Financial Fraud
Payment card breaches such as the recent attack against Target have obvious financial impacts and motivations. Yet while it is relatively simple for a criminal to derive value from an individual stolen credit card, doing the same for millions of cards is another thing entirely.

This is where the larger criminal ecosystem comes into play. The attackers behind the breach will sell the stolen card data to brokers, who in turn sell cards in batches to lower level criminals who use the data to either buy goods online or print cards to be used in physical stores.

This ecosystem shares a common problem in that stolen credit cards have a very limited shelf-life. As soon as it becomes apparent that a specific merchant has been compromised (Target for example), all of the compromised cards will be quickly deactivated.

This means that freshly stolen and active cards are highly valuable ($100 or more), while older cards can be worth pennies. This is a serious spread, and criminals need to know which sorts of cards they are buying, and the state of the cards they are holding.

To address this challenge, criminals will periodically test a subset of their cards by using them to make small online purchases. Attackers can drop a few hundred credit cards into a botnet programmed to make small purchases, and quickly determine the percentage of cards that are active and working.

Oddly enough, charities such as the Red Cross are a common recipients of these charges because they commonly receive small donations, and the purchase is unlikely to raise red flags with the consumer. Disrupting these validation steps could provide an interesting way to devalue the black-market price of stolen cards, and make the attacks less profitable for an attacker.

Stolen Credentials
End-user credentials (usernames and passwords) are another common target of attackers, and can provide considerable long-term value for additional attacks and fraud.

Unlike payment cards, there are no centralized authorities to deactivate compromised usernames and passwords in the event of a breach. A website that is compromised may lock out affected users so that they have to change their passwords, but there is nothing keeping an attacker from using the stolen credentials at other sites.

A 2011 study from PayPal unsurprisingly found that 60% of users reuse passwords at multiple sites, meaning that a breach at one site can easily spider out to other sites around the Internet.

In order to find sites where credentials are re-used, attackers again turn to botnets in what are called credential stuffing attacks. In these attacks, stolen credentials are fed into distributed botnets, which in turn slowly and deliberately test those credentials against high-value websites.

These attacks can afford to be patient, and will slowly test logins from many different IP addresses to avoid rate and reputation-based triggers that could expose the attack.
This strategy can transform a seemingly innocuous breach into something far more serious. If an attacker is able to take-over a victim’s account on an e-commerce site, they could easily commit fraud in the victim’s name.

Such fraud may take longer to identify because the attacker is using the victim’s real account and from a site that the victim is known to use.

Credentials to social media sites are also highly valuable, enabling an attacker to easily impersonate the victim and infect his or her social networks.

Likewise, compromised personal webmail accounts can be a goldmine for an attacker. Such access not only provides the attacker insight into the victim’s identity, but can also be key to breaking into additional online accounts.

Most sites and applications have an option to reset or resend a user’s password to the email address on file. If the attacker has access to the victim’s email account, he can again use a botnet to proactively find online accounts where that email is used, and then obtain or reset the victim’s password.

These are just a few examples, but it serves to illustrate why it’s important for security teams to consider the lifecycle of stolen data.

In order to monetize a breach, attackers often need to go through additional steps, and this provides additional opportunities to mitigate the effects of a breach.

Likewise, companies can insulate themselves from the impacts of breaches elsewhere on the Internet by knowing how criminals attempt to automatically use stolen data.

This of course won’t prevent breaches from happening in the future, but it certainly is possible to mitigate the damage.

(Image Source: iCLIPART)

Why Is Network Security Important For Your Small Business?

Michael Menor is Vice President of Support Services for Tech Experts.

Network security is very important to all networks big or small. The purpose of network security is to prevent loss, through the misuse of data.

There are a lot of issues that can arise when network security is not properly implemented and maintained, a few issues include, but are not limited, to the following: data destruction, data manipulation, and breach of confidentiality.

The most important layer of security is physical security, this should be the first line of defense for any network. An organization can have all the access rules, logical security policies, and Intrusion Detection Systems (IDS) in place, but nothing beats being protected at the physical level.

One of the simplest steps is to lock the door, for example the server room or network closet should have a physical door and lock that secures it. This can also include any items that may be vulnerable to theft or physical damage.

Another form of physical security can be having surveillance cameras monitoring the premises. This gives an organization that extra sense of security, especially after hours.
Earlier we discussed ways to secure the physical network, but what about the logical network? You do not want to be on a network that does not challenge you for logon credentials to access systems.

This is where authentication and password security comes into play. Securing a network with usernames and passwords can prevent unauthorized access to data and also provide measures that prevent unauthorized changes of systems.

System administrators can also implement a password complexity policy, which requires users to have passwords that are of a certain length, and contains a combinations of alphanumeric and special characters. It is also wise for users not to use any personal identifying characters in their passwords because this is usually the first things hackers look into.

The Internet is not a secure place, viruses pose a big security pad lockrisk to a computer network because there are so many out there. Without antivirus protection, a computer can get infected and may even infect other computers on the same network.

Depending on the purpose, or payload, of the virus, the viruses’ creator may have designed the virus to steal or delete information, render a system useless by using all resources, or even use the computer as part of a botnet. Antivirus software provides protection against most, but not all viruses.

Not only should users frequently update and scan their computers for viruses, but they must also be smart when browsing the Internet because many viruses can disguise themselves as legitimate software.

Firewalls are a great way to control the internal network traffic and also incoming traffic from the Internet.

While antivirus protection helps to protect a computer from potentially unwanted programs and viruses, a firewall can help to control network access into a computer system.

There are two types of firewalls: software- and hardware-based firewalls. Both provide similar functions, but it is best to implement a hardware firewall because it gives a system administrator the ability to make changes to a system as a whole, rather than at individual systems, or endpoints.

Within the firewall there are policies which allow or deny traffic based on the needs of the network. The most secure policy is a restrictive policy which denies all network traffic, this policy only allows essential network traffic to traverse the firewall.

If you have any questions about your network security give us a call at the office, (734) 457-5000, or email info@mytechexperts.com.

(Image Source: iCLIPART)

Effective Ways To Increase Your Privacy Online

c610923_mWith the increased hacking and account infiltration attempts, protecting people’s privacy has become extremely important.

While online, you can minimize your exposure by browsing privately or completely anonymously.

Private Browsing
You can browse the internet privately, by turning on the private browsing feature. It will prevent the history tracking of pages you visit. The feature is found in the main browser menu.

In Internet Explorer, the feature is called ‘Private Browsing,’ in Firefox, it is called ‘Private Window’ and in Google Chrome, it is called ‘Incognito mode.’

However, there are limits to private browsing: Any files you save or websites you visit will have your IP address as well as unencrypted data you send.

For greater privacy, there is Sandboxie, an application which prevents other programs from saving any data to your disk.

Protect Personal Data
It is good practice to use unique usernames and passwords for each computer user, including guests.

This will help to reduce unwanted access to your files. You could also encrypt your hard drive by enabling Bitlocker which will encrypt your entire drive, making it inaccessible to anyone without your Windows user password.

In case you don’t have Bitlocker built into your OS, TrueCrypt is another free alternative that will secure your files. When you need to completely delete your files, use a utility like Eraser which will ensure they can never be recovered.

Use a Private OS
The best way to ensure complete anonymity and privacy, you could work in an entirely different operating system from your regular OS through virtualization.

A wall is set up around the virtual computer to prevent anything you do from leaving files on your normal Windows file system.

This is an entire operating system devoted to privacy, and is installed on a DVD or USB to run on any computer.

Nothing is written to the computer’s main drives and your browsing activity is completely anonymous.

(Image Source: iCLIPART)

Does Your Organization Have A Security Program?

Michael Menor is Vice President of Support Services for Tech Experts.

No matter how large or small your company is, you need to have a plan to ensure the security of your information assets. Such a plan is called a security program by information security professionals.

Whether yours is five or 200 pages long, the process of creating a security program will make you think holistically about your organization’s security.

A security program provides the framework for keeping your company at a desired security level by assessing the risks you face, deciding how you will mitigate them, and planning for how you keep the program and your security practices up to date.

Think you don’t have anything of value to protect? Think again. The key asset that a security program helps to protect is your data – and the value of your business is in its data.

You already know this if your company is one of many whose data management is dictated by governmental and other regulations — for example, how you manage customer credit card data (PCI Compliance) or even how you handle sensitive patient information (HIPAA). If your data management practices are not already covered by regulations, consider the value of the following:

Product information, including designs, plans, patent applications, source code, and drawings.

Financial information, including market assessments and your c607128_mcompany’s own financial records.
Customer information, including confidential information you hold on behalf of customers or clients.

Protecting your data means protecting its confidentiality, integrity, and availability. Also known as the C-I-A triangle. The consequences of a failure to protect all three of these aspects include business losses, legal liability, and loss of company goodwill. Consider the following examples:

Failure to protect your data’s confidentiality might result in customer credit card numbers being stolen, with legal consequences and a loss of goodwill. Lose your clients’ confidential information and you may have fewer of them in the future.

A data integrity failure might result in a Trojan horse being planted in your software, allowing an intruder to pass your corporate secrets on to your competitors. If an integrity failure affects your accounting records, you may no longer really know your company’s true financial status.

Having a security program means that you’ve taken steps to mitigate the risk of losing data in any one of a variety of ways, and have defined a life cycle for managing the security of information and technology within your organization.

Hopefully the program is complete enough, and your implementation of the program is faithful enough, that you don’t have to experience a business loss resulting from a security incident. If you have a security program and you do experience a loss that has legal consequences, your written program can be used as evidence that you were diligent in protecting your data and following industry best practices.

Getting started in the right direction
It doesn’t matter whether your security program is five pages or 200 pages long. The important thing is that you have a security program and that you use it to address your company’s security in an organized, comprehensive, and holistic way. You can adapt the above elements to create a security program for your organization, or, if you need help, give us a call at (734) 457-5000.

Everyone needs to have a security program because it helps you maintain your focus on IT security. It helps you identify and stay in compliance with the regulations that affect how you manage your data. It keeps you on the right footing with your clients and your customers so that you meet both your legal and contractual obligations. Its life cycle process ensures that security is continuously adapting to your organization and the ever-changing IT environment we live in. And, of course, it’s the right thing to do because protecting your data’s security is the same as protecting your most important asset.

(Image Source: iCLIPART)

Data Security: Why You Should Be Concerned

by Michael Menor, Network Technician
All businesses, big or small, have client data which is the life blood of their company. Losing this data can prove deadly; even worse having this data held hostage.

The purpose of this article is to explain the importance of data security with encryption and also viruses like CryptoLocker which purposely encrypts your data and requests that you pay a ransom to release this data. This nasty little virus is no joke, many companies have fallen prey to it and have paid the ransom which ranges anywhere from $300 and upwards to $2000.

Let’s talk about this CryptoLocker virus. “What is it?” you ask. This is a piece of ransomware that targets computers with the Windows operating system. This virus is spread as an email attachment and has been seen to pose itself as a voicemail message.

Once CryptoLocker is installed on your computer, it encrypts all documents on your local computer, as well as ones that are stored on network drives and external storage. The encryption used is strong, 2048-bit, cracking this level of encryption is impossible.

It would take approximately 6.4 quadrillion years to break. Even if you were using a super computer it would take a very long time to break.

Hard drive encryption should be the first step in ensuring data integrity. Microsoft has their own encryption technology called BitLocker, which is only available on Windows Enterprise and Ultimate editions.

TrueCrypt is a free alternative. The only problem with this is that once you authenticate the drive that is secured with either software, it is ready for use and allows the user to freely read and write to the drive. Which in turn lets other programs on the computer do the same.

In regards to TrueCrypt, it has no supporting management infrastructure, and no key recovery system. If you forget your password, or something goes wrong with the TrueCrypt file, there is no way to get your data back. You must therefore keep separate backups. Another alternative to hard drive encryption is backing up your important data to the Cloud. You don’t have to worry about maintaining a storage server or carrying around an external hard drive. Everything is available to you wherever you go as long as you have an Internet connection.

Talking about all this data security will not stop the standard user from opening email attachments without verifying the sender of this file. Having proper net etiquette training can be very useful, you want your employees to understand the risks of these attachments and the possible risks involved when they’re viewing their email or even browsing the Internet.

Before users open any email attachments they should ask themselves. Is the email address trusted? Were you expecting an email from them? Is the spelling and grammar consistent with what you’d expect from the sender?

Security Expert, Nick Shaw has created software that can prevent CryptoLocker. This software prevents CryptoLocker from ever executing and has been proven to work on Windows XP and Windows 7 workstations.

Contact us for more information on how to prevent viruses or if you have any questions regarding data security and backups.

Mobile Device Management Is Key In Securing Your Network

by Jeremy Miller, Technician
Mobile devices have been finding their way into the workplace since the cell phone was invented. Since the evolution of mobile devices in the workplace is rapidly growing and changing it can be hard to make sure that your device is not leaking company information intentionally or even unintentionally.

Information Technology (IT) has had to evolve alongside mobile technology and how to secure devices without restricting too much access.

There are usually two options of allowing mobile devices in the workplace. You can provide your employees with a company owned device or you can allow them to use their personal device.

Providing your employees with a company owned device allows you to monitor every detail about the phone including calls, messages, installed apps and location of the device. This is possible because the employee can expect no privacy from the company on this device.

When you allow an employee to use their own device at work you have to take their personal privacy in consideration. You might not want to monitor their phone calls, messages and apps installed.

Instead you can make the device more secure. You can install monitoring software that will allow you to lock the device if it gets lost, wipe the device if you know it may have fallen into the wrong hands, or find the device by using GPS location.

We have the ability to install our monitoring software onto any Android or iOS device and choose a profile that will suit a personally owned device, a company owned device or we can even customize a plan that will suit your needs even more specifically.

Since mobile devices are prone to getting lost or stolen they need to be protected in the best way that you can. In most cases installing monitoring software is the best solution.

This is because we can monitor the phone without interfering with the device usage. Once the device is compromised we can act quickly to get the device secured.

On the other hand if you notice an employee is acting suspiciously you can monitor their phone usage to determine if they are wasting time or acting maliciously against the company and take action before something more serious happens.

The best part about managing your mobile devices through Tech Experts, is that we are very competitive with other personal phone security managers out there in both price and features.

Our prices are very affordable and services can be easily customized to meet your needs.

It takes just about as long as installing an app to your phone as it does to setup our management software on any mobile device running Android or iOS.

You will be able to rest assured that your mobile devices are virtually safe from data loss, your employees are using their resources and time accordingly, and in the event of an issue we will be there to assist you in any way we can.

If you are interested in trying out our mobile device management service please contact us and we will be happy to help you with any questions.

Network Security: Top Tips For A Secure Network

by Michael Menor, Network Technician
As the first layer of defense in your network, it is important to take a step back and review the design of your perimeter security.

To ensure a sound architecture, you want to start with what ultimately must be protected and then design your perimeter security so it can scale as your needs grow/change. Since the threats you know about and face today may not be the ones you face tomorrow, you want to be sure your design is flexible enough to meet future needs.

Think of your network perimeter like a castle during medieval times, which has multiple layers of defense – a moat, high walls, big gate, guards, etc. Even in medieval times, people understood the importance of having layers of security and the concept is no different today in information security. Here are four tips:

Build layers of security around your castle
No defense is 100% effective. That’s why defense-in-depth is so important when it comes to building out your security. The traditional first line of defense against attacks is typically the firewall, which is configured to allow/deny traffic by source/destination IP, port or protocol.

It’s very binary – either traffic is allowed or it’s blocked by these variables. The evolution of these network security devices has brought the Next-Generation firewall, which can include application control, identity awareness and other capabilities such as IPS (Intrusion Prevention Systems), web filtering, advanced malware detection, and more baked into one appliance.

Whether or not it’s part of your firewall or a separate device, IPS is another important perimeter defense mechanism. Having your IPS properly optimized and monitored is a good way to catch attackers that have slipped past the first castle defense (firewall/router).

The popularity of moving more into the cloud has brought cloud-based malware detection and DDoS (Distributed Denial of Service) services. Unlike appliance-based solutions these are cloud-based services that sit outside your architecture and analyze traffic before it hits your network.

Harden your device configurations, software updates and security policies
Here is where we start building those walls to prevent attackers from getting inside the castle. The first line of defense typically involves network security devices such as routers, firewalls, etc. which each act like the guards, gate, moats, etc. of long ago.

For each layer of security, you want to ensure they are running the most up-to-date software and operating systems, and that devices are configured properly.

A common misstep occurs when organizations assume they are secure because of their many layers of defense, but a misconfigured device is like giving an attacker a key to the castle. Another important practice is to tighten security policies (of course without impacting the business), so for example you don’t have a router allowing just anyone to Telnet to it from outside your network.

Enable secure network access
While firewalls, routers and other security layers are in place to prevent unauthorized access, they also enable access that is approved. So how do we let authorized personnel into the castle? The drawbridge of course! Next-generation firewalls can help here by scanning inbound and outbound user traffic, all while looking for patterns of suspicious behavior.

Password complexity also plays a big part in Secure Network Access. Ensure your users are following these common rules.

  • The password must be exactly 8 characters long.
  • It must contain at least one letter, one number, and one special character.
  • Two of the same characters sitting next to each other are considered to be a “set.” No “sets” are allowed.
  • Avoid using names, such as your name, user ID, or the name of your company or employer.
  • A new password shouldn’t be too similar to the previous password.

Another way to have secure access from the outside through the perimeter is to install a VPN (Virtual Private Network) that is configured to allow encrypted communication to your network from the outside. Utilizing two-factor authentication with a VPN contributes towards ensuring the integrity of the users making the request. This is external-facing to your network and allows users to tunnel into your LAN (Local Area Network) from the outside once the appropriate measures are taken to secure access.

Create and segment the DMZ
If firewalls, routers, web filters, etc. are the guards, moat, gate, walls of a castle, then the DMZ (De-Militarized Zone) is like the courtyard once inside the castle – another area before the private quarters.

When creating a DMZ, there should be at least a front-end firewall for the external traffic and a back-end firewall for the internal traffic. Firewall rules should be optimized and tightened on all publicly available systems to allow traffic to only the necessary ports and services in the DMZ. From an internal perspective you also want to limit who can access systems within the DMZ. One approach is creating firewall rules to only allow the source IP addresses and port to the specific server and then adding proxies in the network from which admins are allowed access to the systems.

Segmenting systems within the DMZ is also something to strongly consider so that if a system is breached in the DMZ, it can’t spread as easily. For example, you don’t want a web server passing data to an application or database server in a “public DMZ.” Configuring systems within different VLANs (with a layer 3 switch) will help you isolate and respond to incidents if a server in a DMZ is compromised.

A sound network security perimeter architecture requires multiple layers of defense, up-to-date and hardened policies and controls and segmentation. All of these things make it harder for an attacker to gain access to your crown jewels and easier for you to isolate and respond to breaches when they occur.

How You Can Benefit From An Annual Security Assessment

by Jeremy Miller, Technician
Most companies have an IT service provider or an IT department to take care of all of the IT needs of the company.

These technicians can easily address any issues that arise. Most issues are not addressed until they become known and are reported to the IT service provider either from the person having the issue or monitoring software they have installed.

It is best to have your IT service provider run an assessment once or even better twice a year.

This can make you and your IT provider aware of any security issues that are not easily monitored or would cost too much to monitor.

A security audit can be implemented for a number of reasons.

Some organizations are required to have them if the information they are using needs to be secure based on a compliance standard such as HIPPA or PCI.

Every day new vulnerabilities are discovered and it is too time consuming to test every device on every network for each security risk that is discovered as they are discovered.

This is where the security audit shines; it can be used to check for any known vulnerability on every device on your network.
Even with all of the security software commonly installed on all business computers such as anti-virus, service checks, and patch management there can still be security risks running behind the scenes that can be detrimental to your company.

A security assessment can let you know if any software is using an insecure port to an employee’s malicious actions.

It can show you if an application is using more bandwidth than it should, which may be causing other issues on your network.

Security assessments are the best tools to test for data leakage. Data loss is every businesses problem. Significant data loss causes a business to fail almost 70% of the time.

There are other times beside annually that it is good to get a security assessment. It would be best to get them before and after changing IT providers.

It is good to get one after any large installation or migration. This can be a business application, hardware such as new computers or a new server or even a physical migration such as moving to a new location or building an addition.

Security assessments are increased in effectiveness when you run a baseline security assessment. A baseline security assessment is when you run an assessment before you do any changes to your current IT setup.

This will let you know where you are before any changes are made. You can then have a comparison to verify that your security is improving.

A baseline security assessment will also let you know what vulnerabilities you need to address. Some of these vulnerability issues can be quite costly to repair and are great to plan for.

The sooner you get an assessment the sooner you will be able to make informed decisions based on your actual network risks security requirements.

Everyone’s security needs are different; we can assist you with any questions or concerns that you may have about security assessments.

Better Passwords: Keep Your Information Secure!

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

It could be your email, your pictures, or your company documents and files – whatever you have on your computer needs to protected from hackers, identity thieves, nosy employees and other cyber troublemakers.

Imagine if all of your private, personal and company information were available on the public Internet. And then, take a few minutes to follow the steps below and help make your systems more secure.

Use a different password for each important service
Make sure you have a different password for every important account you have. Hackers will steal your username and password from one site, and then use them to try to log into lots of other sites where you might have an account.

Even large, reputable sites sometimes have their password databases stolen. If you use the same password across many different sites, there’s a greater chance it might end up on a list of stolen passwords. And the more accounts you have that use that password, the more data you might lose if that password is stolen.

Giving an account its own, strong password helps protect you and your information in that account.

Make your password hard to guess
“password.” “123456.” “My name is Inigo Montoya. You killed my father. Prepare to die!” These examples are terrible passwords because everyone knows them – including potential attackers.

Making your passwords longer or more complicated makes them harder to guess for both bad guys and people who know you.

Complex and lengthy passwords can be a pain – the average password is shorter than eight characters, and many just contain letters. Analysis shows that only 54 percent of passwords include numbers, and only 3.7 percent have special characters like & or $.

One way to build a strong password is to think of a phrase or sentence that other people wouldn’t know and then use that to build your password.

For example, for your email you could think of a personal message like “I want to get better at responding to emails quickly and concisely” and then build your password from numbers, symbols, and the first letters of each word—“iw2gb@r2eq&c”.

Don’t use popular phrases or lyrics to build your password—research suggests that people gravitate to the same phrases, and you want your password to be something only you know.

Keep your password somewhere safe
Research shows that worrying about remembering too many passwords is the chief reason people reuse certain passwords across multiple services.

But don’t worry – if you’ve created so many passwords that it’s hard to remember them, it’s OK to make a list and write them down. Just make sure you keep your list in a safe place, where you won’t lose it and others won’t be able to find it.

If you’d prefer to manage your passwords digitally, a trusted password manager might be a good option. Many web browsers have free password managers built into them, and there are many independent options as well.

Windows XP Support Ending Soon

By Tech Experts Staff
Windows XP set the bar for business friendly operating systems and has been in use for over twelve years now. Microsoft is now pushing users to its new operating system, Windows 8. Many users and administrators alike feel that Windows 8 will not be a suitable business friendly operating system for its users.

Another issue with Windows 8 is that many software providers still do not support it so as a business where should you be looking? Windows 7 has been the most business/application friendly operating system since Windows XP so that would be the best replacement.

Since Microsoft is discontinuing support for Windows XP, what does that mean exactly and when is it going to happen?

Microsoft has set a date of April 8th 2014 as the end of support date for Windows XP. Oh, 2014 you have plenty of time to plan down the road right? Wrong, when Microsoft stops supporting the operating system it will become very vulnerable to attacks so you want to make sure this is completed before Microsoft ends support.

Hackers will develop malware to attack XP and Microsoft will no longer be working to patch the holes that cyber criminals are using to steal your personal information.

Since support is ending it means that doing online banking or other transactions on your personal computer running this operating system will become extremely dangerous. In relation to businesses, they risk exposing client data which can be very costly.
Businesses need to plan these operating system upgrades as it will take a decent amount of time/preparation to complete smoothly and successfully.

Planning means start now don’t wait till the last minute or you will not be able to get everything switched over in a smooth fashion. Since upgrading computers from Windows XP to Windows 7 is the best option to prevent major security risks what needs to be considered to accomplish this?

The first step in getting your company ready for operating system upgrades is making sure your software is compatible. Many organizations use software that is specific to their industry, the software companies that develop this software also needs to be preparing.

Companies should be checking with their software providers to ensure their software will work on Windows 7 and should get documentation on how to smoothly upgrade their computers software for the least downtime possible.

Not only does industry specific software need to be addressed but software you use every day also needs to be looked at. Most computers running Windows 7 are 64 bit operating systems, that being said not all software runs on a 64 bit operating system.

One application I can think of that is not compatible with Windows 7 (we have seen numerous issues) is older versions of Microsoft Office. Businesses need to not only keep their operating systems up to date but this software also should be. Office XP does not function properly on Windows 7 nor do any other old versions.
The other problem with keeping old software like this is the file formats have changed since they have been released. Your clients may start sending documents to you that your copy of Office might not be able to read. Office 2010 pairs well with Windows 7 and it supports all current file versions released by Microsoft.

One final consideration, many businesses and users alike want to know what it will cost to simply upgrade from Windows XP to Windows 7 however, there are two problems with this.

First, Windows XP to Windows 7 does not offer an in place upgrade, this means that all of your software, user files, etc. would be lost simply doing an “upgrade” to Windows 7. While user files can be backed up, software/applications cannot, they will have to be reinstalled.

Second, upgrading an old workstation may not be worthwhile. In most cases, older hardware was not designed to run Windows 7 and because of this tends to run slower and not perform as well as a computer that was designed for it.

We highly recommend upgrading the entire workstation to new hardware, especially in the case of businesses. It just doesn’t make sense to spend all the money on the time involved in upgrading the operating system if you can’t gain speed benefits and make your employees more productive.

Need a hand getting started with your businesses upgrade? Give us a call today at (734) 457-5000 and we can work with you on a plan to get your company switched over to Windows 7 so that your computers remain supported for years to come.