Security

Five Keys For Small Business Preventive Security Measures

November 1, 2017

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

We continually mention the importance of network and password security for small businesses for good reason. The increasing security threats and cases of security breaches in both large and small enterprises show that we are more at risk than ever before of suffering a security violation.

Regulated entities such as medical offices (HIPAA) and financial institutions (FINRA) are especially susceptible to breachs and security incidents.

Prevention is always better than cure. To this end, here are five security measures you should start putting in place today.

Limit lateral data transfers
One of the biggest contributors to internal data breaches is a lack of employee knowledge of security issues. It’s important to protect strategically important information and data by limiting who has access to it.

Furthermore, you can employ network segmentation to reduce any unnecessary communication between internal and external networks.

Ensure machines and devices are updated
Internal breaches can result from the use of unprotected machines. Without being aware, employees may download malware or ransomware.

However, this may not be a problem if the software and operating systems on the machines are up to date.

Keeping all devices and the accompanying software and security structures up to date will make a significant contribution to protecting your systems.

Monitor activity to identify suspicious activity
Sometimes, a security breach may not involve any employees. Network administrators should ensure the latest monitoring software is in use to monitor behaviors and immediately detect anything that looks amiss.

Cyber criminals are aware of these types of activities and often conceal themselves deep in the network to exploit the system over a prolonged period of time.

Even if you miss the threat the first time, the monitoring system will provide meaningful insights that will help you recognize foul play.

Ensure robust passwords are in place
When it comes to system passwords and login procedures, you can always improve. In addition to the more traditional text-based password access, you should also ensure you have more up-to-date security mechanisms in place such as fingerprint access and smartcards. These are much more challenging for cyber criminals to replicate.

Embrace cyber insurance policies
No system can be completely safe from a cyber attack. Criminals are getting smarter and smarter, and what appears to be an impenetrable system one day can be infiltrated the next.

For this reason, you may wish to take out cyber insurance to cover any costs you incur if things do go seriously wrong.

Do I Really Need A Firewall For My Business?

October 12, 2017

Ron Cochran is a senior help desk technician for Tech Experts.

Before we answer that, let’s look at what a firewall actually is. No, no actual flames of any kind are involved whatsoever.

A firewall is a barrier or “shield” intended to protect your PC, tablet, or phone from the data-based malware dangers that exist on the Internet. Data is exchanged between your computer and servers and routers in cyberspace, and firewalls monitor this data (sent in packets) to check whether they’re safe or not.

This is done by establishing whether the packets meet the rules that have been set up. Based on these rules, packets of data are accepted or rejected.

While most operating systems (desktop and mobile) feature a basic built-in firewall, the best results can usually be gained from using a dedicated firewall application, unless you know how to set up the built-in firewall properly and have the time to do so.

Firewall applications in security suites feature a host of automated tools that use whitelisting to check which of your applications should accept and reject data from the Internet — something that most users might find far too time consuming to do manually.

So it makes sense, now that it’s clear what a firewall is for, to have one installed and active. But just in case you’re still doubtful of the benefits…

Everyone who accesses the Internet needs a firewall of some kind. Without one, your computer will allow access to anyone who requests it and will open up your data to hackers more easily. The good news is that both Windows and Apple computers now come with built-in software firewalls (although the Mac’s firewall is turned off by default).

But businesses, especially those with multiple users or those that keep sensitive data, typically need firewalls that are more robust, more customizable, and offer better reporting than these consumer-grade alternatives.

Even a relatively small business engages in exponentially more interactions than an individual, with multiple users and workstations, and customers and suppliers. These days, most of those interactions are online and pose risks.

Not only are businesses exposed to riskier online interactions, the potential damage from each interaction is also greater. Businesses frequently keep everything from competitive bids and marketing plans to sensitive banking and customer data on their computers. When unprotected, the exposure is enormous.

Firewalls also allow computers outside of your network to securely connect to the servers that are inside your network. This is critical for employees who work remotely. It gives you the control to let the “good” connections in and keep the “bad” connections out.

Hardware firewalls must be compatible with your system and must be able to handle the throughput your business requires. They must be configured properly or they won’t work and can even stop your network from functioning entirely. You can use multiple hardware firewalls to take advantage of differing strengths and weaknesses.

Some industries (like medical and financial services) have specific regulatory requirements, so it’s important to consult your IT professional before choosing a firewall to make sure you’re not exposing your business to unnecessary liability.

It’s also important for you, or your IT service company, to constantly monitor the firewall to ensure it is up and working, as well as to ensure that it is regularly updated with security patches and virus definitions.

If you currently are not protected by a firewall or would like to inquire about an upgrade to your network infrastructure, please feel free to email (info@mytechexperts.com) or call (734-457-5000).

Windows 10 Creator’s Fall Update to Bring Hardened Ransomware Protection

August 24, 2017

jared-stemeye — Jared Stemeye is a Help Desk Technician at Tech Experts.

2017 has seen some of the most high-profile ransomware and cryptoware attacks to date. These incidents have demonstrated that these types of attacks can have catastrophic effects that reach far beyond the ransom demands paid to these attackers.

The cost of downtime and damage control multiplies quickly. Even more damaging is being impacted because critical infrastructure or health care services are unexpectedly unavailable for extended periods of time, consequently costing much more than any monetary value.

Microsoft has stated that they recognize the threat that these cybercrimes represent and have since invested significant yet simple strategies that are proving to be extremely effective as new attacks emerge. These new security features are now coming to all businesses and consumers using Windows 10 with the Creators Fall Update.

These advanced security features are focusing on three primary objectives:

Protecting your Windows 10 system by strengthening both software and hardware jointly, improving hardware-based security and mitigating vulnerabilities to significantly raise the cost of an attack on Windows 10 systems. Meaning hackers will need to spend a lot of time and money to keep up with these security features.
Recognizing that history has revealed vastly capable and well-funded attackers can find unexpected routes to their objectives. These latest security updates detect and help prevent against these threats with new advances in protection services like Windows Defender Antivirus and Windows Defender Advanced Threat Protection.
Enabling customers and security experts to respond to threats that may have impacted them with newly updated tools like Windows Defender ATP. This will provide security operations personnel the tools to act swiftly with completeness of information to remediate an attack that may have impacted them.

Microsoft states this is a proven strategy that has remained 100% successful on Windows 10 S, the new secure version of Microsoft’s flagship operating system. Albeit, this version of the operating system does not allow any software from outside the Microsoft App Store to be installed.

Further, Microsoft states that even prior to the fall security updates rolling out, no Windows 10 customers were known to be compromised by the recent WannaCry global cyberattack. Despite this, Microsoft knows that there will always be unforeseeable exploits within their systems.

This is why the Windows 10 Creator’s Fall Update benefits from new security investments to stop malicious code via features like Kernel Control Flow Guard (kCFG) and Arbitrary Code Guard (ACG) for Microsoft Edge. These kinds of investments allow Windows 10 to mitigate potential attacks by targeting the techniques hackers use, instead of reacting to specific threats after they emerge.

Most importantly, Windows Defender security updates coming in this Fall will begin to leverage the power of the cloud and artificial intelligence built on top of the Microsoft Intelligent Security Graph (ISG) to promptly identify new threats, including ransomware, as they are first seen anywhere around the globe.

Though no exact date is set in stone, all of the amazing security updates detailed above will be available this Fall 2017 for free. For more information about the Creator’s Fall update beyond the security features, visit https://www.microsoft.com/en-us/windows/upcoming-features.

Is Your Network Due For A Security Audit?

July 13, 2017

Businesses always face security risks from a variety of different sources.

Performing a security audit can help you to identify where you have exposures, develop a better understanding of the security policies and controls you have in place, and catalog your IT assets.

This article presents a quick and simple guide to performing a robust security audit that will help safeguard your organization against risks.

Define the physical scope of the audit
The first major task involves determining exactly what you will audit.

For example, you may wish to focus on business processes, such as financial reporting, or asset groups, such as a specific branch office. [Read more…] about Is Your Network Due For A Security Audit?

Rules Of Thumb To Avoid An Infection

June 30, 2017

Anthony Glover is Tech Expert’s senior network engineer and service manager.

A virus can be an upsetting, expensive endeavor to deal with. A virus can wreak havoc on your personal files (like important spreadsheets or family photos) or the system files that keep your computer functioning.

These files can become corrupted, encrypted, or deleted, which makes recovery difficult or sometimes impossible.

Some less obvious viruses — the ones that might slow down your system instead of destroying it — can still affect you by stealing data and what you type on your keyboard, gaining access to your stored credit card information or important sites you use, like your bank. [Read more…] about Rules Of Thumb To Avoid An Infection

Who Should Be An Administrator On Your Network?

June 7, 2017

Luke Gruden is a help desk technician for Tech Experts.

In the world of computers, administrators have access to everything in Windows. Having administrator rights allows you to download anything, change any policy, and even change registry entries in Windows. An administrator has enough control over Windows to radically change how it works, even break Windows permanently.

So, who should be an administrator? The answer is different depending on the environment and work being done. In general, the administrator account should only be used by a person who is very experienced and knowledgeable in computers, like a professional IT tech. An inexperienced person with an administrator account could permanently damage the operating system or even destroy the computer itself on accident.

A user that has admin (administrator) rights, even without being in the core files, could still cause unintentional harm to the computer. This can happen because malicious files can be accidentally downloaded and ran and, when you run a program as an admin, you give that program the rights to change your computer inside and out. Malicious programs run by an admin can ruin entire networks of computers. This, sadly, has happened to many businesses.

Domain Networks

On a domain network where many computers are connected to a server, there should be a very small amount of administrators. Ideally, just one. The more people with admin rights, the more likely the wrong program ran by the wrong person can ruin an entire building of computers or an entire business. This is usually how cryptoware spreads.

For domain networks, only professional IT techs should be administrators. The risk is too great to have someone accidentally change a policy or spread an infection that can do irreversible damage to all the computers on the network.

Business Computers

A computer used for business should be treated with more security and care as to make sure no avoidable threats harm or compromise the device. Confidential data and work can be stolen if the wrong websites are visited or by downloading the wrong software on a business computer.

For a business computer user, you might want to consider using a normal account and only use the admin account in extreme situations where recovery needs to be done. If your IT tech has access to the admin account, they can make sure that only best practices and the proper programs are implemented on that profile.

Home Computers

Computers that are used for everyday activities that do not have confidential work data should still be choosy on who has admin access. Having children or teens freely exploring the Internet and downloading odd programs or messing with the internal settings of Windows could potentially cause serious issues.

Home computers should have an admin user with a solid knowledge of computers who will be wary of suspicious websites and programs. More inexperienced users should not run admin accounts.

Generally, the best rule of thumb for admin accounts is that they should be granted to people who can handle the responsibility. Those with less experience or less important needs should have accounts with limited access.

However, if a business or network is bigger, it’s even more important than the only people granted admin privileges are their professional IT team or those who have experience. The title of administrator should be looked as one with responsibility in doing what is best for a computer, a server, and a business network.

2017 Will See Worst Cyber Attacks To Date

April 6, 2017

At least, according to cybersecurity experts.

There were around 500 million people with personal information leaked and over $2 billion stolen or lost in damages between 2015 and 2016 alone – and, chances are, you heard of at least one of the many high-profile data breaches during this time. Experian, Target and Yahoo all experienced massive data breaches within the past two years.

Beyond the private sector, government agencies such as the Office of Personnel Management (the bureau in charge of background checks on all government employees) were hit with cyberattacks, causing data leaks of over 22 million individuals who had undergone federal screening.

These numbers are quite alarming as top cybersecurity firms and analysts agree 2017 will see even more data breaches through the creation of ever-evolving and sophisticated malware.

Size Doesn’t Matter
In the cyber world, there are few things being bought and sold faster than data. Personal records, financial information, and even intellectual property are being distributed and exchanged for money or other data – and business is booming.

Organizations of all sizes were not fully aware of how this deeply embedded malware could potentially be infecting their systems without their knowledge until just recently.

The prevalence of zero-day attacks was not fully understood either. This has allowed attackers to prepare and disseminate virtually undetectable software to perform data dragnets across many networks, big and small.

It would be naïve to assume that all the data breaches occurring are currently exposed and being corrected. This is even truer for smaller, community-driven businesses that may have little to no persistent network security monitoring.

The Cost
Per the non-profit online security analysts Online Trust Alliance (OTA), approximately 82,000 cybersecurity incidents impacting more than 225 organizations worldwide were reported in 2016.

“As the majority of incidents are never reported to executives, law enforcement or regulators, the actual number of incidents causing harm combining all vectors including DDoS attacks could exceed 250,000,” OTA said.

Given this, it is well known by those affected that data breaches are expensive – and the longer the breach takes to discover, the more these costs can compound.

“If a breach took a long time to be found, then something about the existing infrastructure made it hard to discover the weakness sooner. That calls for rearchitecting the infrastructure, typically an expensive and time-consuming project. But that imperative is not always heeded,” says OTA. However, the cost of notifying victims and hiring security consultants to investigate, identify, and fix the problem can cost a company a lot more.

This is only the beginning as the costs of such an attack continue to rise when downtime, lost productivity, and the resulting lost revenue are considered.

Today’s Need For Cyber Defense
The scale of small business networks is becoming more complex as even basic technologies evolve.

Cloud deployment, fluid transfer of data across multiple devices, and the incorporation of all things Internet have made it increasingly difficult for your everyday office worker to navigate and detect threats.

For the attackers, though, nothing has changed. Malware will keep infecting these new systems and attackers will keep hunting for data to steal. “Cyber-attacks and cyber-defense is not a battle of attrition, it’s an arms race,” Ray Rothrock, CEO of Red Seal Security Analytics, says.

It is important to always be ahead in this race and, for businesses, it is becoming increasingly evident that having a full-time cybersecurity team at the ready is necessary for a fluent and successful operation.

Drawbacks To The “Smart” World

October 25, 2016

We have mentioned ransomware and viruses many times. It’s something that can be seen daily without much effort. Everywhere you look, a computer is hacked and held for ransom. The user ends up losing everything in most scenarios.

However, in today’s world, we have more than just laptops and desktops. What if someone hacked your fancy new “smart” device? If someone took over or locked you out of your phone, then what would be your next move? What if they locked your home devices like your thermostat or refrigerator? The technological world can sometimes cause quite a panic.

The first question to address is a pretty big concern: How in the world does this even happen? With poor security standards, it’s not the most difficult job for those with malicious intent. In the most recent scenario released, a thermostat was hacked by adding files remotely and setting them to run in the background.

The operating system on the device did not check the security or contents of any files processed and ran the ransomware, which then requested money. In this case, if the victim did not pay, the temperature would be locked at 99F degrees.

Sadly, this is just one example. While not all malware attacks on smart devices may cause this type of concern, others are no better. Some other attacks will actually store data on the infected devices, then perform DDOS attacks against unsuspecting victims.

Small apps and programs that can be used for phishing can also find their way onto devices and be completely unknown to the user.

Fixes have rolled out over time for some of the bigger concerns, but there always seems to be something new. With these on your network, it’s not a big step to get to your actual files and programs on your PC either.
Currently, not everyone has a smart appliance in their home. That said, smart phones have obviously worked their way to the larger majority. We all download apps for one reason or another to make the phone better serve us. A wave of people will flock to the latest craze and download the most popular apps. In these scenarios, there are often “fakes” as well. These will offer some form of related service or product but will also bundle in malicious code. This code has all sorts of capabilities. Some may send texts without the owner’s knowledge. Other times, it’s possible to have information stolen. The possibilities are sometimes frightening.

So what can be done in the world of smart devices encroaching on all sides of life? In terms of larger devices and appliances, there isn’t room for removal and clean-up on the user side.

Developers are both the ones at fault and the ones that will find solutions ahead of time for the worst infections and hacks. Phones can have anti-malware programs run to help prevent data breaches, however. Most will come with a manufacturer version, but it’s always best to explore options to ensure you are protected.

Even if your smart devices don’t store information vital to you, they can still act as a gateway to anything else on your network.

As such, your office area or business workstation may fall victim soon after. Since these are the real powerhouses that hold your programs, data, and backups of other devices, it’s imperative to keep these clean and functional. Luckily, there are teams such as the one at Tech Experts that are able to identify and neutralize a threat. That alone adds peace of mind in a sometimes uncertain “smart” world.

Why It’s Important To Change Your Router’s Default Log-in

October 25, 2016

Mike Simonelli is a network technician for Tech Experts.

It’s a pretty common scenario: a small business wishes to add Wi-Fi to its existing network infrastructure. A quick trip to the nearest big-box store reveals several Wi-Fi capable routers or access points to choose from. Grabbing up the mid-priced model, the business owner heads back to the shop and uses the included Ethernet cable to plug the new device into an existing switch and, just like that, instant Wi-Fi.

There are a couple of concerns regarding the above scenario that the savvy business owner should be having. The first and most obvious: “I plugged it in and now everyone with a laptop has unrestricted access to my network.” How do you control who can connect to your Wi-Fi?

The answer is to enable a wireless security protocol on the router or access point. WEP is an acronym for Wired Equivalent Privacy (or Wireless Encryption Protocol) and it was designed to provide the same level of security as that of a hard-wired Ethernet connection.

Because wireless networks broadcast messages using radio waves, they are subject to eavesdropping. WEP provides security by encrypting the data to protect it as it is transmitted from one point to another. Almost all wireless devices will support WEP and instructions for enabling it on a particular device should be readily found in the documentation.

Enabling WEP will keep people without the correct password off your Wi-Fi and also prevent unauthorized eavesdropping of network traffic.

Another often overlooked concern is changing the default credentials that are needed to login and administer the new wireless device.

I can’t tell you how many times that I’ve connected to a wireless network and browsed to the default gateway I was assigned (normally something like http://192.168.0.1) and typed in “admin” and “password” on the login form that is presented and gained access to the router’s configuration.

The username “Admin” and the password “password” are typically the default credentials as they come pre-configured on Linksys routers, as well as some other brands.

If these credentials work, then potentially anyone can have unrestricted access to your router’s configuration. At this point, no wireless security protocol such as WEP will protect you since it can simply be turned off in the router’s administration interface.

Worse yet, an intruder can set his/her own password and change the admin password to something else. Once this happens, usually the only way to regain access to your own Wi-Fi network is to factory reset the device, which removes all of your configurations.

The bottom line – never leave a wireless device at its default settings when you connect it to your network. By taking the time to follow these simple guidelines, you will make your wireless device a worthwhile addition to your infrastructure, as well as making your network that much more secure.

If you have any questions during your router set-up or if you’d like to find out how to increase your office’s security using your current router, give Tech Experts a call at (734) 457-5000, or email support@mytechexperts.com. We’d be happy to help.

Guest WiFi: Improves Security And Customer Satisfaction

August 15, 2016

One of the first things I look for when I enter any establishment is the WiFi network. My laptop needs it. My phone needs it. I need it. It comes as a shock to me in the rare circumstance that I can’t find one or, worse yet, when I do find one but I am denied the network password.

Usually when this happens, I am there as a consumer. This annoyance is even more frustrating for people that are visiting for business such as vendors, consultants, and clientele.

Such people rely on Internet access to communicate with their own offices via e-mail and instant messaging or remote access to product databases and other information.

These frustrations can be avoided by the addition of a guest WiFi network and can even benefit your own existing WiFi network. Adding a guest network to an existing WiFi infrastructure can be a cost effective way to improve the overall security and privacy of your network.

wifi Segregating your network will keep your workstations, servers, printers, and other network devices secure while keeping your clients, vendors, and other guests off your main network. Allowing visitors unrestricted access to your company’s primary WiFi network can be a costly mistake. These unmanaged mobile devices can carry all types of sophisticated malware, trojans, viruses, and network probes, just waiting for a chance to attack your network.

Keeping these devices segregated to their own guest network will, at the least, add a layer of protection to your own equipment.

Not only will a guest network keep visitors off your primary WiFi, but it will also keep you from having to give out your primary network’s password to a multitude of strangers. A complex, never changing password can be used for your employees, while a short and simple password can be given out to guests upon arrival, and then changed frequently.

In addition, you can configure your equipment to only broadcast the network ID of your guest network and keep your primary network ID a secret, adding an additional layer of security.

Finally, some of the higher-end WiFi access points and routers will allow you to limit the amount of bandwidth that is allocated to your guest network or control the type of traffic that is allowed to pass through it. Doing so will prevent your visitors from inadvertently bringing your network to a halt with bandwidth-hogging traffic such as streaming video and torrent downloads.

If your business is already allowing visitors access to the primary WiFi network, then there is simply no downside to configuring a second WiFi network for guests, especially if your wireless hardware already supports the option.

Doing so will make your network more secure by allowing you to keep the network IDs and passwords a secret, as well as make it easier for your visitors to connect. Once connected, your guests can then be limited as to how much of your resources they can use, ensuring that your normal business operations aren’t interrupted.

If you have any questions about WiFi permissions or how you can increase both security and customer satisfaction in one go, contact us today by calling (734) 457-5000.

(Image Source: iCLIPART)

« Previous Page