TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Top 5 Cybersecurity Predictions For 2019

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Cyber threats are a genuine danger for businesses, no matter their size or industry. Companies that face data breaches are likely to fail within months after the attack, according to the National Cyber Security Alliance. Security issues can ruin your reputation and cause expensive damage to your company.

In 2019, we are already predicting increased cyber crimes to steal more data and resources. The FBI reported that over $1.4 billion in losses were experienced by companies and individuals in 2017.

These expenses come from increasing security, losing information, losing physical resources, ransomware payouts, scams and more. The most significant sources of cybercrime included: [Read more…] about Top 5 Cybersecurity Predictions For 2019

Challenges Of Staffing In An Increasingly Tech World

Jason Cooley is Support Services Manager for Tech Experts.

“Good help is hard to find.” It’s something you have probably heard before. It has been said for generations.

Hiring fresh graduates is always tough as they are unproven and likely accepting their first jobs in their field. Hiring experienced workers costs more money and they most likely need better incentives to switch jobs.

However, fresh graduates may have more experience with recent industrial developments – and experienced workers may not feel the need to adapt to new innovations until it’s absolutely necessary.

So what happens when all paths forward intersect? Where experienced workers are becoming underqualified as the requirements of their jobs change? Where younger people want more than they are worth because they have general technical skills to go along with their chosen path?

This affects the workforce as a whole, not only IT. Much like any other field, we have our own challenges with staffing as time moves forward. Careers in IT obviously have a broad range of computer skills as a requirement, but there are industries where using a computer wasn’t always needed.

Working retail in today’s world will no doubt require use of a computer for most employees from time to time. Selling insurance? Most, if not all, processing is done on a computer. A loan department at a bank is going to use a computer and so are the tellers. Gas station? Fast food? All are places you will typically see computers and other technology in use.

It can be intimidating when industries like construction move away from pen and paper. Your accountant uses computers, and now you probably will too. Major trucking companies may leave the paper logbooks behind in lieu of digital recordkeeping.

So what happens to the employee at the construction company who has been there for 20 years with no computer skills? He is a foreman and all reporting is now done on a tablet then uploaded over a VPN to the main office every day. It’s a complex new skill to learn, especially when put against those who can operate tech with no effort…and who are asking for the same (or lower) salary.

For some people, they may feel like they have to learn a whole new career just to keep up with their own. As challenging as it is for the veteran employee, the same challenge can be had for a new hire. You face the challenge of not only the day-to-day job duties, but also with learning how to use five new pieces of software.

The challenge for employers is probably the most difficult. Keeping your old employees may be just as hard as finding new ones.

As new systems are implemented, experts of antiquated processes become dispensable if they can’t become acclimated. Hiring a recent graduate gives you an employee who knows those new systems, but they may be too “green” and make mistakes experienced workers already learned, adding stress to the environment.

Depending on the size of the company and the industry, there will always be unique staffing challenges. Not everyone will be forced to use a computer or a tablet for work, or you may not be able to employ someone who isn’t proficient with one. As tough as the market is for job seekers, I’d argue it’s a lot tougher on those tasked with hiring the next class of experts.

One thing that’s clear is that we aren’t going to back-track on technology due to the benefits. For every industry, modernization is becoming a matter of “when” rather than “if.” Employees and employers alike will have to keep up.

HTTPS And Why The Internet Still Isn’t Secure

Frank DeLuca is a field technician for Tech Experts.

HTTPS stands for “Hyper Text Transfer Protocol Secure” and it is the secure version of HTTP, the protocol over which data is sent between your browser and the website you’re connected to.

Most web traffic online is now sent over an HTTPS connection, making it “secure.” In fact, Google now warns that unencrypted HTTP sites are “Not Secure.”

So why is there still so much malware, phishing, and other dangerous activity online?

“Secure” Sites Have a Secure Connection

In previous iterations of Chrome, it used to display the word “Secure” along with a green padlock in the address bar when you were visiting a website using HTTPS. Modern versions of Chrome simply have a little gray padlock icon next to the navigation bar, without the word “Secure.”

That’s partly because HTTPS is now considered the new baseline standard. Everything should be secure by default, so Chrome only warns you that a connection is “Not Secure” when you’re accessing a site over an HTTP connection.

The reason for the removal from displaying the word “Secure” is that it may have been a little misleading. It may have easily been misconstrued to appear like Chrome was vouching for the contents of the site as if everything on the page is “secure.” But that’s not true at all. A “secure” HTTPS site could be filled with malware or phishing attempts.

HTTPS Does Not Mean A Site is “Secure”

HTTPS is a solid protocol and all websites should use it. However, all it means is the website operator has purchased a certificate and set up encryption to secure the connection.

For example, a dangerous website full of malicious downloads might be delivered via HTTPS. The website and the files you download are sent over a secure connection, but they might not be secure themselves.

Similarly, a criminal could buy a domain like “www.bankofamerica.com,” get an SSL encryption certificate for it, and imitate Bank of America’s real website. This would be a phishing site with the “secure” padlock, but again, it only refers to the connection itself.

HTTPS Stops Snooping and Tampering

Despite that, HTTPS is great. This encryption prevents people from snooping on your data in transit, and it stops man-in-the-middle attacks that can modify the website as it’s sent to you. For example, no one can snoop on payment details you send to the website.

In short, HTTPS ensures the connection between you and that particular website is secure. No one can eavesdrop or tamper with the data in-between.

HTTPS Is An Improvement

Websites switching to HTTPS helps solve some problems, but it doesn’t end the scourge of malware, phishing, spam, attacks on vulnerable sites, or various other scams online.

However, the shift toward HTTPS is still great for the Internet. According to Google’s statistics, 80% of web pages loaded in Chrome on Windows are loaded over HTTPS. Plus, Chrome users on Windows spend 88% of their browsing time on HTTPS sites.

This transition does make it harder for criminals to eavesdrop on personal data, especially on public Wi-Fi or other public networks. It also greatly minimizes the odds that you’ll encounter a man-in-the-middle attack on public Wi-Fi or another network.

It’s still no silver bullet. You still need to use basic online safety practices to protect yourself from malware, spot phishing sites, and avoid other online problems.

Wannacry Ransomware Continues To Be A Problem For Some

It’s been almost two years since the outbreak of the Wannacry ransomware epidemic. Unfortunately, all this time later, some companies are still dealing with the fallout. According to the latest research, Wannacry is still infecting hundreds of thousands of computers around the globe.

WannaCry is a ransomware worm that spread rapidly through across a number of computer networks in May of 2017. After infecting Windows computers, it encrypts files on the PC’s hard drive, making them impossible for users to access, then demands a ransom payment in bitcoin in order to decrypt them.

A number of factors made the initial spread of WannaCry particularly noteworthy: it struck a number of important and high-profile systems, including many in Britain’s National Health Service; it exploited a Windows vulnerability that was suspected to have been first discovered by the United States National Security Agency; and it was linked by Symantec and other security researchers to the Lazarus Group, a cybercrime organization connected to the North Korean government.

As grim as that sounds, it’s not all bad news. After all, the malware has been rendered harmless by the now famous “kill switch” discovered by Kryptos Logic security researcher Marcus Hutchins, who found a glaring flaw in the design of the software. The flaw allowed him to register a domain and encode it with instructions that would keep the ransomware component of Wannacry from activating and actually encrypting files.

That, however, did nothing to get rid of the malicious code infecting legions of PCs around the world. Sadly, much of the code remains in place on infected machines, silently lurking in the background. Kryptos Logic is uniquely positioned to know, since they control the kill switch domain and have continued to monitor traffic to it since building the kill switch on it. To this day, their site continues to be pinged by new IP addresses as the now toothless infection continues to spread.

It’s not hard to see why the removal of a piece of malware that has been rendered suddenly toothless takes a lower priority for busy and often harried IT security professionals. Leaving the code in place on infected machines is not without risk, however.

It is possible, however unlikely, that the hackers who built the program to begin with could find a way to get around the kill switch. If that should happen, then we’ll be facing the full fury of the epidemic all over again, something no one in the field of digital security wants to contemplate.

The bottom line is simply this: If you were impacted by Wannacry when the outbreak initially occurred, it’s worth double checking to make sure that all traces of the malicious code are gone from your network.

Data Encryption – What You Really Need To Know

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

In today’s digitally driven world, far too many personal and business devices are left unsecured. These devices don’t leverage strong passwords and fail to have the encryption needed to protect vital data.

Whether companies choose to store data in public, private, or hybrid clouds, they should always ensure that the data is encrypted before it leaves their devices or networks.

Additionally, when employees think that “this data isn’t important,” they are creating the weak links that hackers need to successfully infiltrate a device (or network) and subsequently steal unencrypted data, upload malware attacks, and otherwise wreak havoc on unsuspecting businesses.

[Read more…] about Data Encryption – What You Really Need To Know

Back At It Again: Microsoft Suspends Windows Updates

Jason Cooley is Support Services Manager for Tech Experts.

Windows 10 was released in July 2015 and there were plenty of reasons to be excited. If you have been around for the last few versions of Windows dating back to Vista, you may have a love/hate relationship with Microsoft.

Windows Vista, for instance, was once known as the biggest failure Microsoft had experienced. That is, until Windows 8. Just using the adoption numbers, it’s clear that Windows 8 was the least successful OS that Microsoft has ever released.

So, Microsoft and their users had many reasons to be excited about Windows 10. Microsoft assured users that Windows 10 would be a return to the golden standard of Operating Systems: Windows 7.

As with all releases of a new operating system, there have been some issues. Some of these problems are indicative of a bigger problems while others are standalone issues.

With a myriad of different types of problems that have surfaced over the last couple of years, Windows 10 may be the most problematic OS of all-time.

Since launch, Windows 10 has had some very unusual problems. While it is almost expected for issues to arise with a new OS, the frequency and type of problems is what’s disturbing. The issues have ranged from broken drivers that leave devices nonfunctional to our latest and greatest issue: the deleted documents folder.

A few times a year, larger updates called “Feature Updates” are released. In April 2018, there was an update that would incorrectly create a duplicate of your documents folder. A lot of these folders were empty and had no real purpose.

At this point, Microsoft decided to implement a fix with their next feature update, due in October 2018. The “fix” would remove the duplicate folder.

There was one very large issue with this. The update did not check if the folder was actually empty before deleting it from your system. People all over began reporting the issue where, all of a sudden, their files were gone.

Once reported, Microsoft acted quickly to halt the update before further systems were affected. The update would still download but would not apply. It was necessary that the access to the update be stopped to save additional systems from data loss.

A strange side effect of the update being put on hold was the failure to apply the downloaded Windows updates.

This resulted in much longer shut down/restart times as the update would attempt to apply, then roll back once it failed. This also provided users with another reason to be frustrated.

The issues are now resolved. The fix has been implemented and there is no more possibility for further data loss.

For what it’s worth, Microsoft also asked for users who lost data to reach out, and they would try to recover it where possible.

It seems like the least they could do considering the issue was created due to poor planning, poor programming, or some combination of those.

When possible, look into deferred updates. Let the problems work themselves out before taking on the unnecessary problems.

Crypto Blackmail: How To Protect Yourself

Frank DeLuca is a field technician for Tech Experts.

A criminal contacts you over email or snail mail and insists they have a webcam video of you watching “unsavory” videos or evidence you cheated on your wife.

To stop the release of this compromising information and to make the problem go away, the criminal asks for digital payment in Bitcoin or another form of cryptocurrency.

You should never respond or pay. All the criminals have are empty threats and they’re just trying to trick you.

What is CryptoBlack Mail?

CryptoBlackmail is any sort of threat accompanied by a demand that you pay money to a cryptocurrency address.

Just like traditional blackmail, it’s a “pay up or we’ll do something bad to you” threat. The difference is the demand for payment in online currency rather than traditional hard (and traceable) cash.

Why cryptocurrency? It’s not possible to “undo” a transaction and it’s hard for the authorities to track down the owner of a Bitcoin address.

With cryptocurrency, the money is gone as soon as you send it.

Some examples of CryptoBlackmail:
– Physical mail saying “I know you cheated on your spouse,” and demanding payment in the form of Bitcoin to a specified Bitcoin wallet.

– Emails claiming an attacker has placed malware on your computer and recorded you in a uncompromising position, along with a video feed from your webcam. The attacker also claims to have copied your contacts and threatens to send the video to them unless you pay.

– Emails including a password to one of your online accounts along with a threat and demand for payment to make the problem go away.
The attacker just found your password in one of the many leaked password databases and hasn’t compromised your computer. Keep in mind that the criminals almost certainly cannot follow through on their threat and they probably do not have the information they claim to have. It is simply a numbers game.

For example, someone may just send emails saying “I know you cheated on your spouse” to a large number of people knowing that, statistically, some of them will be tempted to act.

The important thing to note is that this not a personally targeted attack. Unfortunately, the scammers do trick some people, which then perpetuates this ongoing CryptoBlackMail scam as an easy payday for criminals with little to no work involved.

How to Protect Yourself

Ignore the scammers. Delete and forget the scam. Don’t try to negotiate or even respond with the scammer. Don’t pay a single cent.

Don’t re-use passwords. If a criminal sent you one of your passwords, it’s likely that password was from one of many leaked password databases available online.

Change your passwords. If you’re concerned a criminal might have your passwords, you should change them immediately.

Get a password manager. They can help keep track of those unique passwords. They remember passwords for you, letting you use strong, unique passwords everywhere without having to remember them all.

Disable your webcam. If you’re really worried about someone spying on you with malware on your computer, you can just disable your webcam when you aren’t using it.

The most important thing to do — aside from never paying the scammers — is to ensure you aren’t re-using passwords, especially if they’ve already been leaked. Use strong, unique passwords and you won’t have to worry about password leaks. Just change a single password whenever there’s a leak and you are done.

Are Smartphones And Tablets Killing The Traditional PC?

In the early days of the Internet, there was only one device that enabled you to access it. That was the desktop computer.

Laptop computers have existed for as long as desktops have, but due to hardware limitations, they never really became a viable alternative.

In a technical sense, laptops are “mobile” devices, but still require the user to be seated to use. It hasn’t been until recently that we have seen truly mobile devices.

The Rise Of Smartphones
The first smartphone was invented in 1992, three years before the term “smartphone” even existed. It was IBM’s “Simon,” which was a cellphone with a monochrome LCD touchscreen and a stylus.

It was the first phone was able to send faxes, pages, and emails and it was even capable of running third party applications.

It came with built-in features that are so commonplace on today’s smartphones that most people take them for granted, such as a calendar, a notepad, a world clock, and a way to schedule appointments.

Simon didn’t sell well and its $899 price tag surely didn’t help move units either. For comparison, that’s the same purchasing power as $1607 in 2018.

It wasn’t until Apple’s iPhone in 2007 that the modern smartphone became mainstream. IBM was able to sell a total of 50,000 Simon smartphones over its entire lifetime, a number that is dwarfed by Apple’s 1.4 million iPhone sales in the first year of its existence.

The Aging Desktop
Hardware advancements in recent years have made smartphones powerful enough to perform all the basic functions that consumers were using desktops for in the early days of the Internet.

Smartphones are also priced lower than their desktop counterparts. Sure, if you compare the price of a brand new, top-of-the-line smartphone to a much more powerful desktop PC you may find that the desktop by itself is less expensive.

But for a desktop to function you also need peripherals like a monitor, keyboard, a mouse, speakers, etc. You also need a desk, a chair, a constant source of power, and, in most cases, an entire dedicated room. One could make the argument that you need to pay for a cell phone service to be able to use all the functions of a smartphone, but that isn’t much different than paying for an ISP.

Tablets
In 2010, Apple made yet another mobile device that would change the tech world forever: the tablet. Tablets are essentially large smartphones although they aren’t typically used to make phone calls.

Due to their size, they are capable of carrying stronger hardware than smartphones and they are easier to use as a practical tool in the workplace. There are even specialized “professional” tablets that are designed with detachable keyboards and Bluetooth mice that run the same operating systems that their desktop cousins do.

They weigh less than modern “lightweight” notebook laptops, and have the advantage of a touchscreen. Their functionality comes at a steep price though, and it’s one that will be felt by your wallet. Most “professional” laptops will cost even more than the most powerful desktops and laptops.

No Clear Winner
Each option has different pros and based on how you intend to use it. Although smartphones and tablets have been quickly taking over the home user market, almost all workplaces still use the desktop computer.

The price per performance ratio is still in the desktop’s favor. It could be a very long time before mobile devices gain the functionality of a desktop while matching their price.

Colorado Company Taken Down By Ransomware And What That Means for Your Business

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.
According to Statista, there were 184 million ransomware attacks in 2017 and the average ransomware demand is over $1,000. Individuals, organizations, and companies have fallen victim to these attacks.

Most people recognize the fact that ransomware is a danger, but they may not realize that it can actually destroy their company.

The recent closure of Colorado Timberline after a ransomware attack is a solemn reminder of the seriousness of the dangers of ransomware.

What Happened to Colorado Timberline?
Colorado Timberline, a printing company in Denver, was forced to cease operations for an unspecified amount of time after a severe cyber attack. [Read more…] about Colorado Company Taken Down By Ransomware And What That Means for Your Business

Line Of Business Applications: Efficiency & Productivity

Jason Cooley is Support Services Manager for Tech Experts.
As someone who works with businesses of all types, I see a wide range of line of business applications in action on a regular basis.

Whether it‘s tracking inventory, calculating loan payments, estimating material cost for a construction project, keeping sales records, or preparing taxes, there is probably an app for that.

You may be wondering: what are line of business applications exactly? A line of business app is any application that serves a particular business need or assists with customer transactions in some way.

It differs from something like an email app, which could be considered a business application, but since it doesn’t apply to a specific industry or specific need, it wouldn’t be a line of business application.

For some people newer to the workforce, the days of old are never even considered. Remember when all restaurants used pen and paper to take orders?

The implementation of a point-of-sale system in restaurants eventually served as an all-in-one solution. Taking orders, keeping track of daily sales and cash totals, even inventory tracking and clocking in/out can be done all from the same program.

Tax preparation and accounting software, too, has come so far. Whether you have all internal or outsourced accounting, the days of having to do much more than signing the forms after printing are over. I’m not talking using an online tax prep program at home. I mean, large scale businesses filing end of the year taxes.

Keeping monthly ledgers, banking records for large corporations, strange tax situations, incomes from multiple states, and just about anything else can be found in good line of business tax and accounting software. So much of this information was only done on paper for so many companies not that long ago.

While many companies (particularly very small businesses) may not have the business scale to require this type of software, it’s time-saving and the accuracy assurance cannot be denied.

The examples above are just a few of many implementations of line of business applications and how they replace the ways of the past.

There are some free line of business applications out there and I am sure there are some that are acceptable for their purposes. But the adage is true: you get what you pay for.

Good corporate-level line of business applications often come with some costs involved. Whether that’s purchasing application licensing, paying a monthly or yearly usage fee, and for support for the applications, there will be an investment.

So how do you know if your investment will be worth it in the long run? How can you be sure using a new line of business app will be beneficial?

If you are looking for software to make your business operate more efficiently but have questions as to how the implementation will work or if the cost is worth the benefits, reach out to the software company.

In many instances, there will be trials or demonstrations available that you just have to inquire about. Emailing or making a phone call with specific questions can really help you have a more informed look at your upcoming investment.

If you are a business that uses a managed service provider, like Tech Experts, you should also interface with your IT provider. They may have insight from other clients or past experiences and should be a part of any technology change your business is looking into.

Your productivity and efficiency could be on its way up and, here at Tech Experts, we’d love to help you get there.