TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Time-Saving Tricks for Microsoft Outlook 2016

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Microsoft Office 365 offers a number of useful tools for today’s busy professionals including some new shortcuts for Outlook 2016. With so many companies now using Outlook as their major email program, Microsoft works to improve its operation with each annual update.

A number of the great features in this program are also found in other MS Office programs. For instance, if you’re familiar with Word, then learning how to use Outlook will be much simpler.

New Changes for Outlook 2016
Using Outlook 2016, you can do a lot more than send and receive emails. You can also manage your calendar, set appointments, schedule meetings, and create/ manage groups.

In addition to being able to set up various types of groups, you can set up groups in Yammer. Yammer has become a central place where teams can exchange files, get updates and have conversations with others. [Read more…] about Time-Saving Tricks for Microsoft Outlook 2016

Network Security: What Does Your Firewall Do For You?

Jason Cooley is Support Services Manager for Tech Experts.

“Security.” It’s a word that we are all familiar with, but it can have many different meanings depending on context. Security to people nearing retirement age may mean financial security for their future.

At a large event like a concert, it could mean both security guards and the overall security of the event.

However, as time goes by, the word security has become increasingly related to the digital world.

Using the Internet to pay bills, access banking information, or even applying for loans is commonplace. We must be prepared to protect our identity and personal information.

Now, whether you are talking about your home or your business, network security starts with a firewall.

So what is a firewall?

A firewall, in terms of network security, can be a physical device that your incoming and outgoing data is routed through. It could also be a program on your device that can strengthen and supplement your devices’ security.

Both of these have different capabilities and purposes and can be used individually or together.

While there are different types, their essential function is the same. A firewall is put in place to allow or deny traffic, based on a set of security rules.

In a business setting where many staff members use a computer daily, a firewall can be put in place to block unwanted traffic.

A simple security rule to check for secure certificates can stop unwanted traffic easily.

Websites have security certificates, so when you access a page, your firewall can check the certificate. If the certificate is digitally signed and known as trusted, the firewall will allow traffic to proceed.

Search results can often display links of potentially harmful websites.

A firewall adds a layer of security making sure your employees don’t accidently find themselves on a website that could compromise your network.

This same principle works for home networks and can allow you to set some security rules. These rules can be put in place to help keep Internet usage safe, especially with children around the house. A firewall can also block certain content.

In an office setting, you could turn off access to social media to stop staff from accessing sites that aren’t needed to complete work.

It can block certain search engines and even limit the use of unsecure versions of websites.

At home, you can block content from websites you don’t want your family to have access to.

There is also the option of having active network times. You can have your Wi-Fi network only active during business hours, keep your kids off their devices at bedtime, or limit access to certain days.

There are many other things that your firewall can do to help keep your network safe.

Keeping your network secure has the potential to save you thousands of dollars, depending on the number of devices and your dependency on those devices.

Safety and security always has a high value to you. It can also help you rest easier knowing that either your business, or your family, is a little bit safer.

53% Of Businesses Have Publicly Exposed Cloud Services

Chris Myers is a field service technician for Tech Experts.

Malware comes in many different forms and is used by hackers in a number of different ways. It can be used to steal information, locate vulnerabilities in your IT systems for a secondary attack, or simply to cause damage.

There are countless hackers out there just waiting for your business to leave your data vulnerable. With the introduction of the cloud, you felt a bit more secure and slept slightly better at night – but now, it seems that was precisely what hackers wanted us to do.

A recent Cloud Security Trends study found that 53% of businesses using cloud storage accidentally expose their data to the public. This is like securing your whole house, locking all doors and windows, and then going to sleep with the garage wide open.

This doesn’t just point the finger at small businesses either. The study showed that even big-name companies such as Amazon Simple Storage Service (Amazon S3) had inadvertently exposed one or more of these services to the public.

The scary thing is that the previous survey showed this was occurring only 40% of the time. Now, this number has grown to 53%.

This study was conducted in 2017 between the months of June to September. Within those two months, they found that businesses are not only exposing their own data but they are also neglecting vulnerabilities in their cloud. When you ignore these things, you put not only your customers at risk but also the livelihood of your company as well.

What Are You Exposing?
The report shows that businesses weren’t solely leaking data such as customer information, but incredibly dangerous information such as access keys and other private data as well.

These cyber-attacks commonly expose data such as personal health information, financial information, passwords and usernames, trade secrets, and intellectual property. With two million new malware attacks launching every day, it’s more important than ever to stay in a constant state of vigilance.

Ignoring Vulnerabilities
A common misconception is that it’s the service provider’s responsibility to keep cloud data safe – this is not true. Most of the damage caused by ignoring vulnerabilities can be prevented by training.

If your staff is trained to recognize weaknesses, then they can be more proactive in fighting against them. More than 80% of businesses are not managing host vulnerabilities in the cloud. Vulnerabilities include insufficient or suspicious credentials, application weaknesses, and inadequate employee security training.

Complex Attacks
Not all the attacks and vulnerabilities are the fault of the business. Some of these attacks are far more complex than most businesses are prepared for, including big-name companies. These sophisticated attacks not only know and bypass the company’s vulnerabilities but also various application weaknesses.

What Can You Do About It?
The first action you can take against attacks is recognizing suspicious IP addresses. Have a policy in place for identifying, flagging, and isolating suspicious IP addresses. Spending a few extra minutes of your time could save months of recovery and downtime.

It’s important to pay attention to mistakes that others have made so you don’t suffer the same consequences. Be sure to train and certify the IT staff you already have. Cyberattacks are guaranteed, but what isn’t guaranteed is how prepared your business is to thwart off those attacks.

Google Study Reveals Phishing Attacks Are The Biggest Threat To Web Security

A recent study by Google and UC Berkeley suggests that cyber thieves are successfully stealing 250,000 valid usernames and passwords every week.

The study, which was based on 12 months of login and account data that was found on criminal websites and forums, aimed to ascertain how the data had been hacked and the actions that can be employed to avoid criminal activity in the future.

Google claims the research is vital for developing an understanding of how people fall victim to scammers and hackers and will help to secure online accounts.

The research found that, over a 12-month period, keyloggers (programs that monitor every keystroke that someone make on a computer) stole 788,000 account credentials, 12 million were harvested via phishing (emails or phone calls that con people into handing over confidential data), and an incredible 1.9 billion were from breaches of company data. The study found the most productive attacks for cyber-thieves came from phishing and keylogging. In fact, in 12%-15% of cases, the fraudsters even obtained users’ passwords.

Malicious hackers had the most success with phishing and were able to pick up about 234,000 valid usernames and passwords every week, followed by keyloggers who managed to steal 15,000 valid account details per week.

Hackers will also look to gather additional data that could be useful in breaching security measures, such as the user’s Internet address (IP), the device being used (Android versus Apple) and the physical location. Gathering this data, however, proved far harder for those with malign intent.

Of the people whose credentials were secured, only 3.8% also had their IP address identified, and less than 0.001% had their detailed device information compromised.

Google said in a follow-up blog post that the research would be used to improve the way it detects and blocks attempts to misappropriate accounts.

Historical data of the physical location where users logged on and the devices they used will increasingly be used as part of a range of resources that users can use to secure their accounts.

The research, however, did acknowledge that the account hacking problem was ‘multi-pronged’ and would require countermeasures across a number of areas including corporate networks.

Education of users is set to become a ‘major initiative’ as the research also revealed that only 3.1% of people whose account had been hijacked subsequently started using enhanced security measures such as two-step authentication (Google authenticator or a similar service) after control of a stolen account was regained.

The Latest Expansions To Office 365 Will WOW You!

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

The availability of productivity apps is astounding. Basic word processors that were the desktop staple haven’t been replaced, but have evolved from requiring installation from a CD-ROM to not even requiring a downloaded program file anymore!

Yes, Microsoft Word, the workplace word processing darling, is accessible online through subscription-based Microsoft Office 365, which has a multitude of integrated apps designed for the flexible workforce.

Create documents in Microsoft Word or spreadsheets in Microsoft Excel and save them to SharePoint or OneDrive, send emails through Microsoft Outlook, design innovative presentations with PowerPoint, and the list goes on.

The list of apps that integrate with Office 365 expands every day! Considering Microsoft Office 365 now includes Microsoft Teams and Microsoft Flow, the possibilities are incredible. If you’ve not yet experienced either of these apps, you’re truly missing out. [Read more…] about The Latest Expansions To Office 365 Will WOW You!

Internet Speed Loss: Get What You Pay For

Jason Cooley is Support Services Manager for Tech Experts.

Long gone are the days where you accepted the speed that your dial-up connection allowed.

I remember when 56k modems were exciting. I can easily recall my first cable Internet connection. It was a lightning fast 3mbps (megabytes per second, in case you were wondering).

With gigs and megs, people talk about data and speeds sometimes as if they are interchangeable. They aren’t. Let’s get that clarification out of the way.

Thanks largely to cell phone data plans, people think in terms of how many gigs they have. What that means is that you can transmit a certain amount of data during your monthly cycle, such as 10 gigs.

The megabytes per second phrase is used to describe the rate at which data transfers. This is your Internet speed.

So now that we know what we are talking about, let’s talk speeds and how to maximize them.

As I mentioned before, I remember getting a 3mbps connection. It was lightning fast compared to the dial-up connections that had been the standard.

As times change and technology becomes more demanding, old connection speeds just won’t cut it. Web pages become more complex and the amount of data transferred goes up as well.

In order to have the same type of experience and to avoid long loading times, expectations for higher Internet speeds continue to grow.

My home 25mbps connection came and went; now, I have speeds up to 150mbps. There are speeds much higher available, but before you go paying for more speed than you need, make sure you are getting what you pay for.

Running Internet speed tests is a good place to start. You can use a website, like speedtest.net, to check your upload and download speed, as well as ping.

Ping is used to measure latency, or what you may classify as lag. Ping is typically measured in milliseconds and is the measured response time after sending out a request on the Internet.

The download speed is the number typically advertised and the number that is most important to your connection. So you pay for 150mbps. You run a speed test over Wi-Fi and you are only getting 80mbps. What could be the cause?

First, the best way to test your speed would be over an Ethernet cable directly connected to your modem or router. Check your speed over a wired connection to rule out any loss caused by the modem.

If you are experiencing lower than expected speeds while wired to your modem, you may need to contact your service provider. If you are getting the correct speeds while wired, there are a few possible causes.

The most likely culprits of speed loss are the devices between your modem and computer or other device. Wi-Fi and regular routers, especially those that are a little older, often have a maximum speed set at 100mbps. You may even see 10/100 on the router, indicating its 100mbps speed.

Having one of these devices is going to cost you one-third of your potential speed whether you are wired in or not.

Having quality devices to distribute your connection is as important to speed quality as the connection itself.

There are many other factors that can contribute to speed loss. Too many Wi-Fi networks in close proximity can even cause interference. While the possible causes of speed loss can vary, one thing that does not change is that you want to get what you pay for.

Ransomware Vs Atlanta: How To Protect Your Systems

Chris Myers is a field service technician for Tech Experts.

On March 22, the local government in the city of Atlanta, Georgia experienced a widespread ransomware cyberattack that affected several city applications and devices.

Ransomware is a type of malware that takes over a computer and locks out the user. The attackers then make contact with the victim and request payment. If the ransom is not paid, they may publish the victim’s personal files and data or just continue to block access to them.

In Atlanta, the attackers gained access to some of the city’s applications through a network vulnerability. Once they had locked the city’s systems with a ransomware known as “SamSam,” they asked for six bitcoins to unlock everything. Six bitcoins are currently worth around $51,000 US dollars.

Atlanta chose not to pay the ransom, as there is no guarantee that they would get their files back and they didn’t want to encourage any similar attacks. Instead, Atlanta officials awarded nearly 2.7 million dollars to eight private companies in the first couple days after the start of the attack.

The FBI, Department of Homeland Security, and Secret Service have also been assisting city officials in investigating the attack.

As you can see, the consequences of a ransomware attack can be severe. Nearly a month after the breach, nearly all city functions were still being carried out with pen and paper. With that in mind, what are the best ways to prevent them from happening in the first place?

How to protect yourself against similar cyberattacks

Ransomware attacks usually infiltrate organizations through their network. Therefore, maintaining good network security practices is a must. These can include:

Using strong, unique passwords. Both individuals and companies have a tendency to use shared passwords for different programs, even Windows logins.

If someone gains illicit access to your network or a specific computer, they can’t immediately gain access to all of your program logins and computers if you use unique passwords.

Staying vigilant for phishing. Phishing is another common method of attack for gaining entry to install ransomware. 91% of phishing attacks are targeted at specific people in a company, a technique known as spear phishing.

The attacker will study an organization’s email format, then send a simple email to an employee designed to appear as if it is a common email from a co-worker.

Most of these emails will look completely normal except for the full sender email address, which is usually something odd such as “ejhjsh@jk.cn.”

In many email management applications, the full address is automatically hidden behind the given name of the sender, so staff must be trained to interact with that name to confirm the address.

Securing your network. Ensure that a monitored firewall is in place and that all Wi-Fi networks are password protected with WPA2 encryption.

A VPN, or Virtual Private Network, is also a very good thing to have, especially if you have any staff working remotely.

Keeping operating systems and firmware up-to-date. Patches for known security vulnerabilities are released quite often.

Most of these are to combat specific new threats that are being used or about to be used in the wild. Staying up-to-date with security and operating system patches shores up your defenses against many common attacks.

What Is Data Retention? Why Do I Need It?

If you are in the medical or legal industry, regulations require you to retain data and records for a certain period of time. The data retention process was a little more clear-cut back when it was only files and sheets of papers in brown boxes that you stored in the attic or the basement.

However, in today’s time, almost everything is in digital form, whether it’s stored locally on a file server, external hard drives, or in the cloud.

This data needs to be secure and easily accessible in the event you need to retrieve any of it. Depending on how much data you have, there are many options.

The one thing you do not want to do is buy a cheap hard drive, move your data over to it, and think you’re safe.

If you only have one copy of that data and you move it to a new location, that is your only copy. You want to have your data saved in more than one location or a mirror copy of it saved.

A business might want to consider a local or cloud server with a RAID setup so that there is a copy of your copy. It creates a copy of your data so that, in the event of a hardware failure or data corruption, the data can be restored from the second copy.

The first copy would be returned to the last version, like nothing happened to it.

If you are a larger business and/or deal with medical or financial information, it would be very wise to utilize data encryption for the stored data.

However, every business should create a data retention policy and follow it. Categorize documents and images, then specify how long the data is to be retained.

Make sure all employees and IT professionals with access to company and client data know and adhere to this policy.

The main thing to keep in mind is the type and quality of hardware that is used. It’s great to have a data retention policy in place and follow it exactly, but if your data gets corrupted, stolen, or a hard drive fails, the policy does you no good.

The key to a rock-solid data retention policy starts with having a robust backup solution in place as well.

The backup solution can either be a cloud-based system or an on-site enterprise storage device or server with a proper RAID setup.

Here at Tech Experts, we can assist you with establishing a file server with the correct RAID configuration to ensure that the retained data is safe and secure, with encryption and redundancy built in. Cloud based image backups are also a great way to ensure the safety of your data.

We can also start you on a managed service plan for monitoring and maintenance of that server and your other workstations, laptops, printer, and VoIP phone systems.

Wherever you decide to store your data, make sure that enterprise hardware and security measures are used to ensure that your data will remain intact.

Watch Out For This Overlooked Threat In Your Business

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

With the risk of being hit by hacking, malware, and other forms of cyber-crime so high, most organizations go to great lengths (and expense) to protect their networks and infrastructure.

However, one major security risk that’s being overlooked is the printer!

All too often, print falls beyond IT teams’ field of view and is left hanging in an abyss ready and waiting for hackers to take advantage.

Here are some interesting statistics: According to research that was conducted by the Ponemon Institute, 64 percent of IT managers are suspicious that their printers have been infected with some form of malware; however, just 54% of organizations include printers in their security strategy.

With organizations placing all eyes firmly on network security, the major threats that are posed by printing devices that are directly connected to these networks are all too often completely overlooked.

So, what actions can you take to reduce the risk of print-related breaches? [Read more…] about Watch Out For This Overlooked Threat In Your Business

Stopping Power Surges Before They Reach Your Equipment

Ron Cochran is Help Desk supervisor for Tech Experts.

We all have some sort of electronic device that we plug into the wall, either to charge the battery or power the device. While these devices are connected to the power source in your home or office, they are being subjected to power surges on a regular basis. Some of these surges can damage your electronic devices.

The main source of a power surge is inclement weather. A surge protector or suppressor will keep your devices safe from inconsistencies in power delivery.

Most people will use power strips to connect more than one device to an outlet and these are OK to use, but they do not offer any surge suppression attributes.

A legitimate surge protector or suppressor will have a rating that is measured in joules, which represents how much of a power surge it can mitigate without damaging your electronic devices. There are several manufacturers of surge protectors for home use, whole-home use, and even industrial applications.

Depending on your needs and budget, you could install a whole-home surge protection system which would protect all of the devices in your house from a surge.

If you are budget-minded, then picking up a couple brand-name, surge-protecting power strips for your entertainment system or electronics charging station would be sufficient.

The one thing you have to keep in mind is if you are not protecting your computers, printers, and display devices from power surges, then you are taking the risk of losing valuable data on your storage devices.

You are also opening yourself up to the potential need to replace faulty equipment due to the power surge.

These repairs are not cheap and the data that you lost due to the power surge is most likely irreplaceable, unless you have a backup solution implemented.

Now, once you have decided to purchase a surge protector, you will need to decide how many and what devices you want plugged into it, keeping in mind the total power draw of all of the devices.

You do not want to use a lot of high-power equipment on one single surge protector because they are rated for a certain power draw; if you are consuming more power than they are rated for, they might not be able to do their job properly.

On top of an overloaded surge protector having issues operating and protecting your devices, it poses a fire hazard due to wires being overheated.

Winter is over and we are entering the stormy season of spring. Power surges will be happening in our area before you know it.

If you are concerned about protecting your home or office equipment from a power surge, then now is the time to evaluate your needs for a surge protector.

We’d be more than happy to conduct a site survey, then recommend and install surge protectors for your business needs.