TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Windows 10 Goes Back On The Shelf

Brian Bronikowski is a field service technician for Tech Experts.
While it was broadcast everywhere during the launch of the newest operating system from Microsoft, users of Windows 7 and 8.1 are nearing the end of the free upgrade period. The infamous “Get Windows 10” app has been hounding users for quite some time now and most will be happy to hear that it will be gone nearing the end of July.

That, however, is only after Microsoft ups the ante attempting to reach their goal of one billion Windows 10 devices within 2-3 years of launch. The question many users should be asking themselves is simple: what does this mean for me?

First and foremost is price. After July 29th, there will be no opportunity to obtain a free upgrade. Instead, home users will need to purchase a license for the new system that would run them $119.00. Businesses and those in need of a professional Windows license would look at a price tag of $199.00.

Neither of these seem like friendly numbers to your average user or business owner. Those who have upgraded and switched back to their previous operating system are in luck, however. Once upgraded, you obtain the Windows 10 key indefinitely. In the future, a fresh install of Windows 10 will automatically activate and update as per usual.

Before we get there however, we have one last hang-up from the software giant. It would seem that Microsoft wants to get as many free upgrades in the world as possible.

This is quite a feat when just over half of Windows-based computers are still running Windows 7. How do they plan access that user base? Automatic upgrades seem to be their answer.

While many have claimed to have experienced Windows 10 upgrading by itself, it seems to be a reality in the very near future. The actual update for Windows 10 comes through as any other update you may be familiar with.

The catch with 10 is that it was previously an optional update, yet Microsoft will be putting it in the “Recommended Updates” category. As such, many users will install the update files without their knowledge. In the meantime, the pre-mentioned “Get Windows 10” app will schedule the upgrade for them in a suspicious window. It looks similar to the previous screen but instead of having a cancel button, they have replaced it only with “OK”.

But what does a single button really cause? For some fast-paced users, they may misunderstand and click the new button thinking that it’s putting off the update.

Little do they know that within a day or two, they’ll find themselves mid-upgrade. There is one way around this once the update is scheduled: a link will appear on the same screen that will allow you to stop the automatic upgrade.

Microsoft leaves it to you to navigate to the link and pages beyond to stop your free upgrade. Luckily, the IT guys at Tech Experts are able to get past this or downgrade those that have recently updated against their will.

The lesson here is a plain one. Users need to keep a look out and understand what is happening to their PC if they hope to retain any control over it. Microsoft’s newest operating system does have many benefits and features that make it very appealing.

However, it isn’t for everyone. If you’re accustomed to what you’re using, the upgrade isn’t a necessity. That said, you should keep in mind that Windows 7 will experience end of life in 2020.

Another Major Ransomware On The Loose: Locky

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Ransomware, a virus that essentially holds a computer user’s data hostage for a monetary reward, isn’t a new threat. It is in fact, becoming more prevalent with an estimated 35% increase of attacks in the past year alone.

One of the newest forms of this virus is known as Locky, which finds its way onto unsuspecting users’ devices through vulnerabilities in the Adobe Flash Player. This ransomware was detected by Trend Micro, and the type of operating system used seems to have little effect on risk. Locky has infiltrated systems through Windows, Mac, Chrome, and Linux.

Many of the Locky attacks, however, have affected Windows 10 users who are unknowingly using outdated versions of the Adobe Flash Player. Anyone running the 20.0.0.306 or earlier versions of Flash is at risk of Locky taking over data and holding it hostage for payment.

Therefore, the simplest way for people to protect themselves from this new ransomware is to ensure they are running the most recent version of Flash.

To do this, access Flash content within your browser and right click on it. Then, choose “About Adobe Flash Player” to view which version is being used. Alternatively, users can visit the Adobe website, which can automatically detect the installed version and also offer the option to upgrade to the most current one.

Locky ransomware isn’t just spread through Adobe Flash. It also can find its way onto systems through attachments in spam emails. In this case, the emails have most frequently been distributed through the same botnet responsible for sending out the online banking malware Dridex.

While actual numbers for how many people have fallen prey to Locky infections are not public, security companies have revealed that the majority of the ransomware attacks have taken place in the United States, Japan, and France.

The amount demanded to remove Locky from affected devices is usually around $100, but security experts suggest not giving in to such demands. Instead, victims are advised to create a backup of files and seek help from your IT provider.

The best defense against such attacks, however, is in prevention. Regularly update your operating system and frequently used programs, never open suspicious emails, and only log in as an administrator on your computer system when and as long as you absolutely must to prevent hackers from intercepting your login credentials.

Major Password Breach Uncovered

Some people collect antique trinkets while others collect more abstract things like adventures. There’s someone out there, however, collecting passwords to email accounts, and yours just might be part of that collection. To date, it has been estimated that over 273 million email account passwords have been stolen by a person or entity now called “The Collector.” This criminal feat is one of the largest security breaches ever, and the passwords have been amassed from popular email services, including Gmail, Yahoo!, and AOL.

It is unclear exactly why “The Collector” has procured so many email passwords, aside from the fact that the individual is trying to sell them on the dark web. The puzzling part of this, however, is that the asking price is just $1. So, the hacker may only be seeking fame for achieving such a large-scale feat.

The email account credentials may have more value in being used in an email phishing scam, but it’s impossible to know the cybercriminal’s intentions as this point. While potentially having your email hacked doesn’t sound like that big of a threat, there are multiple ways in which this information could be used for harm.

The most notable risk is that the login information may be used to access other accounts; many people use the same username and password for their emails accounts as other ones, such as for online banking. So, there is far more value in this large collection than just the asking price of $1. To protect yourself, security experts advise you change your password immediately.

Protecting Your Business From DDoS Attacks

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A Distributed Denial of Service (DDoS) attack prohibits access to a computer resource. This kind of assault rarely happens alone but rather occurs in waves once an attacker realizes they have been successful in the first attempt.

Using the same method of attack on a business’ computer system, such cyber-attackers can then overwhelm and suppress Internet facing websites and applications, which can greatly hinder the ability to conduct business as normal.

In order to safeguard against DDoS attacks, small businesses must first recognize they’re potential targets, especially since there has been a recent rise of such assaults on small businesses in the past year.

While the motivation behind such an assault can be difficult to understand, they happen for a wide variety of reasons. Attackers may seek to hold systems hostage in an extortion attempt, or the attack may not be motivated by the prospect of financial gain at all. [Read more…] about Protecting Your Business From DDoS Attacks

How Cloud Computing Can Benefit You

Michael Menor is Vice President of Support Services for Tech Experts.

Is your business using the cloud in 2016? If not, you should know that it’s a great tool that’s designed to help your business better manage its data and application deployment.

However, the cloud can be used for so much more and it’s quickly becoming an indispensable tool for SMBs.

Here are four ways that cloud computing is changing the way that small businesses handle their technology:

Data Storage
The cloud is a great way to share data among your entire organization and deploy it on a per user basis.

Businesses can store their information in a secure, off-site location, which the cloud allows them to access it through an Internet connection.

This eliminates the need to host your data internally and allows your employees to access information from any approved device through a secure connection, effectively allowing for enhanced productivity when out of the office.

Microsoft Office365
Access Office from anywhere; all you need is your computer – desktop, laptop, tablet, or phone – and an Internet connection.

Since the software is running in a data center, you just connect to the Internet to access the software.

Another benefit to this is that you have a central location for all your data. If you need to make a change to an Excel spreadsheet from your tablet and you share the file with your colleague, they will be able to view the changes that you just made.
Gone are the days of emailing files between members of your team and losing track of the most up to date file version.

Virtualization
The cloud can be an effective tool for virtualization, which is a great method for cutting costs for your business. By virtualizing physical IT components, you’re abstracting them for use in the cloud. This means that you’re storing them in the cloud.

Businesses can virtualize servers, desktop infrastructures, and even entire networks for use in the cloud. Doing so eliminates the physical costs associated with operating equipment, allowing you to dodge unnecessary costs and limit the risk of hardware failure. For example, you can deploy all of your users’ desktops virtually from the cloud so you don’t need to rely heavily on more expensive workstation technology and can instead use thin clients. Simply log into your company cloud and access all of your applications and data on virtually any Internet connected device.

Backup and Disaster Recovery (BDR)
A BDR device relies on the cloud to ensure quick and speedy recovery deployment. The BDR takes snapshots of your data, which are sent to both a secure, off-site data center and the cloud.

From there, you can access your data or set a recovery into motion. If you experience hardware failure, the BDR can temporarily take the place of your server, allowing you ample time to find a more permanent solution.

The cloud is crucial to the success of a BDR device, simply because the cloud is where the BDR stores an archive of its data.

Ransoming Your Business One Step At A Time

When it comes to business security, today’s climate is a careful one. It seems like every week the latest and most dangerous ransomware is coming for us.

These can come through a variety of ways, like employees, clients, and websites. The most recent threat we’ve seen is called Rokku. Built upon predecessors, it’s only the next step in the fight against business security systems. Ransomware is a dangerous thing. The main concept is a mix of fear tactics and file encryption. After the system is infected, the virus will normally lay dormant for a time.

Once every file is found and changed to an encrypted state, a message will display, stating the worst.

All of your files are locked until you pay whatever sum the developers demand. Once in this state, you are generally given only a number of hours before your files and content are deleted permanently.

In this instant, many people will jump up to pay for their files in order to save further expense and headache. Unfortunately, doing so rarely helps the issue.

After the ransom is paid, you are supposedly granted access to the files and everything continues on unhindered. That said, there are many times you can send the money in and receive nothing in return.

Your files will still have their encrypted extensions (e.g. *filename*.rokku) and you will be in an even bigger hole than before. Some of the older encryptions have programs made by third parties to help those infected, but this is also often not the case.

In the Rokku scenario, there is no progress made in decryption. No patterns have been found and files are completely distorted in comparison to their original state.

As if it isn’t already enough, there is still more to worry about. Rokku as well as other ransomwares will not stop at only the infected computer. Network shares are also subject to complete encryption.

In short order, your entire network is no longer your own. With this in mind, the question is simple. What can you do?

Ransomware is definitely a problem and is not going away anytime soon.

That said, there is more progress these days than when we first started seeing it pop up on systems. Using Rokku as an example, some newer versions are built off of older attacks.

As such, they can often follow the same patterns and can be taken care of. Anti-virus and anti-malware services are also more and more proactive against these threats.

User error can, however, still cause alarm and ruin things very quickly. Rokku and many of its predecessors are sent through email attachments. Once opened, they will start to run and everything will spiral downward from there.

It is important to know and keep others informed on basic safety practices when it comes to operating computers. Keep in mind to not trust strange sites, emails, or messages that you were not expecting or do not know the sender. Also, be aware of common spam signs.

Misspellings, exaggerated results, and poor grammar are often giveaways.

If you want to review your current computer climate, we recommend giving us a call. With preventive maintenance, business class protection, corporate antivirus, and monitors running to ensure a steady flow, we can ensure the safety and reliability of any network and the important files that it may contain.

The absolute best way to avoid a disaster such as Rokku and other ransomwares is to stop it before it happens.

Do You Have A Blind Spot In Your Security?

Security is only as good as its weakest link — one blind spot and a company can be compromised. It is important that each aspect of a company’s security is understood and up to date.

With the following best security practices, it can be better understood what to be aware of and how to better advance a company’s security.

From remote hackers, to in-person social engineering, and even your own e-mail, there are different methods of attacks and means of defense to maintain a company’s integrity.

Physical Security
The basic defense that predates IT security is physical security. Locked doors, restricted access, and watch patrol are some of the oldest methods to prevent aggressive physical security breaches.

Technology has only made physical security even better with security cameras, alarm systems, RFID badges, and biometric systems that identify a person from their physical being. Having the appropriate physical security is key to preventing and deterring break-ins and stolen items.

Social Engineering
With the right words and story, some people gain access to compromising areas and information that can give a company a real bad time.

Without a physical break-in or even a computer, social engineering works against human psychology, finding the vulnerabilities of staff and workers to trick and deceive their way past security. The best way to defend from this is to have a strong and easily understood security policy that educates staff and workers not give out credentials and access to unauthorized personnel.

Phishing
Billions of emails are sent out every day — promising a vacation, warning people about their bank accounts, or asking for charity — that are entirely design to steal or compromise a person or company. Phishing targets everybody, asking for credit card numbers, asking a person to sign in to their account on a fake site, or taking something in other ways.

Do not open emails or download email attachments with suspicious or unknown origins. If an email looks odd or is too good to be true, call or check a website directly to confirm if an email is legitimate.

Clicking or falling for phishing could end with a stolen identity, stolen money, or a locked PC or network demanding ransom money. Be smart and wise about checking emails.

Hackers
There are people that spend most of their day trying to break security codes, finding software loop holes, and other abstract means to force their way through digital security to gain illegal access to computers.

There are just as many (if not more) people working together to prevent such people from ever gaining access with new security measures and patches. To protect a PC or a company from hackers, always update your security definitions on Windows and antivirus software. Knowing what software to trust and what updates are needed are important ensuring digital security. We at Tech Experts make it our business to keep digital security online and updated at all times, so that no one has to fall victim to the unseen security threat.

Being aware of these different security risk and knowing how to defend from them can give a strong basis in understanding and learning in what needs to be done to keep a company or person secure.

Security is always evolving and changing, but having a modern understanding with security in place can make the difference between a secure environment and a risky work place that could come to a grinding halt when security is breached. Be safe, be smart, and be productive with good security.

What Can I Do To Strengthen My Wifi Signal?

A weak WiFi signal in certain areas of your house could limit where you do your work and enjoy your entertainment activities, such as streaming films music or playing online games. This is actually a common issue with a couple of relatively easy fixes that will improve your wireless Internet connection throughout your house.

The first option is to replace the antenna on your router with a taller one. If your router has a built-in antenna, you can likely add an external one and see a marked increase in signal quality. There are two main types of antennae: omnidirectional and directional. An omnidirectional antenna transmits in all directions, while you can point a directional antenna where you need to strengthen the signal without making it easier for others to latch onto your WiFi. The other alternative to improve your wireless signal is to install a range extender, particularly if the area that requires the strongest signal is behind thick walls or is relatively small.

Storm Season Is Just Around The Corner… Are You Protected?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.
We’ve just celebrated the first day of Spring, and before you know it, the weather will warm up and tulips will bloom. Of course, we’re also headed into Spring storm season.

If you haven’t already, it is time to prepare for those pop-up storms that occur randomly at this time of year. These unexpected storms often result in everything from ice damage to lightning fires.

During this time of year the threat of fire, flood, severe storms, water damage from office sprinklers, and even theft is very real.

One of the most valuable assets for any company is its data. Hardware and software can easily be replaced, but a company’s data cannot! As a reminder to all of our clients, here are some simple things you should do to make sure your company is ready for any natural disaster. [Read more…] about Storm Season Is Just Around The Corner… Are You Protected?

Don’t Use Your Keyboard As A Dinner Plate And Three Other PC Best Practices To Live By

Michael Menor is Vice President of Support Services for Tech Experts.
Computers are complex devices that require special attention to keep in optimal shape. Unfortunately, some people don’t pay enough attention to the current state of their computers.

Once you’ve cleaned your computer properly, though, it’s important to make sure that it stays that way for as long as possible. Doing so can increase the longevity of your technology and prevent it from an untimely demise.

However, before you decide it’s time to clean your computer, power it down and unplug it before doing so. It’s better to be safe than sorry, especially with expensive hardware.

Don’t eat, drink, or smoke at the computer
Remember all of those crumbs that fall out of your keyboard when you turn it upside down? All of those crumbs got there somehow and it’s probably thanks to one habit that you might have: eating at your desk.

To minimize the amount of crumbs that fall onto your keyboard, it’s best to just lock your PC and go eat somewhere else, like the kitchen, dining room, or break room. Furthermore, smoking in the same room as your computer can gunk up your fans and other components with ash, tar, and other nasty substances that are found in cigarettes.

In general, it can be good to separate yourself from your computer while you eat. If you’re doing it at work, it separates the work environment from you momentarily, which can be helpful for maintaining your sanity.

Clean your PC regularly
Giving your PC a thorough cleaning is only the first step toward ensuring that your computer remains in optimal shape. In order to keep it that way, you need to set up regular upkeep cleaning sessions where you clean out the keyboard, the monitor, and the main body of your PC.

Doing so can considerably prolong its lifespan and it makes it more appealing to look at when you have to sit in front of it for hours on end.

We think it’s safe to say that you should clean your PC at least twice a year, maybe more if your lifestyle calls for it.

Give it room to breathe
In order to keep your PC functioning at optimal efficiency, you need to give it the space it requires to run without overheating. In other words, you should keep it in an open location, where all of the fans are capable of keeping air circulation flowing.

This prevents overheating and can improve overall functionality of the device. Furthermore, you should keep your PC tower off of carpet if possible, to help with keeping the heat low.

Constantly clear dust collection
Desktop PCs and workstations tend to be a bit on the large side and therefore, don’t move around as much as laptops or other smaller devices do. This leads to computers collecting dust in the fans, vents, and just about anywhere else.

It’s important that you keep your PC dust-free whenever possible; otherwise, it could run into operational issues due to overheating, keyboard stickiness, and so on. In fact, dust can even cause PC components to seize up and stop working.

The best way you can keep your computer dust-free is to keep a can of compressed (or “canned”) air right on your desk. This way, you’ll have a neat tool for cleaning your PC available at your disposal. Please be sure that you don’t spray liquids at your computer, ever. If you have to use a liquid cleaner, use water, and use a damp cloth rather than a spray bottle to directly apply the liquid, but never use water on an internal computer component.