TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Can Your Car Really Be Hijacked?

On your daily commute, imagine your car suddenly not responding to your driving cues. Turn the steering wheel, and nothing happens. Push the brake, and you don’t stop. Few things could be more frightening than hurdling through space at any speed and not knowing what will happen. This scenario may sound like a scene from a science fiction or adventure movie, but it is certainly possible. Wired reporter, Andy Greenwood, recently proved that today’s smart vehicles can be remotely accessed and controlled by hackers.

While the likelihood of someone with the means and know-how to hack your personal vehicle may be low, the mere possibility of it happening shakes our very foundation of how we see the world. After all, there’s enough to worry about when driving: from animals suddenly crossing in front of you to weather conditions with the potential to send you careening off the road. Now, there’s this. Pretty much any device with a CPU is at risk to being hacked and controlled from afar, whether it is a pacemaker or a washing machine.

This is what Andy Greenburg set out to illustrate when he arranged for his Jeep Cherokee to be hijacked by two car-hacking researchers. The researchers were able to gain control of Greenburg’s vehicle, transforming his role from driver to passenger in little time. They turned the steering wheel, jerked on the reporter’s seat belt, and even disabled the brakes using the Internet. Much of the not-so-amusing shenanigans were controlled through Fiat Chrysler’s “Uconnect” feature, which electronically manages a vehicle’s navigation, entertainment features, and more. Basically, a vulnerability in this system let the hackers in.

While it is possible to remotely hijack vehicles without this Uconnect feature, this vulnerability is now well-known and puts certain Chryslers at an even greater risk to this new technological danger. The Uconnect package is an option offered for 2013 through 2015 Chrysler and Dodge cars and trucks, including the Jeep Cherokee, Dodge Ram, and Dodge Charger. The good news is that, if you have a vehicle featuring the Uconnect package, there is a fix that can be installed. Although it is possible to do it yourself by visiting the Chrysler website and downloading it onto a USB drive, this is a job perhaps best left to the dealership.

Wire Fraud: How An Email Password Can Cost You $100,000

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Wire fraud is one of the most financially damaging threats to people and businesses today. Victims can lose hundreds of thousands of dollars in the blink of an eye.

What is wire fraud? Let’s start with the basics:

A wire transfer is an electronic transfer of funds between entities, usually a bank and someone else.Wire fraud utilizes this system to steal money. Typically, this is done by fooling a financial institution into wiring money to a fraudulent account.

The process often begins with the theft of personal data or email credentials, which means data security is paramount to preventing this threat.

Here’s an overview of wire fraud so you can better protect your business and clients. [Read more…] about Wire Fraud: How An Email Password Can Cost You $100,000

How Can Small Businesses Amplify Employee Communication?

Michael Menor is Vice President of Support Services for Tech Experts.

Using email to conduct important business always starts with the best intentions, like saving everyone time. Just think back to the last time you used email to solve a significant business issue or answer detailed questions from an important customer.

But, sometimes, email creates a disaster of miscommunication. Tone, intonation, and emotion get lost in translation. Messages and ideas are misunderstood. Nothing really gets accomplished.

So, what’s your next step when email isn’t working?

Usually, it’s a meeting in person or a quick conference call. Un-fortunately, those communication methods can create a whole new problem. In an increasingly mobile business world where teams, employees, and customers are spread out over multiple remote offices, work-from-home setups, or field operations, it can be nearly impossible to get everyone into the same place at the same time.

Tethering to the mothership: The lasting value of a virtual phone system
Web conferencing has helped mitigate the above problem. However, the fact that many businesses lack the communication and collaborative tools their team’s need — regardless of where they work — is the bigger issue. For example, even with web conferencing, many remote or work-from-home employees still rely on personal cell phones that aren’t connected to the company’s main phone system.

That’s problematic for a couple of key reasons:

• With personal landlines and cell phones, it’s significantly more difficult for remote employees to access antiquated company systems for voicemail, call forwarding, and conferencing.

• Without a true company-owned connection between the corporate office and the employee, the relationship between the two feels more like a contract gig than a full-time job — hurting employee engagement and retention.

Thankfully, there’s a relatively simple way to solve that problem: implementing a new, company-owned communication system that’s flexible, mobile, and collaborative.

One common solution is a VOIP (Voice Over IP) service, which can be based in the cloud or on-site.

The reality is that voice communication is still a far superior — and much more immediate — way for team members to connect with each other. It typically leads to richer, more sincere, and more empathetic communication, which in turn amplifies productivity.

These tools are like a tether to the corporate mothership. They’re a lifeline that allows everyone to feel connected to their colleagues and customers, but in a way that aligns with the mobility and functionality that today’s remote workers need.

Why many businesses are moving to the cloud
Of course, the image of a desktop phone doesn’t exactly convey a sense of mobility. And it certainly doesn’t solve the problem of being able to connect from any location.

That’s where cloud-based phone systems come in.

Cloud-based phone systems allow team members to receive company calls, access corporate voicemail, and set up virtual conferences from a basic Internet connection.

When employees step out of the office, calls can be forwarded and certain features can be accessed from their cell phone.

Traditional phone systems, on the other hand, often hinder remote workers’ communication effectiveness because of their limited mobile capabilities. This often results in lost money, lost productivity, and big headaches. Even worse, businesses often pay more for traditional phone systems in the form of equipment maintenance and outages.

Virtual communication systems create an overall experience that makes people feel like an effective part of the team, wherever they are. No more emotionless email exchanges and no more awkward, disjointed conference calls. At the end of the day, that’s good for your team, your company, and, most importantly, your customers.

Battling Bloatware, Trial Programs and Time Bomb Software

Scott Blake is a Senior Network Engineer with Tech Experts.

The day has finally come. You’ve saved money for what seems like a lifetime to purchase a new desktop or laptop. You’re all excited to get it unboxed and powered on… only to find yourself confronted with loads of bloatware, trial programs and time bomb software you will never use and never asked for. You quickly find yourself spending hours removing all the preinstalled programs instead of enjoying your new device. Why is that?

The sole intent of a vast majority of the programs you find already installed is to track your presence on the web. Some programs, such as Superfish (which Lenovo was installing on their computers), also change your search results so you see different ads than you would from normal browsing habits. This can also affect your computer’s security.

Some of the more common programs that tend to get overlooked are browser toolbars. Several of the most common toolbars you will find are Yahoo, AOL, Google and Ask. These are so common that most computer users think they are part of their browser.

The purpose of a browser toolbar is to gather information on your browsing habits such as popular search words or phrases and sites visited. This information is then sold to advertising companies or used to place custom targeted ads on the sites you visit. In most cases, you will also start to see an increase in spam messages in your email inbox. It’s recommended to properly remove all browser toolbars from your Internet device.

Just when you think you have removed everything that needs to be removed, look again. Most likely, you will find trial or time bomb software installed as well. These are programs that offer you their fully functional features for a predetermined amount of time.

Two of the most popular software programs preinstalled in this way are Microsoft Office and anti-virus programs. Office programs will give you full functionality of the Office suite for usually about 30 days, then features will become unavailable to the user after the program expires. In some cases, this has little to no effect on the user, but in other cases, it can have a severe financial impact.

Trial versions of anti-virus programs can be the most devastating to the user. A user will power on their computer, see there is an anti-virus program made by a large and well-known company already installed, and they think they are fully protected against the evils that await them. This may be true for the first 30 to 90 days. However, after the trial period ends, most users either ignore the pop-ups warning that the program is going to expire or they are not notified. This leaves the user in a state of vulnerability. After the program expires, they no longer receive regular security definition updates.

Let’s say you have taken the time to fully clean and remove all the bloatware, trial, and time bomb bloatwaresoftware from your computer. The only things you need to watch for now are third-party programs piggybacking on the installs or updates of other programs.

Two of the most common programs to pay attention to when updating or installing are Adobe Flash Player and Oracle’s Java. You need to pay close attention to the installer windows or you will end up spending more time removing unneeded security scanners, toolbars, and/or browsers. For more information about bloatware, trial programs, and time bomb software, contact Tech Experts at (734) 457-5000.

Leasing vs Buying IT Equipment: Which is Better?

When you plan to upgrade or replace computer equipment, there are two ways to do it: Either leasing or buying the necessary IT equipment. As there is no hard and fast rule as to which alternative is better; it heavily depends on your business’ unique situation and needs. Here is an overview of each alternative’s pros and cons to help you decide between the two options:

When you lease IT equipment, the upfront costs are low, which allows a business to set aside moneys for more pressing needs.

There will be a set monthly payment with no surprises, and your business can keep up with the Joneses when it comes to having the most cutting-edge technology. If some new tech system pops up in a year or two that could help your business operations, upgrading is simple to do when leasing.

There are, however, downsides to leasing. Over the long term, you may pay more for the equipment your business uses. With a lease, there’s also the issue of having a contract that usually requires the business to rent the IT equipment for a set length of time.

This means that – even if your business opts to stop using that equipment or it becomes obsolete – the payments still must be made.

When you purchase your business’ IT equipment outright, there is only a single, albeit large, hit to the budget, and there’s no complicated paperwork to fill out or built-in caveats in the contract to look out for. It belongs to the business and decisions regarding maintenance and method of use are entirely up to those within the company instead of being governed by an outside entity. The purchased equipment can even be deducted from the business’ taxes.

On the other hand, putting a lot of money at once into a company’s IT needs may draw too much money out of other divisions’ budgets, such as marketing, for example. This can negatively impact the business’ bottom line. Another consideration is how often technology equipment should be updated. With buying such equipment, it’s far harder to upgrade to the latest technologies, which could require waiting for your recently purchased items to sell before making a fresh IT equipment purchase.

For Pete’s Sake, Back Up Your Data Folks!

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

I’ve been supporting small business computers and network systems for more than 25 years, and believe me when I say, the number one thing that still boggles my mind is the lack of sound backup systems and procedures.

It is a topic we cover a lot in our newsletters, and for good reason: Not a month goes by where we aren’t witness to some sort of catastrophic file loss or system/server failure.

If you’ve ever lost an hour of work on your PC because it locked up in the middle of writing a proposal, you know the grief it causes. Now imagine if you lost days or weeks of work – or imagine losing your client database, financial records, and all of the work files your company has ever produced or compiled.

Or what if a major storm, flood, or fire destroyed your office and all of your files? It’s raining as I write this, perhaps the twentieth day of rain in the last 30, and we’re under a flood watch yet again. [Read more…] about For Pete’s Sake, Back Up Your Data Folks!

Internet Security: Beware Of “Malvertising”

Michael Menor is Vice President of Support Services for Tech Experts.

As if Internet use wasn’t already troubled with cyber perils, users now have to add “malvertising” to the list of things from which they need to protect themselves.

“Malvertising,” like the name suggests, means “ads that contain malware.” Some mal-ads aren’t dangerous unless you click on them – but others can do “drive-by downloads,” sneaking their malware onto your computer simply because you’re viewing the page on which the ad appears.

While most malvertising is on websites, it can also show up on other ad-displaying apps, such as Facebook, Skype, some email programs, and many games.

The reason that malvertising is more of a problem than other malware approaches is that it can be spread through online advertising delivery networks like Google DoubleClick to legitimate sites that users routinely visit, like the New York Times, Huffington Post, and Yahoo, as well as routinely-used mobile apps that show ads. Malware-bearing ads can be “injected” either by hacking ads at the provider end or by buying and providing mal-ads. In most cases, there’s no way for a user to tell just by looking that an ad has been compromised.

The Potential Damage
The dangers of advertising-delivered malware are the same as those from malware you get any other way. Malware can steal account usernames and passwords, bank and credit card information, and other sensitive data.

It can encrypt your data and “hold it for ransom.” It can, in turn, infect other computers on your network and turn your computer into a “zombie,” spewing out spam and malware to the Internet.

July_2015_MalvertisingLike other viruses and malware, malvertisements take advantage of security vulnerabilities on users’ computers and mobile devices. These may be anywhere from the operating system, to web browsers and other applications, to add-ons and extensions like Java, JavaScript, and Flash.

How do you know if your computer has been infected by malware? One sign is that your web browser shows unexpected pop-ups or seems to be running slower. But many malware infections remain “stealthy,” possibly even eluding anti-malware scans.

Legitimate ad creators and ad delivery networks are working on ways to detect and prevent malware from getting into the digital ads they serve. Otherwise, people have even more reason to not look at ads or block ads entirely.

But, assuming it can be done, this won’t happen for a year or more. The burden is on companies and individuals to do their best to protect their networks, computers, and devices.

What Can Companies and Users Do?
Although malvertising is a relatively new vector, the best security practices still apply; if you’re already doing things right, keep doing them. But what does “doing things right” look like?

  1. Avoid clicking on those ads, even accidentally.
  2. Maintain strong network security measures. Next generation firewalls at the gateway can often detect malware payloads delivered by ads, block the ads entirely, and/or detect communication from already-infected devices.
  3. Regularly backup systems and critical files so you can quickly restore to a pre-infected state if your systems and data are compromised.
  4. Deploy endpoint security software on every device so that it’s protected on and off the network.
  5. Ensure that all operating systems and client software (especially web browsers) are fully patched and up to date.
  6. If you suspect a computer has been infected, stop using it for sensitive activities until it’s been “disinfected.” Again, many security appliances can help you identify and quarantine infected devices.

It’s unfortunate that even more of everyday Internet use is potentially unsafe, but the steps to fend off malvertising are essentially security precautions that companies and individuals should already be following.

Does Your Company Need An Internet Usage Policy?

Scott Blake is a Senior Network Engineer with Tech Experts.

With the growth and expansion of the Internet, it is important to make sure that your business has a policy in place to protect its assets.

Depending on your business, an Internet Usage Policy (IUP) can be long and drawn out or short and to the point.

An IUP will provide your employees with guidelines on what is acceptable use of the Internet and company network. IUPs not only protect the company, but also the employee.

Employees are informed and aware of what is acceptable when it comes to websites and downloading files or programs from the Internet.

When employees know there will be serious consequences for breaking the IUP, such as suspension or termination of employment, companies tend to notice a decrease in security risks due to employee carelessness.

You will need to make sure your IUP covers not only company equipment and your network, but also employee-owned devices such as smart phones and tablets. You may be surprised at the number of employees that feel they do not have to follow the IUP because they are using their own device to surf or download from the Internet.

Make sure you address proper usage of company-owned mobile devices. Your business may have satellite employees or a traveling sales force. Even when they are away, they need to be aware they are still representatives of the business and must follow the business IUP.

After all, it would not go over well if your sales staff was giving a presentation to a prospective client and suddenly, “adult content” ads popped-up on the screen because one of your employees was careless in their web habits.

The downloading of files and programs is a security risk in itself. Private, internal company documents and correspondence downloaded from your company’s network can become public, causing unrepairable damage.

On the same thought, employees downloading from the Internet open your company’s network up to malware attacks and infections.

There are a lot of hackers that prey upon the absent-minded employee downloading a video or song file by hiding a piece of malware within the download. Once the malware makes it into your network, there’s no telling what damage it can cause.

As for non-work related use of the company network and Internet, make sure your employees know there is no expectation of personal privacy when using the company’s network and Internet connection.

Make it well-known that the network and Internet are in place to be used for work purposes only. Improper use of the network can reduce bandwidth throughout the company network.

This includes all mobile devices owned by the company. This way, your employees know that no matter where they are they still must follow the guidelines of the IUP.

Make sure all of your employees sign the IUP and fully understand what it is they are signing. Make sure you answer any and all questions they may have.

This will help clear up any confusion your employees may have. This way, there can be no excuses as to why the IUP was broken.

Whenever you update the IUP, make sure you have all of your employees sign and understand the new additions and/or changes to the IUP. It may seem like overkill, but you’ll be glad you did if you ever run into any violations of your company’s IUP.

For assistance in creating Internet Usage Policies or if you have any questions, call the experts at Tech Experts: (734) 457-5000.

Is Antivirus Necessary For Smartphones?

July_2015_CellPhone_email_sizeChances are, you have an antivirus program installed on your personal computer. You may not, however, have the same sort of protection for your smartphone.

If you don’t, you’re certainly not alone. Being part of a majority, however, doesn’t make the data on your smartphone safe. The same threats that lurk in cyber land can attack your phone as easily as a personal computer, but there isn’t a lot of attention being given in the media and other venues about viruses on smartphones.

So, despite that lack of attention, should you install antivirus protection on your smartphones and tablets?

The truth is that you should. Smartphones are fast becoming the prime method of accessing the Internet, and the amount and nature of sensitive data on these devices puts you, your business, and even others whom you hold dear at risk.

Since many viruses are designed to gain access to personal information on devices, the risks are greater than you may think. We may not think about installing antivirus applications on our smartphones because it doesn’t address a widespread problem at this time.

In the near future, however, viral attacks on phones is inevitable. From an employer’s standpoint, the need to protect smartphones is even more important than on a personal level. With more and more business being conducted via handheld devices, a virus on a smartphone has the potential to interrupt operations, causing costly delays and compromising sensitive company data.

Security software applications that can protect smartphones are available for download. Look for one that is not just vigilant against malware, however.

It should also provide an option to remotely wipe smartphones clean in the case of a viral attack to protect company data as well as have a GPS location feature to facilitate easy recovery.

Another feature experts recommend in a security software application is the ability to limit the types of applications employees download onto their company-provided smartphones.

Should Your Company Install The Windows 10 Preview?

In short, no. While the Windows 10 Technical Preview is free of charge, there are too many dangers in downloading what is essentially the Beta release of Microsoft’s newest operating system.

There’s a reason why the preview is available, and it’s not to generate excitement about its coming release this fall. The preview exists for Microsoft to discover bugs and glitches that are present in this version, so they can fix them before Windows 10 officially hits the market. Unless you just enjoy being part of that process, it’s best to leave the testing to others.

It is especially important to wait for the official Windows 10 release if you only have one PC or mobile device.

Since all the kinks have not yet been worked out, you could find yourself unable to use accessories like printers or scanners if you make the premature jump into the new operating system. You also can’t be assured that the Windows 10 preview is safe for your devices, and it’s simply not worth the risk of incurring problems that can not only be costly moneywise but in the ill use of your time trying to correct any damage.

Furthermore, the technical preview isn’t complete. The features you’re looking forward to may not be included. The Spartan web browser and Holograph feature are missing from the Windows 10 preview.

So, even if the test version of the operating system functions seamlessly, you’re apt to be disappointed. Although you may be chomping at the bit to get rid of your old operating system, the wise thing to do is wait until Microsoft perfects Windows 10 and then fully explore it when it’s finally released, making sure it is compatible with your business applications.