TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

My Laptop’s Ethernet Port Isn’t Working. What Can I Do?

If the Ethernet port is damaged, purchase a USB to Ethernet converter.
The laptop Ethernet port is integrated into the motherboard, which makes it hard to replace only that part without swapping out the entire motherboard.

Since it just doesn’t make sense to throw the proverbial baby out with the bath water, just make it possible to plug into another port that is undamaged with a USB to Ethernet converter.

Fortunately, these converters are relatively inexpensive, so there’s no need to despair. Converters are available at virtually any store with an electronics section and there isn’t much difference between converters.

One thing you may wish to consider is to purchase the latest model of adapter, even if your current laptop is not new.

These converters are backward compatible, so the latest USB 3.0 to Gigabit Ethernet adapter works with even the oldest computers with older USB ports.

With the latest version as part of your arsenal, you can still use it in the future with a newer laptop.
These adapters have another great feature which is that they don’t require any technical knowledge, saving you time and money for installation and troubleshooting in case of problems.

Simply plug it in the USB port, and it’s ready to deploy your Ethernet connection, getting you back online without any hassle.

Windows automatically detects the adapter and the operating system installs the appropriate drivers for you.

Remember to use an in-line surge protector on your Ethernet cable, particularly if you travel frequently.

IT Policies Companies Under HIPAA Regulations Must Have

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

HIPAA (the Health Insurance Portability and Accountability Act) and HITECH (the Health Information Technology for Economic and Clinical Health act) have been around for quite some time. Even so, many companies covered by these laws are way behind when it comes to implementation. When you really think about it, even companies not covered by these laws should have the requisite policies and procedures in place.

Access Control Policy
How are users granted access to programs, client data and equipment? Also includes how administrators are notified to disable accounts.

Security Awareness Training
Organizations must ensure regular training of employees regarding security updates and what to be aware of. You must also keep an audit trail of reminders and communications in case you’re audited.

[Read more…] about IT Policies Companies Under HIPAA Regulations Must Have

Network Security And The “People Problem”

Michael Menor is Vice President of Support Services for Tech Experts.

Security teams that focus on what is already happening and the layers of defense being breached are constantly in reactive mode.

Reviewing reams of data produced by technology – firewalls, network devices or servers – is not making organizations more secure. With this approach, the team fails to prevent breaches or respond in a sufficiently timely way.

Instead, the addition of more data and more complexity perversely prevents achieving the end result: protecting sensitive information.

The significant breaches of today are executed by people infiltrating the organization and attackers are doing this by assuming identities or abusing insider privileges.

There is a gap between the initial line of defense (the firewall) and the company’s last line of defense (the alerts received by the security team and their following analysis.)

Tracking user activity, especially connections between suspicious behaviors and privileged users, would allow organizations to close this gap.

True understanding of identity has the ability to cut through the overwhelming explosion of data that can render security organizations blind and unable to respond to real threats or even detect if they are under attack.
It is time to incorporate identity into the organization’s breach prevention strategy and overall security. We have to stop accepting a gap approach to security, which is usually focused on data and devices rather than people. In light of the budding perimeterless world, identity will increasingly be the primary factor that matters to the security team.

Identity data is pervasive, yet typically absent from the security world view. For security organizations, our corporate identity (the personal identity elements we bring to our corporate environment) and our behavior are aggregate details essential in building a picture of what is happening within – and beyond – the corporate perimeter.

business people iconsTogether, they offer deep context to inform the security team of the appropriate response to potential threats and real attacks.

The critical piece in this approach is the security organization’s ability and capacity to understand the full scope of identity: who the person really is behind any given device and whether they are behaving abnormally.

This is particularly helpful when identifying attackers that have managed to acquire privileged user credentials.

Identifying Normal Behavior
One way to reduce the scope is to focus on the highest risk identities first. If you accept that the greatest risk comes from people inside your organization that can access sensitive information – known as “privileged users”, which can also include non-human accounts that may have access – then the correct steps are as follows:

1) Reduce the number of privileged users/identities and accounts.

2) Limit the privileges any one user has to systems and applications necessary to do their job.

3) Integrate the identities of privileged users into security and risk monitoring to spot behavior that may indicate a breach.

Closing the Gap
As more and more of the computing environment breaks outside of the control of central IT organizations, spearheaded by the move towards BYOD (or Bring Your Own Device), the ability to recognize who a user actually is and what is normal for them becomes a foundational part of effective security monitoring.

Without such identity-powered security, security teams will continue to struggle to differentiate whether the events they are monitoring are worth a reaction and that hesitation allows attackers to execute more and more damaging data breaches.

Furthermore, security teams will continue to operate in reactive mode and fail to prevent breaches or respond in a sufficiently timely way.

If identity is a central component to security management, then security teams will be in a better position to understand the behavior of users and will spend far less time trying to identify the meaning behind the events they are seeing.

People will continue to be our biggest point of exposure and with a keen focus on user behavior and activity, we will be in a much better position to limit the impact of breaches.

(Image Source: iCLIPART)

When Nature Strikes Part 2 – Fire In The Sky

Scott Blake is a Senior Network Engineer with Tech Experts.

Fires in or around server rooms and data centers can ruin your data and put your business at risk. It’s a must to set up fire protocols when you build your room or building.

As I mentioned in Part One of “When Nature Strikes,” the two most important protocols to have in place for any “in case of…” are 1) Have a Plan and 2) Secure Your Data. When dealing with the possibility of fire destroying your server room or data center, you’ll want to make sure you also have Suppression, Containment and Insurance protocols in place as well.

Have a Plan
Disaster recovery plans are now becoming a requirement for many industries. To be prepared, businesses need to locate and define the regulatory requirements of their individual industry, which will also help avoid fines, penalties or negative press associated with noncompliance.

Trying to implement or even design a plan while in the middle of a disaster will only lead to a less than successful recovery. Make sure your team is ready for action and everyone knows what to do. It’s better to be overprepared than have a plan that goes up in flames.

Secure Your Data
Back up your data regularly. Manage a duplicate copy of all data, programming, and company processes at a different physical location or in the cloud. That way, you can continue working at a secondary location if your system crashes. One way to do that is to keep copies of all your data, programs, bare metal backups and virtual machines in data centers in other states.

If you maintain data backups and business software on location, make sure you store them in a fire rated safe. Fire safes can be purchased anywhere from $100 to thousands of dollars for a fully-loaded safe.

SuppressionПечать
Fire suppression systems for server rooms and data centers are essential to the server room itself. A fire suppression system will automatically extinguish a fire without the need of human intervention.

Design standards for fire suppression systems for server rooms and data centers are carried out with strict guidelines as the fire suppression agents used can be dangerous if not designed correctly. Fires within these types of environments are suppressed in two different ways.

Reduce Oxygen – This method uses argon, nitrogen and sometimes carbon monoxide to displace the oxygen in the room. The objective of this method is to reduce the oxygen level to below 15% in the room. By reducing oxygen to this level, it will suppress the fire.

Chemical and Synthetic – Most chemical and synthetic fire suppression agents have some form of a cooling mechanism. These systems use less gas and maintain a higher level of oxygen. However, high doses of any synthetic or chemical agent can be toxic, so making sure your design is correct is absolutely necessary. Synthetic fire suppression systems will deliver its payload within ten seconds.

Containment
A fire doesn’t have to be inside your data center to jeopardize IT equipment. Because radiant heat and smoke from fire in an adjacent room can be enough to damage sensitive network hardware, creating a protective barrier between your server room and the potential fire not only blocks indirect damage, but prevents flame spread as well.

Lightweight, flame-resistant ceramic panels can be used to build fire-safe archive rooms and data centers within larger, standard-construction buildings.

Insurance
Recovering from fire damage is expensive. Business insurance is crucial and it’s not only for physical property. The right kind of insurance will replace lost income as well. Make sure your business insurance policy is up to date and has the correct coverage to support your business in crisis mode.

Make sure you have all of your suppression and containment systems built and installed by certified professionals. Insurance companies will require this in order for you to acquire the policy and even collect on it.

No one wants to get burned after a fire. Again, make sure your company insurance is up to date and has the appropriate coverage needed to rebuild your business.

If you have questions or you’re looking for suggestions on prepping your business for recovery, not disaster, call Tech Experts at (734) 457-5000.

(Image Source: iCLIPART)

Consider These Great PC Upgrades

If you are in the market for a new PC, check out these tips on how to upgrade your PC and get more value for your dollars before you pull out your credit card.

A solid state drive
Nothing like an SSD to give you a more practical and noticeable performance increase. With more capacity and more chips and channels, you are guaranteed faster performance.

A faster CPU
You may want to add a new CPU if your computer is old and if the before-mentioned SSD does not entirely fulfill your needs.

Get more memory
With more memory, your operating system will spend less time moving data to disk and you will be able work with more open apps and large files.

Choose a larger display
While a touch screen might blow up your budget, you can opt for a 23-, 24-, 27-inch 1080p model for an affordable price and it will offer you a much better and productive computing experience.

Better gear: keyboard and mouse
Explore the world of wireless, wired, touch and ergonomic keyboard and mouse models and choose one that makes sitting at your computer a breeze.

After all, all our work is done with a keyboard and a mouse, and they need to be as much comfortable as possible.

Security Tips For Your Smart Phone

Today it is fairly easy to carry out business tasks using smart phones. Emailing, browsing the Internet and even creating or editing documents is now a breeze.

So technically, smart phones are now carrying a large amount of sensitive data that needs to be protected. Not only are Smart phones subject to the same threats as PCs, but they are also quite easy to misplace and lose.

Here are a few tips that will help you mitigate some of these security risks:

Screen lock the phone
Whenever you leave your phone unattended, lock your smart phone to require a password or PIN code or set it to lock after few minutes. This will prevent unwanted access and will protect your data in case the phone is lost or stolen.

Enable remote device wipe
Check if your phone allows the memory-wipe function in case it is lost or stolen. Some phones have this feature embedded, but most others will require that you download an app and potentially pay for the service that goes with it.

Apply system updates
From time to time, smart phone vendors, mobile carriers, or hardware manufacturers update the operating systems on their phones. These updates usually include useful and necessary security-related improvements.

Turn off Bluetooth discovery mode
Many people leave their smart phones on Bluetooth-discovery mode around the clock. On some phones, this feature is set by default; however, check your phone and make sure it is disabled when you are not using it. Failing to do so, your phone will constantly be discoverable to others and allow people to connect to your device without prior authorization.

Install mobile anti-virus
Malware purveyors are increasingly targeting smart phones. It is now important to use anti-virus software for your phone just like you would do for your PC.

This is particularly important for Android devices as they are built on an open platform susceptible to malware.

Are You Ready For Windows Server 2003 End Of Service?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Next July will mark the end of Windows Server 2003 Extended Support. What does that mean for you if you’re a current owner of Server 2003?

It means that there will be no more security patches or updates, putting your whole business at risk of new threats or viruses as well as potential performance problems due to incompatibilities with newer software and applications.

The bottom line is that if your business still uses Windows Server 2003 you will need a plan soon. Analysts are estimating that 10 million machines are still running Windows Server 2003 and that they will soon be stranded, especially those serving regulated industries as they will need to maintain the security and confidentiality of these servers.

For these reasons, it is important to look into the needs of your business.
Here are a few considerations: [Read more…] about Are You Ready For Windows Server 2003 End Of Service?

Tips To Protect Your Business PC From Malware

Michael Menor is Vice President of Support Services for Tech Experts.

In today’s online world, technology users are essentially in a state of near-constant attack. Almost every day, there’s a new data breach in the news involving a well-known company and, quite often, fresh rules for protecting personal information are circulated.

Because of malware in email, phishing messages, and malicious websites with URLs that are one letter different from popular sites, employees need to maintain a high level of awareness and diligence to protect themselves and their organizations.

Phishing activities are especially pervasive, including attempts to steal users’ credentials or get them to install malicious software on their system. The astonishing success rate of phishing attacks makes them a favorite.

Why? More than 70% of people will follow the link to a phony website and, of those that followed the link, 30%-50% will routinely give up their usernames and passwords.

Many like to think of the network perimeter with all its firewalls and other fancy technologies as the front line in the cyber war, but the truth is there’s a whole other front.

Every single member of a company’s staff who uses email or the Internet is also on the front line and these people are generally considered a softer target than hardware or software. It’s simple: if the bad guys can get an employee to give up his or her user credentials or download some malware, they can likely waltz right past the technological controls, basically appearing as if they belong there.

When using a computer for personal functions, a user generally has to have the ability to install software and modify the system configurations. Typically, such administrative functions are not available to all users in a corporate environment.

c471994_mAs a result, even if an organization has made an effort to improve a system’s security, a user doing work on a personal computer has the ability to disable and circumvent protections and has the privileges to allow for the installation of malware.

As companies migrate toward a world of bring-your-own-device policies, some companies are developing strategies to help address these risks. But, as a rule, using a work computer for personal reasons or doing work on a personal computer (or tablet or smartphone) can significantly increase the threat level that an employer has to protect itself against.

To help their organization protect systems and data, employees need to implement some smart web browsing habits. Smart web browsing means engaging in the following activities:

Beware of downloads
Malware can be hidden, not just in applications or installation programs, but in what appear to be image and video files also. To limit the likelihood of downloading content that contains malware, only download from reputable sites. With sites that are not a household name, take the time to do a little research and see if other people have had issues.

Additionally, be sure that antivirus software is set up to automatically scan downloads. Or scan downloads manually, even when receiving them from name-brand sites, as it is not unheard of for infected files to make their way onto otherwise legitimate web sites.

This is especially true for file-sharing sites where the site owner cannot control every piece of content a user may place there.

Be wary of deceitful sites
Those running sites already breaking the law by illegally distributing copyrighted materials — like pirated music, movies or software — probably have no qualms about including malicious content in their downloads or stealing information.

Many popular web browsers today have built-in functionality that provides an alert when visiting a website that is known to be dangerous.

And if the browser doesn’t give a notice, the antivirus software may provide that function. Heed the alerts!

Employees need to protect their devices from online and in-person threats. Start by keeping the company’s system patched. Configure it to automatically apply updates or issue notifications when there are updates and then apply them as soon as possible. This doesn’t just apply to the operating system.

Keep all installed applications updated; sometimes this takes a little extra work.

Remember, the challenge of security is that the bad guy needs to find only one hole in a security system to get past it, so fix them all. Think of it as putting dead bolts on doors, but leaving the basement window wide open.

To that end, security professionals like to debate the usefulness of today’s antivirus software. And it’s true that malware continues to become more sophisticated and harder to detect. But it always amazes me how old some of the malware running around is. As a result, use antivirus software and keep it up-to-date.

Also, use a software firewall, either the Windows firewall or one provided in an antivirus package. This is especially true for laptops connected to public wireless access points at hotels or coffee shops, but it also applies to home systems. It just provides that extra layer of defense.

And finally, please, don’t ever give passwords to anyone. Be vigilant and question anything new, especially emails and forms in the web browser that request work credentials, no matter how nicely the request is made.

(Image Source: iCLIPART)

When Nature Strikes – Is Your Ark Ready to Float Your Business to Dry Land?

Scott Blake is a Senior Network Engineer with Tech Experts.

Flooding can strain the resources of even the most well-equipped organizations. Natural disasters give little warning to companies, so preparing for the disaster is the only way to reduce the high cost of rebuilding.

Have a plan ready and in place
Disaster recovery plans are now becoming a requirement for many industries. To be prepared, businesses need to locate and define the regulatory requirements of their individual industry. In addition to reducing hardware damage and data loss, this will help avoid fines, penalties or negative press associated with noncompliance.

The health care industry has begun to require that hospitals have a recovery plan in place. The Joint Commission on Accreditation of Healthcare Organizations (JCAHO) sets standards for operating a health care organization and evaluates the industry to ensure that these standards are met. Documented and field-tested recovery plans for theft, vandalism, loss of critical data, provision of emergency power, and file and flood recovery are now required.

Trying to implement or even design a plan while in the middle of a disaster will only lead to a less than successful recovery. Make sure your team is ready for action and everyone knows what to do. It’s better to be overprepared than have a plan with holes that will sink your business.

Your data: Make sure you have it
Back up your data regularly. Manage a duplicate copy of all data, programming, and company processes at a different physical location or in the cloud. That way, you can continue working at a secondary location if your system crashes.

One way to do this is to keep copies of all your data, programs, bare metal backups and virtual machines in data centers in other states or in some cases different countries.

Tech Experts offers encrypted, HIPAA-approved, online c414084_mbackup of your files, documents, folders and data bases. If you require bare metal backups or the ability to convert your server into a virtual machine to keep afloat until replacement hardware is in place and running, Tech Experts also offers devices that can fulfill that requirement as well.

Treat your data like your money
Keep it safe and keep a lot of it.

Power: Must have it
An uninterruptable power supply (UPS) and a generator provide consistent backup power for your business if power lines go down. Make sure you routinely test and service them to ensure they’re working correctly.

Electrical components, including service panels, meters, switches, and outlets, are easily damaged by flood water. If they are underwater or come in contact with water for even short periods, they will probably have to be replaced. Make sure all of your computer systems — from servers, workstations, backup devices, and UPS’s — are up off the floor. Servers, backup components and UPS’s should be at least four feet off the floor.

Another problem is fires caused by short circuits in flooded areas. Raising electrical system components helps you avoid those problems. Having an undamaged, operating electrical system after a flood will help you clean up, make repairs, and return to your property with fewer delays.

Good relationships with vendors, customers and partners
Create strong relationships with your partners, vendors and customer base. In good times, they will give you access to new ideas, technologies, and business opportunities. During a crisis, they’re a security blanket with teams of people who know your business model and have resources to help you rebuild.

Insurance: Business is life
Floods and water damage are expensive. Business insurance is crucial and it’s not only for physical property. The right kind of insurance will replace lost income as well. Make sure your business insurance policy is up to date and has the correct coverage to support your business in crisis mode.

If you have questions or you’re looking for suggestions on prepping your business for recovery, call Tech Experts at 734-457-5000.

(Image Source: iCLIPART)

Considerations When Buying A Home Wireless Router

Wi-Fi Router vectorChoosing and buying a router for your wireless internet at home can be a frustrating experience; you want speed, performance and coverage as well as longevity in the life of your upgraded router.

It’s not an easy task if you add to it the complexity of all those numbers attached to the router and the knowledge required to install it.

So, here are few considerations that will help you choose your next wireless router:

What’s the end goal?
Ask yourself: why am I buying a router? If it’s simply to build a wireless network at home and have access to the Internet, you could probably get away with a router at under $200.

However, if you want extra features, such as added security, parental controls, the ability to connect USB printers, and added external storage drives for data sharing, you need to search for a higher end router.

Also, you may not even need to have a wireless router in your house, especially if you use a PC or laptop that is already connected to a cable or DSL modem and there are no other devices that need to be connected wirelessly to the internet.

Should you go for a single or dual band?
Bands are the frequencies in which wireless communications operate. A single-band is geared toward simple wireless networks and a dual-band router operates on both the 2.4 and 5 GHz frequencies.

Although a router that sustains the 5 GHz frequency will work great for gaming and online streaming, it is not as good as the 2.4 when it comes to distance. So, consider the distance you need to cover when choosing the required band.

Further considerations
When buying your next router, remember that soon enough the 6th version of the Internet Protocol (IPv6) will be here, so you will need a router that supports this transition.

Another consideration is extra features that a router may offer, such as SD card slots and USB ports for printers for example.

If you want to future-proof your investment, make sure you get an 802.11 AC router, which is fast becoming the standard in wireless networking.

Finally, even with home networks, the more security, the better!

(Image Source: iCLIPART)