TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

For Small Businesses, Smartphone Security Is As Important As PC Security

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Although there aren’t any prevalent security attacks or threat mechanisms associated with smartphones in the market today, security vendors and analysts are urging mobile device users to use security best practices on them, just as they would with their computers.

With recent advancements around mobile devices and technologies, particularly smartphone devices, more and more people are staying connected both in the home and office environments.

Analysts at Forrester Research, a leading authority on security in the small business IT space, say the new breed of smartphones, such as Android and iPhone-based devices, are built on operating systems that are “fairly-well locked down.”

However, although they said using these types of devices are generally safer than PCs because malware can’t run on them (yet), there are still privacy and data risks to be aware of.

GPS hacking is just one concern – a rogue phone application sending your location to an outside service without your permission.

Privacy-related issues will emerge as third-party “fake” applications access more of your personal data.

These would be apps that look legitimate, but are designed to steal your personal information.

Fixing this type of issue will be simpler than a PC, though: The operators of the “app stores,” (Apple and Google) can find the offenders and remove them from the sites in a matter of minutes.

Security and privacy are a concern especially for users who bring and work with their personal devices in and out of the workplace.

The safety of the data on those devices becomes an even larger issue.

Smartphones allow business owners and employees to be more connected with each other. Users are sending information via e-mails and through attachments, all of which are susceptible to loss or theft.

Smartphones that are used for business communication should be treated like office PCs when it comes to data protection. The security threat is there – you have to protect the data that’s on the device.

One of the biggest security mistakes customers make with their mobile devices today is that they fail to use even the most basic security protection methods such as passwords.

Most users don’t set up passwords on their mobile device because they think of their smartphone as just a phone.

But really, it’s a small, low-power computer that happens to let you make phone calls, too.

For small business, it’s time to start thinking of smartphones as another entry into your business’ data. If they’re used for business communication, they need to be monitored, protected and updated just like a PC on your network that attaches to your server and financial data.

Industry Standard Security Best Practices

Network security is a must in any network, but when it comes to a business network, there are a number of security standards and best practices that ensure you have control over your network.

Businesses in certain industries secure. Many different companies require different security standards; one organization for instance is the PCI (Payment Card Industry). The payment card industry has very a strict network security standard.

The below practices are fairly strict and will offer you a great deal of control and protection against data theft and network intrusion.

Modem
We will start from the outside edge of your connection of your network and work our way in from your modem on into client workstations.

The modem is probably the simplest device on the network – you can’t really secure it (beyond performing regular updates), but some ISP’s feature a built in firewall in the modem. This can be turned on or off to work in conjunction with your company’s firewall.

Firewall
The next item to take a look at is your router/firewall. Generally you would have a router that offers several ports you can connect to via a direct Ethernet connection as well as WiFi access.

This firewall will add another layer of protection for when your network connects to the Internet. When configured properly, you would block all unauthorized network connections. As far as protecting the WiFi goes you are best to enable MAC filtering.

Each piece of network hardware has a unique identifying numerical code, called a MAC address. Filtering by MAC lets you set up WiFi so that only devices you explicitly define are allowed to connect to your network.

Once you have MAC filtering in place, you can also encrypt network traffic and use a long secure password. Since the clients on the network will not need to type this password in all the time, it is best to make a complex password containing both capital and lower case letters, numbers, and symbols.

Another option to further increase security when it comes to WiFi connections is to set the access point to not broadcast it’s SSID. This will make it look to the normal person as if there is no wireless connection available.

Server
There are a lot of features that can be enabled at the server to further improve network security. The first item to review is the group policy. Group policy is part of the server operating systems that allows you to centrally manage what your client workstations have access to and how.

Group policies can be created to allow or deny access to various locations on your users’ desktops. You can get as granular as defining a group policy that sets standards on user passwords.

By default, Windows Server 2008’s password policy requires users to have passwords with a minimum of 6 characters and meet certain complexity requirements.

While these settings are the defaults, generally 8-10 characters is recommended as well as mixing upper and lower case letters, numbers, and special symbols. An example of a complex password might be @fF1n!ty (Affinity). This password would meet all complexity requirements and is fairly easy to remember. Passwords should also be forced to reset every so many days. A good time period is roughly 30 days.

One other possible option is to have firewall software installed on the server itself to regulate traffic in and out of the server.

The nice thing about having a firewall on the server itself is that you have the ability to log failed connections to the server itself as well as what that connections is and where it was coming from.

This feature alone gives you a lot more control over the network. For example if you noticed in the firewall logs on the server that a connection you didn’t want getting through was making it to the server you can go back and edit policies on the router/firewall to attempt to further lock down your network from that point as well as blocking it at the server.

One final quick thought on server security is physical security.

Generally it is a good practice to have the server physically locked in a room that only specific people have access to. If you really wanted more control as well you can have the server locked using a system that logs who comes in and out of a room via a digital keypad and their own passwords.

When it comes to your workstations, employees should only be logging into the workstation via their domain login and not using the local admin login.

This will allow you to centrally control via group policy what they can access like stated above. You can also configure roaming profiles so that if someone was to steal a physical workstation they would not have access to any company information as it would all be stored on the server and not that workstation – which is another great reason to have your server locked up.

Employee logins to workstations should also have account lockout policies in place so that if a user attempts to login too many times with an incorrect password, the server would lock them out on that workstation for a time period set by the administrator. One other item you could have in place for various employees is specific time periods their credentials will allow them to log into the systems.

One final step in network security is having good antivirus software installed on your workstations and your server. A compromised machine can be giving your passwords and information away to hackers making it possible for them to waltz right into your network undetected.

You are best protected by having as many of the above security steps configured and working properly on your network.

Determine what your network needs, evaluate the practice after it has been in place for a month and make the proper adjustments to ensure your network is safe. You should also preform regular security audits.

If you would like to see how secure or unsecure your network is give us a call and we can perform a network security audit for you and let you know where you stand!

Featured Article Written By:
Tech Experts

Backing Up And Restoring Files With Windows 7

In the business world it’s critical for end users to have a backup solution available in case of data loss or system failure.

System Restore is one of the easiest ways to restore files and settings. If you can’t find a file on your computer or you accidentally modified or deleted a file, you can restore it from a backup if you’re using Windows backup in Windows 7, or you can try to restore it from a previous version.

Previous versions
Previous versions are copies of files and folders that Windows automatically saves as part of a restore point. Previous versions are sometimes referred to as shadow copies.

System Restore is a component of Microsoft’s Windows Me, Windows XP, Windows Vista and Windows 7 operating systems that allows for the rolling back of system files, registry keys, installed programs, etc., to a previous state in the event of system malfunction or failure. Using System Restore to restore previous versions is simple.

Simply open up any Explorer window, right-click on a file or folder you wish to restore, and select “Restore Previous Versions.”

For instance, if you accidentally deleted a file from a folder in My Documents, browse to a file you would like to restore from an earlier point (all of the contents may have been over written mistakenly.)

Likewise if you have accidently deleted a few documents from a folder within your My Documents folder titled “Easter Pictures,” simply right-click on the folder and select properties, then select the previews versions tab, then open previous versions from it.

Please note that this will only appear on files and folders, not drives or Libraries in Windows 7.

The dialog will show all of the previous copies of this folder that are available.  Click on the time you wish to restore from.

You can choose to either Open, Copy, or Restore the folder.  If you click Restore, you can restore the full contents of the folder as it appeared at some time in the past.

Choose “copy” to copy the entire contents of the folder as it appeared at that time to another location.  For instance, you could copy it to a flash drive for safe keeping, which also previews overwriting the current file.

Lastly you can choose “open” to browse the contents of the folder as it appeared at that time.

You can open, copy, or do anything you choose with the file from here.  For instance, if you deleted a folder named emails accidentally today, you could click copy, and then paste it into the location of your choice.

When in this mode, you are directly browsing the shadow copy of your hard drive.  The path to the folder shows the date and time of the copy.

And, the great thing is, this feature is available in all editions of Windows 7, including the low-cost Starter edition often preinstalled in netbooks.

System Restore is a great way to back up your files in case of accidental deletion, or unwanted changes, but should not be used for your disaster-recovery plan.

In cases of disaster-recovery, you will want to make sure you have a proper backup set to automatically backup your systems, System Restore should only be used as an addition to the backups you currently have setup with your IT professional.

How To Shop Online More Safely And Securely

These tips can help you determine that you’re shopping at a secure and trustworthy website.

Look for signs that the business is legitimate. Buy only from reputable stores and sellers. Here are some ways to check.

Find out what other shoppers say. Sites like Epinions.com or BizRate have customer evaluations which can help you determine a company’s legitimacy.

Look for third-party seals of approval. Companies can put these seals on their sites if they abide by a set of rigorous standards such as how personal information can be used. Two seals to look for are the Better Business Bureau seal, and the TrustE certified privacy seal.  If you see the seals, click them to make sure they link to the organization that created them. Some unscrupulous merchants will put these logos on their websites without permission.

Look for signs that the website protects your data. On the web page where you enter your credit card or other personal information, look for an “s” after http in the web address of that page. This shows that the web page is encrypted. Encryption is a security measure that scrambles data as it traverses the Internet.

Also make sure there is a tiny closed padlock in the address bar, or on the lower right corner of the window.

Use a filter that warns you of suspicious websites. Find a filter that warns you of suspicious websites and blocks visits to reported phishing sites. For example, try the SmartScreen Filter included in Internet Explorer.

Keep your web browser updated.

It helps protect you when you shop online.

Internet Security: What Are They Surfing At Work?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A recent survey of business owners and IT managers found that employees are using company computers, Internet access, e-mail, and other resources to conduct hours of non-work related activities.  And the problem is on the rise.

Some of these activities simply waste time, like day trading and monitoring eBay bids. However, some of the activities are malicious and can cause serious issues with a company’s server and network.

Here are a few incidents that were reported by the IT managers that were surveyed:

• One employee was caught running a gambling website and acting as a bookie for his co-workers.

• To bypass the company’s web filter, one employee was caught using his desktop computer as an FTP server for the other employees. He had downloaded and saved over 300GB of material, all on his work computer, using his company’s Internet connection and undoubtedly slowing down their systems.

• One employee was caught giving away confidential information such as price lists, contracts, and software code for application development.

• Another employee had a pretty lucrative side business stealing and selling company inventory on eBay.

• One woman was caught running an online “outcall” service from her desk.

• One employee was caught renting the corporate IP address to hacker friends to attack other company’s computers and networks.

While these scenarios seem outrageous, they are not uncommon. Of the 300 companies surveyed, almost one-third have fired an employee in the last 12 months for violating e-mail policies, and 52 percent of companies said they have disciplined an employee for violating e-mail rules in the past year.

Educating your employees through an acceptable use policy is simply not enough. If the requirements are not enforced, employees will accidentally or intentionally violate your rules.

That’s why every company needs to invest in good e-mail and web filtering software. Just having it in place will act as a deterrent for such activities. If something really is going on – like an employee leaking confidential information to a competitor or sending racial or sexist jokes through your company’s e-mail – you’ll be able to catch it and resolve the issue proactively, instead of reacting to it after the fact.

Additionally, a good web filter will prevent employees from accessing inappropriate material online, wasting time on non-work activities, downloading viruses and spyware, and using up company bandwidth to download photos and music.

Networking Equipment: What’s It All Do?

There are many times when explaining to clients what piece of hardware needs rebooted or reset that they do not know what we are talking about when we reference the piece of networking equipment by name.

Even if you do know what is meant by router, modem, switch, hub, etc., you might not know what the equipment does, and why you need it.

Today is your lucky day! Below is a brief explanation of what the various types of networking equipment is, what it does, and why you need it.

Let’s start from your Internet service providers (ISP) main line into your house or business and work our way up to your computer. It all begins with your modem – this is how you initially connect to your ISP’s main line into your building.

The modem is what connects you to your Internet provider, and secures an IP address for your computer or network to connect to the Internet.

The next piece of hardware in line is normally your router.

Some network installations don’t have a router, usually because the modem supplied by the Internet provider has one built in, or the computer connects directly to  the modem.

A router allows you to have your own network IP scheme and communicate from your network to your ISP’s network.

Routers allow you to expand your network beyond the one device that most ISP’s modems allow by creating a larger subset of IP addresses for your computers to connect to which is then “routed” to your ISP’s IP address and out to the Internet.

This is why they are called routers, they route network traffic. Some routers also offer the ability to connect wirelessly to your network.

These connections act exactly the same way except for the fact that they do not have an Ethernet cable plugged into the computer you are using to connect with and there is increased security on the wireless connection to prevent unauthorized connections to your network. Some routers also offer a high grade built in firewall.

So as you can see routers can come in many different flavors and configurations.

The final piece of hardware in the chain of networking hardware is your switch.

In general switches are designed to be connected to your router and offer more Ethernet ports for you to connect devices to your network.

Most routers offer on average five Ethernet ports – a switch gives you the ability to expand on the number of available Ethernet ports that can connect to your router.

If you want to have multiple devices connected to your Internet connection while keeping your network secure give us a call and we can guide you on selecting the proper equipment as well as getting it setup properly for you.

If this kind of equipment is not configured properly you may not be able to connect to the Internet at all.

Featured Article Written By:
Tech Experts

An Uncluttered Hard Drive Equals A Happy PC!

Everyone knows you need free hard drive space to save files. But the need for free disk space goes far beyond saving a Word document or an MP3 file.

The hard drive is utilized by the computer for many things, most of which go on behind the scenes.

System Restore
If you have Windows Me or a newer version of Windows, your computer comes equipped with a function called “system restore.” System restore is a great tool.

If you install a program or a new device that causes your computer to go haywire, as long as you have a restore point from before that screwy device or application was installed, you can restore your computer to its earlier state.

Windows periodically sets restore points, and you can manually set them too, but these restore points take up lots of disk space – sometimes up to 5 or 10 percent of the hard drive.

If you have no free space, you can’t use system restore.

Page file
Your computer uses RAM (random access memory) to store programs that it is currently running, such as web browsers, games, and virus scanners.

Programs that are open, but are not currently in use are stored in what Windows calls the “page file” or “swap file.”

The page file is an area on the hard drive set aside to be used as “extra RAM,” so that the actual RAM is not overly taxed and your computer can run as efficiently as possible.

Windows initially sets aside a chunk of the hard drive to use as the page file, so unless you manually limit the size or disable the page file, any files you save on the hard drive will not impact the page file.

However, if you run a lot of programs simultaneously, it is advisable to increase your page file size, and without free hard drive space that won’t be possible.

Running the disk defragmenter

Windows comes with another useful tool, the Disk Defragmenter.

The defragmenter joins fragmented files and reorganizes the hard drive to make the best use of all available space (which helps your PC run faster).

You should run the defragmenter at least once a month, but you need free disk space in order to run it. (Ideally, at least 10 or 15 percent of your hard drive should be empty before running the defragmenter.)

Quarantine
Most anti-virus programs have an option to quarantine infected files.

The suspect files are set aside in a designated area of the hard drive so they won’t be able to further infect your computer, but if you need to get to the file, it’s still around.

Without free hard drive space, there is no room for quarantine. Therefore your anti-virus program may delete an important file it suspects as a virus and there will be no way of retrieving the file, or the anti-virus may not be able to do its job correctly and not do anything for that file because there is not enough space on your hard drive for it to move the file somewhere else.

Temp files
Your computer can pick up and store temporary files when you’re browsing webpages online and even when you’re working on files in programs, such as Microsoft Word.

Over time, these files will slow your computer’s performance down by decreasing disk space. You can use the Windows Disk Cleanup tool to rid your computer of these unneeded files and to help your PC run faster.

There are many more behind the scene activities that go on with your computer, having low hard drive space would limit its functionality and could cause serious system damages if not addressed properly.

It is best to have your computer optimized at least once every three months to get the best performance, and having it last longer.

Alert: Top Four Threats Attacking Your Network

There are many threats that could be attacking your network. Here are just a few that most clients have happen to them.

Overconfidence
User overconfidence in security products is the top threat to your network.

Failure to “practice safe software” results in nuisance attacks like porn storms (unstoppable rapid fire pornographic pop-ups) and more subtle key loggers that steal passwords.

Surveys promising free stuff result in theft of information like your mother’s maiden name, high school, etc. which can be used to answer common security questions.

To avoid theft of otherwise secure data, think before you click.

Social Networking Sites
Social networking sites like Facebook are exploding in popularity. Threats range from malware (eg. viruses, worms, spyware) to scammers trying to steal your identity, information and money. Many businesses and government agencies are using these sites to communicate with clients and constituents, so simply blocking access is no longer reasonable; defending your company while allowing employee access requires social network education for your employees and the enforcement of strong acceptable use policies.

We can help you develop a policy, then monitor compliance using a Unified Threat Management device that controls and reports on network access.

Attacks On Mobile Devices
Everyone is going mobile these days, not just the “road warriors.”

Once limited to laptop computers, mobile network devices now include PDAs, handheld computers and smart phones, with new appliances appearing in the stores every month. Mobile devices often contain sensitive data yet they are easily lost or stolen.

Be sure to password protect and encrypt data on all mobile devices whenever possible. Include mobile devices in your acceptable use policy.

Cloud Computing
“The Cloud,” in its simplest form, involves using the Internet to access and store your data.

It’s actually thousands of servers all working together to provide computing power. When you access e-mail using a web browser, you are working in “the cloud.” Using the cloud for automated off-site backup is rapidly gaining popularity, but that’s just the beginning.

Companies like Microsoft, IBM, and Google envision the day when we will use inexpensive terminals instead of computers to run programs and access data located somewhere on the Internet.

You need to be sure that any data you store and access across the Internet is secure not just where it is stored, but during the trip to and from the Internet.

Pay close attention to this top threats and it will help with network security.

Professional Email Addresses: How “Free” Email Could Cost You

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

There are lots of ways you’ve worked to build positive brand and inspire trust with your clients.

Pleasant phone greetings when client calls in, a professional sign over the office entrance, even stationary on a nice paper stock are important to let your clients know that you’re serious about your business.

But what about having your own domain name for email?

How does it look after a great conversation with a potential customer when you hand them your card and your email address you expect to have important business conversations with belongs to one of the big email providers offering free service?

Put another way, imagine a lawyer with an email address of consultantpat@hotmail.com. Do you think Pat’s clients would be comfortable knowing that private correspondence with their consultant was being transmitted through a free email service?

How would their perception change if Pat’s email were pat@robinson¬consulting.com?

Professional branding aside, there are some great reasons to have your email at your own domain name for business email:

Who’s going to help? Delete an important email? Can’t log in to your account? Have a question about the number of emails you can send from your account?

The free email service providers have self-service tools to help you figure out your problem, but what can you do if you still have a problem? Who will you talk to and how long will you have to wait for help?

Will your emails be delivered? “I didn’t receive your email.” Does this sound familiar? Free email accounts are very popular with spammers. Did you know that some mail services started blocking mass mail delivery from free email accounts with these domain names?

The switching cost to a domain-based email address later is higher. There’s a strong benefit to having people know where to find you. Changing your email address can be a lot like a retailer relocating. All the business built over the years could disappear, as customers can no longer find you at the address.

Unintended communication could be embarrassing, even damaging. Jon Smith is our hypothetical accountant with a free GMail account at jon.smith@gmail.com. Can you guess the number of times his clients have emailed their sensitive documents (even tax returns) to john.smith@gmail.com?

Sure, it’s the client’s fault for the mistake, but could this have been prevented if he were Jon@ReliableAccountants.com?

Free email accounts are very popular these days. But if you’re serious about your business and your brand, it might be time to consider how current and potential clients are judging you by a simple email address.

How Can Google Plus Benefit Your Business?

Since the recession businesses are looking for more economical ways of advertisement that will generate revenue.

Google Plus will be the perfect business hub for advertisement and customer interactions.

Google Plus is a brand new social networking website that allows you to interact with your friends and followers.

It also supports mobile devices so you can keep your clients up to date on the go. Google Plus is made up of five key features:

Stream
The stream is an essential feature to Google Plus; this is where you can share what’s new.

For example, for a retail store this is where you could post the latest sale or upcoming products that your store will be offering soon.

Circles
Circles are used to categorize all of your Google Plus friends and followers.

With this you can post updates in your stream and choose which circles can view the update.

So if you have customers that have a membership with you that allow them to receive special offers this would be perfect for that purpose.

You could create different circles and update your stream with coupon codes and only share that update with the circles of your choice.

Huddle
Huddle is a new way for you to easily stay in touch with your custom¬ers in real time.

With Huddle, you can chat with groups of people or individual users.

For example, if you wanted to provide customer support online you could create huddles for your customers that are in need and as¬sist them in a chat window.

Hangouts
Hangouts are for video chatting with your circles. This can be used to introduce a product.

For example, you can update your stream telling your users to be online at a certain time and you can broadcast video using the Hangout feature.

Or, it can be used for group meet¬ings. For a lot of small businesses it can be hard trying to find space to host a meeting if your building does not have the allotted space available.

With Hangouts everyone will be able to be seen on screen in a video chat session with the main focus on the person who is speaking at the time.

Using +1
If you are familiar with Facebook, this is the same basic feature as the Facebook “like” button. But, there are some added features.

Basically if you like what you see while browsing the web, you can give it a +1.

This also can be a very good marketing tool if you simply tell your customers that if you +1 this update you can give them discounts which will draw more attention to your company’s profile.

Also you will be able to see what others have +1’d which is basically another way of telling someone “Hey check this out.”

If you use all of the features that Google Plus offers you should see an increase in clients and followers in your business.

The more online exposure that your business has, it is more likely you will come up first in web searches.

Google Plus is still in its beta stage which unfortunately is invite only.

There has not been a date set for its release but when it arrives I encourage you to sign up as soon as it launches.