TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Security

Phishing Schemes Are On The Rise

A phishing e-mail is an e-mail sent by a hacker designed to fool the recipient into downloading a virus, giving up their credit card number, personal information (like a social security number), or account or login information to a particular website.

Often these e-mails are well designed to look exactly like an official notification from the site they are trying to emulate.

For example, a recent phishing e-mail was circulated that appeared to come from Facebook stating that videos or photos of Osama Bin Laden’s death were posted online. These e-mails looked exactly like a legitimate Facebook e-mail and even appeared to come from “Facebookmail.com.”

Once you clicked on the e-mail the phishing site would attempt to install a virus on your machine.

And now due to recent security breaches with Sony and e-mail marketer Epsilion, phishing attacks are going to increase – and they are going to get more sophisticated and harder to distinguish from legitimate e-mails.

That’s because the hackers that were able to access the private databases of the above mentioned companies now have the name, e-mail and interests of the subscribers, and in some cases birthdays, addresses and more. That means a phishing e-mail can be personalized with relevant information that the user provided to Sony, making the e-mail appear to be more legitimate and the user more likely to click on the links provided and take the actions requested. Now more than ever it’s critical that you are wary of e-mail notifications and the actions they request you take. Even having good anti-virus software installed won’t protect you if you give your account information away freely.

 

 

Almost Every Small Business Can Expect To Get Hacked

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Juniper Networks recently commissioned a study on small and medium company network security.

The startling result: Over 90% of US companies reported at least one security breach in the last year, with more than half indicating they experienced two or more significant security problems with their networks.

There’s a misconception among a lot of small business owners that they’re safe from cyber attacks, because small companies offer a smaller payback for hacking efforts.

Small business network security is usually lax

The reality is, security policies and procedures at small companies usually make them an easy and simple target for hackers.

While the payout isn’t as large as hacking TJ Maxx, invading a small business’ network usually takes a lot less effort, and the business lacks a sophisticated response system.

Why is hacking so easy?

A new technique, called spear phishing, let’s hackers target a small group of previously identified people. Sometimes, the attack goes after just a handful of people who work at the same company.

Spear phishing does away with the need for hackers to gain access to your passwords. As more companies start to use social media sites such as FaceBook and Twitter, hackers using spear phishing are finding it easier to “trick” unsuspecting employees into installing crimeware on their company computers. This crimeware let’s the criminals access the computer system directly. Once they have access to one machine on your network, it’s easy to connect to the others.

Recent attacks have highlighted the growing need for companies to implement network security controls to catch the bulk of socially engineered spear phishing attacks.

They also need to take measures to quickly detect and contain security breaches.

The first thing you’ll want to do to protect your business is implement a strong firewall (see Frank’s article on page two) that lets you assign security restrictions for users based on the content of websites, and even keywords that might be potentially dangerous.

The next thing to look at is your company’s acceptable use policy. This can be as simple as a few pages added to your employee handbook that outlines what is and isn’t acceptable behavior on your network.

The final thing to examine is your backup and disaster recovery plan. The hacker’s aren’t giving up, which means it’s time to plan for what comes after a security breach.

Firewalls: What Do They Do And Why Should You Have One?

Firewalls are network security devices that protect your internal network (your servers and PCs) from your external network (the Internet).

We’ve put together a basic guide to firewalls – what they are, when you should have one, and why.

What is a firewall?
A firewall is simply a border between the device and the firewall software is installed and running on (and devices on the LAN side of the firewall) and any other devices on the outside of it.

For example, there are many different kinds of firewalls. Windows firewall gives you very basic features, and is built into Windows.

This firewall is designed to block unwanted access to the computer itself and is not designed to protect the rest of the devices on a network.

Another form a firewall can take is a separate device all together.

Having a device that specifically functions as a firewall gives more control over what the firewall can be used to protect.

For example it is possible to buy a firewall appliance that can be attached to the perimeter of your network and block specific connections to your LAN.

When is it a good time to look into using a firewall?
On most Windows based computers Windows firewall is generally on by default so most people already run a firewall on their computers without even knowing it.

That being said, Windows firewall does not give you anywhere near the control or protection of a dedicated firewall product.

If your business requires very strict security and data compliance, or you intend to store highly confidential information (an example would be client credit card numbers), it may be in your best interest to have a third party firewall.

Third party firewalls offer much greater protection and allow the ability to configure specific rules in much greater detail than Windows firewall.

Having the ability to configure rules with more detail makes it possible for you to lock down your network and its possible security holes more tightly.

The reason this is a good idea if you are storing confidential information on a network is that having a firewall gives you control over exactly what comes in and out of your network.

Without this added security it may be possible for your valuable information to be compromised or copied to a remote location without you even knowing it is happening.

Why have a firewall or invest in a better one?
Three words: Vastly improved security. A third party firewall solutions affords you the best protection for your data and network.

If you have important data to secure, a firewall is an excellent step in protecting your network from unwanted access to your network.

If you have questions about your firewall (or lack of firewall) and would like us to evaluate your network security, please give us a call.

Whether it is security holes left open due to a weak firewall or other possible security issues we can help you secure your data!

Feature article by Tech Experts,
Service Manager for Tech Experts

How To Ensure A Safe And Virus-free Internet Experience

Visiting websites like Facebook, Ebay, or Youtube at work may keep you busy while there’s “nothing to do.” However, if your computer system isn’t properly protected, you run the risk of a virus or malware infection.

We’ve put together some of our best tips in this “safe browsing habits” article. Following these general guidelines can help protect you against Internet based threats.

One of the dangers faced by users when they browse the Internet is a hacker or infected computer accessing the browser’s cookies. Cookies are small text files saved on the computer by the server of the page the user is visiting.

The information cookies contain is usually related to the page being visited, which can include user names and passwords, browsing preferences, etc.

Java Applets and JavaScripts can also put users at risk. Although the majority of these programs that are run on the user’s computer at the request of the server are harmless, they can be designed to steal system information and send it to a malicious user.

Another threat that is becoming one of the most dangerous threats on the Internet is phishing. This technique involves tricking users into thinking that are visiting a legitimate web page, when they are actually visiting a malicious page.

This technique is particularly dangerous when the malicious page simulates an online banking page. Web pages that perfectly imitate the appearance and functions of well-known banking entities are becoming increasingly common-place on the Internet and entice users into entering personal data that will fall directly in the hands of unscrupulous cyber criminals.

But that’s not all. There are also viruses that are capable of getting into computers when users browse the Internet. To do this, they usually exploit vulnerabilities that allow them to install themselves on computers without the user realizing.

The malicious code that have the capacity to do this include many Trojans designed to steal confidential information from affected computers.

Online banking
When making transactions on the Internet, check that the process is carried out through a secure server. Several characteristics identify these types of servers. One of these is the address that appears in the address bar in the browser, which starts with https://.

What’s more, a padlock or key icon will appear in the browser window. If the padlock is closed or the key is complete (not broken), the server is secure.

Disable cookies
Another recommendation is to disable the cookies from the toolbar in the browser you are using. Although they must be enabled in order to access some web pages, they can be enabled temporarily.

Even though it may be tiresome enabling and disabling the cookies, it can prevent a lot of serious problems.

Double check the URL
To avoid falling victim to phishing scams, make sure that the page you are visiting is legitimate. To do this, copy the URL of the website you want to visit and paste it in the address bar of the browser. It is also advisable to identify and monitor the Java Applets and JavaScripts on the system to avoid any nasty surprises.

Raise your security level
Raise the security zone in the browser to ‘medium’ or ‘high.’ This can be done from the toolbar in the browser you are using.

Anti-virus is key
Finally, make sure that you have a reliable antivirus installed, which is updated at least daily. This will prevent malicious code from slipping into your computer while you are browsing the Internet.

The Benefits Of Using The Current Version of Windows

With all the different versions of Windows out there, how do you know what one will work best for you, and why?

The answer, in most cases, is the most current version of Windows is the one you should be using. In general the most current version of Windows (in this case Windows 7) will offer the greatest benefits for your money.

Security
One of the many benefits to having a current operating system is the security features. When you’re up to date, you are far less vulnerable to viruses and malware.

Windows XP is still one of the most widely used operating systems.The problem with it is that there are so many viruses and malware developed for it that it is much more vulnerable than Windows Vista or Windows 7.

One security feature that makes Vista and Windows 7 more secure than Windows XP is the fact that they both have a two way firewall built into the operating system.

This means that if a virus was to get into the system (and the firewall was still functioning properly) the outbound firewall would catch outbound communications from the virus to whatever it is transmitting to.

Windows XP only has inbound firewalls which helps to stop incoming connections, but does nothing once a virus, malware or other attacker has gained access to the computer system.

This is likely the biggest advantage security wise for the newer operating systems.

Increased productivity
As far as productivity goes there may be instances that require a user to stick with an older operating system due to software compatibility issues. These issues in most cases are few and far between.

The reason this is the case is due to compatibility features within Windows 7 and Vista that allow a user to set a program to run in “Compatibility Mode.”

Running a program in compatibility mode allows a user to run programs that were designed to be run in older operating systems.

This feature will allow programs that were designed to run on operating systems as old as Windows 95 to run in the current version of Windows.

While compatibility mode will work in most cases, it isn’t guaranteed. Always work with your line of business application company to keep your software updated.

Remember the importance of maintaining support for any specialty software you use.

Updated applications
One final reason to use the most current Operating System is the ability to run newer applications and hardware that were not previously supported in older operating systems.

If your computer is older, it might not have the horsepower necessary to run the most current version of Windows. In that case, it is may be more beneficial to upgrade the PC.

If you’re interested in upgrading, we can check your current systems for memory and processing power, looking forward toward an operating system upgrade.

Remember, an up to date system lets you be more productive, have better security over your important data, and increase your profitability by decreasing downtime due to failing hardware, viruses and malware.

Feature article By Tech Experts Staff for Tech Experts

Simple Tips To Keep You Out Of Computer Trouble

As you can imagine, we see a lot of computer and network issues . Sometimes, they’re pretty difficult to diagnose and repair, but in some cases, a simple fix is all you need. Here are some tips you can refer to the next time your computer goes a little crazy, and some advice to keep you out of trouble.

Reboot!
Nine times out of ten, rebooting your computer and connected equipment will solve the problem you’re having.

Do a full restart, which means go to your Start menu, shut down the computer, and power down your peripherals and computer. Then, restart it fresh.

We know what you did
A good computer consultant can tell if you’ve been bad or good on your computer, and usually pretty quickly. Tell us what you really did right before the computer crashed – this will save time and aggravation.

Your consultant will figure it out eventually – why not make the repair quicker?

There is no free lunch
Downloading free music, movies and games from the Internet can open holes in the security system of your computer, making it easy for other people to access your files.

Be safe… Only use legitimate sites like iTunes and Netflix for your downloads.

Use strong passwords
We walk a fine line in recommending passwords. If they’re really easy to remember, that means they’re also really easy to guess. If we make the password very hard to guess, it’s also going to be very hard to remember.

Here’s a suggestion: Create a “main” password which you then modify for each site you use. A good main password would consist of numbers and letters (but not your birth date!).

Try using your first dog’s name combined with the address of the first house you lived in, and then add to the password for each site. For example, buffy1944 could be a good base password. Then, you’d add AMZ at the end for your login to Amazon.com – buffy1944AMZ, EBY at the end for your eBay account, etc.

Update your antivirus
Hackers don’t care that you’re too busy to renew your antivirus and anti-spyware software – in fact, they hope you don’t! Set your software to update at least once a day and run a full system scan at least once a week.This is also a good time to schedule system maintenance tasks, like your system defrag.

Public wi-fi is public
If you don’t have an urgent need to check your online banking or private e-mail at the coffee house, don’t do it. While you’re on a public network, even if it is encrypted, a nearby hacker can capture your passwords and other personal information

 

Data Loss Prevention And Recovery Tips

With every business relying heavily on their computers and network, it is a huge risk to not properly care for your important data.

The fact is a computer’s hard drive becoming damaged, corrupt, or even completely unusable is not an issue of whether or not it will happen to you, but rather an issue of when.

If you do not properly care for your data you may wind up in the unfortunate situation of having to recover your lost data.

Backup Your Data
First of all, the most important step in preventing lost or corrupt data due to a faulty hard drive is to back up your data. This may sound silly, but there are many people that simply do not have a good backup strategy in place to protect them from the inevitable hard drive failure.

You see hard drives are much like your car; they have moving parts that function nonstop as your computer works and processes data.

These moving parts eventually will wear out and when they do if you did not back up your data you will have to recover it. Backing up your data is the best solution; it will save you a huge headache when your hard drive fails.

If you have a backup, the recovery process is as simple as buying a new hard drive, reinstalling Windows and your applications, and then transferring backed up data over.

Backups can be in many different forms from CD’s, DVD’s, Flash Drives, External Hard Drives, Online backup, etc. Whatever your choice, it is good practice to not only back up your data, but make sure you can recover it from the backup as well.

Unfortunately, many times we see business owners backing up their data, but never taking the time to do a test restore. It’s only when disaster strikes that they find out the backups had errors.

In the event that you did not have a good backup solution or it was not working/tested properly there is the option to try and recover the “lost” data.

If Your Hard Drive Crashes
In order to have the highest success rate recovering your old data make sure to follow the following procedures:

Upon realizing you have lost data make sure that you immediately stop using your computer.

The reason you want to make sure that you stop using your computerimmediately is that when data is lost as long as it is still on the hard drive and has not been over written on the actual hard drive disks it can be recovered.

When you use your computer data is randomly placed on your hard drive disks so using your computer after data loss greatly increases the chances of losing the data you wanted to recover because it was overwritten from the computer being used.

Avoid System Utilities
Do not run any system tasks such as a Disk Cleanup or Disk Defragmenter.

Running Disk Cleanup or Disk Defragmenter both can cause you to permanently lose data that you need to be recovered.

These system processes move data around and in doing so could overwrite your lost data.

As long as you follow the steps listed above you can bring your computer to Tech Experts, and we can run various programs that allow us to recover lost files that have not been overwritten by other files.

This is the reason it is so important to stop using your computer as soon as you realize the data loss.

Data Recovery Firms
If in the case your hard drive is damaged mechanically there are companies you can send your hard drive away to and have them manually open the hard drive and recover that data in a “Clean Room.” Just a side note, never ever open a hard drive.

When these other data recovery companies open your hard drive they use a clean room that exceeds the cleanliness of a surgical room.

They do this because even the smallest amount of dust or dirt in the hard drive will ruin it in a very short period of time.

This is the reason it is so expensive to have data recovered in this fashion, usually in the $1700+ range depending on the company you use.

Long story short, always make sure to have a good backup.

Having a good backup can save you a lot of headaches in the future.

Feature article By Tech Experts Staff for Tech Experts

 

Why Internet Predators Love Social Network Sites

Internet predators have become a fixture of sorts on many social media sites which necessitates the need for users to exercise caution.

Since the advent of the Internet “instances” of cyber crime have evolved into regular and expected occurrences.

Now the growing popularity of social network sites has cyber criminals taking direct aim at them with their Internet scams.

What is it that makes the social networks such an attractive target for this type criminal behavior?

Here are 3 very “inviting” reasons:

Casual Atmosphere
Social network sites are meant for just what they imply and that is to socialize.

This type of atmosphere is casual and relaxed therefore people for the most part are NOT expecting devious behavior.

It is just this type atmosphere that cyber criminals depend upon and thrive in. Their ability to manipulate others is based upon a “blind” trust or having others believe in their own sense of security.

Ease of Use
Most social media sites by and large are set up to be easy to use and navigate. This allows even the less than ‘tech savvy’ to become involved, but they also bring along their own naive nature relative to Internet security issues.

This makes them even easier prey since they are unaware of or unfamiliar with many Internet scams.

This ease of use on the other hand has also made it just as convenient for the “sinister online element” to gain access to their unsuspecting prey.

There are no security systems to work around or advanced coding to decipher therefore the “door” is wide open for the criminal element to gain easy access.

Popularity
As we all know crime always seems to gravitate towards the largest population bases offline and this remains true online as well. The very popularity of social media sites has put them in the “cross hairs” of the devious minded predators that lurk on the Internet.

Safety in numbers is NOT something innocent site members can count on when interacting within online social communities.

Internet predators have settled in quite comfortably on many social media sites to the point that they have almost become accepted “fixtures” to users.

For the 3 reasons we have spoken of above cyber criminals are attracted to many of the online communities.

The structure of these sites offers the perfect opportunity for the criminal element to successfully implement their Internet scams.

For the users they must simply be aware that cyber crime does exist and will continue to do so calling for the need to exercise caution when socializing online.

 

Should You Trust Every App You Install On Your Phone?

Nope — some of them are plundering your personal information and beaming it to potential bad guys. (Do hackers ever sleep?)

Two researchers revealed that they’d researched one seemingly benign wallpaper app and found that it was sending phone numbers and subscriber information (like names and addresses) to a remote computer.

The app in question came from Jackey Wallpaper, and it was uploaded to the Android Market, where users can download it and use it to decorate their phones that run the Google Android operating system.

It includes branded wallpapers from My Little Pony to Star Wars.

Essentially, these apps collect your phone number, subscriber identification, and even your voicemail phone number as long as they are programmed automatically into your phone. It sends the data to a website, www.imnet.us. That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times.

“Apps that seem good, but are really stealing your personal information are a big risk at a time when mobile apps are exploding on smart phones,” said John Hering, chief executive, and Kevin MaHaffey, chief technology offi cer at Lookout, in their talk at the Black Hat security conference in Las Vegas. “Even good apps can be modifi ed to turn bad after a lot of people download it.”

 

When Should Your Company Consider Adding A Server?

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

If you are like most small businesses, you acquire desktop computers, phone systems, and software in a random, “buy-it-when-you-need-it” fashion as your business operations demand it.

But at some point, this patchwork of stopgap technology you’ve acquired needs to be examined, retooled, and perhaps replaced, depending on your company’s needs.

As your business grows, it makes sense to take a broader view of your technology investments. One of the first things you might consider is the role a server would play in your company.

Servers can take on a lot of tasks for a growing business, from securing data to enabling better sharing of company resources. But it’s sometimes difficult to know when, and if they’re a smart investment.

There are a few common scenarios in which a server can bring real benefits to a growing business – read on and see if any of these apply to you.

You need to share files, printers or other resources
It is technically possible to set up a simple network without a dedicated server, with just a few PCs connected together.

However, if you want to share databases, files, printers or other resources, a server makes it a lot easier.

In fact, servers are specifically designed for sharing, so you’ll get better control, faster access, easier management and improved security. And who wouldn’t want all that?

Your computers are overloaded and you need more storage
If you have a lot of files or multiple databases, it might be time to consider migrating some of these files to a server.

Whether you want to replace your old computers or just improve their performance, a server will give sluggish, data-laden PCs a welcome respite by freeing up memory and storage.

You want to have inhouse company email
While businesses with only a few employees can get by with using an external service for its email, there comes a time when these services aren’t ideal.

Adding a server allows you to bring your e-mail in-house, with the dual benefits of making users’ e-mail access faster and keeping sensitive business information within the company – not on another company’s servers. Plus, you can benefit from shared email productivity tools like Microsoft Outlook.

You want to conduct business remotely
If you have employees that work remotely, or if you’d like the option to work from home, a server will allow you and your employees to remotely access your company network, information and resources.

These are only a sampling of the signs that a server could be right for you. The bottom line is this: if you spend a lot of time moving data around, struggling to access things you need, and are worried about security, then it’s time to consider a server.