TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Security

Better Passwords: Keep Your Information Secure!

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

It could be your email, your pictures, or your company documents and files – whatever you have on your computer needs to protected from hackers, identity thieves, nosy employees and other cyber troublemakers.

Imagine if all of your private, personal and company information were available on the public Internet. And then, take a few minutes to follow the steps below and help make your systems more secure.

Use a different password for each important service
Make sure you have a different password for every important account you have. Hackers will steal your username and password from one site, and then use them to try to log into lots of other sites where you might have an account.

Even large, reputable sites sometimes have their password databases stolen. If you use the same password across many different sites, there’s a greater chance it might end up on a list of stolen passwords. And the more accounts you have that use that password, the more data you might lose if that password is stolen.

Giving an account its own, strong password helps protect you and your information in that account.

Make your password hard to guess
“password.” “123456.” “My name is Inigo Montoya. You killed my father. Prepare to die!” These examples are terrible passwords because everyone knows them – including potential attackers.

Making your passwords longer or more complicated makes them harder to guess for both bad guys and people who know you.

Complex and lengthy passwords can be a pain – the average password is shorter than eight characters, and many just contain letters. Analysis shows that only 54 percent of passwords include numbers, and only 3.7 percent have special characters like & or $.

One way to build a strong password is to think of a phrase or sentence that other people wouldn’t know and then use that to build your password.

For example, for your email you could think of a personal message like “I want to get better at responding to emails quickly and concisely” and then build your password from numbers, symbols, and the first letters of each word—“iw2gb@r2eq&c”.

Don’t use popular phrases or lyrics to build your password—research suggests that people gravitate to the same phrases, and you want your password to be something only you know.

Keep your password somewhere safe
Research shows that worrying about remembering too many passwords is the chief reason people reuse certain passwords across multiple services.

But don’t worry – if you’ve created so many passwords that it’s hard to remember them, it’s OK to make a list and write them down. Just make sure you keep your list in a safe place, where you won’t lose it and others won’t be able to find it.

If you’d prefer to manage your passwords digitally, a trusted password manager might be a good option. Many web browsers have free password managers built into them, and there are many independent options as well.

Windows XP Support Ending Soon

By Tech Experts Staff
Windows XP set the bar for business friendly operating systems and has been in use for over twelve years now. Microsoft is now pushing users to its new operating system, Windows 8. Many users and administrators alike feel that Windows 8 will not be a suitable business friendly operating system for its users.

Another issue with Windows 8 is that many software providers still do not support it so as a business where should you be looking? Windows 7 has been the most business/application friendly operating system since Windows XP so that would be the best replacement.

Since Microsoft is discontinuing support for Windows XP, what does that mean exactly and when is it going to happen?

Microsoft has set a date of April 8th 2014 as the end of support date for Windows XP. Oh, 2014 you have plenty of time to plan down the road right? Wrong, when Microsoft stops supporting the operating system it will become very vulnerable to attacks so you want to make sure this is completed before Microsoft ends support.

Hackers will develop malware to attack XP and Microsoft will no longer be working to patch the holes that cyber criminals are using to steal your personal information.

Since support is ending it means that doing online banking or other transactions on your personal computer running this operating system will become extremely dangerous. In relation to businesses, they risk exposing client data which can be very costly.
Businesses need to plan these operating system upgrades as it will take a decent amount of time/preparation to complete smoothly and successfully.

Planning means start now don’t wait till the last minute or you will not be able to get everything switched over in a smooth fashion. Since upgrading computers from Windows XP to Windows 7 is the best option to prevent major security risks what needs to be considered to accomplish this?

The first step in getting your company ready for operating system upgrades is making sure your software is compatible. Many organizations use software that is specific to their industry, the software companies that develop this software also needs to be preparing.

Companies should be checking with their software providers to ensure their software will work on Windows 7 and should get documentation on how to smoothly upgrade their computers software for the least downtime possible.

Not only does industry specific software need to be addressed but software you use every day also needs to be looked at. Most computers running Windows 7 are 64 bit operating systems, that being said not all software runs on a 64 bit operating system.

One application I can think of that is not compatible with Windows 7 (we have seen numerous issues) is older versions of Microsoft Office. Businesses need to not only keep their operating systems up to date but this software also should be. Office XP does not function properly on Windows 7 nor do any other old versions.
The other problem with keeping old software like this is the file formats have changed since they have been released. Your clients may start sending documents to you that your copy of Office might not be able to read. Office 2010 pairs well with Windows 7 and it supports all current file versions released by Microsoft.

One final consideration, many businesses and users alike want to know what it will cost to simply upgrade from Windows XP to Windows 7 however, there are two problems with this.

First, Windows XP to Windows 7 does not offer an in place upgrade, this means that all of your software, user files, etc. would be lost simply doing an “upgrade” to Windows 7. While user files can be backed up, software/applications cannot, they will have to be reinstalled.

Second, upgrading an old workstation may not be worthwhile. In most cases, older hardware was not designed to run Windows 7 and because of this tends to run slower and not perform as well as a computer that was designed for it.

We highly recommend upgrading the entire workstation to new hardware, especially in the case of businesses. It just doesn’t make sense to spend all the money on the time involved in upgrading the operating system if you can’t gain speed benefits and make your employees more productive.

Need a hand getting started with your businesses upgrade? Give us a call today at (734) 457-5000 and we can work with you on a plan to get your company switched over to Windows 7 so that your computers remain supported for years to come.

How To Know If You Have A Virus Infection

by Jeremy Miller, Technician
There is a lot of anti-virus software on the market today. They are created from many different software developers. All of them are a little different in how they protect your system.

There is no guarantee that your anti-virus software can protect you from any virus out there.

First let’s look at how anti-virus software works. Anti-virus software is usually installed on your computer, then it is scheduled to scan your computer regularly. A virus scan will scan each file on your computer for a “known” virus signature.

A virus signature is a piece of code that is known to your anti-virus software manufacturer as a virus. If your anti-virus detects a signature it will either remove it or ask you how to handle the file. You should remove any viruses that your anti-virus finds for you.

Most anti-viruses come with heuristic protection as well, which is when your anti-virus is able to detect suspicious activity on your computer.

Viruses are known to leak information, such as online banking information, or any other personal or confidential information.

They can lie dormant waiting for a specific user interaction before becoming active. They have the potential to cause unrepairable damage to computer operating systems.

There are many ways to get a virus on your computer with having an anti-virus software installed. The main reason is that virus developers have studied many different anti-virus software, and have been able to write viruses that cannot yet be detected by most anti-viruses.

The reason your anti-virus software cannot detect a newly written infection is because the anti-virus manufacturer has not yet seen the virus and does not have a signature in the database for it. This is the big reason why you should keep your anti-virus software up-to-date.

Another reason that your anti-virus software might not detect a virus would be because you trusted it.

Have you ever saw a pop-up on your screen asking for your permission to allow a program to run? If so then you may have allowed a virus to infect your system.

The last most common cause of infection is attempting to “Speed up your PC.” There is a lot of software out there that claims to speed up your PC for free. The problem is that good software is not free. Some free versions of software can actually slow your computer down, to promote the paid-version.

Also when downloading this software, there is usually a few links that look like download links.
If you click on the wrong one, you may install a virus. Also once you do get the right link, there are usually additional software included during the installation process.

You should always pay attention to every screen during the installation process to make sure you are only installing what you intended to install. There are a number of ways to detect if you may have a virus on your computer.

Your computer should behave regularly. This means your computer should not have any drastic changes day-to-day.

If you have lost access to something, or cannot connect to sites or services that you normally can you may have a virus. If you are browsing the Internet and your address bar does not go directly to the site you want, you may have a virus.

Also if your computer takes longer to startup than usual, this may be a sign of a virus.

If you have any of these symptoms on your computer or if you would like to proactively manage your computer’s security, you should contact us for assistance.

We recommend regular check-ups for your computer to prevent any malicious activity on your computer. You can contact us to work out a plan to combat malicious activity on your computer that will be simple and easy to understand.

 

Steps To Secure Your Social Media Strategy

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Keeping your internal network secure is one of the top jobs of IT consultants like Tech Experts. You don’t want confidential company or client data to show up on the web.

But what happens when you start marketing your company on social media sites? How do you keep your company secure?

In general, cyber criminals aren’t stupid. They troll sites like Facebook and Twitter, looking to take advantage of useful information employees naively post.

A policy that educates your employees on the “Do’s and dont’s” of social media posting can save your company an enourmous amount of aggravation.

Here are a few steps to include in a social media policy to ensure social media is conducted in a secure manner. It’s important to have a solid policy if you want to ensure that your network and data remain safe from potential social media threats.

Watch where you click
Almost all social media postings contain links to other content. This is the sweet spot hackers are targeting. They place innocuous links to virus and spyware programs, or even worse, hijacked accounts of your friends and business associates.

You should tell employees involved in your social media efforts not to click on any suspicious links. If they receive links from friends that seem uncharacteristic, it’s a good idea to not click on them.

Update privacy settings
Social media sites constantly update and change security settings on their networks, leading to unexpected exposure of information you might not want indexed on the web. It’s a good idea to ensure that all of your profile information is private, and that you regularly review your privacy settings.

Don’t share personal information
This might seem obvious to you, but there are still unsuspecting users out there who share too much of their personal information on social sites. Remember, social media is all about being social. Pretty much everything you share can be viewed by others. The last thing you want is an identity thief accessing your contact information and other personal data.

Log in using HTTPS
HTTPS is a web protocol that ensures the data sent between your computer and a web site is secure and encrypted. Many social sites like Facebook, Twitter, and Google Plus support HTTPS, and you should ensure that you use it.

To use HTTPS, you simply put an S at the end of the usual http address in the URL bar of your browser. I.e., https://facebook.com will open a more secure version of Facebook. By using HTTPS you can eliminate Man-in-the-Middle attacks and other similar types of phishing.

They key thing to remember: If you don’t know them, they aren’t your friend. You’ll be miles ahead if you treat social media interactions like you do real life interactions. You wouldn’t offer a stranger your cell phone number or home address until you knew them well. The same precautions apply to your social media accounts.

Easy Tips To Secure Windows 8 Devices

With cybercrime on the rise, even the brand-new Windows 8 can leave a person vulnerable – which means it is important to know how to protect your devices from the moment you get them.

The good news is that this is not difficult if you follow a few simple tips.

You should commit to security from the very beginning; password-protect your new device immediately, connect to a Wi-Fi network you know is secure and register your device.

A number of companies such as NortonLive PC Quick Start will enable you to get your brand-new device up and running, easily and safely.

It is also important to be careful when choosing apps. All apps are allowed a certain level of access to private information, but some may use this in a malicious manner.

Make sure you read the user agreement to prevent giving the manufacturer rights you aren’t comfortable with, such as letting it into your social network and accessing a friend list. All your apps, email, bank accounts and social networks should be protected with complex passwords that you do not share with anyone.

Increase Network Security And Productivity

By Tech Experts Staff
As a managed services provider, we regularly consult with companies about issues they would like addressed. We find that many times, a simple solution can correct their issues in one fell swoop.

What are some of the biggest concerns businesses have? The top three we hear most often are security, productivity, and network speed.

These three main issues encompass many other common issues businesses have to deal with on a daily basis and are easily resolved.

In these days with high profile businesses such as Sony, GoDaddy, Verisign, etc. being hacked this past year it’s easy to see why security is of utmost importance.

Many businesses store confidential data such as credit card numbers, social security numbers, or other personal information on their servers, and because of this, must protect that information at all costs.

So, what’s the solution to this? Having good security policies in place is a start, but a giant leap in the right direction is having a business class firewall in place.

We offer Fortinet firewalls which, when properly implemented, can stop unauthorized network access in its tracks.

Fortinet firewalls offer many different security features to keep your network safe.

Network protection features include an Intrusion Prevention System (IPS), built-in antivirus solutions, and Data Loss Prevention (DLP) services. Fortinet firewalls protect your company’s, and more importantly, your client’s, private information.

Fortinet firewalls also offer the possibility of huge boosts in productivity.

In a recent study conducted by Salary.com it was found that employees waste on average 1.86 hours of work per day. That’s almost 25% of the work day!

So if this rings true to your company, you’re paying each employee for three months of work each year that they are not even doing!

What are your employees doing that is wasting so much time? Studies show that 52% of the two hours per day that employees waste were spent on non-work related websites like Facebook and Twitter.

While many companies don’t think this goes on in their business, the moment we put in one of our Fortinet firewalls, we almost always find someone on websites they were not supposed to be on during the work day.

Keeping these figures in mind, the costs associated with not having measures in place to stop these kinds of activities far out weighs the actual costs of having one of these units installed.

Once the unit is installed, we can implement web content filtering so employees cannot access time wasting websites.

Users that need access to these types of websites, like the owner of the company for instance, can have credentials to be able to override any filtering in place.

The final item that businesses strive for is a faster network. While this can be dependent entirely on the Internet connection speed your business has, it is entirely possible to have a high speed connection and still feel like your Internet is terribly slow.

So, this again goes back to web filtering. Users should not be able to download from unauthorized sites or do any activities on the network that take a large amount of bandwidth.

Also, if you have a couple of separate Internet connections, it is possible on some of our higher end Fortinet firewalls to have load balancing in place to help better distribute the load of connections out to the Internet if need be.

Whether you’re in a small business with a handful of employees or in a medium to large size company with potentially hundreds of employees, we have a firewall solution for your business.

Fortinet firewalls allow you to better manage your company and increase security, productivity, and network speed significantly.

 

Windows 8 Offers Users Enhanced Security Features

by Jeremy Miller, Technician
Windows has been known as a trustworthy computing platform, a lot of which is due to the ability to secure your operating system without infringing upon availability.

Microsoft has once again improved security across all versions of Windows 8. Just as in earlier releases, this version of Windows improves user and network security.

All versions of Windows will have many new security features such as:

UEFI Secure Boot support which is a large hardware step toward mitigating malware, specifically rootkits and bootkits. Rootkits and bootkits are low-level malware that run as your operating system starts up.

Organizations that deploy Windows 8 will want this feature enabled and prevent users from disabling this feature.

Smart Screen Filter which has already made its debut in Internet Explorer. Microsoft has decided to implement it into the operating system itself.

Smart Screen Filtering has been proven to be the best at blocking socially-engineered malware, which are phishing and pharming attacks such as bad links or redirects to bad or look-a-like sites.

This can aide in the prevention of drive-by downloads as well, which is where you unknowingly download malware by visiting websites.

Integrated anti-malware and Windows Defender is included in all Windows 8 versions. Windows defender will incorporate anti-virus from Microsoft Security Essentials with improved performance and a smaller footprint.

This can all be implemented alongside your current anti-virus provider’s anti-virus and should be implemented as soon as you obtain your computer, this way you are starting from a known-good environment.

Picture Passwords have been added to all versions of Windows 8 as well. Picture Password is a touch-based secure login. You select a picture and then create a gesture-sequence on top of the picture. These can simplify the login process while making it more difficult to hack.

Windows Reader is something completely new to Windows 8. Windows will now be able to read PDF documents without having to install 3rd party software. This can mitigate the popular PDF vulnerabilities. The more software you have installed the more vulnerable you become.

Address Space Layout Randomization was introduced in Windows Vista and has been improved upon since. This can aide in the prevention of the “buffer overflow” attacks that are gaining popularity. They have added integrity checks, and an Enhanced protected mode “Sandbox”

Windows 8 Professional has additional security features to the one listed below such as: Bitlocker and Bitlocker Togo, which are not new but have been improved upon. The same goes for Group Policy Objects.

Windows 8 Enterprise has additional security features such as: Applocker which was introduced in Windows 7 and gives the user the ability to white-list or blacklist applications.

Direct access is an alternative to VPN’s, and finally “Windows to Go”, which allows people to image your computers with a Windows 8 corporate image.

It can be put on a USB and loaded onto any 64-bit PC and can include all of the management features.

If you need assistance or help with any of the new features of Windows 8 please contact us for assistance.

We can even setup your new computers for first-time use and transfer any data from your old computer to your new Windows 8 computer.

Secure Online Accounts Without Sacrificing Ease Of Use

by Jeremy Miller, Technician
The Internet allows us to do so much, such as: buy things, research information, and share just about anything. There is and will always be someone out there that is going to take advantage of Internet users in one way or another.

Keeping that in mind, most places on the Internet use password authentication, this is both good and bad. It is good because you are required to enter credentials that you originally provided to enter a protected area of a website.

This may keep your data safe from most people with malicious intent. However, most people are not perfect at remembering passwords, especially complex passwords, so most people end up using the same password for many websites. This is a bad choice.

If a hacker obtains your password, they may be able to access any site on which you use that password or a similar password. The best Internet practices are to use a different complex password for each website.

Complex passwords are passwords that contain upper and lower case letters, numbers, special characters, and they must not resemble any dictionary word.

An example of a bad password is: love, password, P@ssw0rd. A good example of a complex password would be: ”n$)M1@x{1_5” 65”.

Password cracking has come a long way from brute-force dictionary based attacks, which allow a hacker to guess your password using a computer and wordlists. The use of complex passwords has become a necessity for anyone wanting to keep their information secure.

The best way to solve this conundrum is to implement a password manager. I have tried many password managers and have found the best results to be with LassPass password manager.

It is a feature rich password manager that is very secure. LassPass does not store or even know what your password is.

You can add LassPass as a browser extension or an app on your computers or mobile devices. You will only have to remember your password to LassPass to access any password protected websites.

Once LassPass is installed you simply visit a website that requires a login, such as your webmail or Facebook. Once you enter your username and password LassPass will ask if you would like to remember it.

If you choose yes it will auto fill out the information required to automatically login to the website the next time you visit it.

LassPass can also store secure encrypted notes that work great for bank logins. Most banks have a multi-stage login which is where you enter your username and password on different pages.

You can store your usernames, passwords, account numbers, and card numbers in secure notes for ease of access. All of your passwords can be accessed from any platform and any device.

LassPass also provides users with many tools that make using the LassPass password manager better such as: password generators, automatic form filling with the ability to have multiple identities, easily backup the data to local storage, on-screen keyboard to prevent key loggers, ability to share information via email, and most importantly two-factor authentication.

A two–factor authentication device allows you to use a password and a device such as a USB flash drive, YubiKey©, or Google Authenticator App to authenticate.

This improves your security because you have to have the second credential. Since that is in your possession, a cyber criminal would have to actually steal your device to hack your passwords.

Once you start to use LassPass as a password manager you will not want to return to remembering passwords or creating weak password that are easy to remember.

Give us a call to talk about improved security for your online accounts. We can help you setup the password manager and teach you how to use it. This is another way to make sure that your identity does not get compromised.

Timely Tips For Social Networking Safety

Social networking websites like MySpace, Facebook, Twitter, and Windows Live Spaces are services people can use to connect with others to share information like photos, videos, and personal messages.

As the popularity of these social sites grows, so do the risks of using them. Hackers, spammers, virus writers, identity thieves, and other criminals follow the traffic.

Read these tips to help protect yourself when you use social networks.

Be wary of links
Use caution when you click links that you receive in messages from your friends on your social website. Treat links in messages on these sites as you would links in email messages.

Post judiciously
Know what you’ve posted about yourself. A common way that hackers break into financial or other accounts is by clicking the “Forgot your password?” link on the account login page.

To break into your account, they search for the answers to your security questions, such as your birthday, home town, high school class, or mother’s middle name. If the site allows, make up your own password questions, and don’t draw them from material anyone could find with a quick search.

Watch out for a friend’s hacked email
Don’t trust that a message is really from who it says it’s from. Hackers can break into accounts and send messages that look like they’re from your friends, but aren’t. If you suspect that a message is fraudulent, use an alternate method to contact your friend to find out. This includes invitations to join new social networks. For more information, see Scammers exploit Facebook friendships.

Protect your address book
To avoid giving away email addresses of your friends, do not allow social networking services to scan your email address book.

When you join a new social network, you might receive an offer to enter your email address and password to find out if your contacts are on the network. The site might use this information to send email messages to everyone in your contact list or even everyone you’ve ever sent an email message to with that email address.

Don’t friend everyone
Be selective about who you accept as a friend on a social network. Identity thieves might create fake profiles in order to get information from you.

Choose your social network carefully. Evaluate the site that you plan to use and make sure you understand the privacy policy. Find out if the site monitors content that people post. You will be providing personal information to this website, so use the same criteria that you would to select a site where you enter your credit card.

Posting is permanent
Assume that everything you put on a social networking site is permanent. Even if you can delete your account, anyone on the Internet can easily print photos or text or save images and videos to a computer. And don’t forget, Google caches!

Avoid apps and games
Be careful about installing extras on your site. Many social networking sites allow you to download third-party applications that let you do more with your personal page. Criminals sometimes use these applications to steal your personal information.

To download and use third-party applications safely, take the same safety precautions that you take with any other program or file you download from the web.

The Best Ways To Protect Yourself From Malware

By Tech Experts Staff
Users who bring their computers in to repair malware infections invariably ask the same question: “Why didn’t my antivirus stop me from getting viruses?”

So, you’re probably wondering, “If having antivirus software on my computer won’t protect me from viruses, what will?”

The fact of the matter is that while computer users are told they have to have antivirus on their PCs or risk getting infection, a machine can still get a virus despite antivirus software being installed.

Antivirus not foolproof
Antivirus software is designed to help prevent your system from becoming infected, but it isn’t foolproof. Antivirus software is constantly updated, but can be out of date for hours or even a day or two when a new infection is discovered.

Virus definitions are used to detect viruses and prevent them from gaining access to your computer. Automatic updates in antivirus software like Vipre download the updated definitions to protect your computer.

It’s the time period between when a new virus or malware is released, and the software companies can update the definitions, that your system is vulnerable.

How to protect from malware
Although no antivirus software, even the most expensive versions, offers guaranteed virus protection, antivirus software is a must have. We’ve seen a number of infections where clients have said that they were on legitimate sites at the time the infection hit their computer.

Even legitimate websites have the chance of malware being coded into them by hackers, causing that website to send the malware onto your computer.

So, the absolute best thing you can do is to have antivirus software installed.

The next best step is to be cautious about what you are looking for on the Internet. Many times, users looking for “free” items on the Internet don’t suspect that they might as well be searching for free viruses.

Hackers are crafty – targeting people looking for free downloads is an easy way to spread an infection.

Some of the most common risky items to search for are “screensavers,” “free games,” “work from home,” and “taxes.”

With the search terms shown here, it’s easy to see how computer users could easily be tricked into downloading a file or application that was laced with a virus.

Cautious browsing
The second step to preventing infections on your computer is a combination of common sense and caution.

While it may not be common knowledge as to what is and is not safe to click on while on the Internet, really what it comes down to is using common sense. There’s no such thing as a free lunch, even on the Internet – if it seems to good to be true, it probably is. It’s very important while browsing the Internet that you do not click on anything that just catches your eye. Many times, people have a tendency to click on ads, and because of this, ads have a high risk of containing malware. Don’t click on ads!

The second part, be cautious refers to everything you are doing that involves the connection to the Internet.

If you are using email, make sure you were expecting an email from the person sending it. Opening forwarded emails is a bad habit.Many viruses attach themselves to email accounts and send a lot of spam and forwarded messages which unsuspecting users click on and mistakenly download a virus onto their machine.

So to sum everything up, you should always have antivirus software installed on your computer and keep it up to date.

Even if you think you are a computer pro, keyloggers and many other items can get into your computer and run in the background undetected sending away your private information.

Always use common sense and extreme caution as to what you click on. Nothing is free and you don’t ever know for sure who or what is on the other end of that email you just happened to get in your inbox.

If you think you may have a virus or malware on your computer, or just want it checked for safety’s sake, give us a call or bring your computer in and we can check it out.

It is all too common to see viruses on machines but not actually see anything different on the computer other than it “running a little slow.”