Passwords and Passing Information

We’ve had numerous articles over the years about strong passwords, thinking before you click and responding to requests for sensitive information. A recent seminar and a personal experience brought it all together. You still need to be mindful of several principles that can keep your systems – and your sensitive data – more secure.

At the seminar, conducted by a cyber expert from the State of New Jersey, the presenter said he “cringes” at the “stuff” he sees on walls when he walks into many offices. People have Wi-Fi passwords on sticky notes on the walls near their computers. Passwords are taped to monitors, or people use very simple, easy-to-crack passwords.

Yes, those notes are a convenience for busy, overworked people, and state employees are not exceptions. We’ve seen a lot the same things when we service our business clients – and you have to ask the question: Who else is seeing this information?

The answer is that countless people who you can’t recall have probably seen the information. Anyone who visits your offices can see passwords hanging on the walls of cubicles or taped to monitors. If you have a lot of traffic in your office, the chances are greater that your networks and data have been compromised. If salespeople, contractors and others need Wi-Fi access to work in your office, have you given them the network password instead of a guest network password? Even if you don’t have a lot of visitors, do you have a cleaning service? Any member of the cleaning crew could see that information and access your network and files.

The solution is simple: Don’t allow anyone in your office to leave passwords out in the open. If they must be written down so you and everyone in the office can access the correct information when they need it, then keep that information in a locked desk drawer.

You can take additional steps, such as changing your network password frequently, requiring your employees to change passwords frequently and establishing rules about the number of characters and types of characters that must be in a password. If outsiders need access to your network, set up a guest password – and change that even more frequently.

Remember, your security is only as good as the worst security of anyone who has access to your network.

Outside the office, make sure that you and everyone in your company have secure passwords for computers and mobile devices – especially if you have sensitive data, including passwords, on them. We can help you install and teach you how to use security systems that can lock computers and devices if they are lost or stolen.

Because we go in so many public places and can tend to leave computers and devices on a table, for example, it makes more sense to make more use of the cloud for storing sensitive data. Yes, we can lock devices and encrypt data, but unless you have a backup program, the data can be lost. We recommend both having a backup program and using one of the major storage providers such as Google, Dropbox, iCloud or Office 365. They all have security protocols to protect access – unless, of course, you have left your passwords on your computer or device or have used a simple, easy-to-crack password. They also have redundant systems to make sure your data are accessible anytime from anywhere.

While we are on the subject of security, this is a good time to remind everyone to think before you click. We recently installed a new PC for a client, and within a month, the client saw a pop-up message about a problem with the computer and a “solution” to fix it for $499. And instead of a credit card, the “solution” provider wanted the money transferred directly from a bank account. Fortunately, the client realized the error and was able to call the bank and freeze the account before the money was taken out – and before more was sucked out by the scam artist.

We were guilty of not thinking right away, too. One of our business partners sends us a check once or twice a year, and they wanted to switch to an ACH system. They sent us an email asking us to respond with our bank’s routing number and our account number.

I started to reply – without thinking it through – and then realized before I sent anything that this was an unusual request for sensitive information. I stopped and phoned the company. Yes, it was a legitimate request from our partner, but we can all learn two important security lessons from this:

  1. Don’t just respond to an emailed request for information – no matter how legitimate it looks. There are too many ways to spoof an email address or a phone number. Find the phone number of that person and that company independently, such as opening your browser and entering the website address (url) that you know or find through an online search.
  2. Never send sensitive information, such as passwords and bank accounts, by email. A phone call to the person you have identified as a legitimate employee who is designated to take your info is safe. So is using a secured page on a legitimate website.

Security is critical. If you have any questions about security measures for your system, email us or call us – 973-433-6676, and we will respond in a timely manner.

Windows 7 Pain Management

Windows 7 is still a viable operating system for many businesses, but as more users and software application publishers migrate to Windows 10, using the older system can be very painful. Managing that pain isn’t easy, especially when you have a large, highly customized application package that simply can’t be upgraded to work with Windows 10.

The problem comes when you need to reinstall your Windows 7 operating system. There is just no easy way for this OS, which is 11 years old. In technology terms, that’s more than just a ripe old age. In real-time terms, that old age creates a lot of problems.

The re-installation problem requires you to follow these steps:

  1. Install Windows 7 using your valid installation disk. That’s pretty easy, but don’t get overconfident.
  2. The installation process will ask – really, require – you to download and install Service Pack 1. It’s the only service pack that Windows ever issued for Windows 7. Nor has Microsoft ever released a “roll-up,” which would be a compilation of all updates since Service Pack 1.
  3. So, after you have downloaded and installed Service Pack 1, you’ll need to run Windows Update to get all the critical security upgrades and patches.

Windows Update has more than 200 important updates. You need to start the sequence, and then, you need to pay attention. There are numerous points along the way where you need to reboot your computer to complete the installation of an update. Then, you need to continue Windows Update.

We have reinstalled Windows 7, and it has taken us two to three hours with a fast Internet connection. If you have a slow connection, it can be like riding a bicycle on the New Jersey Turnpike.

If a re-installation is something you must do, we can walk you through the steps. However, you must be asking why all of your application software can’t just run on Windows 10?

For highly customized software, such as a Sage accounting program that one of our clients uses, there is a compatibility issue as well as a financial consideration. Windows 10 has a number of security features that will not work with a Windows 7-based application program. They are not issues you can solve simply by not using all the features. The application software must be compatible with the OS. The financial consideration is that an upgrade to the accounting package would be $15,000. The cost of the time to reinstall Windows 7 is nowhere near that, and that’s probably the pain-management equivalent of taking aspirin until the pain goes away.

If you are fortunate to have some planning time, you can manage the pain more effectively by talking with the app publisher about updates. Those are always difficult for the app publisher because customized programs take a lot more of their time. They need to write the upgrades into their basic package and then to several steps farther to add your customization. Customized software packages have a lot of moving parts.

Some other factors to consider as you migrate is how much you need to keep everyone together. If you have a senior executive moving to Windows 10 ahead of most of the people in the department, how will that affect everyone’s ability to use the same applications. Windows 10 and Windows 7 versions may be quite different.

In addition to the application aspects of the software, will there be major security gaps between the older and newer versions? As we are harping, security is extremely critical in today’s business-computing world. When you leave certain doors open to get the work done, you may leave an opening for an outsider to come in and compromise your system’s integrity.

If you see your business coming to a crossroads, contact us as early as possible by email or telephone – 973-433-6676. The more time we have to look at your options, the better your probability of having the best possible outcome in managing the pain of transitioning your OS and application software to a more stable, efficient and secure system.

Disappearing Hard Drives?

Will your hard drive go the way of the floppy disk? Fifteen years ago, I never would have given it a thought. Now, I think it’s coming.

Mechanical hard drives have inherent problems. One is that they can wear and crash, and unless you have a good backup system in place, you can lose a lot of important data. Another is that they are slow – some slower than others by design and some slower because they fill up and don’t give your software space to search for the files you need.

The next alternative is the SSD (solid state drive), which is much faster but also much more expensive. While it always comes down to a cost-benefit analysis, the speed differential can be substantial. On startup, a computer with an SSD can be ready to work in 30 to 40 seconds. It can take three to four minutes for a computer with a hard drive to boot up.

The difference won’t seem that great until you experience it for yourself – or see somebody else’s system boot up faster. We love faster computers, and the more data we need to crunch, the more we crave that speed and performance. We have a number of clients who have made the switch and have found it worth the expense to increase their productivity.

If you’re not ready to commit to SSD technology, you could speed up your current technology by moving your data storage to the cloud. With fewer files taking up less space, your computer will have room to look through your hard drive to find the files you need. It will make it faster to save files, too. You could gain a significant time advantage by only keeping “working” files on your hard drive and then putting everything back onto your cloud’s server when you’re finished.

With technology changing so quickly, you may also want to think about changing your hardware more frequently to make more productive systems work more cost-effectively. Businesses depend on productivity increases to reduce costs and add profitability. We can help you look at the future and see what pathways will get you to your goals. Call us – 973-433-6676 – or email us to talk about your evolving needs as the tech revolution continues.