Virus and Malware Protection Requires Vigilance

The numbers are grim when it comes to the ability of antivirus and malware software to protect your computer from an invasion. Keeping a close eye on your computer is a huge help.

Let’s start with the bad news. I was astonished to learn that the four major antivirus engines used to combat viruses combine can only detect 40% of the viruses floating around. If you want to take some consolation, it’s a higher success rate than this past year’s flu vaccine, but it’s not comforting. It’s the same with antimalware protection. Quite simply, the antivirus and antimalware software developers can’t keep up with the volume of viruses and malware that’s produced every day.

If you know or believe your computer is infected by a virus or malware, disconnect it from your network or the Internet or shut down the computer and call us – 973-433-6676. IT professionals know which tools to use and where to use them to find and remove them. The tools are Microsoft tools, and they are free, but, again, it’s a matter knowing how to use them and being able to verify that a computer is totally disinfected.

If you have an infected server and no back-up in place, we’ll try to clean the server. With a computer, it’s easier to isolate the infection and – if needed – rebuild it, which means wipe it clean and reinstall the operating system, application software and data files. If you are using cloud-based applications and data files, the chances of an infection are greatly reduced because the hosting companies constantly update the software.

While the numbers may seem to be stacked against you, you can take steps to protect yourself. First, install, update and use your antivirus and antimalware software. Those programs will pick off the more numerous “easy-to-detect” viruses and malware.

Second, be very careful about the websites you visit and the networks you allow to connect to your computer. Only go to trusted sites and only connect with trusted networks. Of course, there’s a caveat here. Sometimes, your antivirus software may flag a network or computer trying to connect, and it may be a false positive. If it looks like something that’s OK, it’s most likely a network driver update.

Contact us – 973-433-6676 or email – if you have any questions about anything having to do with viruses or malware on your computer or server. It’s a dangerous world out there, but it’s more than survivable with good judgment and common sense.

Protect Your Networks as IoT Grows

What can’t we do over the Internet? Pretty soon, the answer will be: Practically nothing. We may not live like the Jetsons, but in the expanding age of IoT (the Internet of Things), we can do all sorts of things, from turning lights on and off to connecting with life-saving healthcare information and equipment systems. While the future is bright, you need your “shades” in form of network protection.

Here’s why it’s critical: Every device and every app that you use over the Internet exposes you to hackers who can get into your network and computer system and those of other people and businesses. Your network router or gateway is your first line of defense. There’s nothing magic about what you need to do to protect it.

The first thing is to turn on your router’s or gateway’s firewall. It sounds so basic, but we’re always amazed at the number of people who simply neglect it. You’ll need a password for it, and our advice is to make it long and to include at least of the four following characteristics: a lower case letter, an upper case letter, a numeral and a special character. If your computer has a firewall, turn it on, too, and make sure you have anti-virus and malware protection installed, updated and activated.

But network security is more vital than ever because the devices you use for a smart home, for example, may not have built-in security or a strong security system. Every time you turn lights on and off, lock and unlock a door or change your thermostat over the Internet, you can be vulnerable to a hack. If you are on a secure network, and if your network in your smart home is secure, you’ll be much better able to protect your system (and all of the data).

Network security can be even more critical for businesses. Some types of businesses depend on remote access to sensitive files than others, and those files could contain information on your business or your customers’ businesses that a hacker can use to monetize in any number of ways.

If you are buying and activating more smart systems as you expand your Internet of Things, we urge you to talk to us. We can help you understand the security risks you need to manage and help you select the security systems that can best manage those risks. No system is foolproof or perfect, but making yours as strong as possible will minimize your risk of getting hacked. Call us – 973-433-6676 – or email us to strengthen your existing security system or find a new one.

 

Caution is Key to Online Safety

Take a deep breath and Look Before You Click during the holiday season. More scammers, hackers and schemes abound at this time of the year, looking for holes to breach and get critical personal data. Here’s a review of our tried-and-true safety measures.

Watch your email. It’s one of the easiest pathways into your computer and all of your valuable personal data. At this time of the year, scammers and hackers take advantage of harried shoppers, who are likely balancing work and shopping and not paying full attention to all of their email.

Here are some identities a cyber-invader may assume to get inside your computer:

  • Bank or Credit Card Company
    • Do you have an account with that bank or credit card company?
    • Is it really one of their actual email addresses or domains?
    • Does your bank or credit card company normally contact you about this?

Your Best Course of Action: Close the email and go the bank’s or credit card company’s website to see if there are any alerts that match the email. If you’re still not sure it’s a fake message, get the phone number from the website and call. You can also look at a bank statement or credit card to get a customer-service phone number. Don’t click on any link in a questionable email.

  • Retailer or Shipper
    • Did you actually do business with that retailer?
    • Did you agree to use that shipper when you bought something online?
    • Are you being asked to click on a link?

Your Best Course of Action: Close the email. If you printed a hard copy of your order confirmation, you should be able to see the name of the carrier and a projected shipping date and delivery date and verify the information in the email. For protection, go to the retailer’s website and log in if you have an account. That should provide you with updated information on your order’s status. If the retailer has provided you with a shipper and a tracking number, go to the shipper’s website and enter the tracking number there. If you’re still not sure, call customer service.

  • Charitable Solicitations

Your Best Course of Action: Close the email. If it’s a charity you want to support, find its official website and give a donation there.

  • Email from a Friend in Need

Your Best Course of Action: Close the email. If you really think it’s legit, call your friend or send a new email with a different subject line. If that person is a close enough friend to send money, you should have full contact info – or know a way to get it.

When conducting business online, make sure you give your information over a secure website page. There are a couple of ways to check:

  • The website address begins with https
  • You’ll see a padlock icon in the address bar

Some other precautions to take include:

  • Buy from a large, reputable online or brick-and-mortar merchant. Generally speaking, retailers who work through Amazon or EBay have been vetted and have contact info posted online. If you’re not sure, buy from someone else.
  • Don’t send sensitive personal information by email. It’s too easy for someone to intercept it.
  • If somebody calls you about an account or purchase or charitable donation, you can ask to call that person back – and then go to a website to get a phone number you believe is trustworthy.
  • Make sure your antivirus, spyware, malware and firewall programs are up to date and running.

Above all, Look Before You Click. Make sure you understand exactly where a click will take you and what will be put on your computer. As Michael Conrad’s Sgt. Phil Esterhaus warned TV’s Hill Street Precinct police officers: “Let’s be careful out there.” And if you run into trouble, make your emergency call to us – 973-433-6676 – or send us an email.

Armor for Your Mobile Wallet

The battle between Apple Pay and Current C is about to intensify as more shoppers start to use the mobile wallet functions in their smartphones and devices. We believe Apple Pay has better security, giving you more armor for your iPhone’s commercial capabilities.

The heavy-duty armor, as far as we are concerned, is the two-factor authentication that’s part of the Apple Pay system. The system keeps your credit card information separate from the transaction, and you need a fingerprint to complete the transaction. So, if somebody steals your iPhone, they’ll also need to cut off the finger with the print you’ve registered as your “signature.”

The banks and financial companies who back various credit cards have bought into Apple Pay, too, and it would likely behoove many merchants to go along with the idea. Banks and credit card companies are moving to the EMV (EuroPay, MasterCard, Visa) system that replaces the magnetic stripe with a chip, and they are shedding their responsibility for covering fraudulent charges. That responsibility will shift to the merchants.

The security benefits are enhanced by Apple Pay’s ease of use with Near Field Communication (NFC). A post on Tech Radar gives you a simple explanation, but we’ll simplify it a little more for those who don’t want to click through.

It’s a short-range, low power wireless link that essentially uses radio-frequency identification (RFID) technology (think EZ Pass) to transfer small amounts of data between two devices just a few inches apart. It doesn’t need any pairing code as with Bluetooth, and it’s so low-power, it doesn’t need a battery in the device being read. Tapping your phone on a contactless payment terminal in a shop, train station or coffee shop identifies your account and takes payment through the app on your phone.

Your phone’s SIM card is a smart card that identified your phone to a network, and phones besides iPhones have NFC capability.

We have some issues with one of Apple Pay’s major competitors, Current C. I don’t think it’s as easy to use, but more important, the system collects a lot of personal information, and it has been hacked. Current C, as we understand it, is linked to a consumer’s checking account, and we don’t use debit cards because of the risk associated with debit card security issues.

We also don’t like the customer-data collection aspects of Current C. It functions like a loyalty program, and we should all have the choice of deciding if we want to be part of any merchant’s loyalty program.

Finally, Current C is more cumbersome to use. You need to log in and pull up a QR code that the store reads. With Apple Pay, you just hold your phone close enough to the reader for it to read your fingerprint.

We think the finger is just scratching the surface. Because fingerprints are unique – even with identical twins – mobile wallets using the Apple Pay principles can spread to boarding passes, door locks or anything else requiring accurate identification.

What are your thoughts? Leave a comment and start a conversation. And if you have any questions about setting up an Apple Pay account on your iPhone, we’d be happy to help. A phone call – 973-433-6676 – or an email will get it started.

 

Shedding Light on the Flashlight App

A cable-based news network reported that flashlight apps on Android-based phones can steal data. It created a stir in the general and technical news media. Yes, somebody could write an app that can track some of your activity (and sell it to marketers) or could launch a virus. But there’s a bigger-picture lesson to be learned: Use common sense.

Let’s start with a few of “givens.”

First, there’s always someone out there trying to get your data and resell it – whether it’s your sensitive personal information or just some data to help a marketer target you. Ultimately, you have the responsibility to protect your data – though we can help you put systems in place.

Second, you have control over what gets installed on your device. You need to take time and care when you download and install apps to make sure they are safe and secure.

Third, if you have an iPhone or an iPad with a camera, you have no reason to download a third-party app for your flashlight. It’s been there since the release of iOS 7.

With that being said, what’s going on with the flashlight apps? You can dig into some of this yourself, starting with a report from Fast Company about the app Brightest Flash sharing location and device ID information. (Please note, most of you allow this information to be used with many other apps, such as those that provide directions while you drive somewhere.) The app’s developer was automatically sharing location and device information with advertisers and other third parties–even when users opted out. In fact, before they could accept or refuse the app’s terms, it was already collecting and sending information.

That got scaled up in a special report on a cable news channel, in which viewers were told this could be bigger than Ebola. What further rankles me is that the report on the How-To Geek website made specific references to the iPhone flashlight app, which is built into your device. It made a mountain out of a molehill.

However, the report noted: “The fact is that Android app permissions are a mess and you have very little control over what apps can do once you’ve agreed to install the application other than just trusting Google. Your best bet is to avoid installing apps that have permissions that look suspect, or only install apps from really reputable companies.”

All of this brings us back to why I like the iPhone and Apple apps. Apple may come across as control freaks, but the company vets all of its apps and app developers to give you better protection. Some device users find that restrictive; I find it comforting.

To be sure, hackers and virus writers are looking to invade Apple computers and devices, and it’s only a matter of time until they succeed often enough to create problems. For now, our advice is – as always – to look before you click and decline if you’re not sure. Also, as always, never hesitate to call us – 973-433-6676 – or email us if you have any questions about any apps you’d like to download.

Diversify Your Data Backup

Two new clients came to us after experiencing data backup failures. While no single backup solution is guaranteed to work all the time, the odds are highly against every backup system failing at the same time. The best solution, in a word, is “diversification.” If you choose carefully, you can get the right backup systems for what you need to store and save yourself some money, too.

You have many options to backup and restore pictures, videos and other types of data files, but let’s look at three broad categories: the cloud, external drives and media such as DVDs and thumb drives. If you are highly concerned about the safety and recovery of your data, you can pick a system in each category and feel confident you can always get your data. If all systems fail, chances are your data will be a minor worry.

The cloud, otherwise known as a system of large, remote and redundant servers and storage facilities, is the foundation of most data backup and recovery systems. We now work with multiple cloud-based storage and recovery providers, giving you the ability to implement a system that meets your volume, data-sensitivity and pricing parameters. Despite the iCloud invasions, cloud-based systems remain safe places for your data, and for a relatively low cost, you can rest assured you can protect your data and get files whenever and wherever you need them.

External hard drives come in a variety of sizes and speeds. Home and SOHO users can buy them in sizes from 500 GB to 3 TB and connect them through USB 2.0 and 3.0 ports for up to a few hundred dollars. You can cross the $1,000 mark and get 12-to-20 TB units, but for most of you, that’s probably overkill. If you really want to protect your data, you should consider having multiple external hard drives to cover a unit failure, and you could keep external drives at another location and swap them on a regular basis. It all depends on what’s right for you.

External hard drives are essential add-ons for data-intensive applications. A client with a video editing business found this out soon after buying a new computer and running out of space shortly thereafter. In this case, the external drive provides easily accessible storage for files of work in progress, and it gives the computer’s hard drive room to do all the manipulation required for video editng.

Mac users have access to Time Machine, the built-in backup feature of OS X that works with your Mac and an external drive (sold separately) or AirPort Time Capsule. Time Machine automatically backs up your entire Mac and remembers how your system looked on any given day. It keeps hourly backups for the past 24 hours, daily backups for the past month, and weekly backups until your backup drive is full.

Saving files to DVDs and thumb drives is inexpensive and relatively quick and easy to do. You can easily make multiple copies, and you can easily store them in multiple locations. We generally advise relying on them as a supplemental backup for important files.

Selecting your backup system or combination of systems is like buying insurance. The more you value your data, the more you’ll want to increase and diversify your backup capacity. And just as there is an insurance program that meets your economics and tolerance for risk, there’s a backup system that will work for you. Talk to us about your needs, and we’ll find the solution that best matches them. Call – 973-433-6676 – or email to start the process.

Security and Convenience

Major retailers have been vulnerable to security breaches because we want convenience. New credit card systems that rely on chips instead of magnetic strips will help solve the security issue and so will Apple’s new ApplePay, which uses NFC (Near Field Communications) technology.

There won’t be any need to open an app or even wake your display because of the combination of NFC and the antenna in iPhone 6. To pay, just hold your iPhone near the contactless reader with your finger on Touch ID. You don’t even have to look at the screen to know your payment information was successfully sent. A subtle vibration and beep lets you know.

Instead of using your actual credit and debit card numbers the system assigns a unique Device Account Number that is encrypted and securely stored in the Secure Element, a dedicated chip in iPhone. These numbers are never stored on Apple servers. When you make a purchase, the Device Account Number, along with a transaction-specific dynamic security code, is used to process your payment. So your actual credit or debit card numbers are never shared by Apple with merchants or transmitted with payment.

If your iPhone is ever lost or stolen, you can use Find My iPhone to quickly put your device in Lost Mode so nothing is accessible, or you can wipe your iPhone clean completely.

This is a major step toward convenience and security. Another step will be the replacement of that magnetic strip on your credit with chip technology already in use in most of the world. Again, it will separate your credit and debit card info from the info stored by retailers.

Retailers’ storage of your transactions and credit and debit card info has given you the convenience of being able to return merchandise without a receipt. It also presented a plump, juicy target for hackers. Banks, which bear the liability of covering the cost of fraud, are behind efforts to speed up the conversion to this new technology. Their goal, of course, is to minimize their risk, and they’ll minimize ours, too.

New credit and debit cards will be better for those of us who still carry them around in our wallets. Apple Pay and evolving technologies will help us get rid of our wallets all together – and probably our keys, too.

Millennials are driving device technology. They don’t like to bother with carrying wallets and keys and anything else they deem bulky. The changes are likely to trickle down to the rest of us, especially as we find them to be secure and convenient.

While the new technology looks great, there are other steps you can take now to protect your data. We’ve discussed these measures before:

  • Strengthen your password. The greater the combination you can use of upper and lower case letters, numbers and special characters, the longer it will take for hackers to crack your password.
  • Use two-factor authentication for Internet access to your data. It’s a second password, a reference to a graphic symbol or an answer to a question. Dropbox now offers it, and you can click here to learn more.
  • Look before you click. Use common sense when clicking on websites or opening attachments to email. If something doesn’t look right or feel right, leave it alone.
  • Make sure your protection is up to date and running. Anti-virus programs, malware programs and firewalls for home and office systems can prevent unwanted problems and intrusions. Make sure you have all systems up to date and turned on.

Now you can buy your new iPhone 6 or 6+ and enjoy the benefits of Apple Pay and NFC – whenever the technology is activated, most likely in October.

What your thoughts on this? How willing are you to embrace this new technology? Share your thoughts with us. And if you have any questions about buying an iPhone 6 or 6+ or any other phone, tablet or computer and getting them all to work together, drop us an email or give us a call at 973-433-6676.

Avoiding the Virtual-Drive Hiding Place

One of our clients knew – without a doubt – she hit “save” for a downloaded file. But, she couldn’t find it where it was supposed to be. There’s a place where those files go, and it takes some detailed knowledge to find them.

The problem usually results when you download a file from an email or a website. Unless you specify a path – a specific folder in your Documents or Pictures libraries, for example – the file is stored in a protected temporary location. It’s located in another Documents file that’s accessed through your C:\Users series of directories and files. It’s a protected area designed to protect your computer against malware invasions, and it’s not well documented.

The location leads to an additional problem. When you run any automatic or manual backup program, files in that location are not backed up. If your hard drive fails or you change computers and don’t know where to find them, you could lose them.

When our client told us of the problem, we knew where to look, and we found lots of files. She was very happy, to say the least.

But it’s easier to avoid the problem.

If you’re downloading files from an email, make sure you file them in the appropriate folder when you save them. Sometimes, it just takes that extra second thought when you’re really busy, but if you make it a habit, you’ll save a lot of time and probably a lot more aggravation.

If you’re downloading from the Internet, do the same thing. Store it in an appropriate file folder right away, and make it a habit. If you regularly download files from specific websites, you can add them to your Trusted Files, and that will help you download them to your designated directories.

You can browse the protected temporary location, and we can show you how to do it without losing files that are critical to your computer’s operation. Call us – 973-433-6676 – or email us to set up an appointment. We’ll be able to guide you through the process and provide you with instructions for finding files in the future.

New Service to Manage Your Virus Protection

We’re responding to that nasty world out there by launching a new service to manage your virus protection. By taking a proactive approach, we can help you stay ahead of the nasties – insidious virus codes and the people who spread them. Here are the details.

We will now install and manage anti-virus software on your computer or computer system for as little as $4.25 per month. While we have avoided recurring, on-going fees, we believe this makes a lot of sense for you. In many ways, its’ an extension of services we already offer.

Many of our customers rely on us to monitor their systems remotely so that we can fix certain problems when they appear, and our customers give us access to their systems so that we can keep them running at peak performance.

We get alerts when a virus or malware is detected, and if something looks like it’s getting out of control, we get continuous messages. In one case, we got a message on a client’s machine that didn’t seem out of the ordinary. During lunch, which happened to be right near our client’s office, the messages escalated. We went there immediately to help out and resolved the issue. Our client’s boss saw us there and asked what we were doing. The client explained how we jumped in and said: “That’s why we have Norman.”

That’s what we do.

Now, we can monitor your system for viruses and reach out to fix problems, including making “house calls” if needed. As with everything else we do, we’ll make it a point to fix your problem as soon as possible.

Unlike some other anti-virus products or services, we don’t require annual renewals. Stay with us for as long as you like and cancel your service at any time. For companies with four or more computers, we can bill you quarterly. Make your life less worrisome. Contact us by phone – 973-433-6676 – or email for more information or to sign up for our anti-virus protection management.

iOS Upgrade and No Get-Out-Of-Jail-Free Card

Apple just released its iOS 7.06 upgrade, and in a recent comment, someone complained about losing your ability to “jail break” your device. Well, you can unlock just about any device, but is it worth it? You could be sacrificing data security.

The more we learn about data breaches at large companies and financial institutions, the more we start to realize how vulnerable we are and how much more we need to protect our information.

Technically, unlocking phones is illegal. When you have a contract with a carrier, they essentially have offered you a discount on device, usually a smartphone, in return for using their network. Unlocking your phone or device from their network to use other carriers breaks the contract.

We don’t offer legal advice. We offer technical advice and services that we hope will make you smarter users of your devices. So, let’s look at the security aspects.

The process of unlocking your smartphone, also known as jail breaking, decrypts all the data on your phone. It also removes all of the manufacturer’s restrictions and allows a phone to be used on any network. That’s the benefit you hoped to gain, especially when traveling abroad, where different cellular protocols can be used.

However, these unlocked phones carry a higher security risk than standard phones due to the changes to the operating system needed to make this occur. Once you use that phone to access the Internet, you and your phone are open to malware, spyware and just about any other tool you can think of that hackers can use to get personal data.

If that doesn’t stop you from thinking about jail-breaking your phone and/or device, consider this: You don’t know what security laws may apply when your data are breached in another country. Even though redress through a legal system may be possible, it will be after the fact. Damage can be done, and nobody can tell you what your liabilities may be and what any redresses can cover.

If you are traveling abroad, check with your carrier about capabilities. In many cases, your phone or device will work on Wi-Fi networks – though they may be public networks just like those from your local coffee shop. Wi-Fi Internet can allow you to talk to people over through services such as Facetime, Skype or Viber, and to access your email, bank and charge accounts and business files. Of course, you should make sure ahead of time that your device will be secured, and security can be enhanced through two-factor authentication systems.

In some cases, such as traveling to China, you may be better off leaving your phone or device home or having it shut off completely. Many business and government travelers to China and some other countries simply buy or rent a phone – with none of the information on their current phones and devices – for one-time use in those countries. Vacationers should follow their lead.

Contact us – phone: 973-433-6676 email: [email protected] – with any questions you have about securing your phones and devices while traveling.

This article was published in Technology Update, the monthly newsletter from Sterling Rose LLC.