Shortcuts Can Take You the Long Way

Just like there’s no free lunch, there’s no easy solution when you use a shortcut that cuts corners. Whatever time and money you think you are saving can easily be wiped out – at the cost of more time and money – when a failure occurs without warning. You can protect valuable data by taking the time to set up your system properly.

That advice was brought home to a client who received some bad advice from a bargain-basement IT support provider. The provider had moved away but still provided support. When our client – before we took over the account – contacted the provider to help with a database problem, things went from bad to worse very quickly.

In a nutshell, our client’s system had some built-in redundancies, all designed to prevent data-loss problems, but their failure had never been detected. As result, our client was walking a tightrope without a safety net. When called in, the former IT provider instructed our client to reboot the server, but the server never came back online. That was one problem.

Another problem was the failure of the hard drive, and we found a problem there that we consider totally avoidable. It began when the client started running out of space on the server’s hard drive. Instead of taking the time – and money – to back up the data and install a new hard drive, the IT provider repartitioned the drive using a compression program.

That step is something we never even suggest to our clients. In all the literature we’ve come across and in our many years of IT experience, it’s not a stable program. It’s just a bad shortcut to try to pick up extra space.

So, when the hard drive failed, it lost some data that the client had thought was saved. We tried several restore points, but we never could get the data that had been lost. That’s because the database had been corrupted at some point, and the client was backing up corrupted data.

Going forward, the client now understands that imaging a hard drive or partitioning the drive or using any other questionable technique to create more space on a hard drive will only expose them to more risk. It’s a lesson everyone should learn and heed. You can only stuff so much data onto a hard drive before you get distortions (corrupted data) and an outright failure.

If you need more data storage capacity, we can explore a number of options and find the one that best fits your office’s needs and protects the safety of your data. Contact us at 973-433-6676 or email us to set up an appointment.

Passwords and Underwear: An Analogy Worth Mentioning

When Thycotic, a security software company, compared passwords to underwear, it certainly got a chuckle or two. But they share three characteristics that are worth more than a mention:

  1. Change them regularly.
  2. Don’t leave them on your desk.
  3. Never lend them.

Without getting into TMI, changing every password every day is a lot more involved than changing your underwear, and it’s really impractical. But you can help make your data more secure by changing passwords monthly or quarterly – or any time you see something that looks funny, odd or out of place.

We’ve seen numbers indicating that 75% of all Internet users employ the same password for all the sites they visit. I would strengthen it by using upper and lower case letters, numerals and special characters. I feel my information is safe because it could take years for a hacker to figure it out.

However, hackers have various tools to crack passwords, and they’ll get one eventually. The longer and more complex your password is, the longer it will take. And, hackers make a business decision in how far to go. If they can get a whole bunch of easily decoded passwords quickly, that’s where they’ll concentrate their efforts. So, if you want to keep your password simple, change it more often. But, do change it regularly.

Don’t leave them out on your desk. I can’t tell you how many times I visit clients and see passwords taped to monitors or walls for the whole world to see. In busy offices, where people walk in and out all day, it would be very easy for a practiced password thief to see a password or two and remember them. If you recoiled with horror at the thought of someone seeing your underwear on your desk, how do you feel about someone getting into your personal or corporate bank or credit-card information?

Never lend your passwords to anyone. Yes, the thought of someone using your password should be just as disgusting as someone wearing… Well, you get the idea.

You can further protect your password by being very careful about which websites you provide information. Remember that 75% figure? If a hacker uses a website for a bogus offer – such as something for free – to get you to sign on with a password, he’ll make the assumption that you lack good judgment or common sense. He’ll also assume you use the same password for dozens of other places, including those where he can either take money from you or find information to sell to others.

If you use cloud-based services, such as Microsoft Office 365, the provider will monitor patterns and notice something out of the ordinary. You, too, should be on the lookout for out-of-the-ordinary things, such as emails with attachments or links from people who normally don’t send you those things or emails with odd subject lines.

If you have any questions about password security, contact us by phone – 973-433-6676 – or email. In the meantime, treat your password like your underwear.

Updates are Easy…and Necessary

There’s a reason why you should update your software on a regular basis. The updates fix security issues and other bugs. It’s an easy process. Just set up an automated routine and never worry about downloading and installing them. An example from a new client shows the consequences of neglect.

When we took on our new client, we were given a laundry list of issues. There’s nothing unusual about that because nobody changes their IT support provider unless there are a lot of problems. In working through the list, we found that their operating system had not been updated for months – nor had they updated their virus software.

To us, this is unbelievable. It’s also totally avoidable. Too many small offices and consumers think the updates are not important. We consider them absolutely necessary – and for small businesses and individuals, they may be even more vital than for larger systems. The reason is that mid-size and large businesses have dedicated IT staffs to monitor and maintain their systems. Smaller system owners rely on themselves and outside support providers to do that work. When that work is not done, IT systems are exposed to all sorts of vulnerabilities.

We monitor our clients’ systems, especially at update time; to make sure everything is in order and to let them know if there are issues. System security is the big thing. With so many types of hackers looking to either steal personal information or hold your files hostage for ransom, security simply has never been so important.

Along with your operating system and program files, it’s vitally important to update your virus and malware software. It’s easy to do.

Microsoft issues updates on the second Tuesday of the month – Patch Tuesday – generally in the afternoon. If you are set up for automatic updates, your computer will automatically download them within 24 to 48 hours. Your only obligation is to restart your computer for some of the updates to take effect.

Windows 7 and 8 users can refer to this article from Microsoft to set up your automatic updates, including whether you want to install them automatically or be notified so you can install them at the time of your choice. It’s a four-step process.

The only caution we have is to be careful of anyone contacting you out of the blue to fix your computer online. Microsoft and Apple, for example, will NEVER contact you about a problem with your computer. If you get an unsolicited email or call from someone who implies he or she can fix a problem with your computer, delete the email or hang up the phone call. If you are concerned about your computer system, call us.

If you have any questions about setting up automated Microsoft updates or determining which suggested updates to install – as opposed to those you must install – call us at 973-433-6676 or email us with your questions. We can help you set up an update program for all of your software applications.

Protect Your Networks as IoT Grows

What can’t we do over the Internet? Pretty soon, the answer will be: Practically nothing. We may not live like the Jetsons, but in the expanding age of IoT (the Internet of Things), we can do all sorts of things, from turning lights on and off to connecting with life-saving healthcare information and equipment systems. While the future is bright, you need your “shades” in form of network protection.

Here’s why it’s critical: Every device and every app that you use over the Internet exposes you to hackers who can get into your network and computer system and those of other people and businesses. Your network router or gateway is your first line of defense. There’s nothing magic about what you need to do to protect it.

The first thing is to turn on your router’s or gateway’s firewall. It sounds so basic, but we’re always amazed at the number of people who simply neglect it. You’ll need a password for it, and our advice is to make it long and to include at least of the four following characteristics: a lower case letter, an upper case letter, a numeral and a special character. If your computer has a firewall, turn it on, too, and make sure you have anti-virus and malware protection installed, updated and activated.

But network security is more vital than ever because the devices you use for a smart home, for example, may not have built-in security or a strong security system. Every time you turn lights on and off, lock and unlock a door or change your thermostat over the Internet, you can be vulnerable to a hack. If you are on a secure network, and if your network in your smart home is secure, you’ll be much better able to protect your system (and all of the data).

Network security can be even more critical for businesses. Some types of businesses depend on remote access to sensitive files than others, and those files could contain information on your business or your customers’ businesses that a hacker can use to monetize in any number of ways.

If you are buying and activating more smart systems as you expand your Internet of Things, we urge you to talk to us. We can help you understand the security risks you need to manage and help you select the security systems that can best manage those risks. No system is foolproof or perfect, but making yours as strong as possible will minimize your risk of getting hacked. Call us – 973-433-6676 – or email us to strengthen your existing security system or find a new one.

 

Caution is Key to Online Safety

Take a deep breath and Look Before You Click during the holiday season. More scammers, hackers and schemes abound at this time of the year, looking for holes to breach and get critical personal data. Here’s a review of our tried-and-true safety measures.

Watch your email. It’s one of the easiest pathways into your computer and all of your valuable personal data. At this time of the year, scammers and hackers take advantage of harried shoppers, who are likely balancing work and shopping and not paying full attention to all of their email.

Here are some identities a cyber-invader may assume to get inside your computer:

  • Bank or Credit Card Company
    • Do you have an account with that bank or credit card company?
    • Is it really one of their actual email addresses or domains?
    • Does your bank or credit card company normally contact you about this?

Your Best Course of Action: Close the email and go the bank’s or credit card company’s website to see if there are any alerts that match the email. If you’re still not sure it’s a fake message, get the phone number from the website and call. You can also look at a bank statement or credit card to get a customer-service phone number. Don’t click on any link in a questionable email.

  • Retailer or Shipper
    • Did you actually do business with that retailer?
    • Did you agree to use that shipper when you bought something online?
    • Are you being asked to click on a link?

Your Best Course of Action: Close the email. If you printed a hard copy of your order confirmation, you should be able to see the name of the carrier and a projected shipping date and delivery date and verify the information in the email. For protection, go to the retailer’s website and log in if you have an account. That should provide you with updated information on your order’s status. If the retailer has provided you with a shipper and a tracking number, go to the shipper’s website and enter the tracking number there. If you’re still not sure, call customer service.

  • Charitable Solicitations

Your Best Course of Action: Close the email. If it’s a charity you want to support, find its official website and give a donation there.

  • Email from a Friend in Need

Your Best Course of Action: Close the email. If you really think it’s legit, call your friend or send a new email with a different subject line. If that person is a close enough friend to send money, you should have full contact info – or know a way to get it.

When conducting business online, make sure you give your information over a secure website page. There are a couple of ways to check:

  • The website address begins with https
  • You’ll see a padlock icon in the address bar

Some other precautions to take include:

  • Buy from a large, reputable online or brick-and-mortar merchant. Generally speaking, retailers who work through Amazon or EBay have been vetted and have contact info posted online. If you’re not sure, buy from someone else.
  • Don’t send sensitive personal information by email. It’s too easy for someone to intercept it.
  • If somebody calls you about an account or purchase or charitable donation, you can ask to call that person back – and then go to a website to get a phone number you believe is trustworthy.
  • Make sure your antivirus, spyware, malware and firewall programs are up to date and running.

Above all, Look Before You Click. Make sure you understand exactly where a click will take you and what will be put on your computer. As Michael Conrad’s Sgt. Phil Esterhaus warned TV’s Hill Street Precinct police officers: “Let’s be careful out there.” And if you run into trouble, make your emergency call to us – 973-433-6676 – or send us an email.

Shedding Light on the Flashlight App

A cable-based news network reported that flashlight apps on Android-based phones can steal data. It created a stir in the general and technical news media. Yes, somebody could write an app that can track some of your activity (and sell it to marketers) or could launch a virus. But there’s a bigger-picture lesson to be learned: Use common sense.

Let’s start with a few of “givens.”

First, there’s always someone out there trying to get your data and resell it – whether it’s your sensitive personal information or just some data to help a marketer target you. Ultimately, you have the responsibility to protect your data – though we can help you put systems in place.

Second, you have control over what gets installed on your device. You need to take time and care when you download and install apps to make sure they are safe and secure.

Third, if you have an iPhone or an iPad with a camera, you have no reason to download a third-party app for your flashlight. It’s been there since the release of iOS 7.

With that being said, what’s going on with the flashlight apps? You can dig into some of this yourself, starting with a report from Fast Company about the app Brightest Flash sharing location and device ID information. (Please note, most of you allow this information to be used with many other apps, such as those that provide directions while you drive somewhere.) The app’s developer was automatically sharing location and device information with advertisers and other third parties–even when users opted out. In fact, before they could accept or refuse the app’s terms, it was already collecting and sending information.

That got scaled up in a special report on a cable news channel, in which viewers were told this could be bigger than Ebola. What further rankles me is that the report on the How-To Geek website made specific references to the iPhone flashlight app, which is built into your device. It made a mountain out of a molehill.

However, the report noted: “The fact is that Android app permissions are a mess and you have very little control over what apps can do once you’ve agreed to install the application other than just trusting Google. Your best bet is to avoid installing apps that have permissions that look suspect, or only install apps from really reputable companies.”

All of this brings us back to why I like the iPhone and Apple apps. Apple may come across as control freaks, but the company vets all of its apps and app developers to give you better protection. Some device users find that restrictive; I find it comforting.

To be sure, hackers and virus writers are looking to invade Apple computers and devices, and it’s only a matter of time until they succeed often enough to create problems. For now, our advice is – as always – to look before you click and decline if you’re not sure. Also, as always, never hesitate to call us – 973-433-6676 – or email us if you have any questions about any apps you’d like to download.

Steps to Take – Mitigate Fallout from Russian Hacking Incident

If you haven’t seen or heard the news, a Russian group has hacked user names and passwords for some 1.2 Billion accounts worldwide.

We urge you to run a virus scan and malware scan as quickly as possible on all of your computers to determine if your system has been infected. This post from The New York Times, which first reported the incident, covers some basic steps you can take. We’ve discussed them before, and they are now very much worth repeating. If you want to learn more, you can read reports from PC Magazine and The New York Times.

 

As always, if you have any questions or concerns, contact us immediately by phone (973-433-6676) or email.

New Service to Manage Your Virus Protection

We’re responding to that nasty world out there by launching a new service to manage your virus protection. By taking a proactive approach, we can help you stay ahead of the nasties – insidious virus codes and the people who spread them. Here are the details.

We will now install and manage anti-virus software on your computer or computer system for as little as $4.25 per month. While we have avoided recurring, on-going fees, we believe this makes a lot of sense for you. In many ways, its’ an extension of services we already offer.

Many of our customers rely on us to monitor their systems remotely so that we can fix certain problems when they appear, and our customers give us access to their systems so that we can keep them running at peak performance.

We get alerts when a virus or malware is detected, and if something looks like it’s getting out of control, we get continuous messages. In one case, we got a message on a client’s machine that didn’t seem out of the ordinary. During lunch, which happened to be right near our client’s office, the messages escalated. We went there immediately to help out and resolved the issue. Our client’s boss saw us there and asked what we were doing. The client explained how we jumped in and said: “That’s why we have Norman.”

That’s what we do.

Now, we can monitor your system for viruses and reach out to fix problems, including making “house calls” if needed. As with everything else we do, we’ll make it a point to fix your problem as soon as possible.

Unlike some other anti-virus products or services, we don’t require annual renewals. Stay with us for as long as you like and cancel your service at any time. For companies with four or more computers, we can bill you quarterly. Make your life less worrisome. Contact us by phone – 973-433-6676 – or email for more information or to sign up for our anti-virus protection management.

Protect Your Security

Along with avoiding shopping scams, you should take special precautions to protect the security of your financial information and access to your computer – as an individual and a business. This is no time to let your guard down. You know the drill for protection, but here’s a short refresher course.

Email

Be really careful about email. That’s good advice at any time, but it’s especially important at this time of the year. Because of all the ways unscrupulous people have to hijack email addresses, a message from a name you know and trust might be from a scammer.

A new type of malware known as Cryptolocker is being spread by email. It appears to be coming from shippers, such as UPS or FedEx, and it targets personal and professional computers. The virus quickly scrambles or encrypts your data and can lock up your computer. The sender does offer to unlock your computer and restore your data if you pay a ransom. But there are no guarantees that the virus will be removed and that you will get all files back.

If you have your data backed up, we can clean out the virus and restore your files.

Trust your instincts on emails. If the name and email address look right, you still may be getting a bogus email. Look at the subject line. Do you normally get messages like this from the sender? Are there grammatical errors or syntax issues you don’t normally see in messages from the sender? Is there an attachment along with other things that don’t seem right?

If you have a problem with your answers to any of the questions in the paragraph, your instinct likely will be delete the email. Instead of responding it or acting on it, you can send a new email to the sender and ask if they sent you the email in question.

You also may be part of an email “phishing” campaign. Just in case you haven’t come across the term, phishing is a way for scammers to troll using fake or malicious websites and email addresses to get you to sign up for something that isn’t real or that is very expensive. Phishers can also use your response to get access to your computer and either mess it up or steal valuable information – or both.

Phishers generally use an identity related to a financial institution or services organization, such as a bank or PayPal. Two tipoffs that it’s a phishing campaign are: 1.) a domain name that looks similar to a well-known domain but is not the same as an official name and 2.) bad syntax in the subject line, generally a string of words that most native English speakers would not use.

Phishing campaigns rely on busy people not reading the message and its identification info carefully and just clicking through or responding. If you’re not sure about the legitimacy of a link in an email address, you can hover your mouse over it, and it should give you the origin of the link.

If you think you may have a problem with a bank, merchant or other organization, find their customer service information independently of the email and make a telephone call.

Online Purchases

When you buy online, make sure the webpages on which you are giving your credit card information and shipping address are secure. The best indication of security is that the pages will have addresses that start with https://www.merchantcompany.com or https://merchantcompany.com. The “s” in “https” stands for secure. The address is usually accompanied by a small gold padlock icon.

If you don’t see a sign of security but absolutely must buy from that site, you might be best to make a phone call. There can be a number of legitimate reasons for security not displaying, but make sure the company knows this is a problem for you. They may need to fix something or make some other changes.

Above all, remember that it’s your money. Don’t let anybody make you feel uncomfortable about spending it.

Additional Protection

You should have up-to-date anti-virus and malware-protection software installed on your computer, and it should all be running in the background. Your network should be behind a firewall, and that software should be up to date and running.

You can set up most protection software to run scans and updates automatically, and you can set them for various levels of protection.  We can help you select the best systems for your needs and we can help you install them and manage them. Just send us an email request or call – 973-433-6676. No matter what you select and run, always remember that common sense and an occasional deep breath will always enhance your security.

This article was published in Technology Update, the monthly newsletter from Sterling Rose LLC.

Update for Security, Performance and ROI

Simply having the latest operating system or software for your apps and browsers doesn’t guarantee top performance and tight security. You have to keep all of your programs updated from the day you install them.

Everything starts with the Internet. Whether you’re setting up a new computer or installing a new application, you’re almost always prompted to connect and download all the updates required to bring your programs up to date. Begin your installation by calling up your browser of choice and updating it. (Firefox usually sends out updates automatically as its default configuration.) As we discuss in the article When They Pull the Plug on XP, your browser is the first door hackers try to get into your computer, so make sure you have all the security updates and bug fixes.

When you begin to install the program or application from a website or a disk, you likely will be prompted to check for software updates. If the installation process doesn’t take you there automatically, answer “yes” when prompted. It’s especially true when installing from a disk. Even a disk that comes with a new computer is likely to be several months old.

In general, your rule of thumb should be to check for updates as second nature – and it doesn’t take much effort. You can set Windows Update to check for and install updates on a regular basis, even specifying days and times. For example, you can designate every Monday at 3 a.m. as your update time. Just go to your Control Panel, click on Windows Update and select Change Settings from the menu on the left. Just remember to have all of your files saved and backed up because updates can require you to restart your computer.

Here are some things to keep in mind when putting programs on a computer.

Many businesses have a mix of old and new technologies; it’s an economic reality. That means they’ll be installing some older (but still mostly serviceable) applications on new machines, recognizing that they won’t get full performance out of the new technology.

Therefore, it’s important to note that installing an old program, such as Office 2007, on a new computer will require you to get a series of updates in a specific order. That’s because each update, such as Service Pack 2 or Service Pack 3, builds on previous updates.  So, make sure you give yourself enough time to download and install them. The time will vary, depending on your Internet connection and network speed and capacity.

If you’re migrating from an XP machine to a new Windows 7 machine (which we implore you to do if you still have XP), you’ll need to go back to Service Pack 1 and download all the critical updates that Office will require. You should also note that you may have been using a 32-bit computer and now have a 64-bit computer. In that case, make sure you install all the updates for your new technology.

It’s the same with your Internet browser – whichever one you use. With the Internet such a presence for handling commercial transactions as well as for conducting business operations, programming becomes like its own ecosystem. It constantly responds to new hardware, new software and the ideas that lead to new applications. The continuing growth of cloud-based applications and the integration of mobile device into business demands more adaptability.

Because of that, we highly recommend that you and your employees and family members update browsers on a regular basis. You’ll get more efficiency, which can translate into better business profitability at the office and more learning opportunities for students at home.

Updated browsers also will be more secure, preventing more hackers from getting into your systems and stealing information they can use to take business and personal assets.

Keep in mind, too, that at some point, hanging on to old software or an old computer will put you past the point of diminishing economic returns. The investment in new technology – and new infrastructure for your networks, too – can pay for itself faster when you take advantage of all that technology can offer.

Contact us – 973-433-6676 or [email protected] – to set up an appointment to evaluate your current technology, your needs and available options to make your systems more cost-effective. The solutions may be less expensive than you think.

This article was published in Technology Update, the monthly newsletter from Sterling Rose LLC.