September 30th, 2013
Running a business involves a seemingly never ending list of tasks that need to be done just to keep the lights on. When you’re inundated with these chores, it’s difficult to find time to create, innovate and improve. That’s why you hire others to do some of these tasks for you.
It’s the same with your IT department. Rather than spend their time on meneal, day-to-day maintenance tasks, consider outsourcing services by using cloud computing and a managed service provider. Patrick Zelten, of Baseline Magazine suggests some things to consider before deciding on outsourcing.
Just because it’s possible to use a managed service to save your company time doesn’t mean it’s the right thing to do. Before making any decisions, think about the day-to-day operations of your business. For any service you’d like to outsource, you need to know how critical it is to you operations. How sensitive is the data shared? Are their advantages to handling this service internally? And, be sure to have a goal for what you hope to accomplish by outsourcing.
- Know your employees capabilities
Another factor in determining what needs to be outsourced is knowing the expertise of your employees. If a system is easily managed by your current staff without being a time burden, then it likely doesn’t need to be managed by a third-party, regardless of other factors. If, however, it will take dedicated time to learning how the system should be run, and keeping up with updates and new functions constantly, then using a managed service provider would save time and money.
- Managed, Co-managed or Cloud
Choosing managed services allows you to retain control. It’s almost like adding additional IT personnel. Applications are divided between you and your managed service provider. The two groups will work closely, which can sometimes lead to problems.
Co-managing is similar, but rather than completely turning over some of your IT tasks, both your staff and the managed service provider work together on the same applications. This provides flexibility, and the ability to easily scale up or down.
Using a cloud system allows you to get started almost immediately and also allows for quick changes in scale. Your cloud provider will handle the set-up and maintenance, so the services you outsource will be continuously updated. This model is less secure than others, however, so what you choose to put in the cloud should be a careful decision.
Outsourcing the right services and applications takes the strain off your company. For help deciding which model is right for you and what the cloud or managed services will do, contact Geek Rescue at 918-369-4335.
September 30th, 2013
You’ve probably taken some precautions to make sure your computer is protected from malware, viruses and other potential security issues. But have you taken precautions to protect your router?
A recent post on NewsFactor notes that there are router-specific malware threats capable of reconfiguring it. A malware infected router is able to redirect users to malicious sites in order to steal data or infect them with more malware and viruses.
Imagine you are using your computer to check your bank balance. If your router is infected with malware, it could redirect you to a similar looking site that is actually designed to steal your log-in information. Minor differences will alert you that something is wrong, but you have to be looking for them. A slight difference in the way the site looks, or a missing option in the menu are tell-tale signs that this site isn’t legitimate.
Thankfully, most banking websites offer security specifically designed to alert you if you’re not on their official website. However, other websites don’t take the same precautions.
Your browser also has security tools available to help keep you safe in these situations. When the warning pops up that a website’s security certificate isn’t recognized, don’t ignore it. This is a warning that using this site puts your data at risk. If you see that warning, don’t use that website. If needed, contact the business directly by phone and ask them about their website.
To protect yourself, make sure your router is updated continuously. Newer models usually update automatically, but it’s worth checking to make sure. Also, use the password protection options. Not only should your router be password protected, but that password should be changed often and not easy to guess.
To find out how to improve the cyber security at your home or office, contact Geek Rescue at 918-369-4335.
September 30th, 2013
Creating an adequate, effective security infrastructure for your business is difficult. It becomes impossible, however, if you don’t take the time to consider where your weaknesses are.
Patrick Budmar, of ARN, reports that security experts estimate that 80-percent of IT security spending at an average company is focused on only 30-percent of the problem.
Firewalls, intrusion protection systems and endpoint security are noted as receiving the bulk of most security budgets. However, diverting funds to increase prevention and detection of threats is a more efficient practice.
Regardless of the amount of security software in place, there will be breaches and gaps in your security. That’s why experts recommend focusing more attention on monitoring data and constantly checking for abnormalities within your network. Many times, a security breach goes unnoticed for weeks or months at a time. This allows for an exponentially higher amount of damage than if the breach was detected immediately.
An audit of your company’s cyber security exposes the potential flaws. It also shows where more attention or funding is needed, and where funds can be diverted from. This way, you’re able to upgrade security by spending more intelligently, not necessarily by spending more.
Geek Rescue provides security audits and the tools needed to improve security. Call us at 918-369-4335 before an attack to avoid costly damage and data loss.
September 27th, 2013
Antivirus vendors are reporting that a new piece of malware is being used in infection attempts hundreds of times per day over the past few weeks. It goes by the name Napolar or Solarbot and is used to steal information.
Lucian Constantin, of PC World, writes that this new malware started infecting computers in mid-August, but was put up for sale to cyber criminals weeks before the first infection. For $200, hackers are able to buy the Napolar binary code and launch their own malware attack.
While infections have mostly been reported in South America so far, security experts fear this malware will spread quickly, due to its affordable price tag. It appears Napolar is being spread through compromised Facebook accounts.
Napolar is similar in functionality to a Trojan, which has been around for years. Experts speculate it could actually become more popular, however, because of its ease of use and because it is upgradeable with plug-ins.
The tell-tale signs of the malware are pop-up images of women appearing on screen after downloading an infected photo-file.
With more hackers purchasing Napolar and more Facebook users being infected, it’s only a matter of time before the malware reaches North America.
Be sure to keep your antivirus software updated. If you discover that your computer has been infected by malware, bring it to Geek Rescue. We disinfect any device and help you improve your security to protect against future attacks. Come by or call us at 918-369-4335.
September 27th, 2013
You’ve heard how important robust cyber security is for your business. You’ve read the articles, you’ve seen the statistics and heard the urging from IT professionals. Unfortunately, for many small business owners, the warnings don’t truly sink in until after they become a victim of an attack.
Ericka Chickowski, of Dark Reading, writes that a cyber attack doesn’t have to solely be a negative on your company. It is costly and it could hurt your credibility with your customers and prevent you from offering your services for a time. But, it’s also a chance to learn a lesson and become stronger.
During the recovery process, it’s important for companies that have been victimized to take time to study why they became a target in the first place. The exploit is like a real-world audit of your security infrastructure and, unfortunately, your security failed. Take this opportunity to improve the holes and the day-to-day processes of your company.
Be sure to take this opportunity to address your entire security infrastructure, not just the part that was exploited. Your security likely doesn’t have only one flaw. And even if you find that the software in place is adequate, you may discover that you employees actions put data at risk.
You should also critique your recovery plan. Think about the company-wide actions after the attack took place and consider how they could be improved. Your goal should be to cut downtime and restore data as quickly and fully as possible.
If your security is breached, you definitely can’t afford to ignore it. Let it be a message to you that a more serious investment in cyber security is needed.
For a security audit, or to find out what your options are for improving security, contact Geek Rescue at 918-369-4335.
September 27th, 2013
Every business has adopted some form of cyber security, but is your security truly aimed to keep you safe from a full-scale cyber attack? Too often businesses believe they won’t be a target of hackers and make that an excuse for not dedicating more resources to true security. Those with minimal security, however, make themselves a target because of how easy it is to attack their network.
Catalin Zorzini, of Inspired Magazine, suggests taking the necessary steps to take your security from minimal to robust. Here’s what to consider when trying to implement adequate security.
- Audit your current security
Conducting a security audit will reveal where you are most vulnerable. This informs you what your security is lacking and specifically what data is at risk. Knowing that will allow you to put into real terms what is at stake. Contact Geek Rescue to perform a thorough audit of your security.
- Consider disaster recovery
Keeping security threats like malware out is only one aspect of good security. You also need to have a plan in place for a disaster that wipes out your data. This could stem from a cyber attack, or it could be a natural disaster that destroys your servers. Regardless of the cause, you need a plan that will minimize the amount of downtime you suffer and how much data is lost.
- Don’t forget about mobile
Mobile technologies create complications for your security infrastructure. Employees sharing data with cloud systems or through email and connecting on unsecured WiFi cause headaches. There’s also the growing bring your own device, or BYOD, trend. That is also a potential problem as employees could bring infected devices to the office and infect the whole network.
By thinking about potential security problems and patching holes, you’ll avoid large scale data loss and downtime in the future.
Geek Rescue helps you improve cyber security. Call us at 918-369-4335 to set up a security audit, make a disaster recovery plan or more.
September 26th, 2013
Craigslist has long been known not only as a legitimate online marketplace, but also a potentially dangerous hub of scams and hackers. A report posted on the Symantec blog alerts that a current scam is harvesting phone numbers from Craigslist ads and texting them spam links.
The actual scam has nothing to do with Craigslist, but that seems to be where the hackers are getting phone numbers. From there, they send a text containing a link. However, the link won’t work on a smartphone.
Instead, users are prompted to use their PC and arrive at a page prompting them to install “GIMP Viewer”, which is legitimate open source software. If the user agrees, they aren’t taken to the actual GIMP site. Instead, they are taken to a fake site where GIMP software is installed with a number of other programs.
Hackers make money each time these additional programs are downloaded. For now, it doesn’t appear that any malware is included in the scam, but it could easily become part of it if criminals decide the current scam isn’t lucrative enough.
To avoid any similar scams, be wary of text messages from unknown sources. You certainly shouldn’t be agreeing to download anything to your phone or PC unless it comes from a trusted source. A link in an unsolicited text message would not be a trusted source.
To protect your smartphone and PC from future malware infections, contact Geek Rescue at 918-369-4335.
September 26th, 2013
Using a cloud system to store and share files has become a common business practice. The cloud makes data available from practically anywhere and makes it easy for employees to collaborate on projects. However, not enough attention is being paid to the security of these clouds and who could potentially have access to valuable information.
Yorghen Edholm writes on his ComputerWorld blog that these security issues are of a particular concern when employees use a public cloud. Services like Google Drive and Dropbox are easy to use and have free options. They present a security risk, however.
It’s not necessarily these public clouds themselves that pose the problem, although they aren’t nearly as secure as private cloud options. The real problem stems from employees using public clouds without supervision from superiors or the IT team. That means others are unaware of potential risks and unprepared to solve problems.
Many employees use a public cloud because it’s convenient. They may be planning to temporarily store a file, or quickly share it with other team members. Usually, they lose track of exactly what is being shared and believe that they’ve only added files to the public cloud that don’t contain any potentially damaging information.
There’s also a concern over who exactly will have access to a public cloud. Recent headlines have enlightened the public about the government being able to snoop on files stored this way. Storing your data more securely doesn’t necessarily restrict the government’s access, but at least you’ll be able to keep track of what they’ve seen.
It may not be possible to keep every piece of data stored privately. But, you should strive to gain oversight of all the data being shared, and how it’s being shared.
For help implementing a cloud computing system at your business, or to enhance security, contact Geek Rescue at 918-369-4335.
September 26th, 2013
Browser extensions enhance the capability of your web browser. There are a number of uses for browser extensions. Many are designed to improve security or boost productivity. Recently, more and more extensions have been made by hackers, however.
Lucian Constantin, of ComputerWorld, writes that malicious browser extensions are a growing concern among security experts. That’s because they are difficult to protect against.
Malicious extensions have been seen before. They’ve been used to hijack searches and show ads to users. Recently, an IT security consultant was able to create an extension with much more harmful capabilities.
This example malware was able to be controlled remotely. It’s able to bypass two-factor authentication, perform functions, such as downloading other malicious files or controlling the webcam and steal data.
Malicious extensions are a growing concern, but there are few options available to protect yourself from them. Many antivirus programs are unable to detect and remove this malware. Security extensions added to your browser are also powerless.
Your chosen web browser actually has a significant effect on how much at risk you are. Firefox users are considered to be the most vulnerable. This is because it allows for third party extensions to be added, which means hackers can convince users to install the malicious extensions themselves, or can use malware downloaded through other means to install them remotely.
Chrome users, on the other hand, are at a relatively low risk. Chrome only allows extensions to be added from their Web Store, which only contains extensions that have been approved by Google. This doesn’t mean that there can be no malicious extensions added to a Chrome browser. It just means it’s much more difficult than with Firefox.
Exercise caution when adding extension to your web browsers and make sure you understand what your security software does and does not protect against.
To improve the cyber security on your home computer or at the office, contact Geek Rescue at 918-369-4335.
September 25th, 2013
Yahoo recently announced that they were recycling dormant email addresses. Yahoo IDs that hadn’t been used in awhile were made available again and taken over by other users who wanted them. Donna Tam, of CNet, reports that there’s a significant security problem with that.
Even though users hadn’t accessed their Yahoo emails in over a year, they still have accounts associated with them all over the internet. One user who took over a previously owned Yahoo ID says the email address is associated with a Pandora and Facebook account and is the contact for a doctor’s office.
Multiple users have seen emails intended for the address’s previous owner. Those emails contain the ability to hack into the previous owner’s online accounts and some contain personal information like the last 4 digits of a social security number and physical address. With that information, a motivated person could hack into any number of accounts. The potential for identity theft is incredibly high.
Yahoo says most of the recycled accounts were not receiving any emails before being claimed by a new user. They also claim that they’ve taken precautions so the new account holders don’t receive emails containing information about the accounts of another person. But, Yahoo has to rely on other websites to make changes in order to fully fix the problem.
If you let your Yahoo email address lapse, you’ll definitely want to go through all of your online accounts and make sure none of them are associated with an address that may now be used by someone else. Don’t forget to also check with doctors’ offices and friends to let them know that you no longer use that email.
To avoid any of these potential headaches, contact Geek Rescue about hosted email. We offer a variety of options to fit your needs. Call us at 918-369-4335.