May 13th, 2014
You may already know that effectively implementing security into your IT infrastructure is a vital step towards protecting your business, but unfortunately you likely aren’t working with a limitless budget. Anyone can secure their business with an endless flow of cash, but it becomes much more difficult when you’re having to decide what’s worth the money and what isn’t. At Network World, George V. Hulme gives some tips for how best to use your security budget to get the most out of your investment.
As time marches on, you’re business will need new security tools. This is either because the tools you had in place are no longer effective against current threats, or because your infrastructure has changed enough to warrant a change in security. When that happens, adding new tools is great, but decommissioning the now obsolete tools is just as important. Too many business owners have no process for removing security applications from their infrastructure when they’re no longer needed. Many aren’t able to recognize which tools have become redundant and won’t hurt to be decommissioned. Trimming out these old security tools also trims the budget.
All of that said, before you invest in a new application or new equipment, be sure you actually need it and will be able to effectively use it. A chief security officer suggests asking yourself three questions:
Are their people on staff who know how to use this?
Do they have the time to install, use, maintain and manage it?
Will it have an effect?
Investing in new technology that won’t benefit your business is obviously foolish. But, many don’t recognize that even technology that will positively affect their business shouldn’t be implemented without the proper staff in place.
When it comes to effectively staffing your IT department, you aren’t always saving money when you think you are. Many business owners believe they can cut corners and staff fewer professionals in order to save money. But, this often leads to more downtime and less security in place, which can lead to successful attacks, malware infections and data theft. All of these cost you money and productivity. There’s likely to be a shortage of qualified IT professionals in the coming years so investing in IT now can save you from being dangerously under-staffed later.
Properly using your IT budget can be difficult. At Geek Rescue, we provide IT solutions for businesses on any scale. Our clients receive the benefit of an entire IT staff without having to deal with the headaches of actually hiring and maintaining an IT department.
To learn more, call us at 918-369-4335.
May 13th, 2014
Microsoft ended support for Windows XP a few weeks ago, which means security patches for known exploits aren’t being released for users still using the old operating system. That means those users are vulnerable, and will stay vulnerable, to attacks that have proven to be successful. Surprisingly, this situation still isn’t enough to make XP Microsoft’s most often infected operating system. At Digital Trends, Konrad Krawczyk reports on Microsoft’s latest Security Intelligence Report that details which versions of Windows put users most at risk.
According to the report, Windows Vista, not XP, is the most vulnerable to attacks of any operating system Microsoft has released since 2001. Vista, which was released in 2007, is the only monitored operating system with an infection rate over 3-percent. Windows 7 was the next highest at 2.59-percent and then XP at 2.42.
The safest operating system is also Microsoft’s newest. Windows 8.1 has an infection rate of only .08 percent. Windows 8, however, is infected at a rate of 1.73-percent.
The infection rate numbers don’t tell the whole story, however. Windows 8.1 has a low infection rate, but that doesn’t necessarily mean it’s the safest operating system. It is certainly the least used of all Microsoft’s products so there are fewer targeted attacks. Conversely, nearly half of PCs use Windows 7 and XP still accounts for more than a quarter of desktops. Windows 8 and 8.1 combined are installed on about 12-percent of PCs.
The takeaway from these statistics is that no operating system is truly safe. Even users of Windows 8.1 need to have additional security tools in place to avoid attacks and malware infections.
Regardless of your operating system, if your computer has been the victim of an attack and is infected with malware, bring it to Geek Rescue or give us a call at 918-369-4335.
May 12th, 2014
When it comes to setting up and effectively managing your company’s IT infrastructure, there are a number of decisions to be made. Unfortunately, there’s also plenty of bad information being peddled by so-called experts and vendors. At Tech World, Roger A. Grimes published a list of “promises that don’t deliver” concerning specifically IT security. Avoiding these misconceptions helps you create a more effective infrastructure.
- Invulnerable Applications
The idea of software that is unbreakable, unhackable and totally secure is naturally attractive, but it’s a myth. Even the most painstakingly crafted applications contain flaws that eventually allow them to be hacked. A popular cry from vendors is to tout software as unbreakable, but in reality this only invites more trouble. Publicly claiming that software contains no vulnerabilities only places a target on that software. Many times, this software ends up being routinely attacked and being one of the least trusted applications available.
Encryption is a valuable security tool, but it’s incredibly difficult to create strong encryption. There are many who claim to offer unbreakable encryption, but with few exceptions encryption is hard to break, but not impossible. One characteristic that suggests a vendor’s encryption is not worth your money is the promise of thousands to millions of bits for the key. Typically, strong encryption tops out at 2048-bit keys. Anything larger is unnecessary and actually gives intelligent attackers more opportunities to find flaws and break the code. Million-bit encryption would also require a large amount of data and be difficult to send anywhere thanks to prohibitive file sizes.
This myth is a little more well-known than the others but it also leads to a large portion of successful attacks. The truth is that no one is ever truly, full secure. No antivirus is capable of catching ever possible attack and malware before it happens. Most won’t even be able to spot every piece of malware already installed on a device. The belief that a perfect antivirus program is possible, however, leads to irresponsible actions. Users put themselves in harms way because they believe their antivirus program will protect them from anything that comes along. If you want a perfect antivirus program, don’t rely on it. The better the user’s behavior and habits, the more fewer problems you’ll encounter. To get the truth about what’s needed for your company’s IT infrastructure, call Geek Rescue at 918-369-4335.
May 12th, 2014
It’s been more than a month since news broke of the Heartbleed bug, which potentially compromised the security of millions of websites. In the immediate aftermath, users and website owners alike scrambled to fix the problem and restore security. Unfortunately, a rush to fix an issue that wasn’t fully understood may have further complicated matters for many websites. At Network World, Peter Sayer explains how thousands of sites made a bad situation worse in their attempts to patch vulnerabilities tied to the Heartbleed bug.
Heartbleed is a bug in OpenSSL that potentially can lead to compromised SSL certificates being issued, which would completely undermine the perceived security of a website. Ideally, after news of Heartbleed broke, website owners and those operating their servers should have carefully diagnosed whether or not their site and servers were at risk and act accordingly. In many cases, this happened and the vulnerability was patched and certificates revoked.
According to internet services company Netcraft, however, more than half of vulnerable sites have failed to revoke compromised security certificates and also haven’t reissued new certificates. Nearly a quarter of sites have reissued certificates, but haven’t revoked the compromised ones.
Meanwhile, 30-thousand vulnerable websites revoked certificates then reissued new ones. Unfortunately, they did so using the same private key that was compromised originally. This means that not only are these sites still vulnerable to a known attack, but they’re operating under the assumption that they, and their users, are secure.
Still more sites have seemingly taken no action whatsoever. They’ve continued to use the same private key with their certificates and haven’t revoked old certificates. While these sites are no better or worse off than they were before Heartbleed, at least they have no illusions about the state of their security.
By far the worst situation, however, is the roughly 20-percent of vulnerable servers that were initially immune from the Heartbleed vulnerability. Those servers had versions of OpenSSL that couldn’t be exploited by Heartbleed, but reacted to the breaking news like everyone else and replaced their safe versions with flawed versions.
In each of these cases, a failure to truly understand one’s own infrastructure and the threat at hand led to illogical decisions that either didn’t help improve the situation, or made it much worse.
At Geek Rescue, we offer managed services and other IT solutions to help your organization avoid these types of situations. To find out more, call us at 918-369-4335.
May 9th, 2014
Most homes and offices use wireless routers, but that means they’re also susceptible to hacks and attacks. Routers are notorious for their many security flaws so it’s important to take a few extra precautions in order to stay safe. For some of the basics of securing a router, check out this post from February. At LifeHacker, Melanie Pinola published a list of some more advanced ways of improving your router’s security.
This feature is included on every router, but it isn’t always turned off by default. Remote Administration allows a user to access the router’s control panel from anywhere, which means you don’t have to be currently connected to your network in order to change settings. There might be some situations where this would be helpful, but mostly it is an opportunity for hackers to wreak havoc. Check your router’s settings for a Remote Administration, Remote Management or Enable Web Access from WAN option and make sure you turn it off.
More commonly referred to as UPnP, Universal Plug and Play refers to a feature that makes it easy for your router to recognize internet ready devices. While this should make connectivity easier and more streamlined, it also introduces a number of security issues. Namely, with UPnP your router doesn’t include any type of authentication and considers every device trustworthy. Turn it off in the router’s settings, usually under an Admin section.
Keeping the manufacture’s firmware on your router updated is important, but for advanced users, finding trustworthy open source firmware is an even better option. DD-WRT is a trusted source and offers much more secure firmware than what’s included with your router. There are also more frequent updates to fix any problems that pop up. If you decide to install alternative firmware on your router, however, be sure to do your homework first.
These tips, in addition to more basic security tips like changing your router’s password, keep your network safer from attacks.
For help creating a secure wireless network for home or business, call Geek Rescue at 918-369-4335.
May 8th, 2014
Twice each year, Microsoft releases a Security Intelligence Report detailing the security issues that have plagued users over the previous few months. The latest edition was released this week and reveals an alarming growth in the number of Windows users who are infected with some type of malware. At PC World, Jeremy Kirk reports on the threat that is primarily responsible for this rash of malware infections.
The problem isn’t just that there are more infected users than expected, but that the number of infected users has tripled in a short time. During the third quarter of 2013, it was estimated that less than 6 Windows users per 1-thousand were infected with malware. By the end of 2013, that number had escalated to 17 out of every 1-thousand users.
A malicous program called ‘Rotbrow’ is identified as the primary reason for the quick growth of infected users. At issue is that Rotbrow was only recently identified as malware. It’s been around for quite some time and has infected a number of computers, but it never showed any malicious activities until now.
Rotbrow is disguised as a browser add-on that supposedly helps with security. In reality, it’s what’s known as a ‘dropper’. This is a type of malware that downloads and installs other malicious software to a computer.
In the case of Rotbrow, it waited weeks, or even months, before it started any malicious activities. When it began downloading other malware, security developers quickly added it to a list of recognized malware, but by then it had already been allowed to infect users worldwide. At the time of the Security Intelligence Report’s release, Rotbrow was estimated to be on 59 out of every 1-thousand Windows machines.
The existence of Rotbrow alone isn’t a huge concern except that it often downloads malware capable of much more sinister activities, including ransomware that locks users out of their own computers.
Most security tools are now capable of detecting Rotbrow and blocking it from infecting a new computer, but only if a user’s antivirus program is updated. If yours isn’t, update immediately and scan your computer for malware.
If any of your devices have malware or other issues, call Geek Rescue at 918-369-4335.
May 7th, 2014
There are a number of parts and factors that contribute to the overall health of devices like smartphones and laptops and keep them in working order. The battery may be the most overlooked of these. Without a working battery, your device is useless. Batteries also deteriorate with time, which also hinders your device’s performance. At LifeHacker, Whitson Gordon published some helpful tips to keep lithium ion batteries in your most used devices working better for longer.
Old logic stated that it was good to completely discharge a battery before recharging it fully. In actuality, this is one of the best ways to cause quick deterioration in a battery. In fact, complete discharges can cause batteries to completely stop working. A better practice is to regularly perform what are called shallow discharges. This is simply recharging your battery for shorter intervals. Discharging to around 40-percent of life left, then stopping your recharge at about 80-percent is considered the ideal practice. This is related to the fact that batteries have finite numbers of discharge cycles and once they’re used up, it’s time for a new battery.
Many laptop users leave their device plugged in most of the time. When it’s time to take it on the road, however, these users will notice decreased battery life. By leaving it plugged in, a laptop battery is discharging slightly, then being charged back to 100-percent, which we’ve already established isn’t ideal. Smartphone users have this problem to a lesser extent when they leave their devices charging over night. While most smartphones stop charging once they reach a full charge, you’re still charging them more than what’s recommended, which eventually hurts the batteries performance.
Just when you thought fully discharging your device was bad comes this piece of advice. For the sake of the battery alone, full discharges aren’t recommended. But, your laptop or smartphone likely contains a feature telling you how much life is left in your battery and sometimes even tells you how much time is left before it dies. Over time, this feature can become miscalibrated if you’re regularly using shallow discharges. To prevent that from occurring, let your battery fully discharge once every few months. Fully discharging that rarely won’t cause significant damage.
If you have extra batteries for your device, keep them stored in a cool place like a basement or even the refrigerator. For batteries in your devices, it’s also wise to avoid excessive heat whenever possible. Leaving your smartphone or laptop in your car on a hot, summer day for example will rapidly discharge the battery. When done regularly, it shortens your battery life. Extreme cold has a similar effect so avoid that also.
Sometimes, doing the opposite of the tips included here is unavoidable. Thankfully, fully charging or discharging your battery, leaving it in the sun or keeping it plugged in overnight isn’t that harmful if it’s only done once in a while. Trying to establish these tips as regular habits will increase the amount of time you’ll be able to enjoy a long lasting battery for your mobile devices.
If you’re having battery problems, or any other type of issue with your devices, call Geek Rescue at 918-369-4335.
May 6th, 2014
Once your computer is infected with malware, it can be a long, complicated process to remove it. An infected system is at risk for data loss and risks spreading the malware to other computers. The best security is to keep the infection from ever happening. To do that, you need to know where malware infections typically stem from. At Business New Daily, Sara Angeles lists the most common tactics taken by malware to infect users.
A decade ago, pop-up ads were common online and were a common way of spreading spyware and other malware. The use of pop-ups has significantly decreased over the years and online advertising has become much more legitimate. However, there are still plenty of malicious online advertisements that have the singular goal of infecting users. Sometimes referred to as malvertisements, online ads exist that are capable of infecting users without even a click. The display of these ads can be enough to install malware on your machine. Usually, these ads are found on less than reputable websites, but through an intelligent attack, they’ve been known to plant themselves on trusted sites from time to time.
The traits that make social media so popular are also the primary reasons why it’s often the route of attackers. Messages received on social media are trusted because they appear to be from a friend or recognized contact. There’s also the sheer number of users. An attacker has a better chance of seeing his malware spread to thousands or millions of users on social media than through other avenues. Facebook messages and Twitter DMs are common ways to spread malware, but there are also malicious Twitter accounts that tweet out spam and malicious website links.
Smartphones enjoyed a short period of safety from malware, but as the mobile audience has grown, so has the amount of malware targeting it. Android users are at a much higher risk of malware due to the operating systems open source nature, but iPhone users have seen their share of security scares also. Malicious apps that are either downloaded from a third party or infiltrate the official app store are usually to blame for a mobile malware infection. Malware can also be spread to mobile devices through text messages, emails or through infected websites.
Regardless of the number and effectiveness of security tools you have in place, an unsuspecting and uneducated user is likely to encounter plenty of malware. Even those that know not to click suspicious looking links or download apps from outside the official app store can be duped. Malware developers use social engineering to manipulate users and make links irresistible. They play off of current news stories and promise deals that are too good to be true. If it didn’t work, they’d stop doing it, but there’s no end to these tactics in sight.
Much like social media, nearly every internet user also has an email account. Malware is commonly spread as an attachment to spam messages that claim to be from a trusted business, website or government agency. Users who download these attachments have their computer infected with malware, and often end up spamming their entire address book with malware and malicious links. This is another problem as other users receive messages that appear to be from a friend and instinctively trust the contents.
Malware is becoming more intelligent. Recent attacks have been able to hide themselves from security tools or encrypt a user’s files.
If your device is infected with malware, bring it to Geek Rescue or call us at 918-369-4335.
May 2nd, 2014
Many small businesses view data security as nonessential because they don’t see themselves as ever becoming the target of an attack. Unfortunately, this often makes them a target because of the relative ease attackers have in breaching their network. Even those that do find it necessary to put security measures in place might not see the whole picture of why it’s important. As Brian Prince of Security Week reports, data security isn’t only important for protecting a company’s data. It’s also important for customer retention.
A recent survey conducted by Javelin Strategy and Research found that about a third of consumers will abandon a company that’s suffered a breach that’s resulted in the loss or exposure of customer data. For healthcare providers, 30-percent of patients will abandon after a breach and a quarter of consumers will change their bank and credit card providers in the wake of a data breach.
As experts note, particularly telling about how important security is to consumers is their willingness to change healthcare providers given the usual hassle involved with that process.
What each of these statistics reveal is how cyber attacks cost businesses money. Not only do they often result in significant downtime that prevents you from offering services to customers, but they also cost you customers and sales.
Perhaps the best example of an attack resulting in lost profits is the recent, massive Target breach. As many as millions of customers had credit card information stolen, which resulted in an estimated $61-million being lost by Target in relation to the attack.
This is dangerous because an unrelated study found that four out of five company leaders don’t equate the loss of confidential data with the loss of revenue. This often leads to a relaxed attitude toward security that significantly increases the risks of a successful attack occurring.
Risk assessments, data management programs and other tools are needed to protect even small businesses from exposing their customer’s data, or their own, during an attack.
For help improving your company’s security, call Geek Rescue at 918-369-4335.
May 1st, 2014
Earlier this month, news broke of the Heartbleed bug that compromised the expected security of websites using OpenSSL. The bug would allow for attackers to steal unencrypted log-in credentials from web servers through a vulnerability, or more specifically, what’s called a “bounds check” was missing. Buried in those initial news reports was the warning to change passwords as soon as possible, but only after websites patched the vulnerability. At Dark Reading, Dave Kearns explains the best practices to stay safe in the wake of Heartbleed and why it’s not always wise to change passwords.
In the context of Heartbleed, the knee-jerk reaction was for users to change passwords as soon as possible because their old passwords could be stolen off a server at any time. It was quickly pointed out, however, that most websites hadn’t patched the vulnerability yet, which means a user changing their password wouldn’t protect their account. It would just hand that new password to any attacker who decided to steal it.
In this case, changing passwords wasn’t the best idea. In fact, users who didn’t change passwords and stayed away from a site completely were probably better off than those that proactively logged in and changed their account. The Heartbleed bug makes users vulnerable when they enter their account information. So, logging in and changing your password would potentially be giving that information to an attacker. But, leaving your account dormant would keep you safe.
Going forward, there are tools available to add on to your web browser that will tell you whether or not a website has been patched to eliminate their vulnerability to Heartbleed. If it has, you’re free to log-in and change your password. This protects you in case your old password was compromised at some point.
If the site hasn’t been patched, leave immediately. That site isn’t safe for use until the vulnerability is fixed.
The best way to protect yourself from catastrophic damage in the wake of an attack of online accounts is to always use unique passwords for each account you hold. That way, if one, insecure account is compromised, your other accounts are safe. For users that use the same password for multiple accounts, the theft of one from an insecure site like a message board could lead to important accounts like social media, email or banking sites being hacked as well.
At Geek Rescue, we have tools to protect you from attacks and to help you recover. Call us at 918-369-4335.
