Security Flaws On Your Android Device

October 4th, 2013

Android user

More than half of all smartphone users are using an Android device. Unfortunately, that has made Androids a target for hackers, who are starting to produce more malware for the mobile operating system.

Besides adding security software to your phone, one way to stay safe is to identify potential risks. Sam Narisi, of IT Manager Daily, has a list of some of the most common.

  •  Lock setup

Many Android users don’t enable a lock on their phone at all, which means there’s no security if their phone is lost or stolen. Even those that do use either a pass code or pattern lock don’t get much benefit. The Android lock setup is notoriously leaky and easy to break. 

  • No backup 

Unlike iPhones, Androids have no built-in option to automatically regularly backup their data. If your phone is infected with malware, you run the risk of losing pictures, videos and more in order to remove it. There are apps available to perform backups, however. 

  • Unsafe browsers

You’ll also need to install a third part browser in order to stay safe when using the internet. The native Android browser has no option to only allow secure sites. This puts you at significant risk of a malware infection. 

  • Fake security apps

Adding security apps to close up potential risks is a great idea, but you need to cautious about which apps you download. Many claiming to be anti-malware apps are actually viruses or malware themselves. 

Protecting your smartphone is just as important as protecting your computer. In many cases, your smartphone will be in much more dangerous situations because it connects to unprotected WiFi and security is naturally lower.

If your smartphone is infected with malware, or if you’d like to improve the security on any of your devices, contact Geek Rescue at 918-369-4335.

3 Ways Malware Gets Through Security Software

September 19th, 2013

Breaking in

Regardless of how many safeguards you have in place, your company’s data is never completely secure. Security tools like antivirus software and firewalls are helpful, but they can’t guarantee your safety.

Sam Narisi, of IT Manager Daily, points out that data breaches and cyber attacks create a number of negative results beyond just the loss of data. Employee and system downtime, money lost, damage to a brand’s credibility and compliance failure are all possible when your security is compromised.

One step towards improving security is to understand how your current security infrastructure is being infiltrated. Here’s some of the latest hacker tactics.

  • USB Threats

Everyone is aware of the dangers online so most companies focus their security to protect them on that front. However, 25-percent of companies victimized by a malware attack say it originated from an individual’s USB device. To accomplish this, cyber criminals send out complimentary USB devices, which are disguised as promotional material for a company and infected with malware. They also leave USB devices sitting in coffee shops, bars, restaurants or on the street. Eventually, someone picks it up and tries to use it. 

  • Remote Threats

An employee working at the office on your secure network is well protected. That employee may take his laptop or smartphone elsewhere to work, however. Especially if connected to a free WiFi network, that employee would now be vulnerable. Hackers could gain access to anything stored on their device, and then gain access to the company’s network when they return to work. 

  • Holes in Security Software

Even with antivirus software in place, you’re vulnerable. 40-percent of companies who have experienced a malware attack say the threat slipped through security software already in place. That software has a difficult time keeping up with new malware, even when it is regularly updated. Since hackers have such a deep understanding of how antivirus programs work, they are developing malware that stays undetected. 

Having the right tools in place is still a good place to start to avoid a malware infection. Proper training for employees is another necessary precaution. If you still find that your network has been infiltrated, call Geek Rescue at 918-369-4335. We will disable the threat and also keep you better protected for the future.

How Cloud Computing Helps Mobile Employees

September 12th, 2013

Remote employees using cloud

Cloud computing has a practically endless list of capabilities, but perhaps the most useful is the cloud’s mobility. Sam Narisi, of IT Manager Daily, published ways your remote workers should use the cloud to increase productivity and collaboration.

  • Conferencing 

If you have remote workers spread across the country, a video conference call introduces unfamiliar faces to each other and brings the team closer together. Even if your employees are all in-house, you may need a conference call with a client, an employee working from home or a team on the road. The cloud makes it easy to connect with anyone, regardless of where they may be. A bonus is that those remote employees will be able to access files and applications needed to enhance their contributions to the conversation. 

  • Virtual Board Rooms

Sometimes, you need more than a conversation with remote employees or clients. That’s why some cloud based services offer tools like collaborative virtual whiteboards and message boards. This simplifies communication beyond normal email and leaves printed evidence of what’s been said, unlike phone conversations or video conferencing. The whiteboard feature allows users to draw out ideas and other users to add on or erase. 

  • Storage

A cloud system is great for off-site back-up and data storage. In the context of mobile access, however, storage refers to the ability of the remote workers to access and collaborate on files stored in the cloud. Documents, spreadsheets and even presentations can be shared between team members and worked on together. Not only does this make the process more efficient, but it ensures that employees will always have access to the files they need, when they need them. 

The cloud offers business solutions for nearly every industry. To find out how cloud computing will help your business, contact Geek Rescue at 918-369-4335.

Three Common Cloud Computing Models

September 10th, 2013

Cloud Computing

You’ve no doubt heard the term cloud computing, but did you know now all cloud services are created equal? Infrastructure as a Service, Software as a Service and Platform as a Service all incorporate cloud technology, but offer different advantages.

Gil Allouche, of IT Manager Daily, broke down the difference between these common cloud computing models and explained how businesses use them.

  • Infrastructure as a Service

This is almost like outsourcing your IT department. IaaS puts storage, networking and raw computing into the cloud. An outside provider would then manage for running the system and maintenance. Operating systems and applications are then added by your business.

  • Platform as a Service

PaaS offers the ability to use operating systems online and rent hardware and storage. Your business is able run applications in the cloud, which makes them accessible by employees from virtually anywhere. Features of operating systems and applications running on PaaS are easily upgraded or altered.

  • Software as a Service

In this model, the cloud provider would manage the software your company needs and you would pay for subscriptions for the number of users you need. With SaaS, the maintenance and installation of software is done for you, which frees up space and time for your own IT infrastructure. Updates are quick and easy and the software is scalable to fit the demands of that moment. An example is Microsoft Office 365. Rather than installing Office 365 on each individual computer at your place of business, you would sign up for SaaS and an outside provider would keep you constantly updated and running smoothly.

As you can see, while there are similarities between cloud models, the services offered are different. Cloud computing is incredibly variable and can be used in an almost endless number of possible ways.

To find out what cloud computing offers your business, contact Geek Rescue at 918-369-4335. We have cloud solutions for every industry and will help you discover how cloud computing makes you more efficient.  

How To Protect Your Data When An Employee Leaves

September 5th, 2013

Dismissed Employee

Many companies have adopted an agile, mobile infrastructure to give employees access to vital data from practically anywhere. This is certainly effective for day-to-day business, but what happens when an employee leaves the company? How do you protect your data?

A recent post on IT Manager Daily suggests the key is a balance between your own interactions with the departing employee and security put in place after the individual leaves.

The first step is to develop a plan. In this plan should be a detailed, step-by-step protocol that is followed each time an employee leaves the company. You should also assess the risk an employee poses to the business should they be terminated or resign. Many times a senior member of your organization is more likely to steal data and start a competitor than a low-ranking employee.

Part of that plan should also include a robust contract signed at the time of hiring. This contract, similar to a non-compete, should have a data protection clause that prohibits employees from accessing and misusing company data once they’re no longer a part of the organization. These contracts also typically include a plan of action for lame-duck employees and how they will spend their last work days after putting in notice.

After an employee leaves, it’s vital that you shut off their access to any company data. Passwords should be changed on everything the employee previously had access to. If they used a company email account, you should even change the password to that. All company property should be turned in before the employee leaves. Once out the door for the last time, an employee doesn’t need any access to your data.

Taking these precautions against data theft doesn’t mean you don’t trust employees. They’re just good business tactics to ensure your data stays secure. In fact, developing a trust and allowing employees to leave on good terms is one of the most powerful ways to make sure no data is stolen. If an individual leaves liking you and your business, they’re less likely to do anything to harm it.

If you’d like to increase the security on your company’s data, contact Geek Rescue at 918-369-4335. We have a variety of security solutions to secure your network and keep your data safe.


Hackers Only Need One Android To Breach Your Network

September 4th, 2013

Angry Android user

The growing trend of BYOD, Bring Your Own Device, means that more and more employees are using their personal smartphones on company networks. The initial concern surrounding BYOD is that sensitive and valuable information will be stored on personal devices and potentially lost or stolen. But, as Sam Narisi points out for IT Manager Daily, there’s another significant threat to consider.

A security researcher for Tripwire recently demonstrated how a single compromised Android device could be used to hack into a company’s IT infrastructure. This is possible through Google apps, which many companies use for cloud computing and email.

Android uses a “single sign-on” feature, which means that users aren’t asked to continuously authenticate their Google account with a password. Instead, the Android device stores a cookie the first time you authenticate your account and remembers that your device and your account are linked.

The problem is similar to forgetting to log-out of your email or social media account on a shared computer. For example, if you’ve ever checked your Facebook page at a computer lab or library and forgotten to sign-out when you left, you probably ended up with some joke statuses on your account. College students know exactly what we’re talking about.

For this Android flaw, when an employees device is lost or stolen, their accounts remain active. Whoever holds that device has access to everything stored in Google apps, including the employee’s email account.

An intelligent hacker, however, doesn’t even need to physically hold the Android to access Google apps. If they are able to infect the device with malware, they could also gain similar access to Google accounts.

The simplest fix for this security flaw is to keep anyone from accessing corporate Google apps with their Android device. Failing that, keep from downloading any extraneous apps, especially outside of the Play Store. That will go a long way in keeping malware off your smartphone.

For more help keeping your smartphone or other device safe and secure, contact Geek Rescue ta 918-369-4335. We offer a variety of security solutions for both home and business.