February 11th, 2014
When buying new servers for your business, there are a number of factors to consider to ensure that you get exactly what you need. A new trend being adopted by IBM and HP could add some confusion and frustration to the process. As David King of IT Manager Daily reports, HP recently announced that firmware updates will only be available for its users who are under warranty or a support agreement. IBM has already made that change in policy.
This news means that in order to secure your servers, you’ll have to pay more than ever before. For small business who have already stretched their IT budget thin, this could be a real problem. To save yourself some trouble, and possibly some money, here’s what you need to consider before buying a server.
While IBM’s and HP’s service comes with an expiration date that requires you to pay more for continued support, other companies like Dell and Cisco have no such stipulations. That’s not to say that one company is a better option than another. Rather, the point is that a seemingly cheap server with a limited warranty may end up being more costly than a more expensive server with an unlimited service plan. Before making a purchase, the terms of service needs to be among your first concerns.
If you already have servers that will soon lose their support, or you decide that expiring support isn’t a deterrent for buying a server, there are options for when your warranty finally expires. Before you renew with the server’s manufacturer, check around with third party support companies that may offer better service for less money. A local company may be able to offer support that’s more personalized to your specific needs, rather than the one size fits all approach of the giants.
In order to recoup some of the money spent on new servers, many companies plan to resell them when they’re no longer needed. The value of old servers could take a major hit if the manufacturer no longer covers them. This suggests that servers from manufacturer’s with unlimited service plans will enjoy a higher resale value than those with an expiring service plan. Keep that in mind when you’re purchasing a server if you plan to sell it later.
If you have questions about your server needs, want to explore other options for support or would like to store your company’s data on off-site servers you don’t have to manage yourself, call Geek Rescue at 918-369-4335.
January 21st, 2014
The recent attack on Target that ended with millions of customer’s credit card information being stolen holds multiple lessons for IT departments everywhere. We already reported the facts about the malware used in the attack. At IT Manager Daily, David King has a list of what should be learned from the attack so it less likely to happen again, or at least handled more effectively.
If your body is infected with a virus, the longer you wait the worse it gets. It’s a similar rule of thumb of malware infections and attacks. Not only do you need to secure your network and get rid of the malicious files, but you’ll also need to warn your affected customers and be prepared to handle the influx of calls. This all needs to happen as soon as possible to prevent the situation from getting even worse.
- Secure All Points Of Access
The wrinkle in the attack on Target is that computers weren’t infected with the malware. Instead, the point of sale system was the target. Similarly, recent stories have reported that anything connected to the internet, including refrigerators, can be infected with malware and used by criminals. That makes it vital to secure every device that is connected to the internet and put security tools like firewalls in place to protect your entire network.
Part of the key for acting quickly is to make a plan for recovery before disaster strikes. This way, every part of your organization knows what their job is and everything will run smoothly. This plan will need to be updated when applications and personnel change and altered for new forms of attacks.
These three tips won’t keep you completely secure from a data-scraping malware attack. Unfortunately, nothing can guarantee the safety of your data. But, when you follow the correct protocol, you’re less likely to become a victim and are able to risk less.
For help improving the security of your company’s data, or for help recovering from an attack, call Geek Rescue at 918-369-4335.
January 15th, 2014
Making scheduled upgrades is mandatory for the success of a company’s IT infrastructure. Existing applications may have become outdated, or it’s just time for an update to close security vulnerabilities. It’s easy for what seems like a routine update to go horribly wrong, however. Recently, Dropbox tried to perform an update and ended up with a prolonged outage. David King of IT Manager Daily has some tips for you to follow before your next upgrade to make sure everything goes as smoothly as possible.
For some of the upgrades you perform, a period of downtime is unavoidable. In these cases, such as changes to your servers, be sure to warn users ahead of time. Tell them how long the outage is expected to last and what services will be unavailable. Other times, upgrades may not be expected to cause any downtime, but an outage is always a possibility. In those cases, it’s usually a good idea to plan for the worst. It’s better to alert users that certain applications may be down at a certain time than leave an employee without access to a vital application at the worst possible time.
A popular time for upgrades is Friday at midnight because it’s unlikely that an outage would affect anyone at that time. When every employee only works from their desk at the office, that’s an acceptable assumption. However, with mobile access, there’s never a time when you can be sure that an outage won’t affect someone. Conducting upgrades outside of normal business hours is still the best practice, but regardless of what time you decide to perform maintenance, advance warning is needed.
Before conducting any upgrades or making other changes to your network, it’s a good idea to back-up data and make sure you have a disaster recovery plan in place. Failing to do so could result in downtime lasting longer than it needs to. Testing even more than you think is necessary is also a good way to avoid unwanted surprises. You need to be prepared for how your network will react to these changes so you can plan for possible problems and be prepared even for the unforeseen ones. Also, understand that even with a good plan in place, recovering might take some time. Don’t expect to be able to restore data and service immediately.
Managing your IT infrastructure can be difficult and costly. For help with yours, call Geek Rescue at 918-369-4335.
January 10th, 2014
Phishing attacks come through most of our emails on a daily basis. Thankfully, spam filters and other security measures keep us from having to regularly deal with them, but because criminals are always making these attacks more intelligent, some attacks do find their way to our inbox. Some are difficult to ignore since they capitalize on the latest news to make their message more believable. For example, the latest high-profile attacks on Target, Adobe and Snapchat are now being used by hackers as an excuse for why users need to divulge their information. As David King of IT Manager Daily writes, there are ways to protect yourself from these phishing scams. Here are the most important tactics to know.
Because each message is being crafted to fool users into thinking it’s legitimate, you can’t afford to trust any message you receive. Even messages from companies you have an account with that contain official looking logos can be spam or phishing scams. Checking the email address of the sender is effective for many messages. Often, a message claiming to be from a legitimate company is sent from an email address not associated with that business. But, criminals have started to overcome that hurdle also. Even emails that come from someone in your contacts list could be malicious. So, before downloading anything or responding with important information, ask yourself why the sender of the message would be taking these actions. If it seems at all suspicious, call the sender directly and ask about the email. Or, visit the company’s website and find a more direct way to send them information. Usually, it’s safe to assume that any legitimate business won’t ask for your financial information over email.
Malicious files sent as attachments are a common way to convince users to download malware. Many users will even be suspicious of an email, but download the attachment in an attempt to gain more context as to what the message is about. Downloading and opening these files infects your computer. Don’t let your curiosity get the best of you. If a message seems suspicious, don’t visit any links included in it or download any files attached. Even if the message seems legitimate, don’t download a file unless you know exactly what it is. A good rule of thumb is if you aren’t expecting a file to be emailed to you, don’t download one.
Unfortunately, even the most intelligent users fall prey to phishing scams and malware infections. Even if you never download attachments, visit suspect websites or open suspicious emails, malware can still find its way onto your system. It’s better to plan for this event and never need the security provisions than to be caught without it. Be sure you have a trusted antivirus program in place and keep it regularly updated so it can recognize the latest threats. Update all of your applications and your operating system also to close potential security vulnerabilities.
Phishing scams allow hackers to infect your computer and steal important information. Follow these tips to keep yourself, and you identity safe.
If your computer is infected with malware or you’d like to improve the security on your network, call Geek Rescue at 918-369-4335.
January 7th, 2014
Taking charge of access management for your company is a vital step towards better security. Very few members of your organization need access to all of the applications and data on your network and access management ensures that each employee is given access only to what they need. This significantly decreases the likelihood of a data breach and allows you to keep closer tabs on who is accessing data and how they access it.
Cloud computing and the bring your own device trend make data security more difficult than ever before. Effective access management is crucial in tandem with these new technologies. David King of IT Manager Daily published a list of policies all businesses should follow to limit access to critical data and prevent data breaches.
The more employees you have, the more roles change. Communication between departments is important so that when an employee’s role changes, due to a promotion, firing or change in projects, their access changes too. Problems arise from individual users having access to data they no longer need. Especially in the case of workers who are no longer with the company, access changes should be a priority and made immediately.
Staying up to date on who can access what data and how and where they’re accessing it is a big time investment, but it’s necessary. Without regular checks on data access, you’ll be caught unaware when a problem occurs. Many times, warning signs of an impending breach, or at least a potential vulnerability, exist days or weeks before any data is actually stolen. Data being accessed during off-hours or being accessed off-site are warning signs that someone is accessing data that shouldn’t be. They don’t tell you definitively that there’s a problem, but they suggest you should look into the matter.
Part of access management is ensuring that employee accounts are only being used by those employees. Educating workers about the dangers of weak passwords is important. Make sure each employee understands what a strong password consists of and is using one. Also, prohibit the sharing of passwords or inheriting accounts from others. This weakens your efforts to limit access to certain employees and opens loopholes that workers can exploit after they’ve left the company.
Data breaches can be extremely costly to any type of business. Investing in security now can save you later.
For help improving all facets of data security at your company, call Geek Rescue at 918-369-4335.
December 13th, 2013
An increased IT security budget is a good idea for any business, but it just isn’t always possible. Only about a quarter of respondents in a recent survey reported any type of growth in their security budget for 2013. For those with identical budgets than last year, or decreasing budgets, it’s important to find ways to improve security without spending more. David King of IT Manager Daily suggests three ways to do just that. These tactics will better protect your company without the need to ask for an increased security budget.
There should be security precautions in place across your entire network, but there are likely some areas that need more protection than others. These will be users that have access to more data, all financial documents and applications housing valuable customer data and IT, who has access to critical points. Securing these areas better protects you because they are most likely to be targeted by criminals and would be the most costly if compromised.
It’s important to test all precautions that you’ve put into place so you can learn how to improve them. That goes for both built-in protections and user training. Periodically, launch a test attack against your own system to find out how protected you really are. Send suspicious emails to your users to find out if your training is really paying off. You may find that more training or a tweak to an application is needed to improve security.
It costs nothing to update and patch the applications you’re currently running. But, it makes a huge impact on the effectiveness of your security. Out of date programs contain vulnerabilities with known exploits. This means hackers have discovered security flaws and know how to use them to infiltrate your network. By keeping all applications up to date and patched, you eliminate these vulnerabilities as they’re discovered.
An efficient use of your security budget is important to make your business as secure as possible. For help spending smarter, contact Geek Rescue at 918-369-4335.
November 18th, 2013
Computers aren’t cheap and most of us see a decline in performance of our current PC before we’re ready to invest in a new one. A post at IT Manager Daily contains some suggestions for how to improve the performance of older computers to prolong their life. Whether you want to get more out of your personal laptop, or don’t have the budget for new computers at your business, these are valuable tips.
If your PC is a couple years old, you’ve probably downloaded files and applications you don’t need. You’ve probably also encountered malware, adware or spyware that is still on your hard drive. There are tools available to do a complete scan of your system and help you remove unwanted and unnecessary files. Once you also remove the files and programs you no longer want or need, be sure to run Defrag, or defragmentation. This reorganizes data stored on your hard drive to make it more efficient. Over time, fragmentation occurs when files are saved and deleted.
At this point, you should have deleted everything that isn’t vital on your machine. Take what’s left and back it up on an external hard drive or another storage device. This is to make sure nothing is lost through the rest of the process.
New hardware, like a memory upgrade, is much cheaper than an entire new computer, but will significantly improve performance. Do some research or ask a professional about which upgrades will boost your machine’s performance the most.
With everything backed up, you can start over from scratch. Re-install your operating system, or take this chance to upgrade to one with better performance. Be sure to check for updates that you may have failed to install before. These updates often solve stability issues that could be slowing down your machine.
Once you’re back up and running, be smart about what you save on your hard drive to keep it running smoothly for longer. Use cloud storage so you don’t have to save directly to your hard drive. Keep security software updated and running to keep viruses and malware from infecting your system. Regularly go through your files and delete those you no longer need.
If you need help upgrading hardware, installing a new operating system, backing up data or removing viruses and malware, bring your computer in to Geek Rescue, or call us at 918-369-4335.
November 14th, 2013
Virtualization is becoming a staple of businesses of every size. According to a Cisco survey, 77-percent of small to medium businesses have already virtualized part of their infrastructure. In the next two years, the virtualization budgets will increase for about 70-percent of all businesses. As Sam Narisi, of IT Manager Daily writes, virtualization allows companies to save money while increasing flexibility and scalability, but there are some security concerns. Here are the top three security issues associated with virtualized services and how to overcome them.
Many organizations host multiple virtual machines on a single physical machine. This is the nature of virtualization and why it is so popular. This opens the door for devastating attacks, however, if the virtual machines aren’t properly separated. It’s important to grant employees access to only the VMs they need. This way, if their access is compromised, your entire virtualized infrastructure isn’t.
Any software will contain bugs and vulnerabilities that can be exploited by intelligent hackers. Virtualization software is no different, but allowing a hacker to use these vulnerabilities could prove much more costly than other software exploits. Patches and updates are constantly being made available to fix these flaws. It’s important to stay current and update your software each time a new patch is released so you can close holes in security before an attack takes advantage of them.
More than ever before, it’s important to have a firm grasp on the IT assets in existence and who has access to each in your company. This was a simpler job when each machine was physical. With virtualization, VMs can be created and moved quickly, which sometimes leaves IT out of the loop. If a problem comes up, it’s much easier to solve it when you know where each machine is and who is able to access it.
Virtualization offers a number of benefits for businesses, but it also comes with increased responsibility and security concerns. Geek Rescue helps take the uncertainty and labor out of virtualization. Call us at 918-369-4335 to find out what services will give your business a competitive advantage.
October 22nd, 2013
Free public WiFi is a well known danger to your device’s security. These wireless networks are unsecured, which makes it easy for hackers to intercept data being transmitted over them.
Most companies also use a wireless network for their employees, which can be just as dangerous. It’s often overlooked, but, as Sam Narisi of IT Manager Daily reports, there have been a large number of exploits due to wireless routers having backdoors and holes in their security.
Recently, D-Link wireless routers were discovered to have a vulnerability that allows a third party to change the router’s settings without needing the password.
Security firm Independent Security Evaluators released a list of 13 wireless routers that they found to contain security flaws. The routers came from trusted companies like Belkin, Netgear and Linksys and allowed hackers to intercept information, gain access to computers on the network and bypass security.
A technique called “wardriving” has been used to crack wireless networks, as well. By simply driving around and area and searching for wireless signals, hackers are able to then use software to break the network’s encryption.
Internal wireless networks are not inherently secure. There are, however, steps you can take to improve their security. Installing the latest patches and continually updating the router’s firmware is important. Replacing your hardware regularly is also necessary since older devices will stop getting patches and have flaws the newer devices don’t. Use HTTPS for administrator connections. And of course, use a long and strong password on your router.
There are a number of ways a criminal can gain access to valuable data within your company’s network. In order to improve your entire security, call Geek Rescue at 918-369-4335.
October 10th, 2013
Phishing scams are attempts to trick users to give out personal information so hackers can then use it to break into accounts and steal their identities. Most phishing scams start with an email that directs users to a website where they’er asked for information like their phone number, physical address and even social security number or banking information. There are a number of tell-tale signs of a phishing email, which makes many people believe they could never fall for one. As Sam Narisi of IT Manager Daily reports, a recent study by the Polytechnic Institute of New York suggests otherwise.
The study consisted of 100 science and engineering students. The students were given a personality test and asked about their computer use and proficiency. The researchers then anonymously sent a phishing scam to their personal accounts. The email included the usual signs of a scam, including misspellings and other errors. Still, 17 students fell for it and willingly gave out personal information.
What this study uncovers is that everyone is at risk to become a victim of a phishing scam. Due to social engineering when developing these scams, and a carelessness by users, even the most educated individual could still be a victim.
This extends to other threats, like malware, that infect your system through careless user actions. When a user isn’t extremely cautious online, bad things happen. This is costly for users on their personal computers at home, but it’s a huge risk for businesses who have to safeguard their entire network from numerous careless users.
Education is a great place to start to protect yourself and your office. Knowing what to look for in a potential cyber threat is important, despite the results of the study. Additional security measures also need to be put in place, however, with the knowledge that, eventually, someone is going to click on the wrong link.
To improve the security on any of your devices, at home or at the office, contact Geek Rescue at 918-369-4335.