September 27th, 2013
You’ve heard how important robust cyber security is for your business. You’ve read the articles, you’ve seen the statistics and heard the urging from IT professionals. Unfortunately, for many small business owners, the warnings don’t truly sink in until after they become a victim of an attack.
Ericka Chickowski, of Dark Reading, writes that a cyber attack doesn’t have to solely be a negative on your company. It is costly and it could hurt your credibility with your customers and prevent you from offering your services for a time. But, it’s also a chance to learn a lesson and become stronger.
During the recovery process, it’s important for companies that have been victimized to take time to study why they became a target in the first place. The exploit is like a real-world audit of your security infrastructure and, unfortunately, your security failed. Take this opportunity to improve the holes and the day-to-day processes of your company.
Be sure to take this opportunity to address your entire security infrastructure, not just the part that was exploited. Your security likely doesn’t have only one flaw. And even if you find that the software in place is adequate, you may discover that you employees actions put data at risk.
You should also critique your recovery plan. Think about the company-wide actions after the attack took place and consider how they could be improved. Your goal should be to cut downtime and restore data as quickly and fully as possible.
If your security is breached, you definitely can’t afford to ignore it. Let it be a message to you that a more serious investment in cyber security is needed.
For a security audit, or to find out what your options are for improving security, contact Geek Rescue at 918-369-4335.
September 27th, 2013
Every business has adopted some form of cyber security, but is your security truly aimed to keep you safe from a full-scale cyber attack? Too often businesses believe they won’t be a target of hackers and make that an excuse for not dedicating more resources to true security. Those with minimal security, however, make themselves a target because of how easy it is to attack their network.
Catalin Zorzini, of Inspired Magazine, suggests taking the necessary steps to take your security from minimal to robust. Here’s what to consider when trying to implement adequate security.
- Audit your current security
Conducting a security audit will reveal where you are most vulnerable. This informs you what your security is lacking and specifically what data is at risk. Knowing that will allow you to put into real terms what is at stake. Contact Geek Rescue to perform a thorough audit of your security.
- Consider disaster recovery
Keeping security threats like malware out is only one aspect of good security. You also need to have a plan in place for a disaster that wipes out your data. This could stem from a cyber attack, or it could be a natural disaster that destroys your servers. Regardless of the cause, you need a plan that will minimize the amount of downtime you suffer and how much data is lost.
- Don’t forget about mobile
Mobile technologies create complications for your security infrastructure. Employees sharing data with cloud systems or through email and connecting on unsecured WiFi cause headaches. There’s also the growing bring your own device, or BYOD, trend. That is also a potential problem as employees could bring infected devices to the office and infect the whole network.
By thinking about potential security problems and patching holes, you’ll avoid large scale data loss and downtime in the future.
Geek Rescue helps you improve cyber security. Call us at 918-369-4335 to set up a security audit, make a disaster recovery plan or more.
September 26th, 2013
Craigslist has long been known not only as a legitimate online marketplace, but also a potentially dangerous hub of scams and hackers. A report posted on the Symantec blog alerts that a current scam is harvesting phone numbers from Craigslist ads and texting them spam links.
The actual scam has nothing to do with Craigslist, but that seems to be where the hackers are getting phone numbers. From there, they send a text containing a link. However, the link won’t work on a smartphone.
Instead, users are prompted to use their PC and arrive at a page prompting them to install “GIMP Viewer”, which is legitimate open source software. If the user agrees, they aren’t taken to the actual GIMP site. Instead, they are taken to a fake site where GIMP software is installed with a number of other programs.
Hackers make money each time these additional programs are downloaded. For now, it doesn’t appear that any malware is included in the scam, but it could easily become part of it if criminals decide the current scam isn’t lucrative enough.
To avoid any similar scams, be wary of text messages from unknown sources. You certainly shouldn’t be agreeing to download anything to your phone or PC unless it comes from a trusted source. A link in an unsolicited text message would not be a trusted source.
To protect your smartphone and PC from future malware infections, contact Geek Rescue at 918-369-4335.
September 26th, 2013
Using a cloud system to store and share files has become a common business practice. The cloud makes data available from practically anywhere and makes it easy for employees to collaborate on projects. However, not enough attention is being paid to the security of these clouds and who could potentially have access to valuable information.
Yorghen Edholm writes on his ComputerWorld blog that these security issues are of a particular concern when employees use a public cloud. Services like Google Drive and Dropbox are easy to use and have free options. They present a security risk, however.
It’s not necessarily these public clouds themselves that pose the problem, although they aren’t nearly as secure as private cloud options. The real problem stems from employees using public clouds without supervision from superiors or the IT team. That means others are unaware of potential risks and unprepared to solve problems.
Many employees use a public cloud because it’s convenient. They may be planning to temporarily store a file, or quickly share it with other team members. Usually, they lose track of exactly what is being shared and believe that they’ve only added files to the public cloud that don’t contain any potentially damaging information.
There’s also a concern over who exactly will have access to a public cloud. Recent headlines have enlightened the public about the government being able to snoop on files stored this way. Storing your data more securely doesn’t necessarily restrict the government’s access, but at least you’ll be able to keep track of what they’ve seen.
It may not be possible to keep every piece of data stored privately. But, you should strive to gain oversight of all the data being shared, and how it’s being shared.
For help implementing a cloud computing system at your business, or to enhance security, contact Geek Rescue at 918-369-4335.
September 26th, 2013
Browser extensions enhance the capability of your web browser. There are a number of uses for browser extensions. Many are designed to improve security or boost productivity. Recently, more and more extensions have been made by hackers, however.
Lucian Constantin, of ComputerWorld, writes that malicious browser extensions are a growing concern among security experts. That’s because they are difficult to protect against.
Malicious extensions have been seen before. They’ve been used to hijack searches and show ads to users. Recently, an IT security consultant was able to create an extension with much more harmful capabilities.
This example malware was able to be controlled remotely. It’s able to bypass two-factor authentication, perform functions, such as downloading other malicious files or controlling the webcam and steal data.
Malicious extensions are a growing concern, but there are few options available to protect yourself from them. Many antivirus programs are unable to detect and remove this malware. Security extensions added to your browser are also powerless.
Your chosen web browser actually has a significant effect on how much at risk you are. Firefox users are considered to be the most vulnerable. This is because it allows for third party extensions to be added, which means hackers can convince users to install the malicious extensions themselves, or can use malware downloaded through other means to install them remotely.
Chrome users, on the other hand, are at a relatively low risk. Chrome only allows extensions to be added from their Web Store, which only contains extensions that have been approved by Google. This doesn’t mean that there can be no malicious extensions added to a Chrome browser. It just means it’s much more difficult than with Firefox.
Exercise caution when adding extension to your web browsers and make sure you understand what your security software does and does not protect against.
To improve the cyber security on your home computer or at the office, contact Geek Rescue at 918-369-4335.
September 25th, 2013
Yahoo recently announced that they were recycling dormant email addresses. Yahoo IDs that hadn’t been used in awhile were made available again and taken over by other users who wanted them. Donna Tam, of CNet, reports that there’s a significant security problem with that.
Even though users hadn’t accessed their Yahoo emails in over a year, they still have accounts associated with them all over the internet. One user who took over a previously owned Yahoo ID says the email address is associated with a Pandora and Facebook account and is the contact for a doctor’s office.
Multiple users have seen emails intended for the address’s previous owner. Those emails contain the ability to hack into the previous owner’s online accounts and some contain personal information like the last 4 digits of a social security number and physical address. With that information, a motivated person could hack into any number of accounts. The potential for identity theft is incredibly high.
Yahoo says most of the recycled accounts were not receiving any emails before being claimed by a new user. They also claim that they’ve taken precautions so the new account holders don’t receive emails containing information about the accounts of another person. But, Yahoo has to rely on other websites to make changes in order to fully fix the problem.
If you let your Yahoo email address lapse, you’ll definitely want to go through all of your online accounts and make sure none of them are associated with an address that may now be used by someone else. Don’t forget to also check with doctors’ offices and friends to let them know that you no longer use that email.
To avoid any of these potential headaches, contact Geek Rescue about hosted email. We offer a variety of options to fit your needs. Call us at 918-369-4335.
September 25th, 2013
It’s easy to understand why so many hackers are targeting social media for cyber attacks. Where else would you find such a high collection of unsuspecting people? Many users have grown wise to email attacks and have learned to avoid suspicious emails. Social media, however, is still seen by most as a safe place. Throw in that many users access social media on mobile phones, which often lack necessary security, and you have an irresistible target for hackers.
John P. Mello, of CIO, reports that these attacks claim victims using the trust of users against them. Similar tactics as previously seen in creating fake versions of legitimate websites, or sending phishing emails that appear to be from legitimate sources, have been adapted for social media. The trend is to take over an account with a large number of followers and credibility and use it to spread malicious links.
These attacks are difficult to avoid because they appear to be coming from a trusted source. You wouldn’t expect a Twitter account that you’ve followed for years to suddenly be directing you to a phishing site, or infecting you with malware.
This isn’t only a concern for individuals either. Businesses need to be aware of these threats to security also. Another reason that social media is so attractive to hackers is that so many users access social media on their company’s network. This means that if any of your employees encounter a hacked profile, they are putting your company’s data at risk.
There are a number of options for how to deal with these threats. Blocking social media sites is one. Educating employees about the risk and making sure they understand how to avoid these attacks is another.
To improve your company’s security, contact Geek Rescue at 918-369-4335. We offer security software that is capable of blocking potentially dangerous sites and catching malware before it infects your system.
September 24th, 2013
Microsoft Windows users may be tempted to forego any additional security software because of the existence of Windows Defender, a free antivirus program included with Windows. While Defender does offer some security benefits, Mathew J. Schwartz, of Information Week, points out that it hardly is capable of protecting your computer on its own.
In a study conducted with 27 other antivirus programs that tested protection, repair and usability of each, Defender scored the lowest. In fact, out of a possible score of 18 on the test, Defender scored about 5 points lower than any other program.
In a test of about 60-thousand common pieces of malware, Defender was able to detect 97-percent of them. Not so good considering only three other programs failed to achieve 100-percent detection.
Defender does have its advantages, however. It earned top marks in usability and, of course, its price tag can’t be beat.
So, should you run Windows Defender on your computer? Absolutely, but you should have other security in place, as well.
Security experts suggest using multiple layers of security, even if you have the top ranked programs in place. Because malware is constantly changing and new forms are released each day, there’s no way any program can keep up. So, having multiple ways to detect malicious programs gives you a better chance to avoid infection.
For help improving the security on your machine, or to get rid of malware that’s already infected it, call Geek Rescue at 918-369-4335.
September 24th, 2013
Studies have shown that phishing and malware attacks through email are effective because of uneducated users. Individuals who are unable to identify these malicious emails, or those who don’t fully understand the risk involved, are the ones most often victimized. For a business, this means that more education and security is needed so an employee doesn’t wreak havoc for the entire organization.
Jeff Orloff, of The Email Admin, suggests some ways to safeguard your business and convince employees that email security is an important issue.
You can’t expect employees to follow the rules if those rules are only implied. To keep from having data stolen or malware infecting your network, write out a policy of email usage guidelines. Make sure every employee has a copy and understands it.
The idea of ‘that won’t happen to me’ is a difficult one to overcome in the context of cyber security. To do so, use specific examples from companies similar to yours in size and industry. Detail how they were attacked, why the attack was successful and what the end result was. Personalizing the attack to show how it would affect your employees is extremely helpful.
With a set of rules in place and an understanding of what’s at stake, you can explain how an attack works and how to avoid them. Most employees won’t understand, and don’t need to know, the technical details of malware, but a basic understanding of a hacker’s motivations is helpful. Then, an explanation of what to look for in a typical malicious email.
If you’re able to improve your users’ behavior, your security will improve exponentially. After all, it’s much easier to stop malware from getting in than it is to find it and delete it.
For help with your company’s cyber security, contact Geek Rescue at 918-369-4335. We offer security solutions to keep your business safe, which includes hosted email and spam filters.
September 24th, 2013
As expected, Apple’s release of their new operating system, iOS7, has been met with hostility by some. One of the most common complaints is that iOS7 drains a user’s iPhone battery much faster than iOS6. Many report that their smartphone no longer lasts an entire day on a single charge.
Craig Grannell, of Stuff Magazine, has some tips for iOS7 users to make their battery last longer. Disabling non-essential options is key, so get ready to make a few sacrifices.
- Make changes in the Control Center
By swiping up from the bottom of your screen, you’ll be able to access the Control Center. From there, you can make a number of changes that will prolong the life of your battery. Disable Bluetooth and WiFi while you aren’t using them. Also, disable Apple’s new sharing method, Airdrop. Finally, adjust the brightness settings. A dimmer screen takes less battery, but iOS7 automatically sets your screen to the brightest setting.
If you absolutely have to make your battery last and there’s no way to recharge in the middle of the day, you’ll have to cut out some of your app use. Games eat up your battery like nothing else. Check to see which apps are costing you the most battery life by going to ‘Settings’, then ‘General’ and choosing ‘Battery Percentage’.
Your iPhone is constantly working, even when it’s in your pocket. All of this background work drains your battery. To save some, disable the auto-update apps option. You will find that option in the App Store settings. For non-essential apps, you should also turn off background app refresh. Do that in the General Settings menu.
Of course, you could turn off your 4G capabilities, or turn on Airplane mode, if you want to really save your battery. That greatly diminishes the capability of your smartphone, however. With the above tips, you should gain more battery life without having to sacrifice too much.
At Geek Rescue, we fix any device. So, if you are having problems with your iPhone, bring it to us. We restore lost data, clean malware infections and fix broken phones. Come by or call us at 918-369-4335.
