Archive for the ‘business security’ Category
For most, smart phones & tablets (smart devices) are a necessary part of our lives…both personally and professionally and become our constant companions. So it stands to reason that we should be selective in who or what we chose to spend so much time with.
So, what should you look for in a new smart device to ensure that your needs are met and that your new companion will play nicely with the rest of your technology?
Here are some points to consider during the selection process:
- All smart devices are NOT created equally and it’s the applications that set them apart. When looking for a smart device, don’t be sold on all the bells and whistles packaged in a sleek sexy package. Instead plan out your needs. Do you need access into your business network? Remote apps connect differently. While some devices connect natively, others may require special applications on the server side ($$) to make it work. Even better (or worse if this is you), some smart devices might not run the applications needed AT ALL.
- Compatibility: Will they play nicely with your other devices and network or will you need to add other hardware and or software to make them work properly?
Now, being a dutiful companion means that we take our beloved devices to work with us and so do our employees. This leaves your company network exposed (and who really likes being exposed).
Here are some tips/points to remember to keep your network safe and secure when using mobile devices:
- Remote connections to the network: There are several apps that allow you to remotely connect to your business network – almost all of these allow you to save your username/password credentials. A lost phone or tablet makes it very EASY to access the network because most people allow the device to store these credentials. Never allow an application, website, browser, device to store your login information no matter how much simpler it will make your life.
- More on remote connections: It is important to also be aware that there are devices out there designed to steal and clone your network logins. What can you do about it? Set device passwords and make sure when you do connect to your network that you do it through a secure server. By doing so login credentials can be changed immediately once a device is lost or stolen. Swift action will minimize your risks.
- About those passwords: People I can’t stress this point enough. USE COMPLEX PASSWORDS. It’s your first line of defense. A complex password is a minimum of 8 characters in length and uses a combination of upper/lower case letters, numbers and symbols.
- Be wary of wifi. Accessing critical corporate data via unprotected means such as the public wifi is an issue waiting to happen. Again, only login through a secure server. To do this, utilize a VPN connection or a direct firewall pass through that requires login credentials.
- Siri on the iphone: Ask yourself…do you know more about technology and what it does more than IBM? Well IBM has banned Siri from their networks. Why? Because everything their employees say is sent to Apple and transcribed into text then stored for some unknown length of time and can be accessed by some unknown amount of people who have permission do unknown things with it. Additionally, in order for Siri to do a good job answering their question in the first place, it accesses contacts and other “unspecified” user data. This may not only compromise sensitive company intellectual property but put the company and/or the employee in violation of non-disclosure agreements. Are you okay with that? If you are…carry on then.
While mobile devices and nifty applications are increasingly important tools in our multi-tasking work/home life it is important to understand that just because the products are out there doesn’t mean that security holes that they create have been plugged yet.
Before you invest in any new smart device make certain that it will meet your needs, works well with others and take the steps necessary to protect yourself and your business when using it.
Copyright © 2012 Help Me!!® Tech Team, a division of HELP ME!!® Computers, LLC
The Hidden Costs of Cloud Computing
There is so much buzz these days about cloud computing. You hear it everywhere, television commercials, business meetings, articles and newsletters so maybe by now you are thinking that you might need to inquire about it.
The first thing to know is that the cloud isn’t really all that new. For example, if you go to Facebook, bank on-line, or use Google or Yahoo for your email, then you are already on “the cloud.” Simply said, the data in the cloud isn’t stored on your computer, it is stored on the Facebook, Google, Yahoo and your banking institutions server. You do not have control of this data…they do.
Some people don’t care where their data is stored, who sees it, or what happens to it…some do. For example, if you are in a profession where the data is particularly sensitive, such as medical or the legal profession there are real consequences to a security breach.
The cloud doesn’t have to be an all or nothing equation. For your business for example, you might gain some real benefit from using a software application that is on the cloud. But just because it is on the cloud (or accessed through the internet) doesn’t mean that you can’t be the one hosting it on your own server. This is the best of both worlds. It combines the beauty that is “the cloud” with its ease of use and access of information but the control some need to maintain by running it off of your own server.
Things you should know about “cloud” computing when contemplating if you should jump on the cloud bandwagon yourself:
- Internet Connection. For the cloud to work, your internet connection must be maintained at all times. In other words, if your internet is down…your cloud is down. This may not be that big of a deal for you but if all of your data is on that cloud and your internet is down for more than a few minutes, it might turn into a more complicated situation for you or your business.
- Internet (data) Bandwidth. Specifically, synchronous bandwidth. For your data to reach the cloud you must have sufficient bandwidth availability through your internet provider. This isn’t cheap. Really not cheap and it is a vital part of making the cloud work for you. Before moving over to a cloud hosted anything you must find out how much bandwidth you need to make it happen. This will depend on the amount of data that you or your business uses. So you must consider how you and your employees use the internet (video streaming, music, etc.), your VOIP phone system (if not on a separate phone line), security cameras, etc. This clogs up your bandwidth super highway and drags down the speed and ability to drive your data to the cloud (not to mention use your phones, access the internet, etc.).
- Cloud Server Down = bad. If the cloud server is down, your data can not be reached until they are back up. Again, this could be mere seconds or days depending on the situation and it is out of your control (a scary thought for some business owners).
- Security. Who is hosting the cloud? Wherever it is hosted is where your data resides. Who will see it? How long will they store it? How secure is their location? Do they store it in multiple servers in various locations (redundancy) just in case the building burns down? Can the data be intercepted while in transit to the cloud? Yes, it should be encrypted, but because there are more people and businesses using the same cloud – there are more potential victims swimming in the same pool. Making you a much more enticing target.
- Rent not Own. Imagine that you rented a storage unit for your most valuable stuff for a really good price. You saved lots of money because you didn’t have to buy a house big enough to fit it all in plus, they gave you a really good deal. You had it there for years and years and luckily nobody stole any of it. So now, you’ve decided that you want to cancel your lease for whatever reason. But now the storage company won’t give you back your stuff. Fine. Since you’ve complained enough they’ll give it back to you but shred to pieces. If you ever end a contract with a company hosting your cloud data, you might be able to save it or get it back from them but it will be in their format – that you no longer have access to thereby rendering your data unreadable and useless. If you have been using a hosted cloud software application to run your business, what is the cost of not having access to all of that data (that has now multiplied significantly)? Again, some people don’t mind this…some do. Which are you?
The bottom line is that if you are considering moving to the way of the cloud, for your software applications or even your server, really give it some thought. Be aware of the hidden costs involved to truly know if it is in fact a great money saving deal. Also, if you are considering moving your server to a hosting center, read your contract to be fully informed as to what will happen to your data and server if you ever change your mind. Weigh the benefits and the risks and talk to your trusted advisors.
Copyright © 2011 Help Me!!® Tech Team, a division of HELP ME!!® Computers, LLC
I don’t have to tell you that identity theft is a big problem in today’s highly electronic society. I also don’t have to tell you that cyber criminals feed off of our private information. Now, given that our private information is so vital to their mere existence it stands to reason that they are going to find a way to acquire it. Right?
So, they can go about it the hard way – like having to actually “hack” into your account(s), tap your network or physically steal your computer. OR they can go about it the easy way – which in fisherman terms – is to cast out a great big net onto naïve victims to see who might literally hand them the information they require.
Now, being a fisher of men is a pretty good thing. Phishing to steal from them is another story. To protect oneself from being a victim of the later kind you must first understand what “phishing” is.
Phishing is a way of attempting to acquire private data such as a person’s username and password, credit card information, and/or account numbers by masquerading as a seemingly trustworthy entity. Phishing is typically carried out by e-mail or text message, and it often directs the user to enter details at a fake website that looks almost identical to the legitimate one.
The first thing to know without question is that no legitimate bank (for example) will ever lose your username and password nor send you an email requesting that you “update” your account information. Period. The same can be said for Facebook, Ebay or any other site that you may have purchased from or joined.
With that said, they might send you an order confirmation but typically you would know if you just ordered something. At least I hope you would. Further, if you just joined a site you would know that too. So you could expect a “thank you for joining” email. Pay close attention to emails that confirm a password or username change. These requests are a little harder to ignore. In fact, you may very well have just engaged in these very things. Remember timing and stupidity gullibility are what “phishermen” are hoping for but there are some rules of thumb that will help keep you out of their nets.
First is action. When you receive any email asking you to respond in some way – DO NOT click on the link provided within the email. Instead, go directly to the site yourself. This will insure that you have gotten to the legitimate site and not the fake phishing site. Once there, look for the https:// in the URL before entering in information that you prefer be kept secure. Keep in mind that “security questions” are helpful to include when you set up new accounts and be sure to always use “complex” passwords.
Second is avoidance. Enlist the help of an “email filtration device” that will help weed out many of these phishing emails and spam in general. This piece of hardware is especially helpful to businesses that receive email messages in greater volume. They lower the risk by catching most spam, phishing and virus infected emails in their OWN nets and keep the user from being confused by them in the first place. They also keep your inbox clean and keep your network running proficiently.
Finally, embrace your inner skeptic and second guess everything you receive in an email or text message – including items that give the appearance that they came from a friend OR your friendly neighborhood banking institution.
Copyright © 2011 Help Me!!® Tech Team, a division of HELP ME!!® Computers, LLC
Are you easy? As in easy target. Well DO SOMETHING about it. Cyber crime, in way of identity theft, is all too common today and one of the easiest things that you can do to protect yourself from it can be found in the beauty that is a “complex and random” password.
I know I know, some of you have heard this before and that’s all fine and good but your old”ish” mind can’t handle memorizing a bunch of different and complex passwords. Besides, you’ve tried it and been burnt before - like the last time you tried to log into your credit card account to pay a bill on-line and couldn’t remember that new “great idea” password you had when you registered. So what good does it do you THEN…right? I understand, and you’ll be glad to know that there is a solution for simple minded busy folks like us.
There are now websites that you can go to that will safely store your password information. RoboForm is a good example (found at roboform.com) and it will even generate those random complex passwords for you. This product is free for users with 10 passwords or less. For more advanced internet users (with more passwords) or for people who want this availability on their phones or USB’s (called the “to go” feature) it is available for under $50. How does it work? Simply go to their website and setup a profile. There you will tell it what usernames, passwords (and the sites they go to) you use. These will all be kept under one new master password (you’ll need to remember this one). Every time you go to a website that you have set-up a username/password for, you will click on the RoboForm button (which now will appear on your navigational bar) to auto fill it in for you. PLUS, every time you go to purchase something on-line it will auto fill in your Bill To / Ship To forms with one click of your mouse and keep your credit cards on file if you like.
Our advice? Here are a few simple password rules to memorize:
1. Have several different passwords
2. Make sure to mix numbers, letters, uppercase/lowercase and symbols to make a complex password
3. Don’t use obvious (and public) information about you to come up with your password (such as maiden name, kids names, boyfriend, birthday, etc.)
4. Change your passwords periodically
5. Don’t write them down ANYWHERE (that includes in a file marked “passwords” on your computer)
6. Always remember the e-mail account that you set up your on-line accounts in and thereby set passwords to protect
7. Utilize known encrypted safe sites such as RoboForm to do the hard work for you
Copyright © 2010 Help Me!!® Tech Team, a division of HELP ME!!® Computers, LLC
Your mother always told you to use protection. In fact, if she did any kind of proper motherly brainwashing job it’s engraved in your mind. So, WHY do we get so lax when it comes right down to it? Well, maybe it’s because, as small business owners, we have seemingly more pressing things to worry about (like making payroll, CUSTOMERS, employee issues and just putting out fires in general). Besides…it won’t happen to me…that only happens to OTHER people. If you are a small business owner guarding yourself from cyber crimes should be up there on the top of your list. Those fires that you put out on a daily basis won’t compare to the back draft you’re going to feel when your company falls victim to cyber crime.
When thinking about cyber crime we tend to think of nameless, faceless bad guys “out there” that we don’t know and because we can’t SEE the threat we tend to forget it’s out there. No matter how successful your business is or isn’t, the fact is, that you are MUCH more “attractive” a target than you think. If you leave your back door open every night…somebody is GOING to come in eventually and the after effects can be devastating.
But strangers aren’t the ONLY threats out there to your cyber security. Employees can jeopardize all that you’ve worked for even easier than you’d expect and not necessarily on purpose.
Our advice? Don’t be an easy target. That IS in fact what those bad guys are looking for. Securing your surroundings is essential in today’s technology environment so I’ll break it down for you.
1. Anti-Virus. Purchase a top rated anti-virus for your network AND every workstation (including ones that access your network remotely).
2. Secure network connection. If you or your staff must access your network remotely invest in a secure encrypted connection. Static IP with a good VPN router is a great way to go and doesn’t compromise speed or graphic quality but there are other options.
3. Secure your premises. Invest in a security system for your company from a licensed and insured source. If you have several employees you may want key card access to certain areas of the building (including the server room/closet) and cameras on the parking lot, doors, registers, etc.
4. Limit employee access. Keep employees out of websites that are known to easily infect their computer (and thereby YOUR entire network). Don’t allow employees to leave passwords lying around. Make sure that they shred sensitive documents. Have a good email usage policy and be selective as to which employees have access to network admin, financials, etc.
5. Enlist the services of a technology company you can trust. Be SURE that the company you hire has longevity, is reputable and has background checked THEIR employees. What are their policies regarding confidentiality of YOUR data and can they share their email usage policies with you?
Random DID YOU KNOW? Hacking…it’s not just your computer anymore. Because of increased wireless technology in new vehicles and the computerization of key systems (like the safety critical ones) hackers can actually hijack your vehicle’s systems from their computer. So, like us, manufacturers also have to work to guard against cyber bad guys.
Copyright © 2010 Help Me!!® Tech Team, a division of HELP ME!!® Computers, LLC
- Mobile Devices & Your Network
- Can I just ignore a virus and save some money?
- fix my PC
- The Case for Managed Services
- Is a blog a blog or not really a blog?
- THIS works…now THAT doesn’t
- Up in the Clouds
- Gone Phishing
- The Validity of On-Line Reviews
- Sink that Pirate Ship!
- Resolutions…shoulda woulda coulda
- Always Use Protection
- Back to School…and not a moment too soon
- Break the chains that bind you!
- Remote Repairs…Proceed with Caution
- Got junk in your trunk?
- Buy Cheap…Buy Twice
- Fact or Crap?
- Could not connect to Twitter