Blog

August 7th, 2014

Security_Aug05_AThese days, the security of various technology based systems is constantly being called into question. From attacks on mobile devices to ever increasing types of malware, many businesses are struggling to stay on top of their security. One of the best ways to help ensure your systems are secure is to be aware of common security issues. To that end, here are five common ways your security can be breached.

1. You are tricked into installing malicious software

One of the most common ways a system's security is breached is through malware being downloaded by the user. In almost every case where malware is installed the reason is because the user was tricked into downloading it.

A common trick used by hackers is to plant malware in software and then place this software on a website. When a user visits the site, they are informed that they need to download the software in order for the site to load properly. Once downloaded, the malware infects the system. Other hackers send emails out with a file attached, where only the file contains malware.

There are a nearly limitless number of ways you can be tricked into downloading and installing malware. Luckily, there are steps you can take to avoid this:

  • Never download files from an untrusted location - If you are looking at a website that is asking you to download something, make sure it's from a company you know about and trust. If you are unsure, it's best to avoid downloading and installing the software.
  • Always look at the name of the file before downloading - Many pieces of malware are often disguised with file names that are similar to other files, with only a slight spelling mistake or some weird wording. If you are unsure about the file then don't download it. Instead, contact us as we may be able to help verify the authenticity or provide a similar app.
  • Stay away from torrents, sites with adult content, and movie streaming sites - These sites often contain malware, so it is best to avoid them altogether.
  • Always scan a file before installing it - If you do download files, be sure to get your virus scanner to scan these before you open the apps. Most scanners are equipped do this, normally by right-clicking on the file and selecting Scan with….

2. Hackers are able to alter the operating system settings

Many users are logged into their computers as admins. Being an administrator allows you to change any and all settings, install programs, and manage other accounts.

If a hacker manages to access your computer and you are set up as the admin, they will have full access to your computer. This means they could install other malicious software, change settings or even completely hijack the machine. The biggest worry about this however, is if a hacker gets access to a computer that is used to manage the overall network. Should this happen, they could gain control over all the systems on the network and do what they please on it.

In order to avoid this, you should ensure that if a user doesn't need to install files or change settings on the computer, they do not have administrator access. Beyond this, installing security software like anti-virus scanners and keeping them up to date, as well as conducting regular scans, will help reduce the chances of being infected, or seeing infections spread.

3. Someone physically accesses your computer

It really feels like almost every security threat these days is digital or is trying to infect your systems and network from the outside. However, there are many times when malware is introduced into systems, or data is stolen, because someone has physically had access to your systems.

For example, you leave your computer on when you go for lunch and someone walks up to it, plugs in a USB drive with malware on it and physically infects your system. Or, it could be they access your system and manually reset the password, thereby locking you out and giving them access.

What we are trying to say here is that not all infections or breaches arrive via the Internet. What we recommend is to ensure that you password protect your computer - you need to enter a password in order to access it. You should also be sure that when you are away from your computer it is either turned off, or you are logged off.

Beyond that, it is a good idea to disable drives like CD/DVD and connections like USB if you don't use them. This will limit the chances that someone will be able to use a CD or USB drive to infect your computer.

4. It's someone from within the company

We have seen a number of infections and security breaches that were carried out by a disgruntled employee. It could be that they delete essential data, or remove it from the system completely. Some have even gone so far as to introduce highly destructive malware.

While it would be great to say that every business has the best employees, there is always a chance a breach can be carried out by an employee. The most effective way to prevent this, aside from ensuring your employees are happy, is to limit access to systems.

Take a look at what your employees have access to. For example, you may find that people in marketing have access to finance files or even admin panels. The truth is, your employees don't need access to everything, so take steps to limit access to necessary systems. Combine this with the suggestions above - limiting admin access and installing scanners - and you can likely limit or even prevent employee initiated breaches.

5. Your password is compromised

Your password is the main way you can verify and access your accounts and systems. The issue is, many people have weak passwords. There has been a steady increase in the number of services that have been breached with user account data being stolen. If a hacker was to get a hold of say your username, and you have a weak password, it could only be a matter of time before they have access to your account.

If this happens, your account is compromised. Combine this with the fact that many people use the same password for multiple accounts, and you could see a massive breach leading to data being stolen, or worse - your identity.

It is therefore a good idea to use a separate password for each account you have. Also, make sure that the passwords used are strong and as different as possible from each other. One tool that could help ensure this is a password manager which generates a different password for each account.

If you are looking to learn more about ensuring your systems are secure, contact us today to learn about how our services can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
July 10th, 2014

Security_July07_ABYOD, or Bring Your Own Device, is one of the most common business trends of the past couple of years. To many, the idea of bringing their own phone, tablet, laptop, or even computer to the office is ideal because it is a system they are undoubtedly familiar with. They may also view personal devices as better than the office models. Even if you don't allow your employees to bring their own devices to work, there is a good chance they do anyways. However, this could pose a security risk that needs to be dealt with.

What should I do about BYOD?

The first reaction of many office managers and business owners, worried about security threats that could stem from BYOD, is to impose an outright ban of devices. While telling your staff they are not to use their devices for work may seem like a quick and easy solution, you can be 100% sure that there will be employees who ignore this policy and use their personal devices for work regardless.

This could put your business at a higher security risk if the rule is ignored, especially if you don't implement any security measures to protect your networks and data. In order to minimize the potential threats BYOD can expose your business to, we suggest you do the following:

1. Consider embracing BYOD

Instead of simply banning personal devices in the workplace take a step back and look to see if there are any benefits BYOD can offer. For example, if you operate on razor thin margins and have not replaced hardware in years, there is a good chance your employees will have better systems at hand. This could help you reduce your overall tech costs.

The same goes for phones for your employees. Why not offer to pay for the plan and allow employees to use their own devices? Of course, you are going to want to implement security measures and usage rules, but if this is easily achieved then it may help reduce your overall operating costs. Before you do implement a system like this however, we strongly recommend you read the rest of this article and follow the steps below.

2. Set up separate networks for employee devices

Oftentimes, the main reason employees bring their devices to the office and use them for work purposes, especially when it comes to mobile phones, is because they can happily connect to Wi-Fi for free without using their data plans throughout the day.

Chances are high that because they use the work Wi-Fi on their device for non-work tasks, they simply keep using the device when they are doing work related activities. This could pose a security risk, especially if you run business-critical operations on the same network. You could nip this potential problem in the bud and simply install another Wi-Fi network for mobile devices and non-critical business processes.

It is usually quite affordable to simply purchase another line and the networking equipment to support this, not to mention the fact that it will keep business-critical processes secure from errant malware. As an added bonus, you will likely see increased productivity because the bandwidth demand will be limited, so important data will move quicker.

3. Educate your staff about security

In our experience, the vast majority of BYOD related security risks are exposed by mistake. An employee may have a virus on a personal phone and be unaware of it. When they connect to the network it can then be unintentionally spread to other computers resulting in a potentially massive security breach.

One of the simplest ways to prevent this is to educate your employees about proper mobile safety. This includes how to spot apps that could contain malware, sharing security threat updates, and teaching your employees how to secure their devices. You really need to stress just how important security is to them.

On top of this, contact an IT expert like us for a recommended anti-virus and spyware scanner for mobile devices that users can easily install. Encourage employees to not just install this but to keep it up to date too. Many of these mobile specific scanners are free and just as powerful as desktop versions.

4. Work with an IT partner to establish a solution that works for you

Beyond education and simple network establishment, it is a great idea to work with an IT partner like us. As experts, we keep tabs on the trends and solutions related to BYOD and will work with you to establish a program that works for your company.

It may be that you don't actually need to integrate BYOD but to update hardware or software to newer versions instead. It could be that there is a simple solution to employees feeling frustrated with slow performance of existing systems at work.

If you do implement BYOD, we can help establish security measures and policies that will ensure your networks and employee devices are secure. The best advice we can give however, is to do this before you start allowing BYOD, as it can be far more challenging to implement and enforce changes when employees are already using their devices at work.

Looking to learn more? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 26th, 2014

Security_June23_ABusinesses are relying increasingly on virtual machines to handle more critical data and tasks than ever before. Still, many are misguided about their security needs in a virtual environment. There are several myths that if believed can have serious consequences; leaving your organization vulnerable to an attack. Understanding these issues is key to helping you make better and safer decisions about the virtual environment of your business.

Myth No.1: Existing endpoint security will protect our virtual environment

Most traditional endpoint security solutions are virtual-aware and provide low levels of protection. This simply isn’t enough. Depending on the virtualization platform used (VMware, Microsoft, etc.), your traditional endpoint security suite can probably recognize virtual endpoints. However, this physical software often can’t bring its full tool set of anti-malware to the virtual world, meaning it can only perform basic tasks such as on-access scanning.

Therefore what you need is a solution that has been designed to keep both virtual and physical computing environments secure. There are a wide-number of solutions out there, and the best one for your business will depend largely on the virtual environments you employ. We strongly recommend talking to IT experts like us, as we can help determine, or even offer, the strongest security based.

Myth No.2: My existing anti-malware doesn’t interfere with my virtual operations

Performance issues can create security gaps that don't exist in your physical environment. Traditional endpoint security uses an agent-based model where each physical and virtual machine has a copy of the security program’s agent on it. This agent communicates with the server while performing security tasks. This is fine for physical machines, but if you have 100 virtual machines running off of one main environment that has been infected with malware, you’ll also have 100 instances of malware running on the machines.

This high level of duplication can cause massive performance degradation and waste tons of storage capacity. Therefore, you should make an effort to ensure that all of your systems including the main ones are without malware. This not only makes every system secure, but can also speed up overall operations.

Myth No.3: Virtual environments are inherently more secure than physical environments

Sadly, this just isn’t always true. Virtualization is designed to allow software, including malware, to behave as it normally would, and malware writers will target any and all weak points in a business’s network to accomplish their goals. An attacker who compromises one virtual machine and finds a way to jump to the hypervisor - the system that enables the virtualization - then has access to every virtual machine on that host.

Therefore, malware scanners on both the user and main systems would be a good idea. If it does happen to get on a system, the chances of it spreading are drastically reduced.

Myth No.4: Using non-persistent virtual machines effectively secures a network

In theory, any machine that encounters malware is wiped away and recreated cleanly. However, we are now seeing malware that is designed to survive teardown of individual machines by spreading across the virtual network. This allows it to return when new virtual machines are created.

Additionally, being too eager to create new machines on demand can result in virtual machine sprawl, which happens when virtual machines are created but then forgotten. This leads to an unmaintained virtual endpoint operating without your knowledge. Even if the rest of your virtual machines are secure, it’s possible for one machine to eavesdrop on the traffic of another virtual machine, leading to privacy and security risks.

The best solution to this is to employ an IT manager who can track and maintain systems. Many IT partners offer a solution like this, so experts like us may be able to help ensure your systems are secure.

Myth No.5: Specialized virtual security programs are more or less the same

There are various approaches to virtualization security and your network will probably need a blend of available options. This all depends on what you’re trying to protect.

A non-Web-connected server is going to have entirely different security needs than a virtual desktop of a server that manages customer information. Implementing one without the other simply just won’t do in today’s world, where attackers are set on getting their hands on your data.

Proper security is vital in making virtualization a critical component of your business IT infrastructure. Looking to learn more about virtualization and its components? Contact us today and see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 13th, 2014

security_June13_ANo matter what industry you operate in, today’s technological advancements make it inevitable that network security threats will sooner or later come knocking on your door. While it is true that corporate security measures can consume a lot of time and a huge chunk of change, the rapid growth of malicious Internet activity makes it extremely vital for your business to become familiar with and to follow the right security guidelines.

10 Security practice guidelines for businesses

  1. Encrypt your data: Encryption of stored data, filesystems, and across-the-wire transfers is essential to protect sensitive data as well as to help prevent data loss due to equipment loss or theft.
  2. Use digital certificates to sign all of your sites: You should obtain your certificates from a trusted Certificate Authority, and instead of saving your certificates on the Web server, save them to hardware devices like routers or load balancers.
  3. Implement a removable media policy: Devices like USB drives, external hard disks, external DVD writers or any writeable media facilitate security breaches coming into or leaving your network. Restricting the use of those devices is an effective way to minimize security threats.
  4. Implement DLP and auditing: Be sure to use data loss prevention and file auditing to monitor, alert, identify, and block the flow of data into and out of your network.
  5. Use a spam filter on your email servers: Using a time-tested spam filter such as SpamAssassin will remove unwanted email from entering your inbox and junk folders. It is important that you identify junk mail even if it’s from a trusted source.
  6. Secure websites against MITM and malware infections: Start using Secure Sockets Layer (SSL) which creates a secure connection between a user and server, over which any amount of data can be sent securely. Through SSL, you’ll be able to scan your website daily for malware, set the Secure flag for all session cookies, as well as use SSL certificates with Extended Validation.
  7. Use a comprehensive endpoint security solution: Using an antivirus software alone is not enough to provide defense against today’s security threats. Go for a multi-layered product to prevent malware infections on your devices.
  8. Network-based security hardware and software: Start using firewalls, gateway antivirus, intrusion detection devices, and monitoring to screen for DoS attacks, virus signatures, unauthorized intrusion, and other over-the-network attacks.
  9. Maintain security patches: Make sure that your software and hardware defenses stay up-to-date with new anti-malware signatures and the latest patches. If your antivirus program doesn’t update on a daily basis, be sure to set up a regular scan and a remediation plan for your systems.
  10. Educate your employees: As simple as it sounds, this might be the most important non-hardware, non-software solution available. An informed user will more likely behave more responsibly and take fewer risks with valuable company data resulting in fewer threats to your organization.
Businesses cannot afford to take chances with security. Why? Because doing so can trigger a domino effect, causing a cascade of problems that can lead to operational outages, data loss, security breaches, and the subsequent negative impact to your company's bottom line. Looking to learn more about security for your business? Call us today for a chat.
Published with permission from TechAdvisory.org. Source.

Topic Security
May 13th, 2014

Security_May13_AAs we increasingly come to rely on cloud-based systems, the browser will likely become even more important to business owners and managers. While there are a number of browsers out there, many Windows users prefer to use Internet Explorer (IE), largely because it is the browser which comes pre-installed on all Windows computers. However, if your business uses IE, there is an important zero-day security flaw that you should be aware of.

What exactly is a zero-day flaw?

A zero-day flaw is a security vulnerability that is taken advantage of by hackers on the day it is discovered. In other words, there are zero days between the discovery of the vulnerability and people taking advantage of it.

The way most software programs work is if a user finds a security flaw, they will usually inform the developer who will then develop a fix and release it in a patch that users download. The problem is, sometimes it is a hacker who discovers this vulnerability. Instead of reporting it, they start to capitalize on the flaw, exploiting it to attack other users before the developer becomes aware of it and has a chance to fix it.

The IE zero-day flaw

In late April, news broke that a zero-day flaw had been discovered in Internet Explorer's code. The flaw affects IE versions 6-11 - essentially every supported version of the browser. Hackers had found a previously unknown flaw that allowed them to gain the same access rights as a user.

How it worked is that the hackers sent emails to users with links to a website that hosts a malicious code. These emails were largely phishing in nature, meaning they aimed to get the user to click on a link in the email. Some of the subject lines used in attacks included:

  • Welcome to Projectmates!
  • Refinance Report
  • What's ahead for Senior Care M&A
  • UPDATED GALLERY for 2014 Calendar Submissions
In these emails there was a link to a website that hosted a code which could then be executed if the user visited the site using IE. When executed this could potentially expose the user's system. Once vulnerable, the hackers could install malicious software without the user's knowledge.

How do I guard against this exploit?

The good news is that Microsoft has released a patch that fixes this exploit. This has definitely been welcomed, and what is really interesting is that Microsoft has actually released the update for XP users as well - this coming after the cessation of support for XP.

To guard against the exploit you should firstly update the version of Internet Explorer that you are using. The easiest way to do this is to go to the Internet Explorer website and download the latest version - version 11 - of the browser. Version 11 can run on both Windows 7 and 8, so the vast majority of users should already be running this latest version.

If you are using an older version, Microsoft has pushed the patch out via both IE's automatic update feature - so restarting the browser should install the update. The other option is Windows Update. Simply running the Update program and installing the updates should ensure that the latest version of IE is installed.

For Windows 7 and 8 users, you can do this by:

  • Opening the Control Panel on your system.
  • Clicking on System or Performance and Maintenance followed by System.
  • Selecting Automatic Updates from the menu in the window that opens.
  • Following the instructions in the new window that opens.
Once installed, you should restart your computer if you aren't asked to do so. If you noticed that Automatic Updates was already ticked, try restarting your computer and this should install the updates.

If you are using XP, you can visit the Microsoft Update website using Internet Explorer and following the instructions.

Aside from updating your browser, you should ensure that your anti-virus and malware scanners are up to date and scheduled to scan your system on a regular basis. Be sure to look at all emails closely as well, if one seems a bit dodgy, or you receive one from someone you don't know, it is best to ignore it and delete it right away.

Businesses who are using XP should seriously consider updating because Microsoft will not be introducing security updates in the future, leaving your systems at greater risk of attack. At the very least, it may also be a good idea to switch to another browser like Firefox or Chrome, both of which will work on XP and are updated regularly.

Worried that your systems are not secure enough, or still running XP? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
May 1st, 2014

Security_Apr28_APasswords are made to safeguard our online accounts. But in this day and age when rampant hacking incidents happen every day and around the world, security is oftentimes compromised. As a result, private data can fall into the wrong hands. For this reason, it is imperative that the passwords protecting your data are strong enough to throw off hackers. Here are some ways to bolster your passwords.

Observe proper web security

With the rapid advancements in technology comes sophistication of methodologies used by hackers to steal data and destroy web security. Cyber crime is continuously evolving as new programs are made to unlock accounts and combine numbers, letters and special characters to determine passwords. The big question for internet users is – how to choose a strong password that can drive hackers away?

Passwords should have at least eight characters. It is highly recommended that you use a combination of uppercase, lowercase and special characters. “P@s$w0Rd45%” is a thousand times better than “Password1”. Veer away from using passwords that are found in dictionaries. Furthermore, avoid using your name, a family member’s name, phone number, birth date, social security number or any public information. Hackers have found a way to crack passwords with the aid of the many databases out there.

To create even more secure passwords, try using a password that is a full sentence, with random words. For example "I am a purple donkey" (with the spaces) will take a long time to crack, which means it's more secure then even the examples above.

Keep malware off your system

Malware are malicious programs that have been crafted in such a way that they appear authentic and trustworthy. Be careful not to click on pop-ups and links that will redirect you to that place where your security walls are torn down. And do not open email attachments from anonymous users. Mechanisms are often embedded in these programs to gain control of your system.

Get professional help by installing security software from a trusted name in the industry. Build your defences as early as possible. Remember the cliché – better to be be safe than sorry – and nowhere is this more true than in computer system and web security.

Keep your passwords private

While this may seem to be a no-brainer, sadly, a lot of people still tend to share their passwords with their office mates or friends. If you’re one of them, then it’s high time that you change your habits and your password again. Think like James Bond -passwords are for your eyes only.

In the event that you need to give your password to a co-worker to get an important document or presentation, make sure that you change them as soon as possible. Never use the same combination again.

Change password regularly

It also helps if you schedule a regular password change. Within a period of 30 to 60 days, you should update passwords across multiple sites. Moreover, never use the same passwords for different websites. If you use the same passwords, you are putting all of your accounts at a high level risk. Hackers are relentless. Once is never enough for them and they can come back time after time.

It’s an unsafe online world out there. These online troublemakers will never be satisfied. So never let yourself or your organization fall prey to hackers. Take note of these safety measures and strengthen your web security arsenal.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 11th, 2014

Security_Apr11_AThe security of systems like servers and computers that connect to the Internet should be one of utmost importance for business owners and managers. However, there are always security flaws being exposed which could expose your systems and data to malicious hackers, who could really endanger your business. Over the past few weeks a massive massive security flaw with cryptographic software has come to light. Codenamed Heartbleed, this bug makes stealing data almost ridiculously easy.

Background info about secure transmission of information on the Web

Most sites on the Internet rely on Secure Sockets Layer (SSL) technology to ensure that information is transmitted securely from a computer to server. SSL and the slightly older Transport Layer Security (TLS) are the main technology used to essentially verify that the site you are trying to access is indeed that site, and not a fake one which could contain malware or any other form of security threat. They essentially ensure that the keys needed to confirm that a site is legitimate and communication can be securely exchanged.

You can tell sites are using SSL/TLS by looking at the URL bar of your browser. If there is a padlock or HTTPS:// before the Web address, the site is likely using SSL or TLS verifications to help ensure that the site is legitimate and communication will be secure. These technologies work well and are an essential part of the modern Internet. The problem is not actually with this technology but with a software library called OpenSSL. This breach is called Heartbleed, and has apparently been open for a number of years now.

About Heartbleed

OpenSSL is an open-source version of SSL and TSL. This means that anyone can use it to gain SSL/TSL encryption for their site, and indeed a rather large percentage of sites on the Internet use this software library. The problem is, there was a small software glitch that can be exploited. This glitch is heartbleed.

Heartbleed is a bug/glitch that allows anyone on the Internet to access and read the memory of systems that are using certain versions of OpenSSL software. People who choose to exploit the bugs in the specific versions of OpenSSL can actually access or 'grab' bits of data that should be secured. This data is often related to the 'handshake' or key that is used to encrypt data which can then be observed and copied, allowing others to see what should be secure information.

The problem with Heartbleed

There are two major problems with this bug. The first being that if an attacker can uncover the SSL handshake used by your computer and the server that hosts the site when you login or transmit data they will be able to see this information. This information usually is made up of your login name, password, text messages, content and even your credit card numbers. In other words, anything that gets transmitted to the site using that version of SSL can be viewed.

Scary right? Well, the second problem is much, much bigger. The hacker won't only be able to see the data you transmit, but how the site receiving it employs the SSL code. If a hacker sees this, they can copy it and use it to create spoof sites that use the same handshake code, tricking your browser into thinking the site is legitimate. These sites could be made to look exactly same as the legitimate site, but may contain malware or even data capture software. It's kind of like a criminal getting the key to your house instead of breaking the window.

But wait, it gets worse. This bug has been present in certain versions of OpenSSL for almost two years which means the sites that have been using the version of OpenSSL may have led to exposure of your data and communication. And any attacks that were carried out can't usually be traced.

Am I affected by this?

What makes this so different from other security glitches is that OpenSSL is used by a large percentage of websites. What this means is that you are likely affected. In fact, a report published by Netcraft cited that 66% of active sites on the Internet used OpenSSL. This software is also used to secure chat systems, Virtual Private Networks, and even some email servers.

We have to make it clear here however: Just because OpenSSL is used by a vast percentage of the Internet, it doesn't mean every site is affected by the glitch.

The latest versions of OpenSSL have already patched this issue and any website using these versions will still be secure. The version with Heartbleed came out in 2011. The issue is while sites may not be using the 2011 version now, they likely did in the past meaning your data could have been at risk. On the other hand, there are still a wide number of sites using this version of OpenSSL.

What should I do?

This is a big issue, regardless of whether a website uses this version of OpenSSL or not. The absolute first thing you should do is go and change your passwords for everything. When we say everything, we mean everything. Make the passwords as different as possible from the old ones and ensure that they are strong.

It can be hard to tell whether your data or communications were or are actually exposed or not, but it is safe to assume that at some time or another it was. Changing your passwords should be the first step to ensuring that you are secure and that the SSL/TSL transmissions are secure. Another thing you should be aware of is what sites are actually using this version of OpenSSL. According to articles on the Web some of the most popular sites have used the version with the bug, or are as of the writing of this article, using it. Here are some of the most popular:

  • Facebook
  • Google
  • Gmail
  • Yahoo
  • Yahoo Mail
  • Instagram
  • Pinterest
  • Amazon Web Services
  • GoDaddy
  • Intuit
It would be a good idea to visit the blogs of each service to see whether they have updated to a new version of OpenSSL. As of the writing of this article, most had actually done so but some were still looking into upgrading. For a full list of sites, check out this Mashable article.

If you have a website that uses SSL/TSL and OpenSSL you should update it to the latest version ASAP. This isn't a large update but it needs to be done properly, so it is best to contact an IT partner like us who can help ensure the upgrade goes smoothly and that all communication is infact secure.

Contact us today to see how we can help ensure that your company is secure.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 4th, 2014

Security_March31_AMalicious software (more commonly known as malware) can be found on almost any system, most often being downloaded and installed on computers. It can cause a myriad of annoyances, like unwanted pop-ups and system freezing, and some forms can even gain unauthorized access to your PC, stealing personal information. It's therefore essential that malware is prevented. Malware on work computers can disrupt a company’s operations and may put the security of data in jeopardy.

Signs of a malware infection

Before proceeding with the steps on how to respond to malware infections, we first need to learn about the signs and symptoms of a malware infection. These include:
  • Several pop-ups appear even when not browsing the Web.
  • Unusual slowness of the computer and Internet connection.
  • System hangs or freezes.
  • Corrupted programs.
  • Antivirus is disabled.
  • E-mails sent to or from your account which you did not send.
  • High network activity, even when not using large programs or accessing huge data.
  • Redirected access to some sites.

How to respond to a malware infection

In case you experience any of these symptoms, the first thing to do is to ensure that your antivirus and antispyware program is updated. This is to make sure that they detect the latest known threats on their database. You should then run scans to see if an infection is detected. If it is, the programs usually have a way to remove the infection. You then need to follow the steps the program recommends.

If this doesn't work, disconnect the infected computer from the network to prevent the spread of the malware. Furthermore, avoid accessing the Web and using vital information such as bank account and credit card information. Let the technical department or your IT partner handle the concern since they are trained in determining and eradicating system malware infections.

Once the problem has been pinpointed, a tech specialist will go through the process of eliminating the infection. This includes backing up data on the computer and restoring the system to its original state. Depending on the extent of the infection, the computer may need to be wiped clean, or reformatted before restoring backed-up files.

After the whole process, the computer must be tested to ensure that the infection has been totally removed. Moreover, further investigation and studies must also be done to determine where the problem started, as well as to create a strategy as to how to prevent this from happening in the future.

How to prevent a malware attack

Prevention is better than a cure and this definitely applies to malware infections. It’s best to arm yourself with knowledge on how to avoid malware attacks and prevent your systems from being infected.
  1. Ensure that security protection is always updated and that you run system scans on a regular basis.
  2. Avoid downloading attachments or clicking links from unknown sites or senders.
  3. Enable firewall protection.
Malware can hugely affect business operations and the security of private information. One of the best ways to prevent this is to work with an IT partner, like us, who can help recommend and install protection systems. You might want to think about getting help in managing these solutions too, to ensure that your systems are secure at all times.

If you have questions or concerns with regards to malware prevention and resolution, feel free to call us. Our support team is always ready to help.

Published with permission from TechAdvisory.org. Source.

Topic Security
March 20th, 2014

Security_Mar17_ASecurity of a business's systems and networks should be important to many business owners and managers. In fact, an increasing number of companies are implementing security strategies. While these strategies do keep businesses secure, there is one critical element that could cause plans to fail, leading to an increased chance of a breach of security: The audit.

Auditing and the security security strategy

Auditing your company's security is important, the only problem business owners run across is where and what they should be auditing. The easiest way to do this is to first look at the common elements of developing security strategies.

These elements are: assess, assign, audit. When you develop a plan, or work with an IT partner to develop one, you follow the three steps above, and it may be obvious at the end. In truth however, you should be auditing at each stage of the plan. That means you first need to know what goes on in each stage.

During the assessment phase you or your IT partner will need to look at the existing security you have in place. This includes on every computer and server and also focuses on who has access to what, and what programs are being used. Doing an assessment should give you an overview of how secure your business currently is, along with any weak points that need to be improved.

The assignment phase looks at actually carrying out the changes you identified in the assessment phase. This could include adding improved security measures, deleting unused programs or even updating systems for improved security. The main goal in this phase is to ensure that your systems and networks are secure.

Auditing happens after the changes have been made and aims to ensure that your systems are actually secure and have been implemented properly. Throughout the process you will actually need to continually audit and adjust your strategy.

What exactly should be audited?

When conducting an audit, there are three factors you should focus on:
  1. The state of your security - Changing or introducing a security plan usually begins with an audit of sorts. In order to do this however, you need to know about how your security has changed in between audits. Tracking this state and how it changed in between audits allows you to more efficiently audit how your system is working now and to also implement changes easier. If you don't know how the state of your security has changed in between audits, you could risk implementing ineffective security measures or leaving older solutions open to risk.
  2. The changes made - Auditing the state of your security is important, but you should also be auditing the changes made to your systems. For example, if a new program is installed, or a new firewall is implemented, you will need to audit how well it is working before you can deem your security plan to be fully implemented. Basically, you are looking for any changes made to your system that could influence security while you are implementing a new system. If by auditing at this point, you find that security has been compromised, you will need to go back to the first step and assess why before moving forward.
  3. Who has access to what - There is a good chance that every system you have will not need to be accessed by every employee. It would be a good idea that once a security solution is in place, that you audit who has access to what systems and how often they use them. This stage of the process needs to be proactive and constantly carried out. if you find that access changes or system access needs change, it would be a good idea to adapt your the security strategy; starting with the first stage.
If you are looking for help developing a security strategy for your business, contact us today to see how our managed solutions can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
March 6th, 2014

Security_May03_AKeeping systems and computers secure can seem like a full time job, largely because there is a near constant stream of security issues being discovered. From malware to bugs in software, you can bet that you will eventually find a security breach in your systems. The other week news broke of a bug that posed a critical security flaw in Apple's operating systems.

About the bug

News broke on many security websites mid-February about a potentially critical security flaw in Apple's systems following the company releasing an update to their mobile operating system, iOS.

The update notes released by Apple noted that the patch "provides a fix for SSL connection verification." This is a fairly common update as it is aimed at improving the security of communications between websites and the device. However, security experts found out that without the update attackers who can connect to a network are able to capture sensitive information being sent in banking sessions, email messages, and even chat messages using what's called an SSL/TSL session.

What exactly is SSL/TSL?

Secure Sockets Layer (SSL) and Transport Layer Security (TSL) are used in networks to essentially establish an encrypted link between a server and your computer. They are most commonly used to secure websites and the transmission of data. Take a look at some websites and you may see a padlock on the URL bar, or https:// in the URL. This indicates that the website is using SSL or TSL encryption to protect the data that is being transmitted e.g., your bank account information on a website.

In other words, SSL and TSL are used to ensure that information is exchanged securely over the Internet.

What was the problem and what software was affected?

It was found that there was a bug in the code Apple's software uses to establish a SSL connection which causes the whole SSL system to fail, potentially exposing data that should have been encrypted to anyone connected to the network with the right tools.

According to security experts, this bug has been found to affect devices running older versions of iOS 7, OS X 10.8 and newer, Apple TV, and possibly iOS 6. It is important to note that the bug is only found in Apple's SSL technology. Any app that uses Apple's version of SSL could be affected.

Has Apple solved this?

Luckily, Apple has released updates to all of their devices that should solve this security exploit. If you have not updated your device or computer since the middle of February you could be at risk.

How do I prevent my systems from being affected?

The first thing you should do is to update all Apple related apps and devices, including all mobile devices. If you are unsure about whether your apps are secure enough, try using another app, especially another browser. The reason for this is because browsers like Chrome and Firefox all use a different SSL technology and are unaffected by this bug.

You should also remain vigilant and not connect to any open or public Wi-Fi connections or even secured Internet connections that could be easy to break through. Basically, as long as you update you should be fine. However, it may be worthwhile using another browser if you are really worried about whether you have a secure connection.

If you are looking to learn more about this security flaw, or how you can secure your business from threats like this, contact us today. We can help.

Published with permission from TechAdvisory.org. Source.

Topic Security