In October of last year news broke about a new form of malware called Cryptolocker. This malware posed a particularly large threat to many business users and led to many quick and important security updates. Now, almost a year later, it appears that the second version of this – CryptoWall – has been released and is beginning to infect users.

What is Crypto malware?

cryptowall-exCrypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don’t pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn’t go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some “improvements” to the malware that make it more difficult to deal with for most users. These changes include:

  • Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
  • CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn’t paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
  • Payment servers can’t be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn’t go after passwords or account names, so the usual changing of your passwords won’t really help. The best ways to prevent this from getting onto your systems is:

  • Don’t open any suspicious attachments – Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
  • Don’t open emails from unknown sources – Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don’t have an account with or bills from a utilities company you don’t use. Chances are high that they contain some form of malware.

Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.

If you are looking to learn more about CryptoWall malware and how to boost your security and protect your data and systems, then let GCInfotech be your first line of tech defense.

Published with permission from TechAdvisory.org. SOURCE

In late September, Microsoft introduced the next version of Windows – Windows 10. At the announcement event, the company showed off a number of exciting new features that many users have been requesting. While it will be a while before it is released, here is a brief overview of some of the upcoming features you can look forward to.

Why Windows 10?

Windows-10-official-logo1When first announced, many eyebrows were raised regarding Windows 9 being skipped. In the tech world, missing out a number with a sequence is not the norm, yet Microsoft stated that they believe that the next version of Windows will be such a drastic improvement over Windows 8 that calling it Windows 9 would not do it justice. From what we can see of the new system, there really are some drastic improvements, including:

One operating system (OS), many systems

When Windows 8 was released, a slightly modified version of the OS was also released for mobile devices. While this was good news, especially for mobile users, the systems were still largely separate, with different apps, app stores, and more.

With Windows 10, Microsoft has noted that the OS has been designed to run across all systems. This means that different devices will likely have slightly different interaction experiences but the underlying system will be the same. For example, there will be one way to write programs for all devices, one app store, and updates will be applied to all versions of the same app, on all devices, at the same time.

A new, yet familiar, Start menu

Windows 8 was a drastic departure from the familiar Windows desktop layout. For the most part, it was despised by business users, who instead have largely bypassed this layout for the traditional Desktop mode. Windows 8.1 allowed users to boot directly into the Desktop, but one large feature has been lacking: a Start menu.

Windows 10 welcomes it back! As with older versions of Windows, the Start menu will be at the bottom-left of the screen, and pressing it will bring up the familiar menu of programs and options. Only now, the old Tile-based layout has also been merged into this section. Think of the traditional Start menu bar, but with a mini-tile based section to the right that will be customizable.

Everything opens in a window

If you’ve ever downloaded an app from the Windows App store, you likely have noticed that they automatically run in fullscreen mode. With Windows 10, any Windows Store apps will open in window-format, similar to any desktop app.

When apps open you will see the familiar taskbar, along with the maximize, minimize and close buttons. This will make it much easier to work in multiple programs at the same time.

Multiple Desktops

Microsoft Virtual Desktops is a feature that will allow users to create different desktops for different purposes and switch between them quickly and easily. While you will only need to install Windows 10 once, you can have a different desktop setup for say home, personal, and business use all under one user.

Each desktop can display different icons and layouts, but all desktops will have access to the programs installed for that user. Essentially, this will make it easier for business users who also use their devices for personal use or those who need to switch roles at work.

An enhanced File Explorer

File Explorer has been a part of Windows for a while now, and its main function is that it helps you to find your files and folders. In Windows 10, this feature will be upgraded to now search for not only your files and folders, but also to scan the Internet as well. You will also be able to quickly see recent and most popular files and folders, meaning you’ll be more likely to be able to find what you are looking for in less time.

When will it be available?

Microsoft has already released what they call a Technical Preview of Windows 10. Anyone can sign up to download Windows 10 and install it on their computers. We would advise against this however, as this version is incomplete and there will be bugs and compatibility issues.

The company has noted that this current version is really for tech experts to install on secondary computers and test, so business users will have to wait! At the time of this article there has been no actual release date set for Windows 10, but you can probably expect it sometime in early 2015. Microsoft has also been quiet about the price, but rumors are circulating that it will either be free or affordable for users to upgrade to if they already have an older version of Windows installed.

Get ahead of the curve and find out what benefits Windows 10 can bring to your business, by dropping us a line first. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.

Published with permission from TechAdvisory.org. SOURCE

FirewallCartoonWith the ever growing number of security threats faced by businesses around the world, the vast majority of business owners have adopted some form of security measures in an effort to keep their organizations secure. But, how do you know the measures you’ve implemented are actually keeping your systems safe? Here are five ways you can tell if your security measures aren’t sufficient.

1. Open wireless networks

Wireless networks are one of the most common ways businesses allow their employees to get online. With one main Internet line and a couple of wireless routers, you can theoretically have the whole office online. This method of connecting does save money, but there is an inherent security risk with this and that is an unsecure network.

Contrary to popular belief, simply plugging in a wireless router and creating a basic network won’t mean you are secure. If you don’t set a password on your routers, then anyone within range can connect. Hackers and criminal organizations are known to look for, and then target these networks. With fairly simple tools and a bit of know-how, they can start capturing data that goes in and out of the network, and even attacking the network and computers attached. In other words, unprotected networks are basically open invitations to hackers.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with passwords that are not easy to guess. For example, many Internet Service Providers who install hardware when setting up networks will often just use the company’s main phone number as the password to the router. This is too easy to work out, so changing to a password that is a lot more difficult to guess is makes sense.

2. Email is not secure

Admittedly, most companies who have implemented a new email system in the past couple of years will likely be fairly secure. This is especially true if they use cloud-based options, or well-known email systems like Exchange which offer enhanced security and scanning, while using modern email transition methods.

The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as ‘clear passwords’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and potentially compromise your systems and data.

If you are using older email systems, it is advisable to upgrade to newer ones, especially if they don’t encrypt important information.

3. Mobile devices that aren’t secure enough

Mobile devices, like tablets and smartphones, are being used more than ever before in business, and do offer a great way to stay connected and productive while out of the office. The issue with this however is that if you use your tablet or phone to connect to office systems, and don’t have security measures in place, you could find networks compromised.

For example, if you have linked your work email to your tablet, but don’t have a screen lock enabled and you lose your device anyone who picks it up will have access to your email and potentially sensitive information.

The same goes if you accidentally install a fake app with malware on it. You could find your systems infected. Therefore, you should take steps to ensure that your device is locked with at least a passcode, and you have anti-virus and malware scanners installed and running on a regular basis.

4. Anti-virus scanners that aren’t maintained

These days, it is essential that you have anti-virus, malware, and spyware scanners installed on all machines and devices in your company and that you take the time to configure these properly. It could be that scans are scheduled during business hours, or they just aren’t updated. If you install these solutions onto your systems, and they start to scan during work time, most employees will just turn the scanner off thus leaving systems wide-open.

The same goes for not properly ensuring that these systems are updated. Updates are important for scanners, because they implement new virus databases that contain newly discovered malware and viruses, and fixes for them.

Therefore, scanners need to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

5. Lack of firewalls

A firewall is a networking security tool that can be configured to block certain types of network access and data from leaving the network or being accessed from outside of the network. A properly configured firewall is necessary for network security, and while many modems include this, it’s often not robust enough for business use.

What you need instead is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like us, in order for them to be most effective.

How do I ensure proper business security?

The absolute best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you have proper security measures in place and the systems are set up and managed properly. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.

Published with permission from TechAdvisory.org. SOURCE

Microsoft Office 365 is made up of cloud versions of Microsoft Exchange Server 2013, SharePoint 2013 and Microsoft Lync Server, which can all be accessed through a web browser interface. With so many different products in the Microsoft Office 365 Suite, comprehensively covering the migration process is a challenge. GCInfotech helped an organization migrate 600 mailboxes in multiple locations and didn’t miss a message.

Moving any organization to Office 365 is a multi-phased project that requires expertise in project management, change management, technical consulting, and technical support. For the small to mid-sized business (SMB), migrating to Office 365 comes with its own set of challenges, but support from GCInfotech can make this transition easier.bnr-office365-cloud

  • Your business may not have the level of Project Management skills required to plan and document every aspect of the migration.
  • You may have few (if any) IT staff with the extensive technical skills and experience needed to configure Office 365 correctly; move your emails without loss or interruption; and resolve any issues that occur.
  • You may well be restricted by budget or time, or worried about the disruption to your business, like many of our clients.

Take advantage of the many features without downtime, loss of communications, or difficult application migrations for your employees. Your business can continue to operate as usual while GCInfotech’s experienced technicians switch you over without interruption.

But even after a successful migration to Office 365, your needs for Office 365 support is likely to continue. As with most critical business applications, Microsoft provides Office 365 support and service upgrades on a regular basis-but unless you’re a technology guru, you might prefer to entrust an expert with implementing these key system changes. Here again, assistance from GCInfotech can help keep your infrastructure running at its maximum performance, and minimize the risk of interruption to your communications backbone.

What’s new to you is familiar to us: GCInfotech is in the business of providing Office 365 Support as well as supporting other IT technologies.

When we perform your migration to Office 365, you can rest assured that we’ve done it before and know how to do it right. Don’t “learn by doing” on your most critical applications, when GCInfotech can do it for you, quickly and reliably.

Invest in solutions, not headcount: GCInfotech’s personnel receive comprehensive training directly from Microsoft before they work on your system. That’s your assurance of expertise in performing your migration to Office 365 and continuing Office 365 support.

Count on depth of services: GCInfotech’s engineers, technicians, managers, and staff work as a team to ensure your satisfaction with every task we perform for you. Got an Office 365 support or upgrade question? Call us for the answers. We won’t stop working until you get the solutions you need to keep your business running smoothly.

Get a Single Source for all your Needs

Starting with your migration to Office 365, and continuing through desktop services, cloud computing technologyremote IT solutions, remote disaster recovery, outsourcing disaster recovery and managed infrastructure services, GCInfotech is the one source you can count on for all of your support requirements. Because we can work on all aspects of your information technology, we can develop an end-to-end perspective to meet all your business computing needs-and thereby offer you better, integrated services than single-solution providers.

GCInfotech can help you take full advantage of your investment in Microsoft’s Office 365 solution, whether you’re just beginning the process of adopting it, or facing the challenges of upgrading, maintaining, and optimizing a system that’s already in place. Find out how with a complimentary Microsoft Office 365 consultation from GCInfotech.

Please contact us for more information or call 888-323-3066 to speak to our IT experts right away.

As a small business owner you should worried about uptime.  In fact, it might be one of your major concerns.  If your computer systems aren’t up and running, then you are experiencing lost productivity, increased costs, lower levels of customer service, reduced employee morale and other problems you really don’t have time to deal with.  So what can you do about it? Plenty and GCInfotech can guide you each step of the way.

Many organizations start by completing an inventory of their IT equipment with the goal of identifying your Single Points of Failure (SPOFs).  GCInfotech can work with you on the inventory and identify your single points of failure, then devise a plan to implement corrective actions.  We’ll look at each component to determine if the failure of that device could cause an impact to your operations.  For example, if you only have one hard drive storing important company data, you have a single point of failure.

Once we have identified your SPOFs, the next step is to perform a business risk analysis of your equipment, systems, employees, and procedures.  We will make sure to include your email, operating systems and software applications.  The business risk analysis will identify the impact to your organization should you experience a specific IT related failure. For example, what is the impact to your organization should your internet connect go down or a printer stop functioning?

The business risk analysis examines time and its impact to your organization.  At what point does having your printer down move from low priority to medium to high?  Maybe you can last a couple of days without a printer or perhaps even weeks if you have other printers in your office.  If internet connectivity is important to you, and you only have one line, it may be high priority from the first hour of downtime.

Now that you have a business risk analysis and inventory of your IT equipment, the last step is a plan to build in redundancy and/or replacement.  In the printer down example, you may be able to shift printing from the down device to another printer in your office.  If internet connectivity is critical, as it is with most businesses today, you may need to install a second line.  A RAID system may help protect you from a hard drive failure or, you might need mirrored (identical) systems in different parts of the country.

If reliability and uptime is important to you as it is with most small businesses, identifying your Single Points of Failure is your first step to increasing confidence in your computer systems. Find out more about networking & business continuity and how they can help you increase employee efficiency, reduce costs, enhance your competitive edge, and improve your levels of customer service.

Not sure where to start? Give GCInfotech a call to discuss the available solutions that would work best for your company. Together, we can make your business work smarter, faster and more efficiently.

As always, GCInfotech can walk you through the process, ensure your business has the least amount of disruption and set up a structure that will keep you running smoothly well into the future. Give us a call at 888.323.3066.