Whether you only need a dozen, or a hundred, the process of deciding on and acquiring software licenses can be very frustrating. Many of us had hoped that cloud computing and virtualization would alleviate some of these headaches. Unfortunately, we’re not there yet, which is why it’s important to understand all of your licensing options when deciding on a virtualized environment — let’s take a look.

Why are licenses an issue?

Virtualization is a complex topic, so let’s have a quick review. Most people are starting to work the concept of cloud storage into their everyday lives. Think of virtualization as a cloud where your server(s) store their hardware capabilities and your network computers can pull from that cloud as needed.

In this scenario, let’s assume employee A and employee B have two identical desktop computers with barebones hardware. Employee A needs to perform some basic text editing while employee B needs an in-depth scan of your client database. With the right infrastructure management, both employees will connect to your business’ server for the necessary physical processing power andserver-hosted software. That means employee A will request the appropriate amount of processing power to edit text (which is likely very little) from the server, while employee B requests a much larger chunk of RAM, processing and harddrive space for scanning the database.

Understand so far? Because it gets really tricky when we start asking how many licenses are required for the server-hosted software. Licensing models were originally based on the number of physical hard drives with installed copies. However, in a virtualized environment that’s not an accurate reflection of usage. Using the most recent platforms, administrators can divide up their CPU into as many virtual machines as the SMB requires.

What do current virtualized licensing models look like?

Sadly, the virtualization and software industries are still deciding what’s the best way to move forward. The very vendors that sell the software required to manage the creation of virtual machines and segmentation of your server disagree about which model to use.

The company behind the popular VMware software has switched to a per-virtual-machine model after a huge response from customers, while other powerhouse vendors like Oracle and Microsoft have stuck with the per-CPU-core model that is based on server hardware capacity.

In any software selection process there is almost always the option of open source software. Under the open source model there are no licenses and usage is free, and just last month, AT&T committed to virtualizing 75 percent of its office under the OpenStack cloud computing platform by 2020.

What should I do?

In the end, software license considerations and total cost of ownership calculations should be a huge factor in how you plan to virtualize your SMB. When discussing the possibility of an infrastructure migration with your IT services provider, make sure to ask about the advantages and disadvantages of different virtualization platforms compared with their licensing models. You may find that paying more for hardware-based models is worth it, or that open source platforms provide you with everything you need.

No matter which platform you choose, remember to list every piece of licensed software in your office. Find out which licenses you can keep, which ones you’ll need to update and most importantly what the license migration will cost you in the short and long run.

This might seem like too much to handle at first. The process of virtualizing your SMB alone is enough to have you reaching for the aspirin. By contacting us you can avoid the headache entirely; we’ll walk you through all of the steps necessary to guide your organization through this next step in modernizing your business model.

Published with permission from TechAdvisory.org SOURCE

Password security – a source of anxiety for many of us. So much of our lives rely on the strength and secrecy of our passwords. How would you like to never worry about your password security ever again?

In today’s workplace, almost everything we do requires some form of password-guarded access.

Because password security is so crucial, it is part of my job to educate others to ensure password security. Many people fall foul of poor password security at one point or another. If you’re lucky, it results in your computer’s language hilariously changed to something you have no hope of understanding. The result being time lost, spent on reversing the language change. If you’re not so lucky, a compromised password can lead to hackers and digital thieves accessing sensitive information, stealing money, corrupting data, or locking you out from your accounts. The consequences can cut deep and take many months or even years to repair.

Password practices are often taken for granted, which is one of the reasons why reminding ourselves of best practices from time to time, such as on the annual Password Day, can help us ensure complete password security.

Follow these steps to never have to worry about password security again.

Stop Being Predictable

We’ve all been trained to build our passwords the same way. Years of automatic prompts have asked us to include capitalized letters, and numerical or punctuation characters, in our passwords.

Unfortunately, password crackers out there have noticed the pattern.

Because the result is that we all:

  • Start out with a favored word to form the foundation of our password
  • Use up our capital letter on the first character
  • Add on a number and exclamation mark on the end of the password to hit the requested quota
  • And voila – we’re left with our ‘uncrackable’ password: “Ninja1!”
  • While we think we are secure, having hit all the types of characters required, we are leaving ourselves open to having our password guessed. Whether through social engineering to crack passwords, or by way of other password hacking methods, we are left vulnerable. Our best bet is to stop being so predictable.

    Stop Using One Word Passwords

    Words are very predictable. The next step we can take in upgrading our password security is to banish the use of single word passwords. Not only are one-word passwords often short, but also they are predictable. Did you know that databases exist that contain every word in every language? The purpose of these databases is to be used by hackers to crack passwords simply by trying every word. This is called a Dictionary attack, which can also take the form of a Rainbow table attack. Of course, it might seem that one-word passwords are far easier to remember than anything else is. But, when thinking of security, ease cannot be the main criteria for decision making. Security must be.

    In fact, as Better Business Bureau explained, some of the most common (and least secure) passwords are not always words.

    The following passwords were the top 10 passwords used in 2014 – You might guess, that these passwords should not your first choice for your online banking account.

    123456 2. password 3. 12345 4. 12345678 5. Qwerty
    123456789 7. 1234 8. Baseball 9. Dragon 10. Football

    Not only are more complex passwords more secure, they can be just as easy to remember too.

    What makes a strong password? On to our next step.

    Long And Strong Passwords

    How can we create passwords that are strong and still memorable? There’s a bit of a trick to it.

    First off, strong and memorable passwords should consist of multiple words. PieceOfCake you might think.

    Nope. First rule of multi-word passwords is to use a strong of words that are either nonsensical, or that are very particular to you.

    CoffeeLobsterMarathon – a good place to start for a nonsensical string of words. And the image it conjures is so bizarre it’s easy to remember.

    DavesFavoriteColorIsGrey – Knowing your mate Dave’s favorite color is a very unique circumstance to you. And very hard to guess.

    Second stage is to interlace these passwords with – you guessed it – special characters.

    Leaving us with C0ff33L0b$t3rM8r8th0n and D8v3sF8v0r1t3C0l0r1sGr3y.

    Both of these blow “Ninja1!” out of the water in terms of password security.

    Use Unique Passwords For Every Account

    I know. This advice normally elicits the response that it is impossible to remember passwords for every account. But, for reasons we will get into later, it really isn’t. And the benefits are huge.

    Does anyone you know use one password for every account? Many people do. The problem is that it is a real threat to password security. Because it only takes one leak from one of the many places you’ve used that password for more accounts to be accessed.

    If your username, email address, and password are exposed by a security breach of one of the services, accounts, or companies you have dealt with – hackers will be able to take these details and try to access any other accounts with the same details. If passwords are different for every account you use, this technique will not work. Meaning you can enjoy much better password security. So, how on earth can we remember each and every password?

    A Smarter Way To Memorize Your Passwords (A Password Manager)

    It would be very impractical to try to memorize passwords for every single account we own. For accounts we access every day, it would probably be doable. But, many times we have accounts to things we only need to access occasionally. At which point memory will likely let us down. We need some help. Password managers are secure applications that help us store and organize passwords. It is simply the best way to manage all the accounts and passwords we have. All we need to do then is remember the password we need to access the password manager. If you’ve followed the advice above, your password manager password will be strong and memorable.

    Change Your Passwords Regularly

    The dreaded password change. Often people see this as either optional, or a needless inconvenience. But there are very strong arguments for why changing passwords regularly is essential for password security. For example, brute-force attacks are used to decipher passwords. They work simply by trying every possible combination of characters. The limitation of this type of approach is that it requires a lot of time to achieve its desired result. Although – even then, this can be surprisingly short. Using our example above, according to How Secure is my Password, “Ninja1!” can be cracked in 7 minutes. Changing passwords frequently can minimize the risk that a brute-force attack has enough time to breach your password security. Not to mention that it can also minimize the danger posed by password leaks.

    Don’t Casually Share Your Passwords

    You would never share your password with anyone, right? Especially not a stranger. When we’re not focused on security, it can be easier to fall into a trap than we realize. If you think one of your accounts might be compromised, be sure to change the password as soon as possible.

    Ensure You Have Anti-Malware Installed

    What’s the connection between password security and malware? Well, some types of malware are able to track keyboard inputs for account and password information, and transmit that information to a malicious third party. The strongest password will do us no good if Malware is able to track the input from our keyboard. Which means, as part of our password security regime must be to ensure our devices are malware free. Malware often uses security flaws in unpatched software to infect a system. Therefore an up-to-date operating system is also needed to fully protect your device from being compromised by malware.

    Enable Two-Factor Authentication

    Two-factor authentication provides an extra layer of protection for your password security regime. On top of a password, authorized access requires another factor to login to your account.

    For example, a second factor might be a time-limited security code generated by an authenticator app on your mobile device – such as two-factor authentication with TeamViewer. Access is only granted when the username/email address, password, and security code is entered correctly.

    This is perhaps the most sure-fire way to ensure total password security, as even if your password is compromised, access will not be granted to your account without the correct second factor authentication.

    Password Security Key Takeaways

    Being absolutely sure of password security is a major relief. All sorts of potential problems can be avoided. Once you’ve set up the system you want to use, practice makes it a part of everyday business.

    In summary, password security means:

    Dropping the predictability. “Ninja1!” doesn’t cut it
    Leave one-word passwords behind
    Long and strong passwords are better and can be easy to remember too
    A different password for every account stops hackers in their tracks
    Password managers are a must-have tool for password security
    Changing passwords regularly is not optional
    Be careful not to reveal passwords to untrustworthy sources
    Make sure there is no malware on your devices
    Use two-factor authentication wherever you can

    I hope you found this advice useful.

    Dodge toolbars, browser add-ons and other undesirables when installing free software

    We’re sure you’ve experienced it – You download a piece of free software, then open your browser to discover a strange toolbar has been added, your default search provider has been changed, or your homepage has been hijacked. You’ve picked up a PUP, or potentially unwanted program…

    These programs are often packed up in software installers – usually for freeware, but sometimes also in paid software. They usually affect your web browser, attempting to direct traffic through routes that will profit their creators. They can also harvest data on your browsing and shopping habits, which is then sold to advertisers.

    Avoid installing PUPs

    Although undesirable, such programs aren’t viruses and may not be picked up by your regular security software. The best defense against them is care and attention.

    Always read each step of the installer carefully and uncheck any necessary boxes (PUPs are almost always opt-out rather than opt-in). If you’re offered a choice between Recommended and Custom installations, always opt for Custom – it’s usually hiding some unwanted browser add-ons. There are a number of applications out there that can help here by unchecking all tickboxes in software installers, and warning you if you are about to install a PUP.

    Sometimes, when you install free software, PUPs are part of the deal and you can’t opt out. When faced with the program’s terms of use it’s tempting to just click ‘Next’, but it’s worth taking the time to read them in case the program is going to bring some unwanted friends to the party. In that situation, the best course of action is to simply close the installer and look for another program that won’t impose such programs on you.

    It might be worth seeking out a portable version of the software you want to use; by definition, portable programs don’t have to be installed (they are usually supplied in a ZIP archive), so won’t include an installer with bundled add-ons.

    If you really want to err on the side of caution, you can install free software in a sandbox to prevent PUPs and malware meddling with your system files. You can do this using a virtual machine, which runs an operating system in a window on your desktop, effectively emulating a second PC.

    Remove PUPs

    You’ve done your best to avoid it, but your browser has been hijacked by a rogue toolbar and your homepage has been changed. If your antivirus software doesn’t pick up the culprit, and you can’t remove it through the browser’s plug-ins menu, try Malwarebytes Anti-Malware.

    It can run safely alongside your antivirus, and can be set to detect PUPs (and PUMs – potentially unwanted modifications), and treat them as malware by flagging them for deletion.

    Are you concerned your business’s security isn’t up to par? Need the guidance of a seasoned IT provider who specializes in security? Talk to us today.

    Published with consideration from TechRadar. SOURCE