Information Technology Services

An I.T. Manager’s New Year’s Resolution

The beginning of the year is the perfect time to review your systems maintenance program, tweak your plans and processes and optimize your overall I.T. strategy.

Review, Evaluate and Optimize.
More than likely, your business could live or die based on your IT strategy. We have all become dependent on our technology both in our personal and professional lives, so be sure to give it the TLC it needs. Review your key procedures and plans such as network failure testing, disaster recovery, business continuity, virus protection and data backup (for an integrated, online backup, storage and sharing application, click here). For those of you with an on-site backup solution, now is the perfect time to run those backups with a test recovery. With erratic weather on the rise and winter around the corner, taking the time to be sure you have a tight, foolproof strategy in place to keep both your systems and your information protected from loss or damage.

Be Smart About Your Data.
Inadequate protection or spotty management of critical data can have a profound effect on sustainability. Regularly scheduled testing of your backup strategy and implementing a daily backup routine will help prevent the disasters that prove fatal for many companies.

  • 31% of PC users have lost all of their files due to events beyond their control.
  • 34% of companies fail to test their onsite backup solution, and of those that do, 77% have found back-up failures.
  • 60% of companies that lose their data will shut down within 6 months of the disaster.
  • Every week 140,000 hard drives crash in the United States.
  • Simple drive recovery can cost upwards of $7,500 and success is not guaranteed.

We recommend assessing your existing data protection strategy and learn what data repository and storage medium options are available. It’s important to understand traditional backup methods as well as the benefits of developing an enhanced protection solution that meets the needs of your particular business.

Think of it as a Flu Shot for your Systems.
There are lots of people out there determined to infect your computers with viruses. Optimize your security with new or updated anti-virus, Spyware and Malware software. Be wary of free anti-virus software that sounds too good to be true because it often is.  You get what you pay for, and software that protects your computer needs regular and consistent updating to stay useful because viruses are constantly being generated. This is especially important if you use a networked computer system. Do your homework,  invest in effective software and keep it updated. (For an easy-to-use, simple, and effective anti-malware application, try Malwarebytes)
Give your Computer a Tune Up.
Straight out of the box, computers have often been loaded with unnecessary programs at the factory.  So, from day 1, your computer is accumulating software programs, update reminders, “bonus” software, and random files that you don’t need and over time it will become increasingly sluggish. By taking a few important steps, you can get it running efficiently again, for a lot longer. The first thing you should do is disable the programs that start up when your computer boots.  While there are many places this can occur, the easiest one to check is the Startup menu in your Programs menu. Additionally, simple tasks such as clean out your Windows Registry, remove unneeded files and programs, empty your recycling bin or trash, and perform a disc defragmentation can make a huge difference.  Even if your computer has been performing slowly for some time, beginning this regimen is sure to produce results.

Email – a Blessing or a Burden?

Most of us are guilty of being slaves to our inbox, whether we like to admit it or not. We keep every thing that has ever been sent to us out of some sort of unfounded fear of not having it should we ever need it. And the “reply all” function makes it exponentially worse. Well, each of those emails, particularly the ones with large attachments, take up space on your computer  – and space in your head when you are actually trying to find something. Email is the third largest culprit of workplace interruptions and email mismanagement costs you money.   Take charge and clean up that clutter by creating folders and subfolders to organize your communications. Save the attachments that you will need later onto your hard drive in a logical place, then delete the email if its unnecessary. Set your computer to delete your Trash after 30 days. Anything you can think of to reduce the number of emails in your actual inbox will save you time and money down the road.

GCInfotech can get you started on the path to a leaner, more efficient IT strategy. If you don’t have an IT Manager to make a New Year’s Resolution for you, then give us a call. 

GCInfotech is your total business IT solutions resource for your Mobile Workforce

How important is smart device security?

Convenience is at the forefront of our lives. For businesses, this means a rapidly evolving security landscape that’s leaving many companies, and their IT departments, overwhelmed and scrambling. Smartphones and tablets and other embedded devices like printers and scanners utilize ingenious technology and provide significant benefit to how we do business, but they call into question the very serious issue of usability versus security.

Recent polls of management level employees suggest that upwards of 50% of them don’t know how their organizations identify compromised devices on their network. Additionally, polls of IT professionals show that data security threats at the office frequently go unmanaged due to insufficient resources or in some cases a lack of awareness that a situation even exists. Device manufacturers tend to focus on usability and place little emphasis on built-in software protections, contributing to data and network vulnerabilities. The challenge for device engineers is compressing large and slow software into a tiny space, which makes creating operating systems and software to run on these devices extremely difficult. Decisions invariably must be made regarding what features to include– if richness of features is forsaken for security measures, then how useful is the device in the first place?

Many of us may not even realize which office devices can pose a significant security threat. Here’s a list of culprits and the backend attacks they are susceptible to:

  • Printers – Remote reconfiguration or access to previously printed documents
  • Timeclocks – Access to employee information and payroll
  • Photocopiers – Retrieve documents over the web
  • Scanners – Remote operation or access to hard drive of previously scanned documents
  • Telephone Systems – Eavesdropping
  • Webcams – Hijack and enable without the owner’s knowledge

Best practice begins with two essential steps– first, a comprehensive IT policy that integrates and safeguards all office equipment, including those often forgotten about embedded devices; and second, an employee education program that’s clear, concise and tailored to your company. GCInfotech can assist you with a security evaluation of your office equipment as well as help you devise an employee education plan that’s appropriate for today’s security landscape.

GCINFOTECH

One of the most frequent threats on the Web today.

Since we wrote an article on the imminent threat posed by rogue security software (scareware) and cyber criminals, we have received numerous inquiries requesting more information on how to protect computers and networks from these elusive intruders. We would like to share notable examples of fraudulent system alerts and expand on a few known malware manifestations in order to help you better identify security risks. 

Critical Security Measures

  • Keep Java & .NET up-to-date, as both are used in almost all platforms.
  • Schedule Windows Updates to install automatically, or periodically check your system to ensure there are no critical patches requiring action (Start Menu/ Control Panel/ Windows Update).
  • Maintain Anti-Virus & Malware protection.
  • Install a firewall and keep it turned on.
  • Use caution when you click links in email, on social networking websites, or on pop-ups.
  • Make sure you and your fellow co-workers are familiar with common phishing scams.

Fake Virus AlertCiti Phishing Scam

Windows Security Alert  This fake security alert is deceptively similar in appearance to a legitimate system alert, though pay close attention to its language. Are words misspelled? Are there errors with basic grammar? It’s important to examine these alerts for telltale signs of fraud.

Citi Email Phishing  Common phishing scams frequently appear to come from financial institutions and can be difficult to identify especially if you happen to have an account with that institution. Again, look for language inconsistencies and examine the link provided to determine where it actually goes. As a general rule, banks will never ask for personal information in an email, so the best defense is to use common sense.

Spyware Software WarningFake task bar security alert

Common fake task bar alerts  Learn what security software you have installed on your computer. This will help you determine the validity of pop-up alerts warning you of infections on your system. Remember, they’re designed to scare and lure you into a fraudulent scheme that ends with you inputting your credit card or other personal information.

If you have any questions or concerns regarding the safety of your computers and networks, or scareware in general,  do not hesitate to give GCInfotech a call today and one of our technical consultants will be happy to assist you.

GCINFOTECH

Beware of Scareware

Fake Anti-Virus and Rogue Security Software – One of the most frequent threats on the Web today.

Have you ever experienced a random pop-up on your computer warning you of an egregious security risk to your system? It may even appear disguised as one of the legitimate Windows security updates that you’re accustomed to seeing. That’s exactly the illusion that cyber criminals intend to create.

What is fake anti-virus?
Also known as scareware or rogue security software, fake anti-virus is a form of social engineering that lures users to malicious sites and scares them into purchasing fake threat removal tools. This brand of trickery garners big bucks for cyber criminals. Once your system is infected, common manifestations include incessant displays of false alert messages that won’t cease until payment is made or the malware is removed, fake Facebook application invitations, 9/11 scams, and ads for fake comprehensive anti-virus packages. In most cases, the malware pretends to find dangerous security threats on your system and offers a free scan while simultaneously compiling folders of junk on your hard drive that the scan can then detect. From the authentic looking pop-up warning to the professionally crafted website it directs you to, it’s an elaborate ruse to scare you into purchasing a fake anti-virus software.

What can it do to my computer?
Malware authors program certain behaviors to make your system errors seem real and believable, which increases the likelihood that you will purchase a fake anti-virus program. Some of those behaviors include:
  • Prevent anti-malware programs from running
  • Disable automatic system software updates
  • Block access to websites of anti-malware vendors
  • Download other types of malware, like banking trojans
  • Interfere with or corrupt normal system activity and critical processes
  • Disable the task manager and make use of the registry editor
  • Redirect web requests from legitimate websites to error pages or malicious websites
  • Deny access to certain programs
  • Disable parts of the system to prevent an uninstall

How can I protect myself?
Cyber criminals employ a huge variety of tactics to compromise your system– to name a few, SEO poisoning, imbedding code in legitimate websites and advertising feeds, and email spam campaigns (i.e. “you have received an e-card”, account suspension and password reset scams). According to a 2010 study by Google, 11,000 domains hosting fake anti-virus software were found, which accounts for 50% of all malware that’s delivered via internet advertising. These lucrative criminal networks grow daily and their contrivances will only continue with time.

Protection begins with a comprehensive and layered security solution. Whether you’re an individual user or a network of users, always adhere to internet use best practices. Keep your browsers and version of Windows up-to-date. Configure your pop-up blockers and familiarize yourself with what anti-virus solution you have installed so you’re able to recognize inconsistencies.

Information Technology Services

Clean up your IT strategy.  Spring is a perfect time to revisit your plans for those critical IT systems you use to keep your business data safe and secure. Review key procedures and plans like network failover testing, disaster recovery, business continuity, and data backup. Loss of data interrupts your business continuity and can be very costly. Studies show that 1MB of data is worth approximately $10,000 and the cost of having to rebuild 20MB of data could be more than $17,000 and could take up to three weeks to complete (For an integrated, online backup, storage and sharing application, tryIBackup). For those of you with an on-site backup solution, now is the perfect time to run those backups with a test recovery.

Clean up your data storage.  Consider adopting a plan utilizing Data Lifecycle Management (DLM) to remove the day-to-day and budgetary headaches:

  • DLM is the comprehensive approach that organizations use to deal with data throughout its lifecycle, from creation and initial storage to eventual archival or disposal.
  • Options vary depending on need, but some useful storage systems to consider include Storage Area Networks (SAN), Network Attached Storage (NAS) and Hierarchical Storage Management.


Clean out the bugs. 
To be sure  your computers, tablets and smartphones are protected, optimize your security this spring with new or updated Anti-virus, Spyware and Malware software. (For an easy-to-use, simple, and effective anti-malware application, try Malwarebytes)

Clean out your Email. Email mismanagement costs you money. Email is the 3rd largest culprit of workplace interruptions, which cost the U.S. economy $900 billion per year. Take charge and clean up that clutter!

Clean your keyboard. Get yourself an ozone-friendly compressed gas duster and give your keyboard the deluxe treatment it so desperately needs. (Warning: Keyboards are not dishwasher safe.) Your mouse and phone handset can be cleaned with a paper towel and some window cleaner!

 

security

Cyber thieves target SMBs….are you safe?

  • It’s estimated that small businesses have lost $250 million due to various forms of cyber attacks.
  • A 2010 survey by Symantec Corp. of small and medium-size companies showed that about 73% of businesses reported they had been targets of cyber attacks in the last year.
  • 63% of data breaches reported in 2010 were at companies with 100 or fewer employees.
  • 95% of credit card breaches that Visa has discovered have been hits on small businesses.
  • Less than 50% of small businesses are estimated to assess and test their security safeguards.

The facts don’t lie, friends. The myth that any business is too small to get hit, is just that – a myth. Cyber security is not just for big businesses anymore. Hackers can steal data from at least a dozen small businesses in the same time that it takes for them to hack into one large corporation. And experts believe that the situation will only get worse before it gets better.

As more businesses hook into high speed internet, hackers are able to expand their target base and take advantage of small businesses that have weak security safeguards. Cyber criminals are taking notice– companies that store data in electronic form, or rely on computerized systems and digital records as many companies are now doing, are putting themselves at great risk. Cyber thieves are no longer discriminating, making it ever more important to take precautions to protect your business from online intruders.

How are they getting into your system?  

Though a broadband connection offers blazing internet speed, it can also mean greater susceptibility to cyber attack. Broadband is a direct connection to the internet that is always on, so because broadband usually has a static IP address with open, unprotected ports, a browser or your email does not have to be up in order for a hacker to enter your system. Hackers can locate these unprotected ports through a port scan, after which there’s no telling what they can do. This is particularly critical for businesses that do credit card transactions, as hackers can get their hands on the private financial information of customers.
Another way they might enter your system is through attachments or links sent to employees that implant computer code onto your computer. Once in, they can use your systems and your bandwidth to launch attacks on other businesses. The banks do in fact have security measures in place to help you protect against these types of cyber intrusion, but unfortunately due to inadequate regulations many banks are skirting this legal responsibility and only providing a bare minimum of protection, leaving many businesses open to fraud. For a growing number of small businesses, this system vulnerability often leads to significant financial loss, as most lawsuit complaints never even go to trial or only reproduce pennies on the dollar to make up for stolen money.

What can you do about it?

  • Make yourself invisible to the bad guys by installing and regularly updating an electronic firewall.
  • Don’t rely solely on your anti-virus software. It’s helpful, but not fail-proof.
  • Audit the data on your network, especially financial information.
  • Implement and explain an acceptable use policy for web browsing.
  • Educate your users on the dangers of open surfing while connected to the company network.
  • Remember basic security measures such as changing default passwords and creating secure passwords! Your last name, birthday, or 1234567 are NOT going to keep cyber criminals out!

Bottom line, cyber thieves are constantly on the prowl for the weakest link. Data security is not just important, it’s absolutely essential to the sustainability of your business. Give GCInfotech a call today to discuss how we can help you take the necessary precautions to keep your business data safe and secure!