Most of us know we should make our passwords more difficult (sorry, folks, “1234” or “qwerty” just doesn’t cut it) and use an up-to-date version of antivirus software. But all too often, we opt for an easy life – use familiar passwords and put upgrades on the back burner. But security can be simpler than you think so here are a few not-so obvious tips that will make your online experience a whole lot safer. Here are three to keep in mind.

Embrace two-factor authentication

Also known as two-step verification, most of us have likely dealt with this at one time or another. When you’re logging onto your bank’s website or your email account from a different computer than you normally use, you’re sometimes prompted for a one-time password – sent to you via text message, email or via some other method.

Nowadays, many sites such as Facebook, Dropbox and Twitter also give you the option to use two-factor authentication each time you log in. So if you’re looking for an easy way to up your security, it can give you that extra protection without slowing you down too much.

Update browsers and devices

Did you know that dated versions of browsers, operating systems and even other software packages can create an easy entry point for hackers? Often, new updates are created specifically to fix security holes. And hackers are ever aware that people can be lazy – saving that update for another day that never seems to come. They’ll often try to take advantage of this, searching for outdated devices to infiltrate while their victims watch YouTube on last year’s version of Firefox.

Yes, installing an update might take 15 minutes of your time. But it can pay dividends in preventing a security breach that could cost you or your business thousands.

Use HTTPs

When was the last time you typed those letters into a browser? Probably not this decade. It’s no wonder most people are unaware of this tip. So for those who are oblivious, https is the secure version of http – hypertext transfer protocol. Believe it or not, that last “s” actually adds an extra layer of protection. It encrypts information sent, both ways, between a website’s server and you.

You’re probably thinking, adding that last “s” to http (or even typing in http in general) is a complete pain in the rear. So to make this easier you can actually install a program like “HTTPS Everywhere” that’ll automatically switch an http into an https for you. Currently “HTTPS Everywhere” is available for Firefox, Chrome and Opera.

Looking for more tips to boost your internet security? Get in touch to find out how we can help.

Published with permission from TechAdvisory.org. SOURCE

 

Privacy and security are major concerns for businesses developing a data protection strategy. Ensuring critical data is safely backed up, kept private, and readily available is essential to maintaining productivity and eliminating downtime caused by data-related interruptions or malfunctions. Implementing a data backup plan that meets your privacy and protection needs is a business priority.

Online backup services provide an ideal combination of protection and privacy. Most of them offer a variety of unrestrictive options that encourage businesses to scale plans to fit their specific security, storage space, and pricing needs.

Utilizing a trusted cloud service for data backup promotes heightened privacy and protection for your critical files in a number of ways:

  • Keeping data backups offsite ensures data is protected from physical harm such as theft or natural disasters like fires, floods, etc.
  • Having backups in the cloud allows for remote management and data is able to be restored to any location with internet access.
  • The redundancy used in the online backup process provides the assurance that there will always be a backup available, no matter what.
  • Data is always stored safely using a highly secure encryption process and many services also offer a private key for extra protection.

Some industries are governed by strict regulations and are required to follow specific guidelines for storing and backing up sensitive data. Most online backup services are able to work with individual businesses to ensure they are meeting compliance regulations and mandates. It’s important to do your research before signing up with any cloud service; make certain you know their privacy policies and security procedures. The success of your business can only be improved by taking the appropriate measures to fully safeguard your data. Whether your business is regulated or not, data security and privacy should be a priority in your online backup strategy.

Sources:
Maier, Fran. “Can There Ever Really Be Privacy in the Cloud?” Mashable. N.p., 19 Oct. 2011. Web. 06 Jan. 2014.
Spector, Lincoln. “Is Cloud-Based Backup Safe?” PCWorld. N.p., 22 Aug. 2011. Web. 06 Jan. 2014.

In October of last year news broke about a new form of malware called Cryptolocker. This malware posed a particularly large threat to many business users and led to many quick and important security updates. Now, almost a year later, it appears that the second version of this – CryptoWall – has been released and is beginning to infect users.

What is Crypto malware?

cryptowall-exCrypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don’t pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn’t go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some “improvements” to the malware that make it more difficult to deal with for most users. These changes include:

  • Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
  • CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn’t paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
  • Payment servers can’t be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn’t go after passwords or account names, so the usual changing of your passwords won’t really help. The best ways to prevent this from getting onto your systems is:

  • Don’t open any suspicious attachments – Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
  • Don’t open emails from unknown sources – Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don’t have an account with or bills from a utilities company you don’t use. Chances are high that they contain some form of malware.

Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.

If you are looking to learn more about CryptoWall malware and how to boost your security and protect your data and systems, then let GCInfotech be your first line of tech defense.

Published with permission from TechAdvisory.org. SOURCE

FirewallCartoonWith the ever growing number of security threats faced by businesses around the world, the vast majority of business owners have adopted some form of security measures in an effort to keep their organizations secure. But, how do you know the measures you’ve implemented are actually keeping your systems safe? Here are five ways you can tell if your security measures aren’t sufficient.

1. Open wireless networks

Wireless networks are one of the most common ways businesses allow their employees to get online. With one main Internet line and a couple of wireless routers, you can theoretically have the whole office online. This method of connecting does save money, but there is an inherent security risk with this and that is an unsecure network.

Contrary to popular belief, simply plugging in a wireless router and creating a basic network won’t mean you are secure. If you don’t set a password on your routers, then anyone within range can connect. Hackers and criminal organizations are known to look for, and then target these networks. With fairly simple tools and a bit of know-how, they can start capturing data that goes in and out of the network, and even attacking the network and computers attached. In other words, unprotected networks are basically open invitations to hackers.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with passwords that are not easy to guess. For example, many Internet Service Providers who install hardware when setting up networks will often just use the company’s main phone number as the password to the router. This is too easy to work out, so changing to a password that is a lot more difficult to guess is makes sense.

2. Email is not secure

Admittedly, most companies who have implemented a new email system in the past couple of years will likely be fairly secure. This is especially true if they use cloud-based options, or well-known email systems like Exchange which offer enhanced security and scanning, while using modern email transition methods.

The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as ‘clear passwords’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and potentially compromise your systems and data.

If you are using older email systems, it is advisable to upgrade to newer ones, especially if they don’t encrypt important information.

3. Mobile devices that aren’t secure enough

Mobile devices, like tablets and smartphones, are being used more than ever before in business, and do offer a great way to stay connected and productive while out of the office. The issue with this however is that if you use your tablet or phone to connect to office systems, and don’t have security measures in place, you could find networks compromised.

For example, if you have linked your work email to your tablet, but don’t have a screen lock enabled and you lose your device anyone who picks it up will have access to your email and potentially sensitive information.

The same goes if you accidentally install a fake app with malware on it. You could find your systems infected. Therefore, you should take steps to ensure that your device is locked with at least a passcode, and you have anti-virus and malware scanners installed and running on a regular basis.

4. Anti-virus scanners that aren’t maintained

These days, it is essential that you have anti-virus, malware, and spyware scanners installed on all machines and devices in your company and that you take the time to configure these properly. It could be that scans are scheduled during business hours, or they just aren’t updated. If you install these solutions onto your systems, and they start to scan during work time, most employees will just turn the scanner off thus leaving systems wide-open.

The same goes for not properly ensuring that these systems are updated. Updates are important for scanners, because they implement new virus databases that contain newly discovered malware and viruses, and fixes for them.

Therefore, scanners need to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

5. Lack of firewalls

A firewall is a networking security tool that can be configured to block certain types of network access and data from leaving the network or being accessed from outside of the network. A properly configured firewall is necessary for network security, and while many modems include this, it’s often not robust enough for business use.

What you need instead is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like us, in order for them to be most effective.

How do I ensure proper business security?

The absolute best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you have proper security measures in place and the systems are set up and managed properly. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.

Published with permission from TechAdvisory.org. SOURCE

Your small to medium-sized business is just as dependent on IT as a large company is. You need the right technology, to have it work, to have it fixed quickly when a problem arises, and to know what that will cost. At some point, all small-to mid-size business owners face this dilemma: form their own in-house IT support group or hire an outside IT consulting firm.

IT has become the lifeblood of any business, large or small. That being said, it is essential for businesses to have their computer systems up and running 24 hours a day 7 days a week and 365 days a year – reliability, securely and efficiently. Whether you have 10 employees or 1000, any business owner has no time to deal with daily IT issues or unreliable IT support personnel. In the event of a disaster, you need to get your business back on track ‘now’.

Full-Time In-House IT

Having a dedicated, full-time staff person in-house seems like a sensible and secure option. The person knows your systems and technologies, understands the nuances of your business and staff preferences, and in many cases has been a part of the legacy of technical development within your organization so he “knows where the bodies are buried”.  Additionally, the in-house solution only has one client, you. This provides business owners with a great deal of comfort – knowing that “my guy” is always here, in-house, and at the ready to respond to the little annoyances and huge disasters that are commonplace.

While on the surface this solution seems to be a good choice, there are a number of negatives associated with in-house IT staffing solutions that make it a risky proposition:

  • Cost: In house requires a constant budget item for IT staff in salaries and benefits
  • Most IT departments in small-to medium size firms are 1-2 people, so when key IT person “leaves with the keys” – business can come to a halt.
  • Not scalable and costly when expanded – getting more IT staff becomes costly – and under-capacitated
  • In House IT need to be trained on newer technology -they don’t always do it on their own or want the company to pay for the certifications – which are costly.
  • Transitioning off and on is a very cumbersome process.

 

IT Consulting Firms

What if we told you that you could receive better IT support for a fraction of the cost that it would take to hire an onsite IT department?  Hiring an outside IT services firm is a wise decision for most small to medium sized businesses.

The two main benefits in hiring an outside firm are costs and expertise/knowledge.

We see too often smaller firms who come to us after having had one dedicated IT person on staff.  This person typically was responsible for selecting and setting up all of the basic IT functions and system choices.  Invariably we find that many of these choices were poorly vetted, require tweaking, fixing and/or replacing. This is mainly due to the fact that inside IT do what they know or are familiar with. “This is the solution that I use for all of my clients”. This comfort and fluency can easily be mistaken for expertise.  Outside firms are constantly upgrading their system offerings, training their tech staff on the most cutting edge solutions and have the resources to provide all of the proper certifications.  As a result, there is a greater likelihood that you will be getting the best possible range of solutions – that are built for the current state of technology. This is critical.  Swapping out old dead tech is a massive and costly disruption.

Second, and probably most important is cost.  With in-house staff, there are salaries and benefits. With an outside firm, you only pay either a fixed retained fee, or an hourly rate, so the costs are more manageable.  Plus, the outside firm is incentivized to do a better job in the hours allotted then someone who knows can rely on a salary and benefits.

Whether you’re looking for a preventative maintenance solution to keep IT costs predictable and avoid expensive computer problems, or a disaster recovery plan to get you back online quickly after an emergency, our technical support experts will meet with you to understand your business, and your IT needs, so that we can find the solution that’s right for you.

Proactive IT Services – Flat-rate, round-the-clock maintenance and monitoring to prevent problems before they turn into downtime

Remote Backup & Disaster Recovery – GCInfotech provides not only reliable automatic backups and archiving, but also a rock-solid plan of action for recovery in the event of a disaster.

Cloud Solutions – Anytime, anywhere access to your data and business applications including cloud online data backup.

Anti-Spam Solutions – Say goodbye to spam and hello to dramatically increased productivity

Help Desk Software – A turn-key, hosted service desk and ticketing system for assessing, assigning, and resolving service issues related to your small business

Outsourced IT Support – Focus on running your business instead of troubleshooting your network with GCInfotech custom IT services designed to fit your business and your needs. GCInfotech is proud to provide local businesses with professional IT Solutions in CT, New York City and beyond.

Contact us now to schedule your FREE Business Technology and Security Assessment

Data security is increasingly the primary IT issue among small businesses as it is the lifeline of any organization and critical for maintaining business continuity. While natural disasters such as tornadoes and hurricanes may be rare, server failures and human error are unfortunately common occurrences. No business is immune to these problems, so having some kind of data backup is essential.
Backing up critical business data can be an intimidating prospect. The biggest challenge that most small businesses today face while entrusting their critical data for backup to an external source are:

  • Privacy: Violation of data privacy or exposure during transfer or storage
  • Failure: Cumbersome and error prone backup and restore procedures
  • Uncertainty: No guarantees of 100% recovery of lost data
  • Security: High level of risk due to data storage on local servers
  • Legal: Not meeting regulatory requirements or industry standards for data protection and retention

Many small to mid-size businesses become overwhelmed with the choices – or are intimidated by the costs – and choose DYI solutions like simple file copying to local hard drives and server systems.  We think that while in the short term a DYI approach may seem like an adequate solution, however, the risks and dangers that come with this decision are far too great.  We as a rule insist that our clients use professional backup products to ensure that this critical aspect of their business is as secure and fool proof as possible.

Once the decision to use a backup provider service is made, choosing the right backup service is a challenging proposition. With so many products in the marketplace all making substantial claims and promises and offering a suite of confusing features and payment choices, it’s hard to know what options are best for your business.

 

GCInfotech strongly recommends that our clients consider a network-based internet backup service called IBackup from Pro Softnet Corporation.  This solution provides off-site automated backup over the internet.  GCInfotech currently uses their services for quite a few of its other clients, as well as our own web server.  For more information about their services and to sign up for this service you can follow this link. After you sign up with online storage plan on their site, GCInfotech IT professionals will take over and manage your online backup remotely.

IBackup offers encrypted data storage to prevent tampering of financial records and electronic communication and it’s safe archival offers IT departments the surety of complying with legal and federal regulations. With the IBackup service, restoration of data can be performed remotely via the provided software or shipped overnight free of charge on an external storage unit in the event of an emergency. We are available to discuss any additional functionalities and features and assist with the set-up and future service of the software.

After years of experience working with and evaluating numerous data backup service offerings, in our view IBackup offers a quick, secure, cost effective, automated backup / restore solution with minimal human intervention – and its the backup solution we use and recommend to our clients.  Stringent privacy control measures help mitigate any type of data theft and protect the loss of data during a system crash.

Benefits

  • Compatibility for Windows, Mac, and Linux
  • Intuitive, user-friendly interface
  • Allows for backup of external hard drives as well as mapped network drives
  • Offers Server backup modules
  • Mobile-friendly – apps and site interface

The Bottom Line

IBackup is a solid online backup service for businesses that need to backup servers that are easy to use, reliable, secure and mobile.  Here are a few things we like:

Features:

IBackup offers all of the requisite backup product features, including pre-scheduled backups, data compression, data encryption and incremental backups. In addition, IBackup also provides some nifty nonstandard features. One we like is the ability to e-mail file attachments directly into your online storage. Another is the ability to configure an online drive to appear as a local drive.  IBackup stores backup data in two separate data centers for extra reliability and can maintain up to 15 different versions of any individual file.

 

Intuitive, Ease of use:

IBackup provides features a fairly simple to use control panel. From this dashboard, you can choose the various files and data you want to back up, plus you can set a schedule of when you want the system to perform your backups, in increments if so desired.

The scheduled online data backup service will automatically send you email notifications when the backup functions are completed, and will alert you if there is an issue with a backup process, such as losing an internet connection. IBackup also features a powerful search function that allows users to easily manage multiple versions of a file, quickly view specific images and hunt down specific files and folders.

IBackup also allows selection and back up of files by specific file types – pdf, word, excel, etc., including internet data that has been stored on the users computer like as text chats, bookmarks and favorites from Chrome, Firefox and Internet Explorer. This function makes it easy to determine which file types that need to be backed up or excluded from backup. Instead of requiring the user to know the names of certain obscure file extensions from software applications like Adobe or Corel for example, the user can simply select the type of application that is needed and IBackup will identify those file types associated with those applications for back up or exclusion.

 

Email

IBackup also saves and stores email files, from most common browsers like Microsoft Outlook. The service also offers a Mac version that can work with Mac file types like Safari bookmarks and so on.

 

Security

IBackup offers solid remote backup tools. Users can access their files from any computer with a simple username and password and sync their backup files to a different computer. IBackup also provides a file-sharing service separate from its core backup service that features collaboration tools for small or large groups.

 

Versioning feature

Have you ever deleted a file by mistake? Or have you ever inadvertently overwritten a document you are working on?

We all have been here before:  You are working on an important document, make a mistake and then accidentally save it, rendering the document totally useless; unless you are able to revert back to an older version.  It is common that we realize this issue only when it’s too late, after having saved the file and then later realizing that you need an older version in order to track back to the pre-error stage of the document. Fortunately, with IBackup, it is easy to preserve and retrieve older versions of files. IBackup allows you to retain and restore previous versions of all files backed up to your account. The platform allows you to restore as many as 30 previous file versions of a document to any location on your local computer.

 

Cost Effective

IBackup’s current limited-time promotion offers 25 times the standard storage capacity at the same price (this capacity level will also remain locked in for the life of your account).  The cost for 500GB of storage stands at $19.95/month, which can be reduced further by paying a one-lump yearly total of $199.50 (saving an additional $40/year). Regardless of the payment option, you have the option of expanding the storage at any time based on their posted pricing (and promotions) at time of upgrade.

Start your online backup today by signing up with iBackUp and GCInfotech will help ensure that your company’s move to the cloud  is a smooth and painless process.