We’ve been programmed to think the newest or latest version of something is a “must have” but in the case of Windows 8, there is a lot to consider.

Former Microsoft Windows Division President Steven Sinofsky described Windows 8 as “a generational change” the likes of which hasn’t been made since Windows 95. And indeed, the majority of the information found on the Web concerning Windows 8 is how brilliant it is on mobile devices. However, the praise ends there and the critics raise their heads when the conversation turns to Windows 8 on desktops and laptops. 

Pros and Cons

As with anything, there is good and bad.  It’s a completely capable OS and should not be totally dismissed but it’s worth weighing some of the pros and cons.

Pros:

  • Runs on desktops, laptops, tablets, and mobile phones
  • Faster start up. Also performs quicker when run through several benchmark performance tests than either Windows 7 (or Apple’s Mountain Lion).
  • Battery life has significantly improved on laptops and tablets.
  • Features like File History, Storage Space and improved Internet Explorer (although all of these are available in previous versions of Windows).
  • New feature SecureBoot, which has the potential to reduce viruses and other malware for some users.
  • Access to apps and upgrades available through the new Windows Store

Cons:

  • Mobile-centric design which wastes screen “real estate” on desktops/laptops.
  • Involves a steep learning curve.
  • No systems tray; the Start button/menu has disappeared, as well as the Programs menu (although Microsoft has some changes planned in Windows 8.1 due out shortly).
  • Interface is clumsy and wildly unpopular.

The online IT magazine TechRepulic conducted a poll of its membership of IT professionals in October 2012 in which 72.9% of respondents (over 1200 respondents in total) stated their organizations have no plans to deploy Windows 8 in the near future, 23.8% reporting that they will skip the OS altogether. 61.2% of the respondents who do plan to deploy Windows 8 indicated tablet/mobile integration was a major factor in doing so.

So how do you know what to do?

When all the tech blogs are crammed with people’s opinions, rather than straight facts, it’s sometimes hard to know if you should take the plunge or not.  We are of the opinion that if your organization is looking to make a big move towards mobile or touchscreen devices, then Windows 8 may be a good way to go.  Undeniably, Windows 8 shines most on a touchscreen system.

If it’s business as usual in your office then there is no good reason to upgrade at this point given the level of disruption and subsequent training it would entail.  However, take note that change is coming and Windows 8 is a glimpse into the future.

What if you need a new computer?

Currently there are still new computers on the market that use the Windows 7 operating systems, particularly through resellers such as CDW.com. Additionally, you can still buy the Windows 7 software to upgrade from Windows XP and some Windows 8 licenses can be downgraded to Windows 7.  But we suspect time is running out, so make a decision quickly.

Manufacturers of computers will soon be forcing you to pick Windows 8 if you want an OS.  When this happens, there are a few options available so don’t feel trapped. For instance, Dell offers computers with no OS without the cost of a Windows OS license.  Some Windows 7 keys are transferable to a new computer, assuming you remove the key/OS from the old computer.  You will have to install the OS yourself and call Microsoft to transfer the key, but it’s a perfectly reasonable way to continue using Windows 7 and save some money (be aware – this will depend on who manufactured both the old and the new machines).

Whether you decide to upgrade or stick with what you have, GCInfotech can walk you through the process and ensure your business has the least amount of disruption.

 

GCInfotech is your total business IT solutions resource for your Mobile Workforce

How important is smart device security?

Convenience is at the forefront of our lives. For businesses, this means a rapidly evolving security landscape that’s leaving many companies, and their IT departments, overwhelmed and scrambling. Smartphones and tablets and other embedded devices like printers and scanners utilize ingenious technology and provide significant benefit to how we do business, but they call into question the very serious issue of usability versus security.

Recent polls of management level employees suggest that upwards of 50% of them don’t know how their organizations identify compromised devices on their network. Additionally, polls of IT professionals show that data security threats at the office frequently go unmanaged due to insufficient resources or in some cases a lack of awareness that a situation even exists. Device manufacturers tend to focus on usability and place little emphasis on built-in software protections, contributing to data and network vulnerabilities. The challenge for device engineers is compressing large and slow software into a tiny space, which makes creating operating systems and software to run on these devices extremely difficult. Decisions invariably must be made regarding what features to include– if richness of features is forsaken for security measures, then how useful is the device in the first place?

Many of us may not even realize which office devices can pose a significant security threat. Here’s a list of culprits and the backend attacks they are susceptible to:

  • Printers – Remote reconfiguration or access to previously printed documents
  • Timeclocks – Access to employee information and payroll
  • Photocopiers – Retrieve documents over the web
  • Scanners – Remote operation or access to hard drive of previously scanned documents
  • Telephone Systems – Eavesdropping
  • Webcams – Hijack and enable without the owner’s knowledge

Best practice begins with two essential steps– first, a comprehensive IT policy that integrates and safeguards all office equipment, including those often forgotten about embedded devices; and second, an employee education program that’s clear, concise and tailored to your company. GCInfotech can assist you with a security evaluation of your office equipment as well as help you devise an employee education plan that’s appropriate for today’s security landscape.

GCINFOTECH

One of the most frequent threats on the Web today.

Since we wrote an article on the imminent threat posed by rogue security software (scareware) and cyber criminals, we have received numerous inquiries requesting more information on how to protect computers and networks from these elusive intruders. We would like to share notable examples of fraudulent system alerts and expand on a few known malware manifestations in order to help you better identify security risks. 

Critical Security Measures

  • Keep Java & .NET up-to-date, as both are used in almost all platforms.
  • Schedule Windows Updates to install automatically, or periodically check your system to ensure there are no critical patches requiring action (Start Menu/ Control Panel/ Windows Update).
  • Maintain Anti-Virus & Malware protection.
  • Install a firewall and keep it turned on.
  • Use caution when you click links in email, on social networking websites, or on pop-ups.
  • Make sure you and your fellow co-workers are familiar with common phishing scams.

Fake Virus AlertCiti Phishing Scam

Windows Security Alert  This fake security alert is deceptively similar in appearance to a legitimate system alert, though pay close attention to its language. Are words misspelled? Are there errors with basic grammar? It’s important to examine these alerts for telltale signs of fraud.

Citi Email Phishing  Common phishing scams frequently appear to come from financial institutions and can be difficult to identify especially if you happen to have an account with that institution. Again, look for language inconsistencies and examine the link provided to determine where it actually goes. As a general rule, banks will never ask for personal information in an email, so the best defense is to use common sense.

Spyware Software WarningFake task bar security alert

Common fake task bar alerts  Learn what security software you have installed on your computer. This will help you determine the validity of pop-up alerts warning you of infections on your system. Remember, they’re designed to scare and lure you into a fraudulent scheme that ends with you inputting your credit card or other personal information.

If you have any questions or concerns regarding the safety of your computers and networks, or scareware in general,  do not hesitate to give GCInfotech a call today and one of our technical consultants will be happy to assist you.

GCINFOTECH

Beware of Scareware

Fake Anti-Virus and Rogue Security Software – One of the most frequent threats on the Web today.

Have you ever experienced a random pop-up on your computer warning you of an egregious security risk to your system? It may even appear disguised as one of the legitimate Windows security updates that you’re accustomed to seeing. That’s exactly the illusion that cyber criminals intend to create.

What is fake anti-virus?
Also known as scareware or rogue security software, fake anti-virus is a form of social engineering that lures users to malicious sites and scares them into purchasing fake threat removal tools. This brand of trickery garners big bucks for cyber criminals. Once your system is infected, common manifestations include incessant displays of false alert messages that won’t cease until payment is made or the malware is removed, fake Facebook application invitations, 9/11 scams, and ads for fake comprehensive anti-virus packages. In most cases, the malware pretends to find dangerous security threats on your system and offers a free scan while simultaneously compiling folders of junk on your hard drive that the scan can then detect. From the authentic looking pop-up warning to the professionally crafted website it directs you to, it’s an elaborate ruse to scare you into purchasing a fake anti-virus software.

What can it do to my computer?
Malware authors program certain behaviors to make your system errors seem real and believable, which increases the likelihood that you will purchase a fake anti-virus program. Some of those behaviors include:
  • Prevent anti-malware programs from running
  • Disable automatic system software updates
  • Block access to websites of anti-malware vendors
  • Download other types of malware, like banking trojans
  • Interfere with or corrupt normal system activity and critical processes
  • Disable the task manager and make use of the registry editor
  • Redirect web requests from legitimate websites to error pages or malicious websites
  • Deny access to certain programs
  • Disable parts of the system to prevent an uninstall

How can I protect myself?
Cyber criminals employ a huge variety of tactics to compromise your system– to name a few, SEO poisoning, imbedding code in legitimate websites and advertising feeds, and email spam campaigns (i.e. “you have received an e-card”, account suspension and password reset scams). According to a 2010 study by Google, 11,000 domains hosting fake anti-virus software were found, which accounts for 50% of all malware that’s delivered via internet advertising. These lucrative criminal networks grow daily and their contrivances will only continue with time.

Protection begins with a comprehensive and layered security solution. Whether you’re an individual user or a network of users, always adhere to internet use best practices. Keep your browsers and version of Windows up-to-date. Configure your pop-up blockers and familiarize yourself with what anti-virus solution you have installed so you’re able to recognize inconsistencies.

security

Cyber thieves target SMBs….are you safe?

  • It’s estimated that small businesses have lost $250 million due to various forms of cyber attacks.
  • A 2010 survey by Symantec Corp. of small and medium-size companies showed that about 73% of businesses reported they had been targets of cyber attacks in the last year.
  • 63% of data breaches reported in 2010 were at companies with 100 or fewer employees.
  • 95% of credit card breaches that Visa has discovered have been hits on small businesses.
  • Less than 50% of small businesses are estimated to assess and test their security safeguards.

The facts don’t lie, friends. The myth that any business is too small to get hit, is just that – a myth. Cyber security is not just for big businesses anymore. Hackers can steal data from at least a dozen small businesses in the same time that it takes for them to hack into one large corporation. And experts believe that the situation will only get worse before it gets better.

As more businesses hook into high speed internet, hackers are able to expand their target base and take advantage of small businesses that have weak security safeguards. Cyber criminals are taking notice– companies that store data in electronic form, or rely on computerized systems and digital records as many companies are now doing, are putting themselves at great risk. Cyber thieves are no longer discriminating, making it ever more important to take precautions to protect your business from online intruders.

How are they getting into your system?  

Though a broadband connection offers blazing internet speed, it can also mean greater susceptibility to cyber attack. Broadband is a direct connection to the internet that is always on, so because broadband usually has a static IP address with open, unprotected ports, a browser or your email does not have to be up in order for a hacker to enter your system. Hackers can locate these unprotected ports through a port scan, after which there’s no telling what they can do. This is particularly critical for businesses that do credit card transactions, as hackers can get their hands on the private financial information of customers.
Another way they might enter your system is through attachments or links sent to employees that implant computer code onto your computer. Once in, they can use your systems and your bandwidth to launch attacks on other businesses. The banks do in fact have security measures in place to help you protect against these types of cyber intrusion, but unfortunately due to inadequate regulations many banks are skirting this legal responsibility and only providing a bare minimum of protection, leaving many businesses open to fraud. For a growing number of small businesses, this system vulnerability often leads to significant financial loss, as most lawsuit complaints never even go to trial or only reproduce pennies on the dollar to make up for stolen money.

What can you do about it?

  • Make yourself invisible to the bad guys by installing and regularly updating an electronic firewall.
  • Don’t rely solely on your anti-virus software. It’s helpful, but not fail-proof.
  • Audit the data on your network, especially financial information.
  • Implement and explain an acceptable use policy for web browsing.
  • Educate your users on the dangers of open surfing while connected to the company network.
  • Remember basic security measures such as changing default passwords and creating secure passwords! Your last name, birthday, or 1234567 are NOT going to keep cyber criminals out!

Bottom line, cyber thieves are constantly on the prowl for the weakest link. Data security is not just important, it’s absolutely essential to the sustainability of your business. Give GCInfotech a call today to discuss how we can help you take the necessary precautions to keep your business data safe and secure!

GCInfotech is your total business IT solutions resource for your Mobile Workforce

Every year in the US alone over 100 million cell phones are retired, disposed and/or replaced. It’s estimated that Americans swap cell phones every 18 months on average, tossing their old cell phones into a drawer or worse yet, into the waste stream. Aside from the imminent risk of identity theft or private information going public, cell phones contain many hazardous materials that if improperly disposed can be harmful to the environment.

Consider two environmentally responsible and humanitarian alternatives for cell phone disposal: recycle or donate. The EPA claims that for every million cell phones recycled, we can recover 35 thousand pounds of copper, 772 pounds of silver, 75 pounds of gold, and 33 pounds of palladium. If not recycle, then donate to one of the numerous organizations that exist for refurbishment and redistribution that offer a potential second life before disposal (see below for a list of donation programs). For years, GCInfotech accepted old phones and made donations on behalf of its clients to organizations such as Cell Phones for Soldiers.

It’s extremely important to take proper precautions to wipe your phone of data and restore it to its factory settings before recycling or donating. Manually deleting text messages, call records and contact lists isn’t nearly enough to combat unauthorized use or protect your personal information once the phone is gone. Wiping it clean of all data may be harder than you think.

Here are details for how to do it:

  1. Remove SIM card
  2. Remove memory card
  3. Perform a master reset, often referred to in the phone’s settings as “Factory data reset” or “Wipe Handheld” (Check the phone’s manual or the internet for specific instructions regarding your phone’s make and model. The reset process is not the same for all phones.)
  4. Check with your carrier to make sure your account has been terminated. If not, others may still be able to use the device, and on your dollar. If you’re maintaining the same account, activating a new device and deactivating the old one, check your bill carefully to determine that the old device is not somehow still using that account.

Contact GCInfotech today if you have any questions about what to do with your old cell phones, or if you have any other technology concerns that we may help you with.

Cell Phone Donation Programs:

American Cellular Donation Organization Cell Phones for Soldiers
Charitable Recycling Program CollectiveGood
Donate a Phone Call to Protect Good Deed Foundation
Recellular Inc. Recycle for Breast Cancer
RMS Communications Group, Inc. Wireless Foundation
Earth911 Sprint Project Connect
Verizon Wireless HopeLine AT&T Wireless
GCInfotech is your total business IT solutions resource for your Mobile Workforce

How Smart is your Smartphone?

The smartphone continues to revolutionize the business world as new and innovative phones flood the market and slick apps make it easier to do business around the clock, from anywhere. From a profitability and productivity standpoint, the business enhancing affects are unquestionable. But with this rapid progression in smartphone technology come new mobile security challenges that not only CIOs and IT staff need to think about, but also small business owners and managers. Smart phones can be open portals to sensitive personal information and your corporate network making it absolutely crucial to understand the mobile security risks and how to maintain the integrity of your data.

GCInfotech’s Cory Visi adds, “Like laptops, smartphones are an extension of your corporation’s network not only containing sensitive or confidential data, but through VPN capabilities it can allow direct connectivity to the heart of your company’s business. It is imperative for the network administrator to view smartphones the same as employee laptops, and to apply the same (if not greater) precautions and access levels restricting access to the corporate network.”

36% of business network attacks originate from end-user devices, and according to the 2010 Data Breach study
28% of attacks occur through the various social networks that employees enjoy on their smartphones

Monitoring these types of activities and deploying a mobile device use policy will go a long way in securing sensitive company data that travels between the company network and employee smartphones. With volume of apps available, and with the rate at which they enter the market, it’s understandable that not all apps are vetted before they’re available for download. This is a huge source of vulnerability and an increasingly inviting platform for malicious criminal activity that can have devastating effects on your business. Policy should define and restrict which smartphones may be used on a corporate network.  If the phone does not support features such as password protection, or remote-wipe (ability to remotely erase the phone if lost) for example, it should not be allowed to access company data.

If you already have one or plan to deploy a business smartphone to your workforce, give some thought to the following:

  • Education. Make your employees aware of how their smartphone interacts with your network.
  • Create and strictly enforce a use policy, and ensure that security apps are included in said policy.
  • Understand that not all smartphones operate on the same platform. Phone software packages have holes and no carrier is immune to malware and viruses. Learn about the various vulnerabilities and safeguards of the smartphone options you’re considering.
  • Require employees to sync their phones regularly, keeping sensitive data off of their phones.
  • Maintain a corporate firewall and regularly monitor all server activity.
  • Limit employee permissions to only what they need to get their job done.
  • Have authentication protocols in place for accessing corporate networks.
  • Keep malware definitions up to date and running on all security software.

GCInfotech will help you maintain the integrity of your corporate network and mission-critical data. If you have any questions or concerns regarding how to develop a strategy for mobile phone security in your company, give us a call.