5 Easy tips for preventing data breaches

Keeping your personal and professional information safe from cybercriminals is not easy. It takes constant vigilance and frequent training. There are dozens of simple tools and tips to help people with almost zero expertise stay safe online, but these five are our favorites.

1. Multi-factor authentication (MFA)

This tool earns the number one spot on our list because it can keep you safe even after a hacker has stolen one of your passwords. That’s because MFA requires more than one form of identification to grant access to an account.

The most common example is a temporary code that is sent to your mobile device. Only someone with both the password and access to your smartphone will be able to log in. Almost any online account provider offers this service, and some let you require additional types of verification, such as a fingerprint or facial scan.

2. Password managers

Every online account linked to your name should have a unique password with at least 12 characters that doesn’t contain facts about you (avoid anniversary dates, pet names, etc.). Hackers have tools to guess thousands of passwords per second based on your personal details, and the first thing they do after cracking a password is to try it on other accounts.

Password manager apps create random strings of characters and let you save them in an encrypted list. You only need one complex password to log into the manager, and you’ll have easy access to all your credentials. No more memorizing long phrases, or reusing passwords!

3. Software updates

Software developers and hackers are constantly searching for vulnerabilities that can be exploited. Sometimes, a developer will find one before hackers and release a proactive update to fix it. Other times, hackers find the vulnerability first and release malware to exploit it, forcing the developer to issue a reactive update as quickly as possible.

Either way, you must update all your applications as often as possible. If you are too busy, check the software settings for an automatic update option. The inconvenience of updating when you aren’t prepared to is nothing compared to the pain of a data breach.

4. Disable flash player

Adobe Flash Player is one of the most popular ways to stream media on the web, but it has such a poor security record that most experts recommend that users block the plugin on all their devices. Flash Player has been hacked thousands of times, and products from companies like Microsoft, Apple, and Google regularly display reminders to turn it off. Open your web browser’s settings and look for the Plugins or Content Settings menu, then disable Adobe Flash Player.

 

5. HTTPS Everywhere

Just a few years ago, most websites used unencrypted connections, which meant anything you typed into a form on that site would be sent in plain text and could be intercepted with little effort. HTTPS was created to facilitate safer connections, but many sites were slow to adopt it or didn’t make it the default option.

HTTPS Everywhere is a browser extension that ensures you use an encrypted connection whenever possible and are alerted when one isn’t available on a page that requests sensitive information. It takes less than one minute and a few clicks to install it.

If you run a business with 10 or more employees, these simple tips won’t be enough to keep you safe. You’ll need a team of certified professionals that can install and manage several security solutions that work in unison. If you don’t have access to that level of expertise, our team is available to help. Give us a call today to learn more.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

/by
,

How to adjust your Windows 10 notifications

Unless the computer app is critical for your work, alerts about a new patch update or incoming message can distract you. Luckily, you can personalize your notifications settings on Windows 10’s action center using these three simple steps.

Overarching action center settings

First of all, you should customize your Windows 10 system-wide notifications settings. To view these:

  • Click on the Cortana icon on your taskbar and type ‘Notifications’.
  • Click ‘Notifications & actions settings’.

Here, you can turn off alerts entirely or customize the alerts for core functions such as alarms, reminders, and incoming VoIP calls.

Settings for individual applications

If you want to take a far more nuanced approach to your notifications, there are advanced options to create rules on an app-by-app basis. At the bottom of the ‘Notifications & actions’ setting screen is a section titled ‘Get notifications from these senders.’ By enabling any of the items in this list, you can open a new window full of more graded notifications options. From here, users can specify lock screen, sound, and priority settings for individual software.

You can also adjust the amount of notifications of a particular app in the ‘Number of notifications visible in action center’ setting. To do so, click on the app’s name and select the amount of notifications you’d like to receive at any given time. Although the default amount is three, you can choose to get up to 20 notifications.

Closing the blinds

For users who have no interest whatsoever in the Windows 10 action center, you can banish it entirely. To do this:

  • Open Cortana and search ‘Notification area’.
  • Click ‘Turn system icons on or off’.
  • Toggle the Action Center option to remove the icon from your taskbar.

You can also choose which apps to remove from your taskbar entirely. To do so, click the back arrow to return to the ‘Notification area’ window and choose ‘Select which icons appear on the taskbar’.

If artists have tools unique to their style, why shouldn’t the tools of your trade be tailored to your preferences? Get in touch with us today to speak with one of our tech-savvy specialists about your technology goals to start achieving new levels of productivity and efficiency on your Windows machine today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

/by

How to protect your company mobile devices

While mobile devices cannot equal what desktops and laptops can do, they’re inching pretty close to matching them. That’s why businesses are allowing their employees to use their smartphones and tablets, which help increase productivity and enhance collaboration. But mobile devices have also become the new targets of cybercriminals. Protect your devices with the following tips.

Ensure mobile OS is up-to-date

The updates on Apple and Android operating systems (OSs) improve overall user experience, but their most important function is to fix security vulnerabilities. Reduce your business’s exposure to threats by installing updates for all devices as soon as they become available. Don’t wait for a few weeks or months to update, as this give hackers ample time to exploit vulnerabilities on devices that run on an outdated OS.

Install business applications only

Downloading apps seems harmless. But lenient policies on what should and shouldn’t be downloaded on company mobile devices could lead to staff downloading and installing non-business-related apps from third-party stores, most of which are notorious for malicious advertising codes and other threats.

Be careful when connecting to public Wi-Fi networks

Emergency situations may compel you to use password-free Wi-Fi networks in hotels, airports, cafes, and other public places. Connecting to an open network can expose your confidential information and sensitive company data to hackers connected to the same network.

You can avoid this by providing a practical internet data plan, preferably one that includes roaming services, for remote workers. And if you really have to connect to an open Wi-Fi, don’t use the connection for transferring sensitive data.

Enable phone tracking tools

It’s sad but inevitable — losing a company-issued mobile device happens. Devices can be misplaced or stolen, and enabling Find My iPhone for iOS devices, GPS Phone Tracker for Android, or any device-tracking app helps users locate lost phones. Some also have the option to delete data in stolen devices. Downloading and setting up such an app only takes a few minutes, and it will give you peace of mind knowing that even if your phone is lost or stolen, its contents will not be compromised.

Screen SMS carefully

SMS phishing can be used to trick you into clicking malicious links. Hackers send messages purporting to be from someone you know, asking you to urgently send confidential data. Should you encounter such an SMS, you can either delete it or alert your IT department. You can also block unknown senders without even opening their message.

Mobile devices are becoming more critical to operations. And with more devices open to attack, businesses must bolster their cybersecurity efforts. Hackers will exploit every possible vulnerability, and that includes those in unsecured smartphones and tablets. Get in touch with us if you need comprehensive security solutions for your business.

Published with consideration from TechAdvisory.org SOURCE

 

/by

The true cost of an ugly website

We are taught never to judge a book by its cover. But in this superficial age, looks are everything, especially for websites. Your website is a customer’s first impression of your business, and if it doesn’t wow them, you’re losing money. Follow these best practices so you don’t end up in that situation.

A variety of professional photos

From pictures of your products to team photos, high-quality images are arguably the most important thing on your website. Blurry, outdated, or irrelevant pictures tell your site visitors that you don’t care about their browsing experience. In-house photos are the best option, but stock images shouldn’t cause any problems as long as they are optimized for mobile viewing and relevant to your content.

Navigation

Aside from one subpar imagery, linking to nonexistent pages is one of the best ways to turn site visitors away. Make sure it’s easy to navigate your site and remove outdated or irrelevant pages. You can’t sell 404 pages to customers, and if that’s all visitors can find, it’s game over.

Clear copywriting

The last thing you want to do is to confuse your customers, so it’s important to keep all of your product or service descriptions as straightforward and simple as possible. If what you’re selling has detailed information, such as dimensions or technical requirements, make sure it’s easy to find but not obtrusive.

Promises to site visitors

Any website that ships products should make its returns policy as visible as possible. This establishes trust early and some online shoppers make purchase decisions based solely on the clarity of a return policy.

If you don’t run an eCommerce site, you also need to prominently display privacy commitments, such as those mandated by the European Union’s General Data Protection Regulation (GDPR).

About page

Your brand needs a story behind it that customers can relate to. Every company website should have an About Us page that describes your team, its culture, and what sets you apart from the competition. Whatever your story is, make sure it’s accessible from any page on your site.

Design

Not everyone is a web design expert, but in today’s gig economy one is never too far away. If your budget is tight, there are DIY site builders specifically geared toward small businesses. Or with a relatively low monthly expenditure, you can hire a managed website provider.

With more revenue originating online, small- and medium-sized business owners can’t afford to overlook the importance of creating a fully functional website. For more information on building a modern website, call us today!

Ask yourself what your website is doing for you and whether it’s aligned with your business needs and objectives. The GCInfotech professional web design team is here to help.

Published with permission from TechAdvisory.org. SOURCE

 

 

/by

Top reasons for technology business reviews

Businesses need technology to be profitable and productive. But not all technologies are capable of delivering on their perceived benefits. To make sure your investments are still worth keeping, you need to perform technology business reviews.

What is a technology business review?
A technology business review reveals the strengths and weaknesses of your company’s IT framework. It’s often performed by a third-party IT consultant who will give an objective assessment of your technology and provide recommendations to help meet your goals. If done properly, technology business reviews allow you to:

 

Save money
Every review starts with a cost-benefit analysis to determine whether a solution you’ve implemented is worth the continued investment. If there are technologies costing you a fortune in management and maintenance fees, consultants will advise you to cut them from your budget. The best ones will even recommend cost-effective alternatives so you can do more with less.

 

Increase productivity
System-wide reviews of your IT infrastructure show you what processes are hindering operations and propose solutions that let you work faster and smarter. For example, if employees are mainly sharing files via email, consultants might suggest cloud collaboration platforms like Office 365 or G Suite that store data in a centralized location for seamless file sharing.

 

Enhance security and compliance
Technology business reviewers also uncover security risks within your business. Consultants scan for missed patches, poorly configured networks, and other software vulnerabilities that make it easy for cybercriminals to hack your systems.

 

They’ll then compile their findings to create a more robust defense strategy, usually one that involves implementing advanced solutions like intrusion prevention systems, file access restrictions, and patch management software.

If you operate a business that’s subjected to data regulations like HIPAA or PCI-DSS, consultants will also pinpoint IT practices and solutions that are noncompliant and customize a strategy that ensures the privacy, integrity, and availability of your data.

Implement technologies that fit
Considering that new technologies are released at a breakneck pace, it’s important you pick the ones that make sense for your operation, its goals, and the bottom line. Technology business reviews keep you up to date on the latest technology trends and gauge the impact of implementing them, so you can make informed decisions.

 

Whether your goal is to increase profits, productivity, security, or all of the above, technology business reviews can put you on the right track. Our seasoned IT consultants can conduct these reviews for you and develop a strategy that gives you an edge over the competition. Just give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

/by

How does end of support affect Windows users?

Windows 7 was one of Microsoft’s popular and best-loved operating systems (OS), and most of us are still using it. But like the OSs before it, Windows 7 will eventually reach the end of its lifecycle. Mainstream end of support for Windows came into effect on January 13, 2015, but extended support won’t end until January 14, 2020. Find out what this means for you.

No more security updates

End of support for Windows means Microsoft stops issuing security updates for that operating system (OS). For example, Windows Vista and Windows XP can no longer receive security updates despite the substantial security holes found in them.

On January 14, 2020, the same will be true for Windows 7. From there, you’ll be on your own. You can still use antivirus tools and other security software for protection, but they won’t be enough to defend against bigger threats. Security software will also gradually drop support for older versions of Windows. Large organizations can sign “custom support” contracts to keep getting security updates while they transition to a new OS. But Microsoft will ratchet up the price going forward to encourage those organizations to move to a new version of Windows.

Software companies will halt support too

When Microsoft ends support for an OS, that’s also the signal for third-party companies to stop supporting that particular version of Windows with their own software and hardware. This doesn’t happen immediately but it does eventually.

For example, Windows XP support ended on April 8, 2014, but Chrome didn’t stop supporting Windows XP until April 2016, two years later. Mozilla Firefox stopped supporting Windows XP in June 2018. Steam will officially drop support for Windows XP and Windows Vista on January 1, 2019. On the other hand, software companies dropped support for Windows Vista more quickly, as it was much less popular than Windows XP.

New hardware may not work

New hardware components and peripherals will stop working on your system too. These need hardware drivers, and manufacturers might not create those hardware drivers for your old, out-of-date OS.

Presently, the latest Intel CPU platforms don’t even support Windows 7 and 8.1. However, the operating systems are technically still in “extended support.” You can keep using your old OS with your current software and hardware, but you have no guarantees of future updates or compatibility.

When will Microsoft end support?

Microsoft has a well-defined support lifecycle for its software products. They come ahead of time so they’re never a surprise. The agreement includes the assurance that Microsoft is committed to providing products with improved security. While they may be unable to provide security updates for older products, they do advise customers to install the latest product releases, security updates, as well as service packs to remain as secure as possible.

 

Upgrading is better than using unsupported Windows

The support lifecycle is rapidly fading away as Microsoft shifts to its Windows as a service and Office 365 subscription models. If you want to prevent security frustrations, it’s best to upgrade to a newer version of Windows. Should you need help in upgrading, or have further concerns about your current Windows, give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

/by
,

3 ways to browse the net safely at work

Amidst the current climate of malware, hacks, and phishing scams, the internet really isn’t safe for any company that doesn’t take precautions. Without safeguards, browsers that you or your employees use are vulnerable to cyber attacks that may cripple productivity and profit. There are wise steps that every company should take to browse the net safely.

Data stored on desktops, servers and in the cloud, doesn’t make it safe. If anything, it makes it available to anyone who has the desire and capabilities to hack into your system and cause mayhem for your business operations.

One thing you should be doing to protect your data – and your company – is to make use of privacy-protecting browser extensions. Depending on the nature of your business, both you and your employees are likely to be online at least some, if not all, of the working day. What are some of the browser extensions that can make the experience more secure?

Prevent browser tracking

If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, try installing a tool for private browsing. These programs offer protection against tracking by blocking third-party cookies as well as malware. Some extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter, Facebook or Google+.

Blocking adverts

While online ads may seem harmless, the truth is they can contain scripts and widgets that send your data back to a third party. A decent ad blocking program will block banner, rollover and pop-up ads, and also prevent you from inadvertently visiting a site that may contain malware.

Many blockers contain additional features such as the ability to disable cookies and scripts used by third-parties on a site, the option to block specific items, and even options to ‘clean up’ Facebook, and hide YouTube comments. The major blockers work with Google Chrome, Safari, and Firefox and you’ll be able to find everything from user-friendly solutions to more advanced tools that are customizable down to the tiniest degree.

Consider installing a VPN

Unfortunately, browser tracking, malware, and adware are not the only internet nasties that you need to be concerned about. but the good news is that there a number of other extensions that you can download to really get a grip on your online safety. A VPN (Virtual Private Network) is something else to consider. VPNs encrypt your internet traffic, effectively shutting out anyone who may be trying to see what you’re doing.

Commonly used in countries where the internet is heavily censored by the powers that be, a VPN allows for private browsing as well as enabling users to access blocked sites – in China’s case that’s anything from blogs criticizing the government to Facebook and Instagram. There are hundreds of VPNs on the market so do a little research and find one that suits you best.

Finally, it goes without saying that having anti-virus and anti-malware software installed on your PC, tablet, and even your smartphone is crucial if you want to ensure your online safety.

Is browsing at your workplace secure? Would you like a more comprehensive security system for your business? We can tell you all about it and help your business protect itself from online threats. Get in touch with us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

/by
,

Obsolete firmware poses security risks

Are you still using that old computer that is not-so gracefully aging and devaluing? Maybe you are running important programs on older machines with old operating systems since they “still work fine.” While it might still help you get the job done, there may be hidden security risks that can lead to major problems later on.

What is firmware?

Firmware is a basic type of software that is embedded into every piece of hardware. It cannot be uninstalled or removed, and is only compatible with the make and model of the hardware it is installed on. Think of it like a translator between your stiff and unchanging hardware and your fluid and evolving software.

 

For example, Windows can be installed on almost any computer, and it helps users surf the internet and watch YouTube videos. But how does Windows know how to communicate and connect with your hardware router to do all that? Firmware on your router allows you to update and modify settings so other, higher-level pieces of software can interact with it.

 

Why is firmware security important?

 

Firmware installed on a router is a great example of why addressing this issue is so critical. When you buy a router and plug it in, it should be able to connect devices to your wireless network with almost zero input from you. However, leaving default settings such as the username and password for web browser access will leave you woefully exposed.

 

And the username and password example is just one of hundreds. More experienced hackers can exploit holes that even experienced users have no way of fixing. The only way to secure these hardware security gaps is with firmware updates from the device’s manufacturer.

 

How do I protect myself?

 

Firmware exploits are not rare occurrences. Not too long ago, a cybersecurity professional discovered that sending a 33-character text message to a router generated an SMS response that included the administrator username and password.

 

Unfortunately, every manufacturer has different procedures for checking and updating firmware. The best place to start is Googling “[manufacturer name] router firmware update.” For instance, if you have a DLink of Netgear router, typing “192.168.0.1” into a web browser will allow you to access its firmware and update process, assuming you have the username and password.

 

Remember that routers are just one example of how firmware affects your cybersecurity posture. Hard drives, motherboards, and even mice and keyboards need to be checked. Routinely checking all your devices for firmware updates should be combined with the same process you use to check for software updates.

It can be a tedious process, and we highly recommend hiring an IT provider to take care of it for you. If you’re curious about what else we can do to help, give us a call today!

 

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

 

/by

5 proactive defenses against cyberattacks

As IT security consultants, we’re stuck between a rock and a hard place. Managed IT services providers (MSPs) such as ours want to provide clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most fundamental aspects of cybersecurity would most likely put you to sleep instead of convince you of our expertise. But if there’s one topic you need to stay awake for, it is proactive security.

Understand the threats you’re facing

Before any small- or medium-sized business (SMB) can work toward preventing cyberattacks, everyone involved needs to know exactly what they’re up against. Whether you’re working with in-house IT staff or an MSP, you should review what types of attacks are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every company device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cybersecurity field and auditing your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measures versus your reactive measures.

Before you can start improving your cybersecurity approach, you need to know where your baseline is. Devise a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint weak spots in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategy needs to be. With an experienced technology consultant on board for the entire process, you can easily synthesize the results of your simulation into a multi-pronged approach to proactive security:

  • Security awareness seminars that coach all internal stakeholders– train everyone from the receptionist to the CEO about effective security practices such as password management, proper mobile device usage, and spam awareness
  • Front-line defenses like intrusion prevention systems and hardware firewalls– scrutinize everything trying to sneak its way in through the borders of your network
  • Routine checkups for software updates, licenses, and patches– minimize the chance of leaving a backdoor to your network open
  • Web-filtering services– blacklist dangerous and inappropriate sites for anyone on your network
  • Updated antivirus software– protect your data and systems against the latest and most menacing malware

 

As soon as you focus on preventing downtime events instead of reacting to them, your IT infrastructure will increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cybersecurity by giving us a call for a demonstration.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

 

Published with consideration from TechAdvisory.org SOURCE

/by
,

How Office 365 deals with phishing attacks

Microsoft not only builds robust productivity solutions for its customers, but it also prioritizes their security above all else. This year, the company invested a lot of money to protect Office 365 subscribers from increasingly sophisticated phishing scams. Read on to learn more about what they did.

Effective anti-phishing solutions must be able to recognize the key elements of a phishing attack, which includes spoofed (or forged) emails, compromised accounts, unsafe links, and harmful attachments. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features so it can better detect these elements and prevent a wide variety of phishing scams. These enhancements include:

  • Anti-impersonation measures –ATP will now look for potential phishing indicators in an email, including the sender’s address, name, and links, to identify whether the user is being impersonated. You can specify high-profile targets within your organization, such as managers and C-level executives, so Office 365 can protect these users from email impersonation. Office 365 also utilizes machine learning to analyze a user’s email patterns and flag suspicious contacts that have had no prior correspondence with your company.
  • Anti-spoofing technology –This feature reviews and blocks senders that disguise their true email address. You can even enable safety tips that flag certain email domains that have strange characters. For instance, if your real domain is Acme.com, a spoofed domain could be Acḿcom.
  • Email link scanning –Office 365 launched Safe Links, which scans emails for fraudulent links and redirects users to a safe page in case it does contain harmful materials. This feature also applies to email attachments, ensuring you’re protected against all types of phishing scams.

 

Due to these improvements, Office 365 had the lowest phish rate among other well-known email services between May 1 and September 16, 2018. The company has stopped over five billion phishing attempts and protected users against seven billion potentially malicious links. If you’re looking for a secure email platform, Office 365 is the best option for your business.

That said, it’s not a substitute for good security awareness. No matter how secure Office 365 is, employees still need to be adequately trained to recognize a phishing email when they see one. Hackers are constantly changing their tactics to evade Office 365’s detection systems, so it’s important that everyone is alert at all times.

If you need a well-fortified email service, we can implement and manage Office 365 for you. We even offer practical security advice to make sure your business, employees, and assets are safe and sound.  If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by