Windows 7 was one of Microsoft’s popular and best-loved operating systems (OS), and most of us are still using it. But like the OSs before it, Windows 7 will eventually reach the end of its lifecycle. Mainstream end of support for Windows came into effect on January 13, 2015, but extended support won’t end until January 14, 2020. Find out what this means for you.

No more security updates

End of support for Windows means Microsoft stops issuing security updates for that operating system (OS). For example, Windows Vista and Windows XP can no longer receive security updates despite the substantial security holes found in them.

On January 14, 2020, the same will be true for Windows 7. From there, you’ll be on your own. You can still use antivirus tools and other security software for protection, but they won’t be enough to defend against bigger threats. Security software will also gradually drop support for older versions of Windows. Large organizations can sign “custom support” contracts to keep getting security updates while they transition to a new OS. But Microsoft will ratchet up the price going forward to encourage those organizations to move to a new version of Windows.

Software companies will halt support too

When Microsoft ends support for an OS, that’s also the signal for third-party companies to stop supporting that particular version of Windows with their own software and hardware. This doesn’t happen immediately but it does eventually.

For example, Windows XP support ended on April 8, 2014, but Chrome didn’t stop supporting Windows XP until April 2016, two years later. Mozilla Firefox stopped supporting Windows XP in June 2018. Steam will officially drop support for Windows XP and Windows Vista on January 1, 2019. On the other hand, software companies dropped support for Windows Vista more quickly, as it was much less popular than Windows XP.

New hardware may not work

New hardware components and peripherals will stop working on your system too. These need hardware drivers, and manufacturers might not create those hardware drivers for your old, out-of-date OS.

Presently, the latest Intel CPU platforms don’t even support Windows 7 and 8.1. However, the operating systems are technically still in “extended support.” You can keep using your old OS with your current software and hardware, but you have no guarantees of future updates or compatibility.

When will Microsoft end support?

Microsoft has a well-defined support lifecycle for its software products. They come ahead of time so they’re never a surprise. The agreement includes the assurance that Microsoft is committed to providing products with improved security. While they may be unable to provide security updates for older products, they do advise customers to install the latest product releases, security updates, as well as service packs to remain as secure as possible.

 

Upgrading is better than using unsupported Windows

The support lifecycle is rapidly fading away as Microsoft shifts to its Windows as a service and Office 365 subscription models. If you want to prevent security frustrations, it’s best to upgrade to a newer version of Windows. Should you need help in upgrading, or have further concerns about your current Windows, give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

Amidst the current climate of malware, hacks, and phishing scams, the internet really isn’t safe for any company that doesn’t take precautions. Without safeguards, browsers that you or your employees use are vulnerable to cyber attacks that may cripple productivity and profit. There are wise steps that every company should take to browse the net safely.

Data stored on desktops, servers and in the cloud, doesn’t make it safe. If anything, it makes it available to anyone who has the desire and capabilities to hack into your system and cause mayhem for your business operations.

One thing you should be doing to protect your data – and your company – is to make use of privacy-protecting browser extensions. Depending on the nature of your business, both you and your employees are likely to be online at least some, if not all, of the working day. What are some of the browser extensions that can make the experience more secure?

Prevent browser tracking

If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, try installing a tool for private browsing. These programs offer protection against tracking by blocking third-party cookies as well as malware. Some extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter, Facebook or Google+.

Blocking adverts

While online ads may seem harmless, the truth is they can contain scripts and widgets that send your data back to a third party. A decent ad blocking program will block banner, rollover and pop-up ads, and also prevent you from inadvertently visiting a site that may contain malware.

Many blockers contain additional features such as the ability to disable cookies and scripts used by third-parties on a site, the option to block specific items, and even options to ‘clean up’ Facebook, and hide YouTube comments. The major blockers work with Google Chrome, Safari, and Firefox and you’ll be able to find everything from user-friendly solutions to more advanced tools that are customizable down to the tiniest degree.

Consider installing a VPN

Unfortunately, browser tracking, malware, and adware are not the only internet nasties that you need to be concerned about. but the good news is that there a number of other extensions that you can download to really get a grip on your online safety. A VPN (Virtual Private Network) is something else to consider. VPNs encrypt your internet traffic, effectively shutting out anyone who may be trying to see what you’re doing.

Commonly used in countries where the internet is heavily censored by the powers that be, a VPN allows for private browsing as well as enabling users to access blocked sites – in China’s case that’s anything from blogs criticizing the government to Facebook and Instagram. There are hundreds of VPNs on the market so do a little research and find one that suits you best.

Finally, it goes without saying that having anti-virus and anti-malware software installed on your PC, tablet, and even your smartphone is crucial if you want to ensure your online safety.

Is browsing at your workplace secure? Would you like a more comprehensive security system for your business? We can tell you all about it and help your business protect itself from online threats. Get in touch with us today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

Are you still using that old computer that is not-so gracefully aging and devaluing? Maybe you are running important programs on older machines with old operating systems since they “still work fine.” While it might still help you get the job done, there may be hidden security risks that can lead to major problems later on.

What is firmware?

Firmware is a basic type of software that is embedded into every piece of hardware. It cannot be uninstalled or removed, and is only compatible with the make and model of the hardware it is installed on. Think of it like a translator between your stiff and unchanging hardware and your fluid and evolving software.

 

For example, Windows can be installed on almost any computer, and it helps users surf the internet and watch YouTube videos. But how does Windows know how to communicate and connect with your hardware router to do all that? Firmware on your router allows you to update and modify settings so other, higher-level pieces of software can interact with it.

 

Why is firmware security important?

 

Firmware installed on a router is a great example of why addressing this issue is so critical. When you buy a router and plug it in, it should be able to connect devices to your wireless network with almost zero input from you. However, leaving default settings such as the username and password for web browser access will leave you woefully exposed.

 

And the username and password example is just one of hundreds. More experienced hackers can exploit holes that even experienced users have no way of fixing. The only way to secure these hardware security gaps is with firmware updates from the device’s manufacturer.

 

How do I protect myself?

 

Firmware exploits are not rare occurrences. Not too long ago, a cybersecurity professional discovered that sending a 33-character text message to a router generated an SMS response that included the administrator username and password.

 

Unfortunately, every manufacturer has different procedures for checking and updating firmware. The best place to start is Googling “[manufacturer name] router firmware update.” For instance, if you have a DLink of Netgear router, typing “192.168.0.1” into a web browser will allow you to access its firmware and update process, assuming you have the username and password.

 

Remember that routers are just one example of how firmware affects your cybersecurity posture. Hard drives, motherboards, and even mice and keyboards need to be checked. Routinely checking all your devices for firmware updates should be combined with the same process you use to check for software updates.

It can be a tedious process, and we highly recommend hiring an IT provider to take care of it for you. If you’re curious about what else we can do to help, give us a call today!

 

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

 

As IT security consultants, we’re stuck between a rock and a hard place. Managed IT services providers (MSPs) such as ours want to provide clients with enterprise-level IT, but that requires that we specialize in overwhelmingly intricate technology. Explaining even the most fundamental aspects of cybersecurity would most likely put you to sleep instead of convince you of our expertise. But if there’s one topic you need to stay awake for, it is proactive security.

Understand the threats you’re facing

Before any small- or medium-sized business (SMB) can work toward preventing cyberattacks, everyone involved needs to know exactly what they’re up against. Whether you’re working with in-house IT staff or an MSP, you should review what types of attacks are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every company device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cybersecurity field and auditing your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measures versus your reactive measures.

Before you can start improving your cybersecurity approach, you need to know where your baseline is. Devise a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint weak spots in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategy needs to be. With an experienced technology consultant on board for the entire process, you can easily synthesize the results of your simulation into a multi-pronged approach to proactive security:

  • Security awareness seminars that coach all internal stakeholders– train everyone from the receptionist to the CEO about effective security practices such as password management, proper mobile device usage, and spam awareness
  • Front-line defenses like intrusion prevention systems and hardware firewalls– scrutinize everything trying to sneak its way in through the borders of your network
  • Routine checkups for software updates, licenses, and patches– minimize the chance of leaving a backdoor to your network open
  • Web-filtering services– blacklist dangerous and inappropriate sites for anyone on your network
  • Updated antivirus software– protect your data and systems against the latest and most menacing malware

 

As soon as you focus on preventing downtime events instead of reacting to them, your IT infrastructure will increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cybersecurity by giving us a call for a demonstration.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

 

Published with consideration from TechAdvisory.org SOURCE

Microsoft not only builds robust productivity solutions for its customers, but it also prioritizes their security above all else. This year, the company invested a lot of money to protect Office 365 subscribers from increasingly sophisticated phishing scams. Read on to learn more about what they did.

Effective anti-phishing solutions must be able to recognize the key elements of a phishing attack, which includes spoofed (or forged) emails, compromised accounts, unsafe links, and harmful attachments. In April 2018, Microsoft upgraded Office 365’s Advanced Threat Protection (ATP) features so it can better detect these elements and prevent a wide variety of phishing scams. These enhancements include:

  • Anti-impersonation measures –ATP will now look for potential phishing indicators in an email, including the sender’s address, name, and links, to identify whether the user is being impersonated. You can specify high-profile targets within your organization, such as managers and C-level executives, so Office 365 can protect these users from email impersonation. Office 365 also utilizes machine learning to analyze a user’s email patterns and flag suspicious contacts that have had no prior correspondence with your company.
  • Anti-spoofing technology –This feature reviews and blocks senders that disguise their true email address. You can even enable safety tips that flag certain email domains that have strange characters. For instance, if your real domain is Acme.com, a spoofed domain could be Acḿcom.
  • Email link scanning –Office 365 launched Safe Links, which scans emails for fraudulent links and redirects users to a safe page in case it does contain harmful materials. This feature also applies to email attachments, ensuring you’re protected against all types of phishing scams.

 

Due to these improvements, Office 365 had the lowest phish rate among other well-known email services between May 1 and September 16, 2018. The company has stopped over five billion phishing attempts and protected users against seven billion potentially malicious links. If you’re looking for a secure email platform, Office 365 is the best option for your business.

That said, it’s not a substitute for good security awareness. No matter how secure Office 365 is, employees still need to be adequately trained to recognize a phishing email when they see one. Hackers are constantly changing their tactics to evade Office 365’s detection systems, so it’s important that everyone is alert at all times.

If you need a well-fortified email service, we can implement and manage Office 365 for you. We even offer practical security advice to make sure your business, employees, and assets are safe and sound.  If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

When it comes to Internet security, most small businesses don’t have security policies in place. And considering that employee error is one of the most common causes of a security breach, it makes sense to implement rules your staff needs to follow. Here are four things your IT policies should cover.

Internet

In today’s business world, employees spend a lot of time on the internet. To ensure they’re not putting your business at risk, you need a clear set of web policies. This must limit internet use for business purposes only, prohibit unauthorized downloads, and restrict access to personal emails on company devices. You can also include recommended browsing practices and policies for using business devices on public wifi.

Email

Just like the Internet policy mentioned above, company email accounts should only be utilized for business use. That means your employees should never use it to send personal files, forward links, or perform any type of business-related activities outside their specific job role. Additionally, consider implementing a standard email signature for all employees. This not only creates brand cohesion on all outgoing emails, but also makes it easy to identify messages from other employees, thus preventing spear phishing.

Passwords

We’ve all heard the importance of a strong password time and time again. And this same principle should also apply to your employees. The reason is rather simple. Many employees will create the easiest to crack passwords for their business accounts. After all, if your organization gets hacked, it’s not their money or business at stake. So to encourage employees to create strong passwords, your policy should instruct them to include special characters, uppercase and lowercase letters, and numbers in their passwords.

Data

Whether or not you allow your employees to conduct work on their own devices, such as a smartphone or tablet, it is important to have a bring your own device (BYOD) policy. If your employees aren’t aware of your stance on BYOD, some are sure to assume they can conduct work-related tasks on their personal laptop or tablet. So have a BYOD policy and put it in the employee handbook. In addition to this, make sure to explain that data on any workstation is business property. This means employees aren’t allowed to remove or copy it without your authorization.

We hope these four policies shed some light on the industry’s best security practices. If you’d like more tips or are interested in a security audit of your business, give us a call.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

 

Published with consideration from TechAdvisory.org SOURCE

 

The volume of malicious cyber attacks is increasing every year. Although many companies use the latest network security systems, they aren’t immune to the hackers’ favorite strategy — social engineering. Unlike malware, social engineering tricks people into volunteering sensitive data. Here’s what you should know to protect your business.

Phishing

This is the most frequently used social engineering attack, especially against small businesses. Check out these frightening statistics:

 

How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information like names, addresses, login information, social security, and credit card numbers.

To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources, but they are wolves in sheep’s clothing.

One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.

Tailgating

What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.

Quid pro quo

Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift, concert tickets, a T-shirt, or early access to a popular game in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gift is a cheap trinket or the tickets are fake, but damages from stolen information are all too real.

Pretexting

Fraudsters pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.

In spite of the many security measures available today, fraudsters and their social engineering schemes continue to haunt and harm many businesses. Thus, it’s best to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!

To shield your business from social engineering attacks or to learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

 

Published with consideration from TechAdvisory.org SOURCE

Office 365 comes with different storage and sharing options to make business owners more productive. Two of these are OneDrive and SharePoint, both of which have a long list of features and benefits. Which option is best for you? Keep reading for the answer.

Looking for a secure platform to manage your files? Where do you go for help? Should you choose SharePoint or settle for OneDrive instead? If any of those terms sound Greek to you, don’t worry. You don’t need a degree in computer science to figure it out. This article will give you the lowdown on what to expect from these services.

Both SharePoint and OneDrive are cloud-based services from Microsoft that allow you to store, share, and sync files across different devices. SharePoint was released in 2001 and reportedly has over 190 million users. OneDrive, on the other hand, was launched in 2007 and has more than 250 million users.

SharePoint is marketed mainly as a document management and storage system, but it can be configured to do much more than that. OneDrive, which was previously known as SkyDrive and Windows Live Folders, is part of the Office suite of online services.

What the two have in common
For starters, both platforms make use of Office 365 to help companies organize information and share this with others. To keep things secure, documents go to a cloud drive, so employees can easily track changes in a single file that is stored in one central location. One of the main reasons these platforms are so popular is because users can add comments and notes using real-time collaboration. Since data can be synchronized and is readily available, everyone sees the most up-to-date information regardless of how they view the document.

With OneDrive, it’s personal
OneDrive makes use of a SharePoint backdrop to work. This connects the two programs. The difference is that OneDrive is made for an individual, and the user remains in control even if the file is shared to different people. This means multiple teams can collaborate simultaneously as long as the original owner shares the document via a secure link. That person determines who can edit and view the file.

There’s more to SharePoint
With SharePoint, employees throughout the company can view and edit the stored file. Changes are tracked and higher-ups will know who is working on the document. This is ideal for human resource surveys or updates that need the attention of other team members.

With SharePoint and OneDrive, businesses can improve the way they work. If you want to learn how online document sharing programs can improve your company’s visibility and productivity, get in touch with us now. We’re here for you.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Whether you’re a newbie or an expert in search engine optimization (SEO), the field changes so often that it can be overwhelming. That can be pretty frustrating since businesses of any size need to get people to their sites in order to really grow in our web-driven culture. Thankfully, there are a few tried-and-true methods for improving your position in Google’s index.

Make sure you’re indexed by Google

Go to Google.com and search ‘site:’ with your website domain listed after the colon (example: ‘site:acme.com’). If you don’t see any results from your page listed, that means Google hasn’t added your site to its search results yet. Although some advisers recommend filling out a request form that Google offers, there is a much faster way to get recognized by the search giant.

Google is constantly scanning web pages for updates in content to include in their search results. When they see a link to an external site on one of their already indexed pages, Google will add that link to the queue of new sites to be scanned and indexed. If you can get your domain name linked on a popular or trusted page, you’ll start seeing your page in the search results in no time.

Go out and get more links

The more links to your site from external pages, the higher you climb in the search results. Other than getting affiliate businesses to link you on their pages, consider managing a blog or RSS feed. Content generation not only promotes interest and traffic in your site, it also lets you submit yourself to blog directories or news aggregator sites like Feedly and Alltop which compile source materials and get you those external links.

Fine-tune your content

Be very careful not to change any of your core ‘permalinks’. If users have links that direct them to pages that can’t be found, it could affect your site’s ranking. Keep your pages live, and keep them named efficiently. Some website platforms, like WordPress, use default link structures that create complicated, number-based links that can be off-putting to users and confusing to administrators and search engine indexers. If possible, make sure your links use category and page title references for more appealing links and organizational structure.

Measure and track your ranking

Just because you believe your site has achieved a desirable ranking on Google doesn’t mean it will stay there. Stay proactive and never let yourself get lazy with your content production, site management, and SEO monitoring — it could mean the difference between moving up the search page, and disappearing from it altogether. Online tools like Cyfe and Google Analytics give you a more in-depth look at your site traffic and external links so you’re always ahead of the competition.

Optimizing your Google page indexing can be daunting. For more information on how to get your site moving up the ladder. Contact us today.

Published with consideration from TechAdvisory.org SOURCE

Smartphones are like palm-sized computers, and they deserve the same protection as desktops and laptops. While you don’t need to install bulky security software to protect against cyberthreats, there are steps you can take to keep cybercriminals at bay.

Mobile malware MO

Mobile malware can be as harmful to a business’s network as infected desktops and laptops. Potential problems include overcharges on phone bills, stolen data, intercepting messages, tricking users with phishing attacks, and sending fake notifications to one’s contact list.

Most malware comes from applications downloaded from third-party app stores and give hackers access to passwords, user account information, and other sensitive personal data. Since many business users link their Android devices to each other, malware could transfer from one device to the next.

Who is responsible?

The burden doesn’t fall solely on smartphone users. App stores such as Google Play Store are responsible, too, such as in the case of the malware-ridden banking and weather apps that were downloaded from the Google Play Store. In these cases, the companies that were affected were urged to provide updates regarding the malicious apps so they could be removed from the store.

How to avoid being victimized by malware

The Google Play Store isn’t 100% secure, but downloading from established app stores — and not from little-known and less secure ones — reduces the probability of downloading malicious apps. In cases when an infected app makes its way to the store and starts getting lots of downloads, Google will be quick to remove it from the store and make everyone aware of it.

Despite app stores’ best efforts, it’s nearly impossible to prevent mobile malware from getting through to the store. That’s why it pays to read user reviews where infected users post detailed warnings. Also, regularly updating your mobile device’s operating system and security software helps prevent infection as the latest versions of those are patched against the latest known threats in app stores and elsewhere online.

Malware doesn’t discriminate, so regardless of your computer or mobile device of choice, it will find a way to infect you if your software isn’t up to date. To find out whether your business devices are safe and fully protected, consult our cybersecurity experts today.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE