Computer Security – Why Defense in Depth is the Best Approach
Posted by on Nov 12, 2017
Computer Security – Why Defense in Depth is the Best Approach Here on “Patch Tuesday”, we’re going to discuss an important topic that we touched on briefly last week. We believe “Defense in Depth”, as applied to computer security, is the best way to mitigate the risk of security exploits and breaches. We’re going to describe the rationale and specifics of this multi-layered approach….
Read MoreSecurity Alert – WordPress Website Vulnerability and How to Fix
Posted by on Nov 2, 2017
In this series of articles, we’ll address a timely security issue relevant to our clients. We’ll relate complex security topics in easy to understand terms. This article is being posted on November 3, 2017. WordPress SQL Injection Vulnerability v4.8.2 and Earlier WordPress versions 4.8.2 and earlier contain a serious SQL injection vulnerability. Websites using these versions of WordPress are exploitable remotely. It is not…
Read MoreMalware on Apple Mac, Android, and IoT
Posted by on Aug 19, 2017
Malware on Android, MacOS, and IoT In the news recently, we learned of new variants of malware on Apple Mac computers, Android phones and IoT (“Internet of Things”) devices. While malware and related security threats on these devices are not quite as numerous as on Windows devices – they exist – and we believe this represents a growing threat. In this article, we’ll discuss…
Read MoreSecurity Tip – Don’t rely solely on Two Factor Authentication (2FA)
Posted by on May 5, 2017
2FA can sometimes be bypassed due to bugs and weaknesses in implementation In the news this week, a criminal gang was able to exploit the public phone system to effectively bypass Two Factor Authentication (2FA) on some bank accounts. The attackers were able to exploit this issue and transfer money from accounts. What does this mean? What can you do about this? What is…
Read MoreDon’t Plug Unknown USB Drives Into Your Computer
Posted by on Apr 20, 2017
Don’t Plug Unknown USB Devices (Thumb or Flash Drives) Into Your Computer We’ve talked previously about general best practices for computer security, and at the top of the list is employee education and training. The best automated defenses cannot protect your systems, if the users inadvertently circumvent them. In today’s news, ArsTechnica reveals that the most widely exploited computer bug in the world is…
Read MoreDon’t Use Obsolete Hardware
Posted by on Apr 9, 2017
Don’t use obsolete hardware – it’s a security and reliability risk We’ve talked previously about why your business shouldn’t use obsolete software, but the same concept applies to hardware too. Just like out of date software, it’s a security risk. But it’s also a risk to availability (uptime). Don’t use obsolete hardware – it’s a security risk Network hardware such as switches, firewalls, routers,…
Read MoreWhy HTTPS is Important
Posted by on Apr 7, 2017
Why HTTPS is important for securing your website If you haven’t already, you’ll soon hear – using HTTPS is important. And this applies whether your browsing someone else’s website, or providing a website for your clients or customers. What does this mean? We’ll explain below. What is HTTP? HTTP is the Hypertext Transfer Protocol. It’s the internet protocol by which web pages are provided…
Read MoreDon’t Use Obsolete Software
Posted by on Mar 31, 2017
Don’t use obsolete software – it’s an extreme security risk In the news today – there’s still hundreds of thousands of instances of Windows Server 2003 in usage. And attackers are still finding, and exploiting security holes. This isn’t very different from the normal attack and defend cycle, but the primary difference here: Microsoft is no longer patching Windows Server 2003. It went “end…
Read MoreApple iCloud – Protect Accounts Related to Business
Posted by on Mar 26, 2017
Today in the news, a hacker group has claimed access to millions of Apple iCloud accounts, and is threatening to wipe the contents unless Apple pays a ransom by April 4th. This falls into the broad category of a “ransomware” attack, although it doesn’t involve a malware, it’s a cloud services compromise. As a business owner, we recommend you take the following action, if…
Read MoreSecurity Tip – Spotting Phishing Emails
Posted by on Mar 21, 2017
Nearly everyone is familiar with “phishing” emails. What’s “phishing”? It’s a technique attackers use to try and trick you into providing private or confidential information. We see these often. Here’s a typical example, received today in my Hotmail account. Take a look, and see how many red flags and trouble signs you can spot. Then scroll down for the answers. Overall, I’ll get this…
Read MoreTwitter – Protect your Account with Two Factor Authentication (2FA)
Posted by on Mar 16, 2017
Twitter – Protect your Account with Two Factor Authentication (2FA) In the news, today: several high profile Twitter accounts were hacked overnight, and used to post political messages. This is a concern for any business that uses Twitter – it’s a popular service, it’s a target for attackers, and it’s a direct line of communication to your clients or consumers. We’ll talk about how…
Read MoreWikileaks “Vault 7” and What It Means For Business Owners
Posted by on Mar 9, 2017
Wikileaks “Vault 7” – Here’s what you need to know as a business owner All major news sources today are commenting on the “Vault 7” information being made public by WikiLeaks. We’re not going to ponder the geo-political and legal aspects of this leak, but rather provide comment on what it means for the average small to medium business. Update 4/9/2017: As promised, Wikileaks…
Read MoreTop 5 Reasons Your Business Should Be Using a Password Manager
Posted by on Mar 7, 2017
Today we are going to talk about why your business should require all employees to use a Password Manager. If you read our previous article on passwords, “Why Does My Password Have to Change?”, you already know we recommend the following password best practices for all businesses: Passwords should be long, complex, random strings of alphanumeric and special characters (!#@$*) – to eliminate the…
Read MoreWhy Full Disk Encryption is a Good Idea
Posted by on Mar 6, 2017
Full Disk Encryption (FDE) has become easy to use with the latest versions of Windows 10 and MacOS. Why use full disk encryption? If your laptop is lost or stolen, you can ensure that your files are secure and cannot be read by someone unauthorized. Device theft or loss can of course happen to any device, but it’s certainly more likely to happen for…
Read MoreSecurity Alert – Cloudbleed – What you need to know
Posted by on Feb 25, 2017
In this series of articles, we’ll address a timely security issue relevant to our clients. We’ll relate complex security topics in easy to understand terms. This article is being posted on February 24th, 2017. UPDATE: 3/1/2017 – Cloudflare has released information attempting to quantify the scope and scale of the information released. They believe up to 150 of their largest customers were affected, and…
Read MoreWhy Does My Password Have to Change?
Posted by on Feb 22, 2017
Every business user is familiar with the toil and trouble of passwords – they’re long, they’re complicated, hard to type, and just about the time you can remember it – IT makes you change it. There are good reasons we do these things. In this article, we’ll review the reasons. It may not make your life any easier, but at least you’ll understand why…
Read MorePatch Tuesday – Windows Patching Explained
Posted by on Feb 17, 2017
Patch Tuesday – The Microsoft Windows patching release cycle What’s “Patch Tuesday“? Patch Tuesday is Microsoft’s regularly scheduled release cycle for bug and security fixes for your Windows desktop and server operating systems. For example, on Tuesday Sept 12, 2017, Microsoft released 82 patches for various versions of Windows, including Windows 10. Of those patches, at least one fixes an issue that is known…
Read MoreWhy Choose Virtual Operations?
Posted by on Jun 18, 2015
Although we are the number one IT services provider for many local companies, people who haven’t used us often have questions as to what value we can provide. Take a look at this 2-minute video to learn more about what we can do to make your business more efficient, saving you time and money! .
Read MoreIs Your Company’s Data and Devices Secure From Heartbleed?
Posted by on Aug 15, 2014
Heartbleed, one of the worst cyber security breaches in history, stealing millions of people’s personal information from popular websites. And it was all the result of an engineer making a simple mistake while coding a computer program called OpenSSL. OpenSSL’s functionality is to secure Web communication, yet the bug laid exposed within the code for two years, like a dormant disease, before hackers discovered…
Read More