Tag: Tip of the Week

Categories
Security

Tip of the Week: 9 Hacker Profiles You Need to Be Aware Of

b2ap3_thumbnail_cybercrime_classificiations_400.jpg “Hacker” is a word that can bring up many powerful impressions in people. It may very well bring up images of a pale super genius hunched over a keyboard, awash in dim blue light, as it does for many people. However, this extremely specific image does little but pigeonhole the many hackers in the real world into this dramatized caricature.

In reality, there are many different kinds of hacker, each with a preferred target and reason for doing what they do. For your part, it helps to be familiar with the 10 types of hackers you have a chance to encounter.

Amateurs

  • Script Kiddies: There’s a reason that this type of hacker is under the “amateur” heading. These are the hackers who are capable of little more than piggybacking onto larger efforts, or dabbling in the more basic forms of cybercrime. They are little more than nuisances, compared to their hacking compatriots.

The Good Guys

  • White Hats: These ethical hackers, usually security researchers, are those that help the average user by using their skills to keep threats at bay.

Political Players

  • Hacktivists: Using DDoS attacks and website vandalism to humiliate and hobble their targets, these actors are usually part of a larger group, working towards an ideologically driven common cause.
  • Nationalist Hackers: These actors are those that, thanks to their sympathies and patriotic motives, are often given a pass by law enforcement.
  • Nation State Agents: These typically work for a government body, usually in a military or intelligence capacity. They have access to great capital resources, but will not hesitate to use common tools as well.

The Criminals

  • Cyber Mercenaries: These are hackers-for-hire, who will be brought on to assist other cybercriminals for a share of whatever ill-gotten gains there are to be had.
  • Repeat Offenders: These hackers are skilled, yet disorganized, which keeps them from obtaining the profits that other varieties of hackers do.
  • Organized Crime: These are criminal organizations that focus on cybercrime, with a hierarchy that allows them to reap great profits from their schemes.
  • Malicious Insider: These are the criminals who sit inside your walls, actively working to sabotage your efforts and leak critical information to your competition, often for personal motivations.

These malicious insiders are easily the most dangerous threat to an SMB, but that doesn’t mean that the others don’t cause problems as well. In order to keep them all at bay, you will not only need to encourage diligence in the workplace, but also protect that workplace with comprehensive security solutions.

The experts at COMPANYNAME are ready to assist you in securing your business assets against external influences. Call PHONENUMBER to get started.

Categories
Best Practices

Tip of the Week: How to Be Active and Proactive With Your Network Security

b2ap3_thumbnail_net_security_tips_400.jpg Security troubles have many causes, but the only way to protect your business from any of them is to implement a comprehensive enterprise-level security solution. There are two other ways that you can work to protect your business, implementing software patches, and avoiding social engineering attempts.

Applying Software Patches
It should be clear that software patches are designed to fix security problems and improve the functionality of the software, but some organizations simply don’t have time to implement them manually, or they simply don’t understand the purpose for them. Part of the problem is that sometimes the developers aren’t necessarily clear that patches are available, while other times those within your organization may not even know how to administer them. Regardless of the reason, there are usually problems on a network that will go unattended for extended periods of time.

Most hackers only want to take advantage of the issues they can detect. Thus, there could be countless threats out there designed to target countless unpatched vulnerabilities on your network that not even the hackers can know about. It makes sense for a hacker to use just one exploit to target a handful of vulnerabilities. Therefore, it’s important to make sure that all software that you use is updated and patched.

Additionally, your systems shouldn’t be running unused programs. The more software you have, the more ways hackers can take advantage of your organization’s network vulnerabilities. Moreover, you might even be wasting revenue on renewing software licenses that you don’t even need, so it’s best perform a network audit from time to time to get the worthless software off your infrastructure.

Dodging Social Engineering Attempts
Social engineering is broadly categorized as any method that takes advantage of unprepared users or those who are ignorant of solid network security practices. Examples include a phone call or email message claiming that the network has been breached by a foreign entity and that “tech support” needs to remote into the computer and resolve the issue. There are other, more subtle methods as well, such as targeted spear phishing attacks that go after specific users with personal information that convince them that the hacker is someone in authority.

These types of attacks vary in sophistication, but they can range anywhere from an employee receiving a message claiming that they’ve won a prize, to the intruder physically following your employees into the office and stealing sensitive data manually. In instances like these, a little bit of employee training can go a long way. Teach them to look for anything suspicious, and inform them that vigilance is incredibly important in the workplace.

These two security improvements barely scratch the surface of what your organization should be focusing on for network security. If you want to fully protect your business to the best of your ability, give us a call at PHONENUMBER.

Categories
Best Practices

Tip of the Week: You May Want to Remove Your Wi-Fi Information From the WiGLE Database

b2ap3_thumbnail_ssid_name_400.jpg The next time you look at your device’s available Wi-Fi connections when in public, take a look at what some of the local connection names are. Chances are that you’ll see some names that match a nearby organization or family. Others might still be using the default SSID, like Linksys/Netgear-something-or-other. Others might get a little more creative. The latter example may have the right idea; using an obscure wireless network name is much more secure than naming your connection after what it’s associated with.

That’s not to say that those who have named their home Wi-Fi networks things like “FBI Surveillance Van 3” or “Pretty Fly for a Wi-Fi” are in the right, but you get the idea. Instead of misleading people with your SSID, you want to think of your wireless network’s name as a shield against possible hacking attacks. In fact, it’s recommended that you don’t broadcast it at all if you can help it, but this isn’t always an option–especially for organizations that offer Wi-Fi to the public as part of their consumer obligation.

One website in particular highlights the importance of naming your Wi-Fi network something inconspicuous. A service called WiGLE collects information from wireless networks and compiles it in an online database that’s searchable. WiGLE also offers software solutions that can map, query, and update these databases. Among the uses for WiGLE are: educating the public, research projects, site surveys, journalism, analyzing wireless usage, and finding usable networks while on the go.

Knowing that a tool like this exists, should make you stop and ask several questions. If your wireless network’s data is being collected, is it at risk? Is it something that you should be worried about? How do you remove your business’s wireless network from WiGLE? Well, WiGLE has posted answers to all of these questions:

“If your network is in WiGLE and you don’t like it, we’ll take it out immediately, but you should look into making your network harder to detect AND more secure; remember that you’re the one bombarding passers-by with your signal. We aren’t affiliated directly with any particular community or interest (other than our own), but we applaud the efforts of the people who wrote the stumbling software that feeds our project, the people looking to use wireless in innovative ways, and especially the community of people who just dig wireless network access and dig sharing it.”

To learn more, you can access the website here.

What are your thoughts on WiGLE? Let us know in the comments, and be sure to reach out to us for help securing your company’s wireless network.

Are you confident in the security of your wireless network? Don’t hesitate to call us at PHONENUMBER if you feel it’s time to audit one of your most targetable entry-points.

Categories
How To

Tip of the Week: Browse Incognito Mode Better By Enabling Your Extensions

b2ap3_thumbnail_extensions_in_incognito_mode_400.jpg Fans of Google Chrome are familiar with using Incognito mode to cover their tracks and keep their Internet browsing private. Although, one downside of Incognito mode is that it disables your browser’s extensions by default. If this has been an annoyance for you, then you’ll be pleased to learn that switching on your extensions for Incognito Mode is easy to do.

Incognito mode might be a great way to browse the Internet with some semblance of privacy, but if it’s at the cost of your efficient browsing thanks to extensions, it’s somewhat unfortunate. Thankfully, there is a very simple way to make sure that your extensions work at all times, even when in Incognito mode.

Just follow these short directions and you’ll have extensions in your browser during Incognito mode:

  • Click Chrome’s menu button
  • Make your way to the More Tools
  • Click on Extensions
  • Go through the extensions and find the one that you want to enable in Incognito mode
  • Click on the Allow in Incognito Mode button

Well, there you have it. Now you can use your extensions even while in Incognito mode! Just keep in mind that there’s probably a very good reason why Google Chrome blocks extensions by default, so try to limit it to only extensions that you absolutely trust. The last thing you need is a security discrepancy caused by you trying to find a more convenient way to go about your daily business.

For more great tips and tricks to help you get the most out of your technology, subscribe to COMPANYNAME’s blog.

Categories
How To

Tip of the Week: How to Prevent Windows 10 From Restarting While You’re Working

b2ap3_thumbnail_restart_windows_10_400.jpg How many times has this happened to you: you’ve walked back to your home or work PC after taking a break, only to find that Windows 10 installed new updates and automatically restarted? Thanks to Windows 10’s notoriously aggressive update behavior, any work that wasn’t saved was lost forever. It can be very frustrating to lose a project that you’ve spent hours on, through no fault of your own. Luckily, there are steps you can take to easily create a restart schedule.

In the fall of 2016, Microsoft issued an Anniversary Update to the Windows 10 OS. With this update, Microsoft included a new feature called “Active Hours.” Active Hours was created to let users specify the times when they’re more likely to be using their computers. In order to set up an Active Hours restart schedule, ensure that your computer has the Anniversary update installed (check your PC settings to see if it has already present). If you need help installing Windows 10 Anniversary, you can download this Update Assistant on Microsoft’s website: https://www.microsoft.com/en-us/windows/features.

After Windows 10 Anniversary is properly installed, follow these steps to setup Active Hours on your PC:

  1. Click on the Start menu and then the Settings. As a shortcut, you can also use Windows key + i on your keyboard.
  2. Next, select Update & Security.
    ib win 10 1
  3. Under the Windows Update tab, which will show up automatically, you’ll see a link to Change active hours. Click that.
    ib win 10 2
  4. From there, you can set your active hours (note: time lengths exceeding 12 hours will be marked as invalid).
    ib win 10 3
  5. Click Save to confirm your changes.

Now your PC will not install updates during those specified hours. But again, at most, you’re only covered for a 12-hour period. So, what about those times when you need to pull an all-nighter to complete a project? Not only can Windows 10 updates interrupt your productivity, they can also take a long time to install. To further prevent unwanted installations and restarts, you can also adjust your restart settings.

To change your restart settings, you’ll need to stay in the Update & Security section of your PC settings. Next:

  1. Click on Restart options, which is located under Change active hours.
    ib win 10 4
  2. Turn the feature On.
    ib win 10 5
  3. Next, set the day and time when you’d like Windows to finish installing updates. There is no need to save anything. As long as the switch is set to On, you’re all set.
    ib win 10 6

If you find that the On/Off switch is grayed out and you aren’t able to adjust it, this means that there are no new updates available at that time. In other words, you won’t have to worry about updates finishing up and forcing your PC to restart. Be sure to keep an eye on your restart options if you are planning to burn the candle at both ends.

There you have it. Windows 10 will no longer be able to bully you into halting your productivity. For more tips on how to avoid downtime for your hardware, give COMPANYNAME a call at PHONENUMBER.

Categories
Best Practices

Tip of the Week: Worried About Identity Theft at Work? Follow These Tips for Peace of Mind

b2ap3_thumbnail_protect_your_workers_identities_400.jpg The Bureau of Justice estimated that five percent of the entire U.S. population were victimized by identity thieves, a total of 11.7 million people. While the methods of collecting the data that identity thieves need to commit their crime vary from dumpster diving for carelessly discarded documents, to email phishing scams, there is a particular target that can easily supply them with the data they will need: the workplace.

While many businesses must collect a lot of personal data from their clients for billing purposes, their employees are also made vulnerable if some of that data was to be absconded with. After all, in order to properly pay an employee for their work, an employer will need a lot of their personally identifiable information on record. As a result, a workplace becomes a high-value target for someone seeking the data necessary to complete fraudulent actions in someone else’s name and becomes the responsibility of the entire business to safeguard that data, for the sake of their employees and their clients.

To that end, every employee should be educated in the best practices for protecting a company’s trove of sensitive information, and policies need to be implemented and enforced to ensure that these best practices are followed. To get you started with securing your office, make sure these four best practices are followed by everyone associated with your company.

Don’t Leave Workstations Unattended
Computers need to be locked and only accessible by its user’s password. Otherwise, anyone (be it a less-than-trustworthy employee or someone off the street stumbling across an opportunity) could access that workstation and any company documents available to that employee.

Go Paperless
Identity thieves love paper trails. Whether it be copies of sensitive files that make their way to the trash, or even documents that get left lying around the office, the fact of the matter is that having paper copies of sensitive information only increases the risk that this information will get stolen. Going paperless is a way to minimize this risk entirely.

Train Employees to Know What Email Scams Looks Like
Scams targeting email inboxes are some of the top ways that identities are compromised. Therefore, in addition to having a good spam blocking solution in place, you’re going to want to make sure that every worker knows what an email scam looks like so they won’t fall for one. You may know how to spot an obvious email scam, like an unsolicited email requesting sensitive information, but how sure are you that your staff knows what a scam looks like as well?

Implement Enterprise-Level Security Solutions
Without proactive solutions in place to protect your company’s sensitive data, it could easily fall into the wrong hands if a hacker breached your network. Every business needs to have security tools in place like antivirus, firewalls, spam-blocking, and content filtering. Thankfully, a solution like a Unified Threat Management tool offers businesses an easy way to get this kind of comprehensive protection in one easy-to-implement package!

Of course, there are many other steps to take to prevent your workplace from becoming an identity thief’s jackpot. COMPANYNAME can help advise you on the other steps your business needs to take in order to keep the identities it deals with properly protected. Call us today at PHONENUMBER for more information on the steps you need to take to prevent identity theft.

Categories
Business

Tip of the Week: Maximize Workflow By Rethinking Your Office Layout

b2ap3_thumbnail_office_setup_design_400.jpg Of all the potential causes for a deficit within the office environment, the physical office itself isn’t likely to first come to mind. Even so, the value of establishing certain practical design and organization strategies have shown to improve employee morale, collaboration, and productivity. While these solutions may not be for every office, if your company is experiencing hindrances in productivity, these tactics may be beneficial implementations to incorporate within your business.

Keep it Clear
Are the desks in your office cluttered with papers, equipment, and other items that are keeping employees from completing their work? If so, it may be time to distribute more storage solutions to encourage your employees to keep their desk clear and relatively distraction free. Otherwise, you could institute the many solutions available to help your business go paperless. Document management solutions can allow many employees to access, edit, and collaborate on the same document without the expense and mess of multiple paper copies.

If office clutter is caused more by the equipment your employees use, there are a variety of solutions that can assist in reducing the amount of real estate this equipment takes up. Office telephony is clunky and expensive and may easily be replaced by a space- and cost-efficient, hosted VoIP solution. As far as wires are concerned, if not properly managed, they can quickly become a distracting waste of space. Fortunately, there is a trend in manufacturing to assist in managing and concealing wires at the workstation. If data storage, whether it’s incorporated into each employee’s workstation or housed in a large on-premises drive, is creating a space deficit, a cloud solution can reduce the amount of in-house storage needed to maintain operations.

Provide Spaces to Collaborate
If your business needs to keep its lines clear to contact clients, limiting the availability of VoIP communication, or if a face-to-face conversation is simply the more effective option when it comes to collaborating on a project, it is best to have a space dedicated to communal work. This can be as simple as a large table set aside for groups to utilize, or as complex as mobile workstations and adjustable equipment. A highly effective approach to encouraging positive, organized group work is a concept known as a war room.

A war room is simply a dedicated space designed to engage the spatial memory of those using it. By putting a certain piece of information in a certain space, it becomes easier to remember. By filling a room with whiteboards (or even rolling whiteboards) and movable furniture, you create the ideal space for a group to meet and create a plan that can be referenced and adjusted as needed.

Prepare for the Worst
If disaster struck your office, be it fire, flood, or failure of some essential equipment, would you still have a way to safely access your data in order to continue your operations? These circumstances, along with any others that would qualify as a disaster, are why one of your most important office setup considerations should be completely removed from the office. To fully protect your data, the most advisable course of action is to use an off-premises, isolated backup solution that can restore your data, should it ever be lost.

While many considerations are totally yours to act upon when setting up a workspace, COMPANYNAME can provide the expertise to be sure any of your technical systems will meet the very high standards you need them to reach. Give us a call at PHONENUMBER for help with any of your technology needs.

Categories
How To

Tip of the Week: How to Know if You’ve Experienced a Data Breach

b2ap3_thumbnail_breach_of_your_security_400.jpg Your data is vital to the success of your business, and as such, it needs to be protected. Can you identify the warning signs that someone has managed to get past your protections to access your data?

According to the Identity Theft Resource Center, or ITRC, there were 781 data breaches in 2015 within the United States alone. This marked the second-highest number since 2005, when the ITRC began to track these occurrences. Of particular interest, the ITRC report noted that, in 2015, the business sector saw the highest percentage of publically reported breaches with almost 40 percent of all reports coming from business organizations. What’s more, motive analysis saw that more and more thieves sought financial gain through accessing sensitive personal data.

Presumably, the report for 2016 should show more of the same.

Business owners should therefore be extremely cautious and prepared when it comes to possible data breaches, not only in terms of preventing them but also in terms of identifying them within their organizations. What follows are some best practices to assist you in determining if a data breach has occurred on your systems.

First, determine what is normal within your systems.
After all, you will need to know what is right to identify if something is going wrong. This can be largely accomplished by familiarizing yourself with the typical goings-on of your employees at different times of day, and with different levels of access.

Keep an eye out for unusual activity.
There are numerous warning signs that a data breach has occurred in your systems. These warnings might be as subtle as a piece of equipment suddenly becoming slower. They may include:

  • Unusual/unapproved programs: If there are suddenly unauthorized programs appearing on the company’s workstations, you may have a breach. You must be diligent in keeping an eye out for such red flags, as well as encouraging employees to do the same by insisting that they report any sudden appearances of new software that were not mandated by the company.
  • Unexplained “employee” activity: Have records suddenly shown users logging on to the system at odd times and from odd locations? Are your accounts being altered without your knowledge or approval? Have employees suddenly had unexplainable difficulties in remembering their passwords? These are also indicators that your system has been breached.
  • Other breach attempts: Have you had to fend off an overt cyber attack recently, such as a Distributed Denial of Service attack? If so, these attempts may have served a secondary purpose as a smokescreen to conceal a more insidious attack. It’s becoming a best practice to assume that an attack isn’t over, even when it’s over (because it may not be).

Educate your employees.
The first and last line of defense against most cyber threats is educated vigilance, including from your end users. Make sure your employees are also aware of the signs of a data breach, as well as other security threats. COMPANYNAME can help you to keep your systems safe from these attacks as well. To see what we can set up to keep you secure, reach out to us at PHONENUMBER.

Categories
Technology

Tip of the Week: Every Mobile Device Policy Needs to Cover These 3 Areas

b2ap3_thumbnail_smb_mobile_400.jpg Smartphones, laptops, tablets, and other mobile technology are practically necessities in today’s modern workplace; especially if you want to keep productivity flowing at all times. However, implementing mobile devices into your workplace infrastructure is more complicated than it sounds, especially if you want to preserve security. Here are three topics to consider when implementing mobile devices in the workplace.

Data Security
One of the key concerns that any business using mobile devices needs to account for is security. When you add new devices to your business’s network, you’re adding endpoints that could potentially fall victim to hacking attacks. The more devices that are connected to a network, the more patches and updates that need to be installed in order to maintain security. Basically, adding new devices means more work, and more work can lead to cut corners, which inevitably leads to compromised devices.

A mobile device management solution is capable of securing all of your organization’s devices, be they smartphones or laptops. It’s the easiest way to manage access to mission-critical data, whitelist and blacklist apps, and remotely wipe devices that have been compromised.

Connectivity
When you’re taking mobile devices out of the office, you need to consider how your employees (and yourself) are going to connect to sensitive corporate data. While you could just connect to your cloud solution through a public Wi-Fi connection, this is discouraged, as public Wi-Fi can often be compromised. You never know who else could be on the network, watching your every move.

In instances like these, a virtual private network (VPN) is a valuable tool. With a VPN, you can access your network’s data over an encrypted connection, meaning that as long as you are connected to a wireless network, the data sent to and from your device will be secured so that any onlookers won’t be able to do anything with your data. The data sent to your device is encrypted and then decrypted upon arrival, so if any hackers try to steal it in transit, they’ll only get a jumbled batch of letters and numbers.

Cloud Access
Of course, you’ll need access to your organization’s data, especially when you’re out of the office and using several different devices. To do so, you need a cloud solution that allows your business to share and collaborate on files in real time, across multiple platforms. Most importantly, you want to ensure that your team can open crucial data that’s needed to keep operations moving forward, even when out of the office. A dynamic cloud solution–either public, private, or hybrid–is the key to solving this pain point. Depending on your business’s specific needs, you’ll want one that prioritizes the functionality and security your business requires.

For all of your business’s mobile device security needs, you can contact COMPANYNAME. We’ll work with you to ensure that your devices aren’t putting your business’s data at risk. To learn more, reach out to us at PHONENUMBER.

Categories
How To

Tip of the Week: What to Do When Your Device Won’t Connect to Wi-Fi

b2ap3_thumbnail_check_your_wifi_strength_400.jpg Wi-Fi deadspots are very real, and tend to be annoying, fickle things. Despite maybe a wireless signal being strong enough for everyone else in a room to receive it, something may be interfering with the device. As a result, the Wi-Fi simply isn’t sufficiently strong enough to connect the device to the Internet. Fortunately, there are a few troubleshooting steps that may be taken to resolve the connection’s cutback.

Step One: Check Your Positioning
The first step to any Wi-Fi troubleshooting is to make sure that the router is located far enough away from any other electronic devices, as these devices can negatively influence the strength of the signal. This is especially true when these devices are positioned between the router and the workstation it is connecting to. Walls and floors can also affect the signal–the thicker the obstruction, the weaker the signal.

A relatively simple fix, especially when the router needs to be shared by multiple floors, is to elevate its position on the lower level. This reduces the amount of space the signal will have to cover before passing through the ceiling/floor (ideally without issue), as well as the amount of obstacles it has to contend with to reach the users on the level it is on.

Step Two: Antenna Adjustments
If a router (or PC) has an external antenna, it may be beneficial to adjust the antenna’s position until the signal’s sweet spot is found. Opinions of optimal antenna orientation vary, so it’s likely that the user will need to find the ideal alignment through some good, old-fashioned trial and error.

If that still isn’t effective enough to resolve the deadspot issue, there’s always the option of replacing the antenna itself. By simply unscrewing the included antenna and replacing it with a stronger model (or if absolutely necessary, a stand-alone antenna and extension cord combo), you can hopefully extend your reception out of your poorly-placed dead zone. After these adjustments are implemented, a device can pick up a signal that–under normal circumstances–would be out of reach.

If the equipment in question doesn’t have an adjustable antenna, there are USB adapters available to plug into a device that can work similarly to how the standalone and extension cord setup can, thanks to their longer USB connection cords.

If these adjustments still don’t deliver satisfactory results, it may be worth it to consider investing in a Wi-Fi extender. Rather than trying to maneuver a router and receiver to make a better connection, using a Wi-Fi extender means there only has to be a clear signal to each device from the extender’s position. This is a very effective solution if an immovable obstacle (say, for example, a wall) is blocking the signal, as the extender can create a detour around the obstacle, preserving the signal quality.

Step Three: Upgrades and Updates
Finally, check the router and adapters themselves. While age shouldn’t have too much effect on their performance, it could eventually develop into a problem if left unaddressed. Therefore, like all other office solutions, the costs associated with regularly upgrading equipment will likely be well worth the investment. However, if the equipment in question is too new to warrant a complete replacement, or hasn’t had its firmware upgraded in a while, it’s worth checking with the manufacturer or online for any updates that have been made to the device’s firmware or drivers.

With these practices at your disposal, your Wi-Fi isn’t likely to cause many problems in your office again. If you still can’t get your Wi-Fi to work as intended, COMPANYNAME would be happy to help. To learn more, reach out to us at PHONENUMBER.