Blog

Author Archive

Confused About All These Tech Terms: Information Technology Glossary

Confused About All These Tech Terms: Information Technology Glossary

In today’s world, everyone uses information technology. This is simply the technology behind our computers and networks including software and hardware. For businesses, it includes servers, data centers, and other technology to support their IT infrastructure.

Information Technology Glossary

In spite of its prevalence, many people are not familiar with some of the terminologies and terms used by IT experts. Below, we offer up a few of the most common expressions and give you easy-to-understand definitions. These are by no means a thorough explanation of the terms but they do provide an overall idea of what the word means.

Glossary

Artificial Intelligence-The development of computer systems that can perform tasks that would normally require a human. They include speech recognition, language translation, visual perception, and decision making skills.

BDR – This abbreviation stands for “backup and disaster recovery”. This is a plan where all hardware and software is regularly saved in both onsite and offsite locations. This can prevent data from actually being lost. If a data breach occurs, an IT specialist can restore the whole system from backed-up copies. This helps a business to get back up and running very quickly even after hurricanes or other disasters.

Big data-This term refers to extremely large data sets used for the purposes of analysis. This complex data processing is often completed by larger companies in order to reveal trends and patterns that can help them with upcoming marketing campaigns.

Breach (cyber) defense-Any method of protecting your networking and computing resources from intruders and hackers. This can include protection for your IT infrastructure along with antivirus software and firewalls. All known threats are analyzed, then strategies are formulated to stop these attacks before they occur. Most breach defense mechanisms include a planned response to any type of cyber-attack. A good breach defense will include strong measures to safeguard company assets.

Business Continuity– The ability for a business to continue its operations even when there is a cyber breach or other disaster that would normally cripple a company.

Cyber or security breach– An internet security breach where cyber thieves hack into your computer systems and steal data or plant malware. These breaches can cripple your organization and damage your data including customer records. Cyber breaches usually cost a business over one million dollars for each event and they damage the company’s reputation, harming the brand.

Dark Web– This is the Back Alley of the Internet. It is where illegal transactions often take place. Drugs and other contraband are sold on the Dark Web. Entry into this area requires a special browser known as Tor (The Onion) and special software to protect the user from the many dangerous threats that loom on the Dark Web.

Deep Web– Any content that is not indexed by Google bots including educational sites, email programs, company intranet, etc.

Hybrid Cloud-A cloud computing environment where a mixture of public and private cloud services are created to lower operating costs and gain access to a wider range of computing resources.

IT Infrastructure-This term includes all networking, servers, computers, software, hardware, and other technology used to manage and support all information technology resources.

Machine learning-This is a subset of artificial intelligence (AI) where a computer system automatically learns as it processes data. The computer doesn’t need to be explicitly programmed to achieve desired results. This science develops computer programs that can access data and learn while they’re working so that they evolve into smarter machines over time.

Malware– A combination of the words “malicious” and “software”. This term has come to refer to any type of software that was built for the specific intent of disrupting a company’s computer network and damaging computer equipment. It can include spyware, viruses, Trojan horses, worms, adware, and many other types of malicious software.

MSP– An IT Managed Service Provider (MSP) is a company that provides a full range of services to help businesses manage all their computer and network resources.

Outsourcing-The process of hiring an outside company to manage all aspects of networking, IT, communications, computers, servers, and other information technology.

Private Cloud-A private cloud refers to a cloud computing environment where a private IT infrastructure is created for one specific organization. It is usually managed with internal resources.

RPO– Recovery Point Objective is the maximum amount of time that data should be lost due to a natural or manmade disaster.

RTO– Recovery Time Objective is the maximum amount of time a business can be without its data (due to a natural or manmade disaster) before the business is at risk.

Ransomware-A type of malicious software where a cyber thief blocks the user’s access to his or her own computers, network, and data. The thief demands a ransom in order to restore full access to all computer systems. Money is extorted from business owners usually in the form of a cryptocurrency like Bitcoin which is untraceable. Ransomware attacks have escalated due to their overwhelming success. Normally, a Trojan disguised as a legitimate file, is accidentally downloaded. These can come as email attachments or links. One of the most dangerous Ransomware programs is called “WannaCry worm” and it can travel between computers with no user interaction.

Resolution Time-The amount of time it takes to resolve an issue, most often a security, network, or IT problem.

Response Time-The amount of time it takes for a service provider to respond to a call for service from one of its clients. Most IT providers guarantee specific response times as a perk to selecting their service over others.

Scalability-A company’s ability and flexibility to scale up or down as business needs arise.

SLA- A service-level agreement (SLA) is a contract between a customer and a service provider. It outlines the duties and responsibilities of the service provider and the terms of the contract. It includes the signatures of those in management from both entities.

Software bug-An error, fault, or flaw in a computer program that produces an unintended effect. Bugs are usually the result of mistakes by programmers when developing the source code. The term “debugging” is often used to describe the process of fixing software bugs.

Virtualization-Virtual Machines (VM) are created that look and behave exactly like the real thing. This can include servers, networks, operating systems, or storage devices. This allows a company to have a much more sophisticated IT infrastructure at lower costs. It also enables a business to enjoy the benefits of scalability. With virtualization, you can easily scale up or down as needed, so you only pay for services and equipment that you need at that time.

VPN– Virtual private networks (VPN) are built over public infrastructures to provide a higher level of security to the data transmitted. Usually, encryption is used to protect apps and data from intruders as the data is processed across the internet. There are numerous types of VPN, including Advanced VPN, PureVPN, Hotspot Shield, and ExpressVPN.

Zero Day Threats– This is a threat exploiting vulnerabilities within computer security systems. The term is derived from the word “zeroth”, which is the time of the exploitation. It occurs either before or on the first day the developer becomes aware of it. Therefore, there is no security fix for the threat due to the fact that developers are completely unaware of its existence. A number of different vectors can be used in a zero day attack. These attacks are usually instigated by well-known hacker groups who take pride in being able to outsmart developers.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Thinking About Moving Everything to the Cloud?

Thinking About Moving Everything to the Cloud?

Check Out These Pros and Cons First.

Many of today’s business owners have decided to move their IT infrastructure to the cloud. In a large company, the number of services and workloads can be staggering, making the transformation a hugely complex procedure. Even in smaller businesses, there are pitfalls to be aware of. If you know about these before you begin, then you can avoid some costly mistakes.

Thunder Clouds

Remember that all clouds do not have silver linings. Some are just big ole thunderclouds that are about to dump 10 inches of rain on your parade. If you understand the issues and complications that can crop up, then you can bring your umbrella and escape getting all wet. If not, you may be in for some rainy days ahead.

What are the benefits?

Migrating to the cloud can deliver some “big-company benefits” that small businesses need these days in order to compete in the global marketplace. However, as many business owners have learned, there can be security issues, unexpected costs, and other snafus. The most successful cloud migration approach involves careful planning. It’s often a great idea to engage with some experts in cloud technology to help you. These experts understand what’s required and they’re familiar with cloud best practices. They can help you optimize the migration process.

You also need clear heads who can keep you on the right road. Why are you moving to the cloud? Most business owners will answer that they’re hoping to reduce their infrastructure costs. That’s a good reason and the primary motivation behind most moves. The problem is that somewhere during the move, it’s easy to lose sight of these basic fundamentals. Cost reduction does occur for most companies but it’s not a guarantee.

If the process is carried out incorrectly and/or the wrong cloud management maturity roadmap is followed, you could wind up in a ditch instead of on cloud 9.

The hybrid infrastructure strategy

Digital transformation and hybrid architecture – these are terms that many business owners struggle with. Though you’re probably an exceptional CEO, manager, or small business owner, if your expertise is not in the realm of Information Technology, hire a pro. In the midst of moving to the cloud, you need to know that everything is being done according to best practices. The diverse environments of infrastructure and operations (I&O) present numerous challenges.

Before you move everything to the cloud, consider the following:

  • The full cost of this process including hidden expenses
  • On-premise vs. public cloud
  • The security of your data
  • Bandwidth availability
  • Ownership of the data
  • Availability of moving the data
  • Developing a multi-year strategy that includes ongoing ROI

The cloud roadmap

In order to seamlessly migrate your physical infrastructures to private, public, and multi-cloud environments, you must first decide which services and applications are best suited for the cloud. Not every application is a good fit for the cloud. A good operational model will help your select the right services and apps based on their unique requirements. In other words, you need a good solid roadmap that outlines what will be moved, when it will be moved, and whether you have the right security to protect all your data throughout the process.

This is especially important in industries where compliance is a factor, such as the healthcare industry. One HIPAA violation can be expensive but a good IT specialist will make sure that all data both in and out of the cloud is well-protected.

Assess the risks

Begin your cloud journey with an assessment of your current business network and IT technology. Include your current resources, along with the maturity of your processes and people. Consider these questions:

  • Which services and applications can best benefit from migrating to Azure, AWS, or other cloud platforms?
  • How will you manage third-party vendors to prevent data leaks?
  • Do you have an IT team or outsourced IT provider with the right experience for this job?
  • Should you migrate everything at once or do it in stages?
  • Have you considered whether your new cloud environment is viable for both the short- and long-term?
  • Can your new cloud infrastructure support growth?

Hybrid infrastructure offers unique benefits to business owners. But it’s not a solution that will fix every IT problem you have. Instead, it’s more of a strategy for ensuring that your business can compete in a global marketplace.

Cloud solutions and hybrid architecture aside, no one can predict the future. But it’s a good bet that cloud technology will evolve rapidly and your new cloud solution should be able to grow right along with it. That means flexibility. And, it should continuously assess your network security and compliance to relevant regulations. One single data breach these days can cost a million dollars.

What to do next

Before you take the next step, it can be highly beneficial to engage with cloud experts who have completed this journey for other companies. When you work with experienced professionals, they’ll guide you down the right path. As you move your applications and services over to the cloud environment, they will advise you every step of the way.

This can eliminate a lot of the worry and stress, plus it usually helps you to complete the process without wasting precious time, money, and resources. Know where you’re going before you begin your journey and the cloud transformation can be an exciting new adventure for your business.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Microsoft Office 365 Service Trust Portal: What It Is and How It Works

Microsoft Office 365 Service Trust Portal: What It Is and How It Works

Data protection and compliance is a major concern for organizations worldwide. With the introduction of the Service Trust Portal, organizations working to support or protect the privacy rights of individuals in Microsoft’s online environment can now rest easy.

Defining the Service Trust Portal

This is a one-stop shop for security, regulatory compliance, and privacy information related to the Microsoft Cloud. The Service Trust Portal, also referred to simply as STP, is a service feature available within Microsoft Office 365 that provides current and prospective users of the platform with a wealth of insight into how the tech giant manages privacy, compliance, and security.

This platform is the location where Microsoft shares information that organizations need to perform due diligence and evaluate all of Microsoft’s cloud services. Microsoft has launched this service as a way to help improve transparency, enhance understanding, and simplify assessments for its users.

What is contained on the STP

The Microsoft Service Trust Portal (STP) contains quite a bit of useful information aggregated from all across the Microsoft cloud services. It also has tools and other resources that organizations need for all things concerning security, compliance, and privacy.

Detailed information

STP is home to in-depth information regarding Microsoft’s way of managing security and how you can access it as a user. The portal has information about compliance and privacy within the Office 365 environment, with the goal of making it easier for users to understand how Microsoft cloud services safeguard data so they can meet their own regulatory compliance objectives.

These include audit reports from independent third-party service providers. Users can find information regarding the ways in which Microsoft’s online services may be able to help organizations comply with regulations and laws. The following standards are included:

  • NIST, or the National Institute of Standards and Technology
  • FedRAMP, or the Federal Risk and Authorization Management Program
  • ISO, or the International Organization for Standardization
  • SOC, or the Service Organization Controls
  • General Data Protection Regulation, abbreviated as GDPR

The regulatory environment is just as dynamic as business risks. With all the compliance-related documents in this platform including audit reports, frequently-asked questions, white papers, and more, you’ll be able to learn everything you care to know.

Assessment tools

There are a rich variety of tools on the platform. These include the resources you’ll need for data protection, risk assessment, and compliance management. These resources should simplify your compliance journey.

Microsoft Cloud compliance resources

STP is also loaded with other resources about Microsoft’s security, privacy, and compliance practices. Essentially, these are centralized resources for all of Microsoft’s Cloud services.

Accessing the Service Trust Portal

STP is a free resource available to everybody; both existing Microsoft online services customers and those who are simply evaluating the cloud-based platform.

To access the Microsoft Service Trust Portal or any of the STP materials, you must be logged in to the platform with your Microsoft cloud services account.

Whether you have an Azure Active Directory account or a Microsoft account, log into that account to take advantage of all the tools and resources now available. You will be asked to accept their Non-Disclosure Agreement for Compliance Materials, so click on “Accept” to move forward.

If you are a current Microsoft cloud services registered user, you can access the Service Trust Portal at https://aka.ms/STP with any of the following internet subscriptions available for both trial and paid users:

  • Office 365
  • Microsoft Azure
  • Microsoft Dynamics 365
  • Microsoft Intune

New customer sign-up

If you are just considering Microsoft online services for the first time or as a new user, you have the option to create a new account or create a trial account. Either of these should allow you to access the Service Trust Portal.

That said, you can use any of the following sign-up forms to gain access to the Microsoft STP. Ensure that you enable Azure Active Directory at the time of signing up to support your access to the STP.

After you are logged into STP, you can access any of the content available on the platform by navigating to the section containing the item you’re looking for and clicking on it.

To review content on the STP, pick an option from the menu: Audit Reports, Data Protection, Azure Security and Compliance Blueprints, Poland Compliance, Romania Compliance.

Once you locate the item you need, you can click on it and download it locally for your own use. Other resources such as the FAQs are serviceable from within the STP, so you won’t have to constantly download documents to your hard drive.

Wrap up

You’ll be happy to know that Microsoft is regularly adding more tools to STP to empower organizations. So, you’ll want to keep checking back to STP for the latest available information.

Service Trust Portal

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Nest, Google’s Smart Home Division, Discovers Leaked Passwords and Contacts Customers

Nest, Google’s Smart Home Division, Discovers Leaked Passwords and Contacts Customers

Nest Labs, a division of Google, recently discovered a list of email addresses and passwords that had been published online. As part of their ongoing commitment to protect their customers from hackers, Nest continuously monitors databases found online of stolen or leaked passwords. When they found that some of their customers’ passwords were listed on a phishing website, they sent out an email to customers.

Nest Password Leak

Consumers remain the weakest link

Security experts all agree that the weakest link when it comes to internet security is the consumer. People click on suspicious links that download a virus or worm onto their device. They also frequently use the same password across multiple accounts. Many users visit sites that are unsafe where they may be exposed to malware. Often, consumers use the same password for years. All these practices make it very easy for hackers to steal passwords then break into various accounts.

Nest takes proactive stance

When Nest found the databases of leaked passwords, they sent out emails to all of their customers that read in part:

“Nest monitors publicly leaked password databases and checks our own databases for matches. We’ve found that your email and password were included in a list of accounts shared online. Common causes of password theft are falling victim to phishing emails or websites, malware, and password reuse on other websites which may have been compromised.”

The letter goes on to give instructions to users about what to do next and this applies to anyone who suspects that their password has been stolen. Instructions are below:

  1. Sign in to your Nest Account (bank account, credit card account, etc.) immediately.
  2. Navigate to the account management screen and find the item that says, “Reset Password.”
  3. Select a new password. Be sure to use numbers, letters, capital letters and symbols. An example of a good password would be: 57Rop*82!@HK. A password like this is much harder for crooks to decipher. An example of a weak password would be: time1234. This password would be easy for hackers to learn.
  4. Click “Save” to save the new password. Be sure to make a note of the password.
  5. You can also go to the log-in screen of any account including Nest and click on “Forgot Password.” This will initiate a procedure where you are sent a code (usually as a text message). Enter that code where prompted, then proceed to create your new password.

Nest reminded its users that unless they did log on and change their password within a set length of time, the company might disable access to their account. Often, users put off changing passwords so the company most likely felt like it was necessary to include this veiled threat to shut down the account until a new password was chosen.

How to change your Nest password using the app

The company also included instructions for changing the password via the Nest app and these are given below for your convenience:

  • On the Nest app home screen, tap the Menu icon.
  • Select the Account icon.
  • Select “Manage account,” then “Account security,” then “Account password.
  • Enter your current password and your new password, then tap “Save changes.”

How to use Two-Factor Verification (2FA)

Nest also offers the option of 2-step (2-factor) verification, which can add a layer of protection to any account. This is very important to do for financial accounts and other accounts like Nest where your home, family or money might be at risk. The instructions for adding 2-step verification are given below:

  • On the Nest app’s home screen, select the Menu icon at the top.
  • Select Account.
  • Select “Manage account,” then “Account security.”
  • Select “2-step verification.” Then tap the switch to toggle 2-step verification on.
  • Follow the prompts to enter your password, phone number, and the unique verification code sent to your phone.

Cyber theft increasing globally

Many experts are now recommending that customers add 2-step verification to all their online accounts. The increase in hacking and phishing schemes worldwide has alarmed many security experts, as well as consumers. It has become commonplace to read that one of your favorite stores or most trusted brands has lost millions of data records to hackers.

This fact has spawned a new generation of security experts and advocacy groups whose purpose is to stem the tide of the growing number of cyber thefts. One of these groups called the Internet Society was the first to discover the Nest breach when they stumbled across an email from Nest to one of its customers. The society forwarded the email to the Online Trust Alliance and they published it as a blog post. Once this occurred, the story made international news.

How Nest learned of the breach

Though Nest has not revealed how they learned about the compromised passwords, it is believed that they regularly check a site called “Have I Been Pwned?” which is run by Troy Hunt, a security researcher. The site can be used to check whether any of your passwords have been stolen or leaked online. It includes half a billion passwords and other credentials stolen from consumers all over the world.

About Nest Labs

Nest Labs, now a division of Google, provides home automation tools that are programmable, sensor-driven and self-learning. Using your home’s Wi-Fi system, Nest products can be controlled either at home or remotely. These products include smoke detectors, thermostats, indoor and outdoor security cameras, security systems, lights, and other common household appliances.

Nest was founded in 2010 by Matt Rogers and Tony Fadell, engineers who formerly worked for Apple. The company grew quickly to 130 employees and within just a few short years, Nest Labs had grown to 280 employees worldwide. In 2014, Google acquired the company for an estimated $3.2 billion. Today, the company has over 1,200 employees. They recently built a state-of-the-art engineering center in Seattle, Washington.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

CYBER THEFT, A REAL THREAT TO SMALL BUSINESSES

CYBER THEFT, A REAL THREAT TO SMALL BUSINESSES

Cybercrime is no longer a new phenomenon. The zeal with which cybercriminals have committed these offenses in the past has led to an outcry from businesses and organizations. Cybercriminals are constantly on the prowl for new sites to attack. They are continuously improving their methods of attack. To make matter worse, this type of crime is very difficult to solve. The attacks themselves become more sophisticated as the days go by. Many experts are searching for real solutions; permanent solutions.

Cyber Threats To Small Business

The threat to small businesses

While many organizations have put in place various measures to prevent this crime, a look at the statistics reveals that only large organizations are really doing everything they need to do. Smaller companies either think they can’t afford good protection or don’t need it. The best protection from cyber breaches is expensive. It requires training for employees, risk assessment, and the installation of a good array of programs that can detect and prevent intrusion. There are ways that small businesses can get the same top-notch protection as a large organization. And, it is imperative that they do so. A big data breach could cost your company millions of dollars. Most experts say that it’s not a matter of IF you get attacked; it’s just a matter of WHEN.

How real is the threat?

The threat of a cyberattack is a lingering one despite the amount of protection that one invests in. That’s because the nature of this crime is to evolve with each new attack. This is why most business owners prefer to invest in protection services with the ability to detect cybercrime before it occurs. The Verizon Data Breach Investigation Report shows that the threat of cyberattacks on small businesses is much greater than small business owners anticipate. This group states that up to 61% of cyber security breaches were experienced by small businesses last year. This was an 8% rise from 53% in the previous year.[1]

Cost of cyber-attacks on small businesses

While small businesses fail to invest in protection systems because of the costs, it is noteworthy that the amount of money lost as a result of cyberattacks is considerably higher. The ransomware attack is a great example of this fact. One ransomware attack can stop your workforce in its tracks. Your data will be locked until you pay. Some thieves threaten to release your internal documents to the public. This caused a huge amount of embarrassment for Sony Pictures after their 2014 data breach.[2] The North Koreans took responsibility for this breach, claiming that they did not like a movie that Sony was about to release where the North Korean dictator was to be made fun of.

In the end, the damage to Sony was more about being embarrassed before the whole world. Sony’s reputation was severely damaged. Though large companies like Sony can survive an attack like this, small companies cannot. A new study shows that cyberattacks cost on average, $38,000 per attack.[3] Below are a few other stats pertaining to small businesses and data breaches:

  • 23 percent lost business opportunities after an attack.
  • 29 percent lost revenue; 38 percent of those lost more than 20 percent.
  • 22 percent of businesses lost customers; 40 percent lost more than 20 percent of their customer base.

In some cases, small businesses must close their doors within a few months of the attack. Small business owners are only just realizing how vulnerable they are. This is due to the fact that most small businesses are an easy target for hackers. They simply don’t have sophisticated enough data protection programs in place.

What can you do about it?

The first step for any small business is to invest in effective cyber security software. These should be installed on all computers and mobile devices. The second step is to install a remote computer backup. Always have recent copies of your database stored somewhere offsite. A remote computer backup makes recovery of data much simpler.

A third step is to test your data security systems and procedures regularly. This can be easily done through a gap analysis. A gap analysis will enable the business owner to know how effective the data protection system really is. It takes into consideration the detected threats and compares these with the protection system. It is also sensible to develop a data breach response plan. This should include a communications response plan.

Proper response in cases of data breach can save a company millions of dollars and protect customers. A good response plan can let everyone including stakeholders know what’s going on. The sooner your employees know what’s happening, the sooner they can shut down their computers and mobile devices so that the virus can’t spread. All computers and devices with company data should be disconnected from the network until the issues are resolved.

Cyber liability insurance can also come in handy in case of attacks. As we have noted, up to 60% of small businesses which experience cyber-attacks are forced out of business within six months of the attack. Cyber liability insurance will protect your assets.

Final thoughts

Small businesses are currently attractive to cybercriminals because of their lack of protection. When it comes to cyber security, it should be noted that prevention is definitely the best route. Though many prevention measures appear costly, it can save your company from going through a nightmare that will be expensive and damage your reputation.

[1] https://www.verizonenterprise.com/verizon-insights-lab/dbir/

[2] https://en.wikipedia.org/wiki/Sony_Pictures_hack

[3] https://www.score.org/blog/cyberattacks-cost-small-businesses-more-money

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

10 Major Reasons Small Businesses Are Still Vulnerable To Malware Attacks

10 Major Reasons Small Businesses Are Still Vulnerable To Malware Attacks

We have seen firsthand the common errors and oversights that lead to infections and intrusions – and we want to help your business learn from those mistakes.

Malware Attack

When it comes right down to it, cybersecurity best practices are not nearly as complicated or confusing as they seem on the surface. That’s not to say that security is simple, but rather that the best precautions have more to do with common sense and practicality than anything else. Yes, the software and safeguards you choose matter, but the best way to avoid something like malware damaging your business is to be smart about all aspects of your cybersecurity – not just the technological parts.

Here are the 10 main reasons businesses like yours are still at serious risk of suffering a malware attack.

1) You Still Think It Can’t Happen To You – Smaller businesses have a habit of assuming that just because they’re not a Fortune 500 company, a cybercriminal would have no interest in disrupting their operations or stealing their data. The reality is that couldn’t be further from the truth. It takes minimal effort on a hacker’s part to successfully target an SMB that has invested very little in their IT security, letting them use your business for practice or sport, and profit off of your stolen data. Most of the new malware variants are automated and target ANY business that lacks protection from a particular vulnerability.

2) Threats Evolve Faster Than You Realize – Like any other aspect of technology, malware and other cyber threats are constantly changing and evolving. Hackers are continually coming up with new ways to target businesses, and are creating more advanced threats. If you’re not up to date on the latest malware strains and zero-day exploits, you very likely have a gaping hole in your cyber defenses. This level of vigilance is all but impossible to achieve without full-time IT security staff at your disposal.

3) Your Staff Isn’t Up To Date With Security Best Practices – Your employees are both your best defense and your biggest weakness. Just about every cyber threat out there relies heavily — if not entirely — on the unwitting assistance of someone inside your organization to be effective. If your staff isn’t well-educated on security best practices and offered ongoing training and information to keep them up to date, any number of threats can target your business with ease.

4) Your Policies And Protocols Are Lacking – Your policies need to focus on more than just password control. At the minimum, you should have two-factor authentication and access controls in place to protect mission-critical data. By tightly regulating access to your files, folders, and systems, you can reduce the odds of an unauthorized users getting their hands on your data or finding a way inside your network.

5) You’ve Got Major Exposure To Multi-Vector Attacks – A standard firewall or antivirus will only protect your network against certain types of infections or attacks. If your security measures and protocols don’t take into account email, web browsing behaviors, file sharing, and network activity, your defenses won’t hold up under a multi-vector attack.

6) Your Technology Is Too Complex For Your Administrators To Manage Effectively – When you leave the responsibility for your business’ cybersecurity in the hands of a single in-house IT person or designate a staff member the administrator of these systems, you could be setting your business up to fail. A solid IT security system is far too complex for a single individual to manage on their own. Automating as much of your cybersecurity as possible can help to lighten the load, but these systems still need oversight to run effectively.

7) Your Systems And Software Are Out Of Date – An alarming number of malware infections — including the now-infamous WannaCry ransomware virus — use pre-existing system or software exploits to gain access to targeted systems. More often than not, security experts are aware these exploits exist, and release patches and updates designed to rectify the problem long before a hacker figures out how to make use of said exploit. However, if you’re not keeping on top of these patches and updates, you’re essentially propping a door open for a cybercriminal to waltz right through.

8) You’ve Got Zero Network Visibility – If you’ve got little to no idea about what’s going on inside of and around your network, it’s more than a little difficult to spot threats. Network monitoring tools can quickly detect both internal and external threats, and contain them before they can cause damage.

9) You’ve Got Lackluster Data Backup Practices – The most terrifying malware infection to date has been ransomware, and no other infection makes a better case for the importance of data backups. Without current and complete backups available for your business to restore from – specifically offsite backups that are insulated from threats that target your network and systems – it’s next to impossible to survive a ransomware attack. Businesses that don’t have reliable and up to date data backups to count on will typically close their doors within six months of a major data loss incident.

10) You’re Falling Short Of Compliance Requirements – Any compliance regulations your business is subject to – whether that be HIPAA, PCI, or any other industry-specific guidelines – will make strict recommendations for security. Simply by working to make sure you’re meeting these requirements, you can take a huge step towards better cybersecurity practices.

At the end of the day, great cybersecurity is not impossible to achieve. Often, it just comes down to having the right support in place. The true value of working with an MSP like Paradigm Network Solutions comes not from the specialized tools and support we can offer, but from the guidance and advice, you can only receive from experienced and knowledgeable technology professionals who understand your world, and the threats present in it.

Want to learn more about the industry-leading cybersecurity solutions and support we have to offer? Contact us at (416) 490-9019 or sales@ittoronto.com.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Notable features of Windows 10

Notable features of Windows 10

Over the years there have been many versions of Windows such as Windows 8, Windows Vista, and Windows XP. Windows 10, the latest update from Microsoft, has many unique features that distinguish it from its predecessors. While the previous versions ran mainly on laptops and desktops, Windows 10 is designed to run on tablets equally as well. One of the best features of this update, which is also known as Spring Creators Update, is that takes very little time to install – just under thirty minutes. While the previous updates used to take a lot of time, this new version is very time effective.

Notable Windows 10 Features

Windows 10 has many other distinctive features that are very useful for many small businesses.

Cortana on Desktop

Windows 10 brings voice-controlled digital assistance in the form of Cortana to computers. Now you can interact with or give commands to your computer without lifting a finger. You don’t need to type – just tell your computer if you want to launch a PowerPoint presentation, need a specific file, or want to look at specific photos. Your PC can do all this while you work on, say, an interdepartmental email.

Timeline

Timeline has replaced the Task Viewer icon beside the Windows taskbar. This new feature allows the user to view the activity history of their desktop. If you are looking for a file that you were working on last week, Timeline will help you find it quickly. Just click on the Task View button on the taskbar, and you will be able to see all your open files and applications. It is a convenient way to see what applications are running. Windows will display photos, folders, and documents according to the date that they were last used.

Privacy

Another security feature of Windows 10 is the new Windows Diagnostic Data Viewer. This feature allows you to view the amount of information that Microsoft can access from your computer. You can keep your data safe by fine-tuning privacy settings which concern application usage, browser history, web permissions, and connected devices.

The Start Menu is back!

In the previous update the Start Menu was eliminated, but in Windows 10 we can see its revival. The bottom left shows the Start Button, and when you click on it, two panels appear side by side with the left side showing the most used applications. The right side displays a list of live tiles that you can resize, reorganize, and customize. There is a power button at the top similar to Windows 8 for features such as Standby, Hibernate, and Shut down.

Nearby Sharing

Another simple feature that makes office work so much easier is Nearby Sharing, which you can enable from the Control Panel. Select the computer you want to send the file to and then click on the Share button in the Photos app or the Edge browser. The computer will receive a notification asking it to accept or decline the file. This ensures that file transfers can happen without unreliable network folders, beat-up USB devices, or empty email messages.

Snap Assist

In this update, the Snap View feature has also been updated which allows users to open multiple windows side-by-side without being limited by your screen’s resolution. This feature also suggests different apps that you can open to fill the available space.

Swift Pair

This feature allows you to connect to a Bluetooth device within the desktop’s range. You will automatically receive notifications whenever there is a connection opportunity. With Windows 10 you can use wireless headphones to make a call or try out a wireless keyboard by just clicking connect.

Microsoft Edge

The new browser called Microsoft Edge has replaced the old Internet Explorer. This browser has many impressive features such as Cortana integration, which allows you to pull up contextual information without having to search through emails. It has an annotation tool which lets you write anything and share it with your friends on social networks without leaving the browser, and PDF support which makes reading easier by improving the layout of long articles.

Tablet Mode

Windows 10, unlike Windows 8, makes a clear differentiation between tablets and desktops. In Windows 8, if you happen to be using a mouse and keyboard, by default, you will be in desktop mode.

Action Center

The Action Center in Windows 10 has been expanded to allow easy access to frequently used settings such as tablet mode and Wi-Fi connectivity. It also shows all essential notifications as soon as your computer receives an update.

Windows 10 has many impressive features which were missing in the previous update. It is faster, provides invaluable security protection and makes multitasking much easier. Update your computer today to enjoy all the benefits of this new operating system.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Data Breaches and Credit-Card Fraud Can Destroy Your Small Business

Data Breaches and Credit-Card Fraud Can Destroy Your Small Business

Most business owners are cognizant of the prevalence of fraud in the digital world today. According to Experian’s Global Fraud and Identity Report 2018, almost three-quarters of businesses believe fraud is a growing concern, and nearly two-thirds reported fraudulent losses over the past year.

Credit Card Fraud

What is Fraud?

Fraud occurs when an individuals’ payment information is used without their authorization. When hackers breach your network and access your customers’ or clients’ sensitive cardholder information, they have many opportunities to commit fraud numerous times. Anytime someone falsifies an identity and “tricks” a system into thinking the person making a purchase is someone other than who they actually are, this is considered to be fraud.

Fraud is Pervasive in Today’s Digital World

This is because the majority of business and consumer data remains vulnerable. As the value of digital information grows, so does the hacker’s motivation to develop methods to avoid detection from the latest technologies.

The existing account setup process requires consumers to provide extensive amounts of personal information along with passwords and secret questions. And data breaches provide this information to cybercriminals. When this data is stolen, it’s often used for fraudulent activities.

Fraud is a moving target just like the hackers. New tactics are evolving where criminals combine real and fake information to create new identities.

Most business owners just don’t have a handle on this – and they lack confidence in their ability to protect their customers and their companies from fraud.

One of the reasons for this is that their initiatives are mostly reactionary rather than proactive as many continue to use legacy cybersecurity technology rather than investing in new, more sophisticated data protection solutions. As a result, every month that goes by increases their vulnerability and exposure to data breaches and fraud.

Fraud is an ever-present and growing risk

For businesses in e-commerce, managing the risk of fraud is a delicate balancing act between providing an ease of use for customers vs. fraud protection. They struggle with mitigating fraud and providing a positive customer experience. Unfortunately, the customer experience wins out in most cases, and businesses are willing to risk fraudulent losses over losing customers to their competition. Ironically, they are setting their businesses up for reputational damage where they will end up losing customers anyway, fail to gain new ones, and possibly face financial penalties and litigation costs.

The 2017 Cost of Data Breach Study from the Ponemon Institute, sponsored by IBM, puts the global average cost at $3.6 million, or $141 per data record. That’s a reduction in the average cost in 2016, but the average size of data breaches has increased. It’s also worth noting that the average cost of a data breach in the United States is much higher at $7.3 million.

More than 50 percent of businesses say they still rely on passwords as their top form of authentication.1 And business leaders know that using passwords isn’t the most secure option. But customers are used to them, and business owners want to please them. They also complain that they lack the financial resources to adopt more advanced authentication methods when this would save them legal fees and penalties if/when their customers’ accounts are breached–not to mention their reputation and the future existence of their business. This, of course, is very shortsighted.

How data breaches and fraud are connected

Data breaches and fraud don’t usually occur at the same time and place. Cybercriminals won’t steal a customer’s information and turn around and use it for a purchase from the same business. So. it’s not easy for a business to detect when a breach occurs.

Data breaches are typically detected by using specific security tools that monitor all payment activity. Merchants should follow PCI/DSS Standards to identify and prevent breaches and remain compliant. PCI-DSS audits will help you find vulnerabilities in your system and reveal inadequacies that must be eradicated.

A successful case of fraud spreads like cancer

If a hacker can get one password, they may have the keys to other password-protected accounts. The more online accounts people open, the greater their risk. And most people have quite a few. If the hacker can figure out the password to someone’s email account, they may also have the key to their credit card and banking accounts as well.

You must remain vigilant to prevent data breaches and fraud.

What to do if you suspect fraud

A key indicator of evidence of fraud is in chargebacks where a customer disputes a charge on their credit card, and where you aren’t paid for the service or product. If your chargeback rate increases above a 1% margin, this is a good indication that you’re experiencing fraud.

In this case, you should hire a third-party auditor like an IT Managed Services Provider (MSP) to help bring you back into compliance and stop the thieves. They will detect where the problem(s) exist and if what they find indicates a data breach. PCI-DSS compliance requirements mandate that you do this to stop the fraudulent activity.

Of course, you should contact the card processor as well. They will connect you to the card providers who can often identify the point of access or detect a suspicious pattern of activity.

What You Can Do to Reduce Fraud and Data Breaches.

Use EMV Technology.

EMV (Europay Mastercard Visa) is the global standard to authenticate payment cards. EMV technology can help you protect your business from fraud. It ensures the card is legitimate and that the person using the card is the authorized user.

EMV chips are microprocessors that store and protect cardholder data. They use a unique cryptogram that’s validated by the card issuer. This makes it more difficult for hackers to break the code and steal card information to commit fraud.

Today, if you don’t use an EMV-capable terminal, and the transaction turns out to be fraudulent, you can be held financially liable for that transaction.

EMV has been used in the United Kingdom since 2004, and card-present fraud has gone down by 80% as a result. By comparison, without EMV in the U.S., fraud increased during this time by nearly 70%.

Protect Data in Transit by Using Encryption.

When credit card data is stolen, it’s considered a data breach. Considering the number of card payments your business processes in a month, hackers may view you as the “Pot of Gold at the end of a Rainbow.” In other words, your business is a prime target.

You can help stop the hackers from accessing data in transit by using end-to-end encryption (E2E) and point-to-point encryption (P2PE).

The advantages of end-to-end encryption are:

  • That you don’t need a separate key for the decryption of the data.
  • You have flexibility in deciding what data to encrypt.
  • You can choose specific configurations for more functionality.
  • The file size is small, and the processing time is minimal.

Point-to-point encryption encrypts transmitted data as it goes through a designated “tunnel.” This is used most often for credit card information that’s encrypted from the point-of-sale (POS) to the credit card processor.

With encryption, if a breach does occur, and data is stolen, it will be useless to cybercriminals in its encrypted state.

Protect Data at Rest by Using Tokenization.

Tokenization breaks up a sequence of data into pieces such as words, keywords, symbols, phrases, and elements called tokens. Tokens can be words, phrases or even whole sentences. In other words, tokenization keeps cybercriminals from using data by replacing it with meaningless characters. Tokenization is helpful for businesses that store sensitive card data for re-billing. It’s also one of the most effective and affordable ways for businesses to protect their customers’ confidential card data.

Combining encryption and tokenization is one of the best ways to protect your business from the devastating effects of a data breach.

Secure Your IT Environment

  • Ask your IT Managed Services Provider (MSP) to set up a next-generation firewall, anti-spam, and anti-virus solutions.
  • Ensure your POS and router are on different networks and separate from other systems that access the Internet.
  • Don’t use your business POS for surfing the Web. This can expose it to viruses and result in vulnerabilities that can be breached.
  • Assign separate login credentials for each user.
  • Forbid sharing of login credentials and enforce this.
  • Keep your user list up to date and disable accounts that are no longer needed.
  • Only provide remote access for users with a clearly identified need.
  • Don’t leave remote access software turned on when unattended.
  • Keep all software and anti-virus, anti-spam programs up-to-date.
  • Regularly run and review scans for malware.
  • Regularly have your MSP run vulnerability scans.
  • Ask your MSP to train your staff on the latest security threats and what to do if they come across one.
  • Train your staff how to detect unauthorized skimming devices that could be installed on POS or credit-card terminals.

Have Your MSP Train Your Employees on Cybersecurity Awareness.

Teach your employees about password security and make sure you enforce this behavior:

  • Don’t use words from the dictionary.
  • Don’t use names of family members.
  • Don’t reuse passwords from your other accounts.
  • Don’t write down your passwords or put them where others can see them.
  • Consider using a Password Manager (e.g., LastPass or 1Password).
  • Use password complexity (e.g., P@ssword1).
  • Create a unique password for work separate from your personal use.
  • Change passwords at least quarterly.
  • Use passwords with 9+ characters.
    • A criminal can crack a 5-character password in 16 minutes.
    • It takes five hours to crack a six-character password.
    • Three days for a 7-character password.
    • Four months for eight characters.
    • 26 years for nine characters.
    • centuries for 10+ characters.
  • Turn on Two-Factor Authentication if it’s available.

Teach employees about ransomware and phishing threats. These appear to be from an official like the IRS or FBI. If a screen pops up that says you’ll be fined if you don’t follow their instructions, don’t! If you do, the criminal will encrypt all your data and prevent you and your employees from accessing it. Teach them to:

Beware of messages that:

  • Try to solicit your curiosity or trust.
  • Contain a link that you must “check out now.”
  • Contain a downloadable file like a photo, music, document or pdf file.

Don’t believe messages that contain an urgent call to action:

  • With an immediate need to address a problem that requires you to verify information.
  • Urgently asks for your help.
  • Asks you to donate to a charitable cause.
  • Indicates you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.

Be on the lookout for messages that:

  • Respond to a question you never asked.
  • Create distrust.
  • Try to start a conflict.

Watch for flags like:

  • Misspellings
  • Typos

Ask Your MSP to Help You with PCI Compliance.

PCI Compliance is not a one-time event but should be a continual process to ensure your IT systems are appropriately transmitting and storing sensitive data. It mandates that network and business practices are secure.

Failing to maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS) can ruin your small business if you get hit with a data breach.

It’s not always easy to do this on your own. Your MSP can help by:

  • Performing scans of your network to identify and eliminate vulnerabilities that can lead to data breaches.
  • Monitoring network activity and blocking malicious activity before it can lock down or steal your data.
  • Providing you the tools and resources to promote compliance.
  • Implement data-breach protection solutions.
  • Help you sign up for a breach assistance/cyber insurance program that provides for reimbursement of certain card brand fees that are charged if data is compromised. Some cover the costs of a data breach, which can be upwards of $100,000 or more.

Protect Your Business from Data Breaches, Fraud, and the Resulting Consequences

When you take all of this seriously, you’re not just protecting your customer’s confidential information; you’re also protecting your business from fraud.

Most companies that experience a data breach will see a rise in cost to retain existing customers. And, they will also see an increased cost to acquire new customers. When you add these increases in cost to the loss of revenue from customers that choose take their business to your competitors, you’ll soon see how your damaged reputation dramatically affects your company’s bottom line.

You don’t have to face this alone.

The right IT Managed Services Provider can be your best ally against security threats. From helping you with integrated and compliant POS systems to implementing technologies like encryption and tokenization, and providing compliance and breach assistance, the right IT Partner is worth every cent when it comes to helping you secure your business against the devastating effects of credit-card fraud and data breaches.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Using Yoast SEO to Write Effective Meta Descriptions

Using Yoast SEO to Write Effective Meta Descriptions

The term, “meta description” may seem foreign to some but we all see these descriptions each time we search for something online. The meta description can contain up to 320 characters and should be an interesting summary of what your website is all about. It shows up in the search results as those first few words/lines that explain the essence of your website or post.

Yoast SEO Descriptions

How Meta Descriptions Work

Each time we type a search term in the browser, a number of results will come up. For each one, there’s a 320 character description of the site or page. People usually decide which site to click on based on what these meta descriptions say. That means it has to be snappy and fresh. The wording needs to grab your attention. It has to sound enticing. Think of it as a short, but powerful sales pitch. Potential customers are far more likely to visit a site that sounds unique, interesting or entertaining than one that sounds boring.

Though search engines make it clear that there’s no direct advantage from writing good meta descriptions, there is a very strong indirect benefit. If you’ve written a good meta description, then this will improve your click-through-rate (CTR). As visitors click-through to your site, the search engine uses that information as a way of determining that your site was aptly and well described. This will improve your position in the search results.

It is important to point out here that Google will not always show your unique meta description. Sometimes they generate their own description of your business based on factors like the search term and type of business it is. This is where keywords come into play. Most business owners now understand at least the basics of keywords and how they work. If your content is well-optimized, then it should reflect that by serving as a great meta description.

Google changes the way their search engine works at times and this can certainly throw a wrench in all your good plans. However, that should not stop business owners from doing sound keyword research and creating unique content with those keywords. It goes without saying that keyword stuffing is bad and should be avoided at all costs. Always observe the current standards for keyword density in a page of text, which usually runs around 2 to 2.5 percent.

Yoast Free or Premium?

Yoast offers a free and a premium SEO service. With the free service, you get one keyword for each page of content. The premium service allows five keywords for each page. The premium service also does a readability check using the Flesch Kincaid test which measures the grade level of your writing. Since the world wide web is filled with people from all backgrounds and educations, Flesch Kincaid usually recommends writing copy that would be easy reading for a third to fifth grader.

Use short concise sentences. Avoid big words that are not readily understood unless you are writing technical information for a specific audience, like IT experts. Try to use action verbs instead of passive verbs. Use subheadings and catchy taglines. Whatever you can do to make your site more attractive, unique and fun, will help. You can count on getting more traffic and higher conversion rates.

How to Use Yoast SEO to Write Meta Descriptions

If you don’t write a unique meta description, Yoast will produce one. Usually, it simply takes the first three lines of content on your page or post and uses that. If you’d like to edit that, then click on the “edit snippet” button. This opens the snippet editor. There are fields there to edit the SEO title, slug and meta description. As you type, your new meta description will show up. You can make changes until you feel it’s just right. The snippet editor has an orange bar at the bottom that will become green once you’ve typed enough information.

Many site owners use the first few lines of content on their page or post as the meta description. If your site has good, professionally written content on it, then there’s nothing wrong with that. However, if you feel you could improve the text, then, by all means, do so. If you can get the hang of this and really write powerful meta descriptions, it can greatly improve your click-through rates.

How to Write a Superb Meta Description

Once you’ve decided that this is something worthwhile that could improve your bottom line, it’s important to put your best foot forward. In order to write effective meta descriptions, you may need the help of a good copywriter. Copywriting is all about utilizing words to persuade searchers to click on your page. With only 320 characters or about two to three lines of text, it’s important to make every word count. Below are two writing examples to show you the difference between professionally written text and that of an amateur.

Good Meta Description:

Apple

https://www.apple.com/

Discover the innovative world of Apple and shop everything iPhone, iPad, Apple Watch, Mac, and AppleTV, plus explore accessories, entertainment, and expert device support.

The above meta description from Apple does contain some good keywords but it doesn’t feel awkward or forced. It’s informative. It’s also important to note that this meta description was written using the older rules where 155 characters were the rule. Today, we’re seeing longer snippets that contain more information to help searchers decide what to click on.

Bad Meta Description:

Mary’s Bakery

https://www.marysbakery.com/

Get some good donuts and cakes at Mary’s Bakery located in downtown Minneapolis. We cater and deliver. Our baked goods are tasty and made with quality ingredients.

Though the above meta description does contain some valuable information, it’s boring. The shop owner wastes valuable space here to tell consumers where they’re located. This is something that many searchers will not care about in their initial search. Use this space to talk about delicious pastries, cakes, and donuts. Talk about your award-winning cupcakes with buttercream icing. This is how you get people to visit your site and look around.

Caution!

Be sure that your meta description accurately describes your page or post. Yes, the wording can be flowery, powerful, strangely attractive, etc. But it should also be truthful. If you make promises you can’t keep, then searchers will quickly hit the “back” button. This can cause your site to fall in the search listings.

As mentioned above, avoid keyword stuffing. Just about all web visitors today understand what keyword stuffing is and most don’t like it. The reason? Keyword stuffing makes a section of text read awkwardly. It is typically not well-written content and it doesn’t make sense to your human visitors. Remember to write your meta description for humans, not for search engines.

Instead, focus on writing interesting descriptions and unique content for your human visitors. In the end, search engines will not be purchasing your products and services. Humans will, so cater to their needs, wants, desires, whims—and you’ll be rewarded with higher click-through rates and stronger sales.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

8 Intruder-Hating Tips For Home Office Security

8 Intruder-Hating Tips For Home Office Security

Your Devices Are A Target For Online Prowlers. At Your Peril Do Not Ignore!

Home Office Security

Be Aware of Your Surroundings – Takes On a Whole New Meaning

When you were a child, your mom or dad reminded you, be aware of your surroundings. They wanted you to avoid getting hurt by a stranger. This sound advice also rings true when using your company’s computer, tablet or cell phone devices at any public Wi-Fi hotspot. Anytime you log onto a non-encrypted hotspot, you increase your device’s vulnerability to data hacking. Also, if you chose not to log on through a work-based VPN connection, you invite easy access to your company’s device. If you travel for business, you practice keeping your devices safe, especially in airports and train stations. But if you can avoid doing sensitive work at public hotspots, you’ve reduced your vulnerability and increased your awareness of your online surroundings.

 Company Security Policies Are For Your Protection

Let’s say you work from home. Or maybe you travel and work remotely. Once you leave the company’s secure environment, your vulnerability increases. The organization is entrusting; you won’t expose them to unwanted malware and a hostile environment they have no control over. It’s for this reason; your company institutes a mandatory security policy. The terms of the policy state when any staff member, works away from the office, they must use the company’s devices. Should your device be compromised, your IT Security department can contain the risk immediately. But using a non-issued device, a friend or spouse has, you’ve exposed your company to a possible cyber-attack. You’ve also left the IT Security team to pick up the pieces which could have prevented. No need to stick your neck out. Follow your company’s security policies and reduce your risk and exposure.

Not Some, But All Systems and Applications Must Stay Up To Date

We know. You hate being reminded. Security managers are updated zealots. But their sage advice is the simplest and easiest step a home office user has at their disposal. When running your updates, remember you are updating your operating system, all applications, and Microsoft Office. The updates are not just for the latest versions. Updates are for your stronger security-related measures. When your computer reminds you to update your system, take those extra minutes and update. Finally, don’t forget your once a week security scans and your once-a-month full system scan. You might be surprised what your system digs up.

You Can Trust Me – I Am Your Network, or Are You?

Let’s say a security application, you’ve never seen, pops-up and prompts you to do a security scan, would you click it on? We hope you’d say no and here’s why. Some applications appear harmless and legitimate, almost friendly and helpful. But underneath they are programmed for sinister activity and why you must stay vigilant and know in advance if an unfamiliar network should be trusted. Granted you will be suspicious of public Wi-Fi hotspots, but at home, that same caution must continue. Downloading an app, your IT Support hasn’t cleared, puts you at great risk. If you’re not sure you logged into the correct network, stop and contact your IT Security Support department right away.

Remove The Cache Sludge From Your Computer

Have you noticed lately, your computer or browser are taking just a little longer to boot-up or respond these days? With virus updates, software patches, surfing the web, emailing, and working from your home computer, you will build up digital muck. For starters, your cache is your catch-all. It doesn’t matter what it is; something is going to drain down into your cache. And it keeps a record of it. So, if you want smooth sailing internet browsing and peak performance, clean out your cache. Why horde piles of digital yuck, for months, in your cache, where malware has been known to hide out? Once you clean out your cache and reload your browser, it rewards you with the updated version of the website you’re visiting. Also, if the site owners keep their security up-to-date, your visit is secure.

These Cookies Are Not Your Friends Nor Are They Tasty

According to Webopedia, “a cookie will contain a string of text that contains information about your browser. To work a cookie does not need to know where you are from; it only needs to remember your browser.” Some Websites use cookies to store more personal information, about you, and you may not know it. You must find out who has data about you. With bad press surrounding social media sites, it’s becoming more important to check your browser for cookies and delete them selectively or delete them entirely.

Still Using Passwords – Multi-Factor Authentication Gives You New Security Powers

In the early years, you were trained how to use passwords to protect your sensitive material. Something easy to remember. But with progress came security breaches. Easy passwords were out. Next password level was using numbers and symbols in the place of vowels in your password. Now passwords are out, and passphrases are in. Here’s how it works. No confusing password with symbols or numbers to remember. What you create is a phrase you will easily picture in your mind, like the address at your best friend’s house. Instead of a password like this: #152@Bobs, you create a passphrase like this: AddressAtBobsPlace. Now you have an easier way to remember and beefed-up security powers to protect your sensitive information.

Will Your Router Pass A Security Examination?

Finally, are you still using the original router password that came in the box? Does anyone else have access to that password? In some home offices, passwords get shared with family and close friends. If you do not remember the last time you changed the router’s password, or who has access to it, the time to replace the password is now. But if that same router has reached 24 months, ask your provider to swap it out and get a new dual-band router. With newer routers come five enhancements. They are faster to respond, data transmission is reliable, the latest security firmware is updated, comes with a warranty, and you receive a new password.

For more Intruder Hating Home Office Security Tips gives Network Essentials a call at (416) 490-9019 or email us sales@ittoronto.com to speak to one of our Home Office Security Specialists

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →
Page 1 of 15 12345...»