Published on: March 30, 2020 in
With over three billion internet users around the globe totaling roughly 40% of the population, the internet is rife with opportunities for hackers to steal users’ information. And with technology constantly evolving and the internet growing, it’s not likely to get safer anytime soon. It therefore pays to take extra precautions when surfing the web. We’ve compiled these three easy tips that can amp up your online security.
Tip #1: Use HTTPS
Short for Hypertext Transfer Protocol Secure, HTTPS indicates that a website has an extra layer of security for its users. This layer encrypts data exchanged between a user’s browser and the web server that delivers the data that the user requests. To use a simpler comparison, imagine someone tapping your landline, but instead of getting to listen in on your conversations, they’ll hear people speaking in tongues instead.
In August 2014, Google Chrome, the world’s most popular browser, announced that having HTTPS makes your website rank higher in its search algorithm. And since October 2017, the browser began flagging non-HTTPS websites as not secure whenever users try to fill out something as simple as a contact form on it. In July 2018, Chrome started showing a “not secure” warning on any website that does not implement HTTPS, whether or not users are filling out a form there.
Because of Google’s measures, the security protocol has been widely adopted. Even if your website does not contain or ask for sensitive information, implementing HTTPS on it engenders trust and a sense of security among internet users, while staying left behind security-wise will make web visitors abandon or avoid you sooner or later.
Tip #2: Embrace multifactor authentication (MFA)
Since account credentials can be easily stolen via phishing attacks, username and password combos are no longer enough to keep bad actors at bay. To ensure that the one accessing an account is truly that account’s owner, additional identity authentication steps must be implemented.
These steps can involve the use of the account holder’s device — the one logging in must first verify their phone number, receive a one-time password on their smartphone, then enter that code in the access portal before the validity of the code lapses. Alternatively, MFA may ask for a face, retina, voice, or fingerprint scan for authentication. MFA can be a bit of a hassle for your internal and external users, but a little inconvenience is a small price to pay for immensely effective cybersecurity.
Tip #3: Update browsers and devices
Did you know that dated versions of browsers, operating systems (OSs), and even other software packages can create an easy entry point for hackers? Often, new updates are created specifically to fix security holes. And hackers are ever aware that people can be lazy, saving that update for another day that never seems to come. They’ll often try to take advantage of this, searching for outdated devices to infiltrate while their victims watch YouTube on last year’s version of Firefox.
Yes, installing an update might take 15 minutes of your time. But it can pay dividends in preventing a security breach that could cost you or your business thousands.
Looking for more tips to boost your internet security? Get in touch to find out how we can help.
Published on: March 16, 2020 in
Amidst the current climate of malware, hacks, and phishing scams, companies must take precautions when accessing the internet. Without safeguards, browsers that you or your employees use are vulnerable to cyberattacks that may cripple productivity and profit. Here are steps that your company should take to browse the net safely.
Prevent browser tracking
If you don’t like the idea of a third party (reputable or otherwise) being able to track your browsing habits, enable private browsing using built-in tools in your internet browser such as Chrome’s incognito mode. This offers protection against tracking by blocking third-party cookies as well as malware. Some browser extensions also boast secure Wi-Fi and bandwidth optimization and can guard against tracking and data collection from social networking sites such as Twitter and Facebook.
While online ads may seem harmless, the truth is they can contain scripts and widgets that send your data to a third party. A decent ad blocking program will stop banner, rollover, and pop-up ads, and prevent you from inadvertently visiting a site that may contain malware.
Many blockers contain additional features such as the ability to disable cookies and scripts used by third parties on sites, the option to block specific items, and options to “clean up” Facebook, and hide YouTube comments.
Consider setting up a virtual private network (VPN)
Unfortunately, browser tracking and adware are not the only internet nasties that you need to be concerned about. Hackers can intercept sensitive data between two parties, allowing them to steal and corrupt valuable information such as bank details, login credentials, and other personal information. Installing a VPN can help solve this problem. VPNs encrypt your internet traffic, effectively shutting out anyone who may be trying to see what you’re doing.
Install antivirus and anti-malware software
Finally, it goes without saying that having antivirus and anti-malware software installed on your PC, tablet, and smartphone is crucial if you want to ensure your online safety. These software programs are your first defense against malicious parties intent on stealing your data.
Is browsing at your workplace secure? Would you like a more comprehensive security system for your business? We can tell you all about it and help protect your business from online threats. Get in touch with us today.
Published on: March 12, 2020 in
A clean work PC has now become essential in the wake of the developing worldwide Coronavirus (COVID-19) situation. Things we used to take for granted now require much more attention. Keyboards and frequent-touch surfaces pose a significant risk in the spread of contact-transmitted viruses. Here’s how to properly clean your computers to help mitigate the threat.
Cleaning your keyboard
Because we use keyboards every day, they get a bit grungy, with debris accumulating between the keys. Before you start cleaning, be sure to unplug the keyboard, or turn it off if it is wireless. To clean the upper parts of the keys — where your fingers strike the keys — try dipping cotton swabs into rubbing alcohol and then cleaning the keys with a gentle rub. A light spray misting (from a distance) of a disinfectant spray such as Lysol or Clorox can also be reasonably effective, however, be sure not to actually wet or soak the surface, or you may short out the electronics. Whatever your preferred method, be sure to let it dry thoroughly before reconnecting.
To clean between keys, you will need compressed air, which can be purchased at most office supply and computer stores. Spraying in between keys should be enough to get rid of most of the dust and grit.
Cleaning your mouse
Like the keyboard, the mouse can get quite dirty with grime from your fingers and dust. To clean a mouse, unplug it first then use cotton swabs dipped in rubbing alcohol to gently clean it. You may also follow the light misting instructions for keyboards as well. Again, be sure to let it dry thoroughly before reconnecting. There’s no need to open your mouse, as most models are designed to not be opened by users.
Cleaning desktop monitors
Employees spend many hours looking at their computer monitors, and a clean monitor makes it easier for them to do their tasks. The best way to clean your monitor is to turn it off first and gently wipe the screen with a microfiber cloth.
If there are still spots, try dipping the cloth in a tiny bit of water — make sure you don’t spray water onto the screen. Don’t press too hard on the screen, as this could damage your monitor’s pixels. Also, it is not a good idea to use paper products like paper towels or tissues, as they will not only leave a residue, but may also slightly scratch the monitor.
Cleaning mobile screens
Mobile and other touch screen devices will usually get your fingerprints all over them. The best way to clean these screens is also with a microfiber cloth. For tougher spots, dip the cloth in a small amount of water and then gently wipe the screen. Don’t splash water onto the device itself, as water could get inside, ruin internal components, and void the warranty.
Some people suggest rubbing alcohol to remove fingerprints and disinfect the device. While this will be okay for some screens, many manufacturers recommend against it because the alcohol can eat away at the protective film on some devices.
If you notice that there is a lot of dust or gunk on the edges of your screen, or even in cracks, you may need to take the device to a mobile shop for more thorough cleaning. Do not open the device yourself, as this could void the warranty.
Cleaning your laptop’s body
To clean your laptop’s body, turn it off, unplug it, and clean it with cotton swabs dipped in rubbing alcohol, or Mr. Clean Magic Eraser or a similar cleaning agent. Be careful not to scratch the sensitive components of the body.
Cleaning your computer tower
You may also clean the desktop computer’s tower by taking a slightly damp microfiber cloth and wiping down the front and sides of the tower. However, we strongly recommend avoiding the back and certain areas of the front, as there are ports and components that could be easily damaged.
As always, be sure to disconnect the power source and all wires before cleaning, as any water damage could ruin your computer.
Cleaning the inside of your computer
Dust will eventually get inside your computer and clog up cooling fans, causing them to stop working properly. This can potentially lead to other components overheating. The internal components of your computer are extremely fragile and need to be handled with great care. Do not take the case off of your computer, as this usually voids your warranty. If you feel you need the interior physically cleaned, please reach out to us to schedule an appointment.
For all of your computer needs, our technicians are here to help.
Published on: December 9, 2019 in
If you think you haven’t maximized all that Windows 10 has to offer, you’re probably right. Windows 10’s recent updates include a few small but useful enhancements that’ll make your life easier. Aside from the Start Menu’s return or the Cortana display enhancements, there’s more to Microsoft’s snazzy operating system that you probably haven’t used.
There are two kinds of computer users: those who value battery longevity and those who prefer optimized system performance. The Performance/Power slider in Windows 10 lets you easily toggle between the ‘Best battery life’ (when you’re trying to save battery) and the ‘Best performance’ (when you need your system to perform optimally), or set a balanced battery and system performance setting.
Just click the battery icon in the taskbar and adjust the slider based on your preference.
Those who use computers late at night can turn on Night Light to reduce the amount of blue light emitted from the screen. This feature substitutes the blue light with warmer colors, which reduces eye strain and helps you sleep easily.
Night Light is disabled by default, so you need to enable it by following these steps:
- Click the Start Menu
- Click the Settings app (or press WIN + I to quickly open Settings)
- Click the System icon>Display
- Set Night light to ‘On’ or ‘Off’
It takes only a few seconds to open a browser and type a website’s address or click Bookmarks and choose from a list of websites you frequently visit. But Windows 10 offers an even quicker way to access your go-to sites by allowing you to pin websites on the Windows 10 taskbar.
Simply click “Pin this page to the taskbar” on the Microsoft Edge menu, and the site’s icon will appear on the taskbar for easy perusal.
Drag to pin windows
Need to organize your screen but can’t help having many open windows? Reduce screen clutter by dragging any window to a corner so it can take a quarter of the screen. For multiple screens, drag a window to any border and wait for the prompt that tells you to put the window in the selected corner.
Notifications can be distracting, but Windows 10’s Focus Assist feature can manage the notifications you receive from contacts and applications. This function also lets you customize the list of notifications you wish to prioritize.
To enable Focus Assist, go to:
- Focus Assist
- Adjust the notifications settings based on your preference
If you wish to disable it and receive all notifications, click ‘Off.’
The features we’ve included here are just some of the many Windows 10 functions that save time and add value to business-users’ lives. For more software and productivity recommendations, give our IT consultants a call today.
Published on: November 11, 2019 in
More businesses are now allowing their employees to use mobile devices to increase productivity and profitability. But smartphones and tablets are just as vulnerable to hacking as desktops and laptops. Worse, employees may be exposing their mobile devices unwittingly to cybercriminals. Here are some helpful tips to keep your devices safe.
Ensure mobile OS is up-to-date
The updates on Apple and Android operating systems (OSs) improve overall user experience, but their most important function is to fix security vulnerabilities. Reduce your business’s exposure to threats by installing updates for all devices as soon as they become available. Don’t wait for a few weeks or months to update, as this give hackers ample time to exploit vulnerabilities on devices that run on an outdated OS.
Install business applications only
Downloading apps seems harmless. But lenient policies on what should and shouldn’t be downloaded on company mobile devices could lead to staff downloading and installing non-business-related apps from third-party stores, most of which are notorious for malicious advertising codes and other threats.
Be careful when connecting to public Wi-Fi networks
Emergency situations may compel you to use password-free Wi-Fi networks in hotels, airports, cafes, and other public places. Connecting to an open network can expose your confidential information and sensitive company data to hackers connected to the same network.
You can avoid this by providing a practical internet data plan, preferably one that includes roaming services, for remote workers. And if you really have to connect to an open Wi-Fi, don’t use the connection for transferring sensitive data.
Enable phone tracking tools
It’s sad but inevitable — losing a company-issued mobile device happens. Devices can be misplaced or stolen, and enabling Find My iPhone for iOS devices, GPS Phone Tracker for Android, or any device-tracking app helps users locate lost phones. Some also have the option to delete data in stolen devices. Downloading and setting up such an app only takes a few minutes, and it will give you peace of mind knowing that even if your phone is lost or stolen, its contents will not be compromised.
Screen SMS carefully
SMS phishing can be used to trick you into clicking malicious links. Hackers send messages purporting to be from someone you know, asking you to urgently send confidential data. Should you encounter such an SMS, you can either delete it or alert your IT department. You can also block unknown senders without even opening their message.
Mobile devices are becoming more critical to operations. And with more devices open to attack, businesses must bolster their cybersecurity efforts. Hackers will exploit every possible vulnerability, and that includes those in unsecured smartphones and tablets. Get in touch with us if you need comprehensive security solutions for your business.
Published on: October 28, 2019 in
If most of your company’s computers are obsolete, they double or even triple your chances of experiencing a data breach. This emphasizes how dangerous it is to have outdated applications, operating systems, and even web browsers. Failing to update your firmware could expose your business to major security threats.
What is firmware?
Firmware is a basic type of software that is embedded into every piece of hardware. It cannot be uninstalled or removed, and is only compatible with the make and model of the hardware it is installed on. Think of it like a translator between your stuff and unchanging hardware and your fluid and evolving software.
For example, Windows can be installed on almost any computer, and it helps users surf the internet and watch YouTube videos. But how does Windows know how to communicate and connect with your hardware router to do all that? Firmware on your router allows you to update and modify settings so other, higher-level pieces of software can interact with it.
Why is firmware security important?
Firmware installed on a router is a great example of why addressing this issue is so critical. When you buy a router and plug it in, it should be able to connect devices to your wireless network with almost zero input from you. However, leaving default settings such as the username and password for web browser access will leave you woefully exposed.
And the username and password example is just one of hundreds. More experienced hackers can exploit holes that even experienced users have no way of fixing. The only way to secure these hardware security gaps is with firmware updates from the device’s manufacturer.
How do I protect myself?
Firmware exploits are not rare occurrences. Not too long ago, a cybersecurity professional discovered that sending a 33-character text message to a router generated an SMS response that included the administrator username and password.
Unfortunately, every manufacturer has different procedures for checking and updating firmware. The best place to start is Googling “[manufacturer name] router firmware update.” For instance, if you have a DLink of Netgear router, typing “192.168.0.1” into a web browser will allow you to access its firmware and update process, assuming you have the username and password.
Remember that routers are just one example of how firmware affects your cybersecurity posture. Hard drives, motherboards, and even mice and keyboards need to be checked. Routinely checking all your devices for firmware updates should be combined with the same process you use to check for software updates.
It can be a tedious process, and we highly recommend hiring an IT provider to take care of it for you. If you’re curious about what else we can do to help, give us a call today!
Published on: October 14, 2019 in
The volume of malicious cyber attacks is increasing every year. Although many companies use the latest network security systems, they aren’t immune to the hackers’ favorite strategy — social engineering. Unlike malware, social engineering tricks people into volunteering sensitive data. Here’s what you should know to protect your business.
This is the most frequently used social engineering attack, especially against small businesses. Check out these frightening statistics:
How is phishing carried out? Criminals make use of emails, phone calls, or text messages to steal money. Victims are directed to phony websites or hotlines and are tricked into giving away sensitive information like names, addresses, login information, social security, and credit card numbers.
To protect yourself, be wary of emails from people you don’t know that offer you a prize, come with attachments you didn’t request, direct you to suspicious sites, or urge you to act quickly. Phishing emails usually appear to come from reliable sources, but they are wolves in sheep’s clothing.
One of the most infamous and widespread examples of phishing was during the 2016 Summer Olympics in Rio, where victims received fraudulent emails for fake ticketing services that stole their personal and financial information.
What’s the fastest and easiest way for criminals to enter a secure office? Through the front door, of course! Tailgating happens when an employee holds the door open for strangers and unauthorized visitors, allowing them to infiltrate an organization. This simple act of kindness enables fraudsters to enter restricted areas, access computers when no one is looking, or leave behind devices for snooping.
Quid pro quo
Here, scam artists offer a free service or a prize in exchange for information. They may lure their victims with a gift, concert tickets, a T-shirt, or early access to a popular game in exchange for login credentials, account details, passwords, and other important information. Or hackers may volunteer to fix their victims’ IT problems to get what they want. In most cases, the gift is a cheap trinket or the tickets are fake, but damages from stolen information are all too real.
Fraudsters pretend to be someone else to steal information. They may pose as a telemarketer, tech support representative, co-worker, or police officer to fish out credit card information, bank account details, usernames, and passwords. The con artist may even convince the unsuspecting victim to apply for a loan over the phone to get more details from the victim. By gaining the person’s trust, the scammer can fool anyone into divulging company secrets.
In spite of the many security measures available today, fraudsters and their social engineering schemes continue to haunt and harm many businesses. Thus, it’s best to prepare for the worst. To protect sensitive information, educate yourself and be careful. Remember: If anything is too good to be true, it probably is!
To shield your business from social engineering attacks, don’t take chances! Get in touch with us today.
Published on: September 30, 2019 in
It’s difficult to get any work done with your laptop notifying you that it’s running out of juice. And if you are not close to a power outlet, your laptop will soon be nothing more than a cold slab of metal and plastic. Here are some helpful tips to prolong your laptop battery’s life.
Some truths about your laptop battery
Batteries in many modern devices are lithium-based — either lithium-ion or lithium-polymer — and users must take note of the following guidelines for proper battery maintenance:
- Leaving your battery completely drained will damage it.
- Batteries have limited lifespans. So no matter what you do, yours will age from the very first time you charge it. This is because as time passes, the ions will no longer be able to flow efficiently from the anode to the cathode, thereby reducing the battery’s capacity.
What else can degrade your battery
Besides being naturally prone to deterioration, your battery can degrade due to higher-than-normal voltages, which happens when you keep your battery fully charged at all times. Even though a modern laptop battery cannot be overcharged, doing so will stress and harm your battery.
Both extremely high temperatures (above 70°F) and low temperatures (32–41°F) can also reduce battery capacity and damage its components. The same goes for storing a battery for long periods of time, which can lead to the state of extreme discharge. Another factor is physical damage. Remember that batteries are made up of sensitive materials, and sustaining a shock from a fall or similar can damage them.
How to prolong your battery life
Now that you know some facts about your laptop battery, it’s time to learn how to delay its demise:
- Never leave your battery completely drained.
- Don’t expose your battery to extremely high or low temperatures.
- If possible, charge your battery at a lower voltage.
- If you need to use your laptop for a long period of time while plugged into a power source, it’s better to remove the battery. This is because a plugged-in laptop generates more heat that will damage your battery.
- When you need to store your battery for a few weeks, you should recharge your battery to 40% and remove it from your laptop for storage.
These are just a few tips on extending the life of your hardware. There are many more ways you can maximize your hardware efficiency and extend its longevity. Call our experts today to find out more!
Published on: September 16, 2019 in
Cybersecurity is everyone’s responsibility. But you don’t need to be an IT expert to know how to protect yourself from a cyberattack. To help you get started, here are helpful terms you need to know so you’re not left in the dark, whether you’re teaching yourself how to update your anti-malware, updating your systems, or consulting your tech support.
For a long time, the phrase “computer virus” was misappropriated as a term to define every type of attack that intended to harm or hurt your computers and networks. A virus is actually a specific type of attack, or malware. Whereas a virus is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as malware.
Don’t let all the other words ending in “ware” confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid for its return.
Intrusion protection system(IPS)
There are several ways to safeguard your network from malware, but IPSs are quickly becoming one of the non-negotiables. IPSs sit inside of your company’s firewall and look for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.
Not all types of malware rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of what is called “social engineering” to be successful. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or guarded information. Complicated software is totally unnecessary if you can just convince potential victims that you’re a security professional who needs their password to secure their account.
Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of creating an application or website that impersonates a trustworthy and often well-known business in an attempt to elicit confidential information. Just because you received an email that says it’s from the IRS doesn’t mean it should be taken at face value — always verify the source of any service requesting your sensitive data.
Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well-known malware variants.
Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to amend the gap in security. However, if cyberattackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.
When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.
When antivirus software, patches, and intrusion detection fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.
We aren’t just creating a glossary of cybersecurity terms; every day, we’re writing a new chapter to the history of this ever-evolving industry. And no matter what you might think, we are available to impart that knowledge on anyone who comes knocking. Get in touch with us today and find out just how we can help you with your IT woes.
Published on: September 2, 2019 in
You’ve received a message from one of your Facebook friends. You click on the link not knowing what you’ve gotten yourself into. This describes one of the latest social media adware schemes, which has wreaked havoc on Facebook users worldwide.
What is it?
Little is known about the adware itself or those behind it, but it was uncovered by David Jacoby, senior security researcher at Kaspersky Lab, when he received a Facebook message from one of his friends, only to find out that wasn’t the case.
Basically, the adware uses Facebook Messenger to track your browser activity and pushes you to click on malicious ads or give out personal information.
How does it work?
By clickjacking and hijacking credentials of Facebook users, the adware is able to send messages to people in the victim’s contact list. If you’re one of those people, you’ll receive a phony message from your friend’s compromised Facebook account.
The message includes your friend’s name followed by the word “Video,” a shocked face emoji, and a shortened URL. Once clicked, the URL will redirect you to a Google Doc with a blurred photo taken from your friend’s Facebook page, disguised as a video. If you click on the “video”, you’ll be redirected to one of a number of targeted websites based on your browser, operating system, and location.
For instance, if you use Google Chrome, you’ll be sent to a website that looks exactly like YouTube, complete with the official logo. The hoax website will show you a fake error message to trick you into downloading a malicious Chrome extension.
If you’re on Firefox, you’ll be sent to a site with a false Flash Player update notice and a Windows adware executable; the same goes with OS X except the adware is hidden in a .dmg file.
The goal here is to move your browser through a set of websites so tracking cookies can monitor your activity and display malicious ads or you can be “social engineered” to give up confidential information.
How do you avoid falling victim?
Facebook has rolled out a number of automated systems to stop harmful links and files. What’s more, they will provide you with a free antivirus scan if they suspect that your account has been compromised by adware.
Still, you should be very skeptical about any shortened URL links sent to you by your Facebook friends, no matter how long you’ve been friends.
Due to their low key nature as potential security endpoints, cyber criminals are turning to social media platforms as their new medium of choice. To keep your business safe, you need to stay up-to-date and educate your employees. If you have any other questions about social media and how it can impact your business, just give us a call.