Two new viruses have been discovered to infiltrate systems through removable drives.

USB flash drives have become indispensable to almost everyone who uses a computer. It’s a quick and easy way to immediately transfer and share information and other data, especially files that are too large to send through email. Unfortunately, some malware take advantage of this convenience by attaching themselves to files on the drive to infect any other system it comes into contact with.

Two such malware have recently been discovered. Chymine is a Trojan application with keylogging capabilities, designed to copy passwords and other sensitive data, and Dulkis-A is a Visual Basic worm designed to copy and allow malware to infiltrate the system. Both exploit a vulnerability in Windows Shell.

Microsoft has yet to directly address the issue and provide a patch that fixes the problem. In the meantime, they have issued directions for a workaround that prevents both malware from manipulating the Windows Shell susceptibility. The workaround is effective for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server R2, but it comes with a cost – you lose all your icon graphics.

Success in removing the virus has been marginal at best, with current fixes including a warning that removing these malware might result in unwanted changes to your system because of the way the virus embeds itself.

The best way to avoid being infected, be careful not to run any suspicious programs and files, especially when taken from USB drives and any other removable storage, even from a Blackberry or an iPhone. It’s also best to avoid automatically enabling USB devices to autorun once they’re plugged into your computer.

If you have any concerns or want to make sure your systems are protected, give us a call and we’ll work with you to ensure the security of your systems and data.

In every business, keeping people productive is very important. Lost productivity means less profit, so to keep things going, even when there’s no power, you need a UPS.

Keeping productivity going is important. The more productive your people are, the more work gets done and the more profit you make.  Every hour, and even every minute, of lost productivity costs you profit. It might seem inconsequential individually, but in the long term lost time adds up and you can lose a considerable sum. This is why companies have stringent rules regarding internet usage, deadlines, and other mechanisms to ensure that people are doing what they’re being paid to do – no more, no less.

However, there are situations when things are simply out of your hands, and a perfect example is power interruptions. Power interruptions are usually unexpected and can cost workers hours of work. Just imagine your PC suddenly shutting off while you’re in the middle of an important project – either you fail to save part of it, or maybe you’re in the middle of a task you cannot save (like uploading or downloading a particularly large file or bunch of files). What can you do, except start all over again?

The solution is installing a UPS – or uninterruptible power supply – for every unit in your IT infrastructure. A UPS acts as a temporary source of power for the CPU, a back-up battery of sorts that your CPU automatically switches power to in case of a power interruption. This gives you time, at the very least, to save important files and wrap up tasks before shutting down properly. UPSs also guards against power surges, prolonging the life of your computers, making them less prone to suffering from electrical damage.

In the long term, it’s always better to be safe than sorry, and a UPS is a relatively inexpensive precaution against loss of data – especially considering its benefits.

Hacker attacks via “social engineering” can be a serious threat to the security of your organization.

Be aware that hackers have another tool in their toolset that employs a particularly subtle, insidious way of compromising the security of your systems and network. Called social engineering, it’s the use of psychological tricks to deceive targets into revealing potentially compromising information about the systems in their organization. In practice, it can be as simple as a hacker calling an employee and asking subtle questions to gain information, or posing as someone trusted, perhaps as building maintenance, walking in the doors of an organization to directly gain access to systems—or even searching through the trash and refuse left behind by employees. The popularity of social networking has also increased the danger with the ease and convenience of creating connections to potentially trusting members of your organization.

However, there are some actions you can take to protect your business:

• Create a policy outlining the proper handling and sharing of information online as well as offline.
• Put systems and procedures in place to protect your systems if sensitive information does get out—such as the regular replacement of passwords.
• Educate your employees about the threat. You cannot solve a problem if your people do not know that a problem exists in the first place. Awareness can be your best defense.

You probably don’t know it, but you might be losing money because of a faulty IT system. It’s high time you take a look at the numbers and see where you stand.

In this day and age, few businesses (if any) can survive without an IT arm. Every business, big or small, needs someone, or preferably a group of people, on hand to fix computer problems, check networks, monitor software – to generally make sure that their operations are running smoothly.

One question, though: have you ever stopped to consider whether the cost of maintaining your in-house IT system is worth it? For instance, consider your internet connection. Let’s say that a conservative estimate of the efficiency of your business without an internet connection is at 50%. And if your business makes a $1 million a year, then $500,000 depends on your internet connection. If your monthly bill for that connection is $500, or $6,000 annually, you earn $500,000 – $6,000 = $494,000. Now, if you decide to switch to a cheaper DSL connection, which is about $50 per month or $480 a year, you get a much higher figure: $499,520.

You could argue that the DSL is the wiser option, but when you look at a deeper level, a slower internet connection may also hamper your company’s productivity – let’s say, by 10%. So with only a DSL connection, your business operates at 90% of its total possible productivity. Considering the previous figures, a loss of 10% in productivity means a loss of $100,000. Subtract that savings from the DSL connection, $5,520 – you get a whopping loss of $94,480. So when you think you’re saving by getting a cheaper internet connection, you are actually losing more money. Inversely, if you subscribe to an even better connection that costs you $10,000, productivity can increase by $15,000.

The same principle applies when your IT infrastructure is not up to date, with slow computers, outdated software, and other problems. In a company with 10 employees who bring in an annual average of $65,000 each, even losing productivity for just 35 minutes a day due to IT handicaps can cost you $47,000. Hardly chump change! But hiring an IT provider who charges $20,000 a year can offset that lost productivity and even make your business run better, by as much as $27,000. It’s also noteworthy to mention that employing an IT firm can count as a legitimate business expense, thereby lowering your tax liability to about $8,000 if you peg corporate tax at 40%.

IT is important to a business. If you doubt that, just try doing without it for a week – just shut the whole thing down. For most, that’s out of the question, but operating with old software and hardware is almost just as bad. However, many businesses cannot spare the resources to continually upgrade their IT systems.

Enlisting the services of an IT firm changes all that. IT Service Providers are constantly on the lookout for better technologies – both hardware and software – that can make your business function much more efficiently and cost effectively. It’s what they do. And the costs are minimal. If you’re wondering how much better your company might operate with an IT Service Provider, we’ll be happy to sit down with you and run some numbers.

Before you entrust your sensitive data to a “cloud” service provider, make sure you weigh the risks with the benefits.

“Cloud computing,” largely synonymous with Internet-based computing, has become a hot topic of discussion among many in the business community, with its promise of radically simplifying the access to, and use of, computing resources on demand. It’s no wonder then that it’s been small businesses, often without full-time IT resources of their own, that have been the first to adopt the concept. As a business owner, however, before you start moving critical data to the “cloud,” you’ll do well to bear in mind the risks that come with the computing model.

First is security and privacy—ask how the service provider ensures the confidentiality and integrity of your data while in their care. Do they provide backups? Can you back up your data yourself? Are their security processes and procedures reviewed and vetted by a third party?

Next is availability. Do they guarantee the uptime of their services—7 days a week, 24 hours a day? Do they provide a service level guarantee? Do they have processes in place to handle exceptional circumstances that can disrupt services, such as a natural disaster? Is support readily available to help in case you encounter any issues?

Finally, there’s cost. While pay-as-you go can be attractive, the total cost over time can add up. It’s worth thinking two to three years out and considering the total cost versus alternatives.

Asking these basic questions can go a long way in giving you peace of mind before you entrust your valuable data and core business systems to the care of others. If you’d like some help sorting all this out and making the best decision for your unique needs, give us a call.

Cost effectiveness is always part of any company’s priorities, and taking steps to make your office become more environment-friendly can help you achieve that.

There’s been a lot of buzz about environmental issues such as climate change, and with the effects reaching everyone around the world, we all need to do our part to help. The good news is that going green in your office or business can also help you become more cost effective.

Here’s how:

• Shut down your system when it’s not being used. The principle behind this is pretty simple – you can save electricity and the bills you’ll have to pay with a simple system that can power down when it’s not being used.
• Downsize your infrastructure. You’ll save on bills and power consumption, as well as equipment. Determine the workstations that can be run on a skeletal system, with the heavy lifting done virtually or remotely. This is especially applicable to companies that have people frequently on the road or in the field. Also, if you let people work from home or remotely, there is little need to maintain a vast infrastructure at the home office.
• Go for a paperless office. Paper comes from the cutting down of thousands of trees, and buying it costs money. But these days with almost everything done electronically, paper use can be reduced to a minimum, if not eliminated completely.
• Turn your trash into gold. If you have old units you’re going to throw out but are still in working condition, consider donating them to charity and get a tax break. Or, try to recycle them. E-waste is becoming a big problem these days, so the less you throw away, the better.

If you’d like to know more about how to make your business more cost effective and environment friendly at the same time, we’d be happy to talk with you and draw up a plan that’s specifically suited to your needs.

Despite the clear trend towards greater adoption of mobile devices by businesses and consumers, a new study finds that many businesses are not taking full advantage of the opportunities created by this trend—especially in sales and marketing.

Global smartphone shipments continue to rise, driven by operator subsidies, lower barriers to adoption with the introduction of lower-cost models, and greater choices afforded by vigorous competition from companies such as Apple, RIM, Microsoft, and Google. Not far behind is the rising interest and adoption of other mobile devices, such as tablets with the success of Apple’s iPad.

Despite this trend, a new study by eROI, an online marketing agency, finds that many businesses are not taking full advantage of the opportunities it creates—especially in sales and marketing. The company surveyed 500 businesses, and the majority cited lack of resources and little understanding of what needs to be done as the major barriers to capitalizing on the trend. This, despite findings which show 91 percent of the population use mobile devices, with 23 percent using smartphones that make extensive use of online services.

Companies would benefit from looking at how these trends can be leveraged for building a strategy toward reaching new customers, engaging current customers, and creating rich experiences for both. Some examples from early pioneers in this area: building versions of their website that can be viewed comfortably on mobile devices, using services that make extensive use of social networks and location-based services such as Facebook and FourSquare that work well with mobile devices, and even building custom applications to provide a new channel for reaching and serving customers.

Companies can start small with pilot projects then work from there to see which work best for their businesses.

The continued exploit of many vulnerable applications that have been fixed by vendors for over a year highlight the need to keep software updated with the latest versions and patches.

A new report released by security firm M86 Security reveals a trend toward more sophisticated forms of malware in taking advantage of vulnerabilities in common software applications and developing techniques to avoid detection.

In M86’s report, among the applications commonly exploited are Microsoft’s Internet Explorer and Adobe Reader. Another vector for malware that hackers have been using recently is Java and Adobe’s Flash—which are installed on many PCs, often as plug-ins to most browsers.

Although the vulnerabilities in these applications have been identified and patched for over a year, failure to keep up with the latest updates have made many systems still vulnerable to attack. Our customers taking advantage of our Managed Security need not worry, since we make sure our customers’ systems are patched as soon as updates become available. Find out more about our Security Offerings today.

Mozilla implements new initiatives to ensure the security of its browser to fix the main security holes, and this brings Firefox’s latest version to 3.6.7

The Mozilla foundation, the organization behind the Firefox browser, announced recently that it has released a patch to fix many major security holes found in its software, as well as the pull out of malicious add-ons in its extensions gallery.

A new update brings Firefox’s latest version to 3.6.7, and includes fixes for nine critical issues that could potentially be exploited by hackers to launch attacks on vulnerable systems. This comes after recently pulling out a password stealing add-on called the “Mozilla Sniffer” in the Firefox extensions gallery. As a preventive measure, the Mozilla foundation has announced a US $3,000 security bounty program that for anyone who finds an eligible security bug. It has also announced that it will implement a source code review of add-ons to catch potential malware that could be injected into otherwise patched Firefox browsers.

As always, users are advised to be constantly on guard and to make sure they are using the latest updated versions of their software. Customers under our Managed Security program benefit by letting us do the worrying and updating for them, so they can focus on their business instead of their security. Not on our Managed Security program? Contact us today.

With mobile devices becoming a staple in business dealings these days, it’s high time companies enact policies for mobiles that will not only help them cut costs, but keep their information and data safe as well. Experts outline several tips to help you achieve this.

In this day and age, it’s a necessity to always be in touch, and many mobile phones are now equipped with features to help us do just that, such as internet connectivity, SMS, push email, and more.

With this increase in the use of smart phones such as Blackberries and iPhones for work, it follows that maintenance costs of mobiles can get to be pretty steep if not managed correctly. Bills for one mobile phone can reach more than $2,000 a year – just imagine the maintenance costs for several units.

In addition, the need for more rigid and concrete policies for mobile devices is also increasing. Experts recommend that since many of the functions of mobile devices mimic those of a desktop workstation, companies should apply the same policies they have for their IT systems to their mobile devices.

Such a policy not only reduces costs, but will also keep your entire system safe. Since sensitive information is now stored on mobiles, there’s the risk of infiltration and information theft – and for many companies with little or no protection for the mobile arm of their system, it’s only a matter of time before they find themselves in trouble.

Here are some tips from the experts:

• Use an integrated management system for both your office IT infrastructure and your company’s mobile devices. There are plenty of reputable providers for this kind of software, with big names such as Nokia and Microsoft offering programs that cater to multiple phone manufacturers.

• Minimize the frequency and access of personal mobile devices to your IT system at the office. More often than not, personal mobile devices do not have the same safeguards as that of office equipment, and allowing them to connect to your system poses a number of risks.

• Authorize your IT group to remotely access company mobile devices. In case a unit is lost or stolen, any or all information on it can be wiped clean.

For more details, read the complete story at:

http://technology.inc.com/telecom/articles/200810/mobiledevice.html?partner=newsletter_Technology

If you want to evaluate your IT policies and strategies to include your mobile devices, simply contact us and we’ll be glad to draw up a customized work plan that meets your specific needs and requirements.