Part of keeping networks healthy and secure is having a good security software application on all the computers and servers. While there are many different solutions available on the market, we have always preferred the Symantec solution from a feature and manageability standpoint. This month Symantec announced a new version of their popular Endpoint Protection (SEP) software, called Symantec Endpoint Protection Small Business Edition 2013.

To date most of our managed clients have been running SEP v11 which in turn was communicating back to our dedicated Symantec server for management. This gave us a great centrally managed environment and also meant that our clients didn’t have to install and maintain any management software on their local server, reducing their resource load.

Recently we have been switching our clients to the new Symantec.cloud service which means all devices now communicate to a Symantec data center for updates and reporting rather than the PCM server. This new solution also offers a monthly license model that ties in nicely to our service structure and doesn’t require purchasing licenses in advance for annual agreements.

One of the main drivers for this change was that we have been extremely impressed with the new Symantec Endpoint Protection solution and also see a lot of advantages to using their new centralized cloud service. Since installing the new software on some test sites we have been seeing an increase in the malware caught and removed over the previous edition. Another advantage is that this new release also does a lot more processing in the background and doesn’t need the monthly full system scan on the desktop side. As a result we have decided to recommend that all clients move to this new cloud model as soon as their existing agreements expire.
This means we can now offer expanded protection for a similar cost as the previous software licenses. Interested in getting on board with the latest “best of breed” security software? Feel free to contact us for more information on how this new solution keeps networks clean and running more efficiently with less downtime.

Heard of BYOD, or "bring your own device", to work before? More and more companies are letting or even asking their employees to bring their phones or laptops to work. There are obvious benefits, but also dangers that may not be as obvious. Read on to find out what they are.

You may have noticed more and more of your employees or colleagues bringing their own computing devices to work—be it their mobile phone, tablet, or laptop. Or perhaps in your company or in other companies you may have seen, they have let people decide which device they prefer because they are used to it at home. You may not realize it, but this is all part of a large trend called the "consumerization" of IT, in which the influence of consumer technology is being increasingly felt in the workplace. With the wide availability of cheap but powerful mobile devices and online services, a growing number of people are being exposed to the latest technology at home first—adopting them at a rate faster than most businesses are able to manage. This flips on its head the old paradigm in which traditionally new technologies would be rolled out to businesses first, before they would find their way to consumers.

This trend, plus the increasing sophistication of young workers today and their frustration with the tools available to them at the office, is pushing some companies to adopt a "bring your own device" or BYOD policy at work. They are not alone. According to research by technology analyst group Gartner, end users, not the IT department, will soon be responsible for 50 percent of business IT procurement decisions—ultimately bringing and running their own systems on company networks. Meanwhile, according to management consultants Accenture, around one-third of today's younger generation of workers (a group called "millenials") not only wants to use the computer of their choice at work, but also wants control of the applications they use too.

The benefits companies cite to adopting a BYOD policy are many, among them:

• Savings on capital expenses and training costs in using company equipment—compensating employees instead via other means such as flexible work hours, subsidized purchases, insurance, and other benefits.
• Less management headache—effectively letting employees decide what to use releases the company from some overhead and management responsibilities.
• Improved employee satisfaction—by giving employees the freedom to use devices and applications that they prefer.

However, before you consider letting employees bring their own personal technology to the work place, be aware that there are also disadvantages, and sometimes very real dangers in doing so. These include:

• Non-standardization of hardware, operating systems, and applications. If your business operations require that some equipment is integrated with others, then BYOD can in the long run actually increase IT management costs and decrease efficiency.
• Exposing your network to malware or security vulnerabilities and breaches. When your employees bring their own devices to work, you lose important control over their security. Consumer devices often don't employ comparable bullet-proof security technologies mandated by businesses.
• Leakage of confidential or proprietary information. Employees will naturally do what they want with the data on their devices, even if it doesn't belong to them, or it's against company policies. Employees can also lose precious company data when they misplace or damage their personal devices.
• Lower economies of scale in procurement. Essentially because everyone is buying devices on their own, you miss out on the chance to consolidate purchases and lower purchase costs for everybody.

Have you adopted a BYOD policy at work? Thinking about it? Worried about this trend? If you need to understand BYOD better so you can define a policy for your staff, contact us and see how we can help.

While there are a lot of free tools, applications, and software available on the Internet, it can be a chore sorting out the good from the bad. To make things easier for you, here are a few handy tools you can use to boost productivity while saving on costs.

It is a constant challenge for small businesses to meet ever-changing and ever-evolving IT requirements while balancing a budget and keeping costs reasonable. And with software applications being one of the major factors that contribute to IT maintenance costs, it is always welcome news to come across free tools that work well and efficiently despite the lack of a price tag.

ThinkFree Online Office One of these applications is ThinkFree Online Office, which is a cloud application that enables you to create and edit documents in common formats. It also comes with free 1GB of storage and allows you to work from anywhere, since the documents are stored online. And with its own app for Android users, ThinkFree is particularly advantageous to people who need to work on the go.

ReqMan Another free cloud-based application that can prove useful is ReqMan, an online project management tool. You can use this to manage and track your different projects using various templates the service provides. And since it's in the cloud, mobile personnel and staff who are given access to your ReqMan account can work even when they're out of the office.

Gliffy Gliffy is a free tool that you can use to create all sorts of technical illustrations – diagrams, floor plans, flowcharts, and more. The basic plan is free, but you also have the option to subscribe to their more fully featured plans for a minimal fee.

ScheduleOnce For managing schedules, calendars, and the like, ScheduleOnce allows you to keep better track of all your appointments, meetings, and deadlines through a single tool. It integrates with your calendar on Google, and then allows other people to see your open times when they can schedule a meeting with you. Think of it as a one-stop-shop for your scheduling needs.

If you want to know more about these tools and how you can best utilize them, please feel free to contact us. We’ll be happy to guide you and help you make the most out of these types of applications to improve your efficiency and bottom line.

A hard drive shortage threatens to impact the worldwide computing industry due to the floods in Thailand. The majority of the world’s hard drive factories are located in Thailand and are struggling to recover pre-flood production levels.

In the same way the massive earthquake and tsunami damaged Japan's electronics industry, the flood crisis in Thailand is causing concern for companies that require hard drives for production.

The majority of the world's hard drives are produced in factories located in Thailand, where the flood crisis has put a damper on many industries, hard drive producers included.

According to reports, the shortage is already driving hard drive costs up and may just be the beginning of that trend. As companies like Hewlett Packard respond to the situation, the outlook remains unclear. PC sales could be affected well into 2012 and beyond. With flooding still an issue for some producers the shortage could expand.

As of now, there is still no concrete solution in sight for the problem with the supply of hard drives in the world, and while reconstruction efforts in Thailand are ongoing, getting the hard drive industry on its feet will take a while. As for the effects on the computing world as a whole, PC prices will likely rise as pre-flood inventories are sold out and replacement stock is delayed.

Some companies have decided to tap into the phenomenon of social networking to create similar networks within their own organizations. While this can do wonders with the way every member of the business communicates with each other, it’s important to have proper and specific rules that pertain to its use.

With the waves created by social networking in how companies do business nowadays, many have also utilized the same principle to develop internal social networks to enhance their in-house communications as well. However, the use of this new medium of communication also requires that companies develop new policies to cover its use.

One concern that may leave you apprehensive about creating an internal social network might be the fear that it could be abused by employees. However, reports have shown that introducing an in-house social network has produced generally positive results.

As long as company policies regarding the use of internal social networks are developed and implemented properly, employees will view such a network as an extension of the workplace, and will try to put their best foot forward. Such policies must specifically tackle the use of the internal social network, and many experts recommend revising existing company rules that govern the use of email, IT resources, and even external social networks. To be on the safe side, it's a good idea to consult with a lawyer to avoid any legal problems with the policy in the future.

Who's going to be in charge? Your managers, of course. Since the social network will be for company use, it follows that department heads should be given administrative duties and permissions which they will use for moderating communications and discussions in and pertaining do their respective sections.

While an internal social network can do wonders for your in-house communications, good policies and rules pertaining to its use will be what keep it working like a well-oiled machine.

If you are in the habit of using passwords like ‘password’, ‘qwerty’ or ’123456′, you may be helping hackers and online thieves steal your data. Security experts have compiled a list of the 25 most common passwords – passwords that you should avoid.

If you think using ‘password’ as your password is no big deal, then it’s time to rethink.

Security experts have recently compiled a list of the worst passwords users can choose, and ‘password’ is at the very top of the list. Weak passwords make your information more vulnerable simply because hackers can guess them. It may be easier to pick a password that you don’t have to think about, but it’s a choice that you may come to regret.

To help you avoid common password choice mistakes that users make, management application provider SplashData has compiled a list of the 25 worst passwords to use:

1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football

Make a smart password choice
Experts advise using a combination of letters and numbers when creating your passwords, and to avoid things that anyone might be able to guess, such as birthdays and anniversary dates. Passwords with eight characters or more are safer and it’s best to use different passwords for different accounts and websites. Use a password manager to help you keep track of all of your passwords if you’re finding it difficult to remember them all..

No matter how sophisticated your security system is, a weak password gives hackers and online thieves an advantage. Helping all the users in your organization understand the importance of password strength will help you secure the IT systems in your organization.

If you’re interested in learning more, please contact us so we can develop a comprehensive and custom security blueprint that meets your specific needs.

Reference: Worst Internet Passwords

 

A joint operation between the United States Federal Bureau of Investigation (FBI), authorities in Estonia, and IT security firm Trend Micro recently put down a massive bot network that victimized an estimated 4-5 million users around the globe.

Four million is a big number – which makes four million bots, in security terms, a staggering and frightening number as well.

It is a good thing, then, that four million is also the number of bots taken down in a recent bust by the United States Federal Bureau of Investigation, the Estonian Police, and security firm Trend Micro. Data centers in New York City, Chicago, and Estonia were raided by authorities, shutting down hundreds of servers used to create a network of bots that spanned some 100 countries.

The said bust, dubbed “Operation Ghost Click”, is one of – if not THE – largest cybercriminal bust in history, putting to sleep a sophisticated scamming operation that victimized 4 to 5 million users and was said to have generated at least $14 million in illegal revenue.

The scam mainly involved hijacking Domain Name Server (DNS) settings in infected computers, which can be used not only to introduce more malware into an IT system, but also to hijack search results and replace advertisements loaded on websites visited through an infected computer.

While this bust does bode well for all IT users everywhere in the world, it also illustrates the scope of influence and level of organization behind security threats. Since this is probably not the only scam / fraud / botnet operation in the world, it is always best to have a comprehensive security policy for your IT infrastructure to minimize the risk of compromising your company’s data and information.

For more details on the bust, check out Trend Micro’s blog post here.

With mobile devices becoming more accessible, many are finding it more comfortable and more productive to use these devices not only for personal purposes, but also for work. This may seem to be a good thing initially, but it also means that you have less control over the way these devices access your IT system. The best thing to do is to have a good IT security policy in place to make sure that important company data is not compromised.

As technology continues to become more affordable and accessible to consumers, it's an inevitable fact that employers will see more and more of their employees using their own personal devices such as laptops and mobile phones to access the company's IT system.

This can be a dangerous thing. Since these devices aren't company owned and regulated, you have limited access and control over how they are used. Employees could download all sorts of malware and viruses on their devices and pass the infection along to your IT system when they access it.

The solution: a comprehensive IT security policy. It's important that you find a compromise between the freedom of the employee to use the device as desired and your need to keep your IT system safe from viruses and other threats to your data's security. Steps such as having employees run mobile device management (MDM) software on their devices is one of many actions you can take to lessen the risk of security breaches. You may also want to implement applications and software that check and screen for malware, both for laptops and mobile devices. And don't forget that while Android seems to have a bigger problem with malicious software, Apple isn't exactly virus-free, either.

Employees have a right to use their personal devices as they see fit, but not at the expense of important company information stored in your IT system. Running a tight ship in terms of security is an effective way to protect your business interests and your sensitive company data. If you are interested in knowing more about developing a concrete and effective IT security policy for personal device use as well as general system access, please don't hesitate to give us a call so we can sit down with you and discuss a custom security blueprint that's just right for you.

Despite the real threat of hacking and online thievery, a lot of small businesses do not consider themselves affected by it, says a report by StaySafeOnline.org. While dependent on their computer systems for data storage, few realize that all it takes is one breach to destroy a cultivated relationship with clients and the company's own financial status.

StaySafeOnline.org, a website of the National Cyber Security Alliance, has recently released a study that chronicles the cyber security practices and attitudes of small businesses. Conducted in partnership with Visa, the study shows some interesting, if not disturbing, results.

It turns out that many small businesses (about 65% of the respondents) are highly dependent on their computer / IT / data systems, where they store important information, from sensitive company financial records to personal client information such as credit card info, addresses and phone numbers, and more. However, as many as 85% believe that they will not be targeted by hackers and online thieves, and less than half have data security systems in which they are confident. In general, small businesses have, at best, a mediocre security system.

Few realize, though, that it only takes one breach to compromise a company's finances and relationships with clients. And if you have less than stellar security, stealing from you is easier. You might not have as many online assets as big businesses, but hackers can make a hefty profit by victimizing several easy marks as opposed to bigger and riskier efforts with more secure systems of larger firms.

Don't take a risk with important data, and don't compromise the relationships and reputation you've built with your clients over the years. Good security is always worth it. If you're interested in knowing more about beefing up your security through company policies, software, and user education, please don't hesitate to contact us. We'd be happy to sit down with you and discuss a security blueprint that's cost effective and custom built to meet your specific needs.

Reference: National Small Business Study

While Facebook may be an invaluable tool for businesses to expand their company reach and marketing strategies, it is also important to note that with Facebook's popularity comes the larger risk of encountering scams designed to collect personal information and/or phish for important data. Having the right security know-how and software is essential for those who wish to prevent themselves from becoming the next victim.

As more and more people continue to use Facebook – both for personal and business purposes – it seems to follow that all sorts of unscrupulous individuals and groups will find ways to exploit this popularity for their own illicit benefit.

In the same way people are phished through email, hackers and scammers use similar techniques to fool Facebook users into falling for their tricks. The combination of curiosity and trust is what hackers rely on to make users fill in contact details for non-existent promotions, visit suspicious websites, or download fake software, all through Facebook. While Facebook has instituted some additional security measures to counter this threat, the consensus is that it is a generally lukewarm, or even cursory response to the issue.

What makes it worse is that you aren't usually the first victim – those links and whatnot appear on your News Feed courtesy of a contact who has fallen into the same trap. So always be wary of events or promos your contacts invite you to join.

The most important thing is to have both the right knowledge and software to prevent getting scammed not only on Facebook, but anywhere else on the Web. Facebook is just a new medium for scammers and hackers to steal information and data – and they'll do the same thing once the next big thing on the Web comes along.

If you want to know more about Facebook scams and how you can better protect yourself – both through training and the right software solutions – please feel free to give us a call so we can help you set up a more secure system for your business that's custom-built to meet your specific needs.