Bloatware: From Annoying To Dangerous


Bloatware, junkware, trialware, third-party apps — whatever you call it. There’s now yet another reason to get rid of these annoying pre-installed programs and plugins indefinitely: security threats. Learn more about the other risk that might do more than slow down your computer.

Tavis Ormandy, a researcher from Google’s Project Zero, recently discovered that a compromised password management app, Keeper, had been installed with some versions of Windows 10. For a brief period, Keeper’s browser extension, when enabled, allowed websites to easily steal login credentials.

Users became exposed only if they have activated the plugin during Keeper’s setup process, or manually activated it in their browser. In response to Ormandy’s report, the Keeper team released a new version that fixes the security vulnerability, therefore addressing the issue once the software is up to date.

Although the issue was patched in a week, thousands of these third-party applications are added to laptops every day. This incident again highlights just how cautious individuals and businesses need to be in finding security vulnerabilities when purchasing computer hardware.

Why unwanted bloatware needs to go

Computer manufacturers make money installing third-party software along with Windows to laptops and PCs. Vendors pay to have their bloatware — such as trial versions of antivirus programs, video games, and browser toolbars — installed on new computers in hopes that people will purchase the full programs. In reality, bloatware slows down your computer, takes up disk space, and sometimes puts you at risk.
Thankfully, Microsoft has included an easy way to get rid of bloatware in Windows 10.

  1. Click the start menu, then the gear icon in the bottom right
  2. In the settings window, select Update & Security
  3. On the left-hand side, click Recovery
  4. Select ‘Learn how to start fresh with a clean installation of Windows’ and follow the instructions.

Bloatware not only clutters your PCs and laptops, but it can leave your business vulnerable to compromise as well. Don’t make this security mistake; learn more about protecting your computers from bloatware, and save yourself from tons of headaches down the line. Call Lanlogic’s team of IT experts today!

Posted in Uncategorized | Leave a comment

New VoIP feature released by Skype


It is no secret that the internet is unsafe, with attacks occuring every second. Having a secure network that ensures privacy when communicating with others through the internet can be even harder. As a solution, Skype recently launched a new feature that guarantees total privacy when conversing.

Benefits of using Private Conversations

Named ‘Private Conversations’ by Microsoft, this new feature allows all audio calls, text messages, and multimedia messages to be encrypted. This means that when the feature is enabled, only the sender and receiver will be able to view or hear the transmissions. Even if they were to be intercepted, their contents would be totally garbled.

Although Skype has already been providing basic encryption to its service, elevating this feature to something called “end-to-end encryption” prevents unintended parties — such as cybercriminals or even the government — from tapping into private conversations, ensuring peace of mind to more than 300 million users.

Beta stage of testing

Currently still in its testing stage, end-to-end encryption is available only in the beta version of Skype Insider. To activate it, select “new private conversation” from another user’s profile or Skype’s “compose” menu.

Currently, Private Conversations do not support video chat. And although conversation contents are encrypted, conversation details — such as the call duration and when it occurred — can still be accessed by Skype.

Other end-to-end encrypted VoIP services

From free consumer communication apps like WhatsApp to business solutions like RingCentral, and many other VoIP services, end-to-end encryption is becoming more prevalent every day.

Skype for Business sells it as a simple, DIY telecom solution. But with cyber attacks getting more sophisticated every day and the increasing number of data security regulations, a lot can go wrong. If you’re interested in switching to a VoIP service, or want us to assess the security of your current solution, give Lanlogic a call.

Posted in Uncategorized | Leave a comment

Which Windows 10 package is right for you?


With fast performance, regular updates, and a helpful digital assistant, Windows 10 is a must-have operating system (OS) for both individual consumers and entire businesses. But before you purchase it, you’ll have to decide between Windows 10 Home, Pro, and 10 S. So which one is right for you?

Windows 10 Home
This version, as you may have guessed, is designed for home and personal use. It comes bundled with key Windows 10 features, including Microsoft Edge, Office 2016, smart pen support, and the Cortana voice assistant. Since Microsoft is pushing their cloud services, Home also provides 5GB of cloud storage in OneDrive for individual users.

In terms of security, Home has fairly basic protections. It has Windows Defender Antivirus software, Windows Hello biometric logins that use face or fingerprint authentication, and rudimentary device encryption to minimize data breaches. Those with multiple Windows devices will also love the mobile device management app, which allows them to track and control app usage for connected smartphones and tablets.

To explore new apps, Home users can sign up for the Windows Insider program, but since this version is light on features, there is usually a limited selection of early release apps to play with.

Windows 10 Pro
If you plan to use your computer for work, the Pro version is the right OS for you. One of its most notable features is Hyper-V, which allows you to create virtual machines (VMs) on Windows 10. These VMs can be used to deliver computing resources from a powerful computer to other machines connected to the network, making resource provisioning a breeze.

Considering that businesses are usually targeted by cybercriminals, Pro offers more robust security than Home. In addition to Windows Defender, this version comes with whole disk encryption, Enterprise Data Protection, and Azure Active Directory — an identity management service used to set up and enforce access policies for apps and devices.

Rolling out updates for all computers is also incredibly easy with Pro’s Windows Update for Business service. From a central console, you can manage how and when Windows 10 devices are updated while making sure that the bandwidth used doesn’t disrupt day-to-day operations.

Windows 10 S
Released in 2017, Windows 10 S is focused on simplicity, security, and speed. Feature-wise, it’s about the same as Home, offering Office productivity apps and Cortana. But it comes with Pro functions such as virtual machines and increased security, too.

While it doesn’t possess as many features as Pro, Microsoft reported that 10 S-powered computers boot 15 seconds faster than Pro machines. Its relatively low hardware requirements also make it perfect for startups and schools that tend to purchase low-cost PCs. And if you want more features, 10 S allows you to upgrade to Pro at an affordable price.

The big difference between 10 S and the other Windows 10 versions is that it can only run applications available on the Windows Store. Although this restriction means you don’t get to enjoy third-party apps, it actually protects users from downloading dangerous apps and helps Microsoft easily root out malware.

So far, only a few devices — including the Surface Laptop, Lenovo V330, and HP Stream 14 Pro — are capable of running 10 S, but it’s only a matter of time before other devices are compatible.

Still not sure about which Windows 10 version you should purchase? Contact our experts today to get more advice. Lanlogic will even install and maintain Windows for you so you can focus on being productive!

Posted in Uncategorized | Leave a comment

Top 3 ways to prevent Spectre and Meltdown


Data security is critical to the healthcare industry. Hospitals and clinics need to ensure medical records are protected at all times to stay HIPAA-compliant. But with Spectre and Meltdown affecting every server, all healthcare providers are at risk of data breach.

Why is Spectre and Meltdown a big problem for healthcare providers?

Spectre and Meltdown are security flaws in computer chips that give hackers access to all data saved in the server, circumventing even encryption and multi-layered security systems.

This is a problem for healthcare organizations because patient data and other medical information must be protected in accordance with HIPAA regulations. If hackers did use Spectre and Meltdown to hack servers, millions of private data — including patient names, social security numbers, bank account numbers, and medical histories — can be leaked over the Internet.

To ensure you servers stay HIPAA-compliant, there are three things you should do:

#1. Apply patches

One effective way to defend against Spectre and Meltdown flaws is by installing patches. Check your server manufacturer’s website for the latest updates and install them right away. Although some are saying that these patches are causing systems to perform slower, it’s still worth it if you want to avoid the hefty costs of noncompliance.

#2. Implement dedicated servers

A more cost-efficient method to prevent Spectre and Meltdown exploitation is by using dedicated servers. By having complete ownership of the server, you can control the security measures, software, and management of the server. You can also lower the risk of security breaches because no other organization will share your server and gain access to it accidentally, like what tends to happen with most public cloud services.

#3. Hire professionals

Due to the complexity of Spectre and Meltdown, healthcare providers are recommended to hire managed services providers (MSPs). Without adequate experience, you or your employees could accidentally disable security software and/or misconfigure servers.

For organizations with limited capital budget, MSPs can provide you Spectre and Meltdown solutions customized to your needs and budget. Experts will monitor and maintain your systems round-the-clock to address suspicious activities or security issues and ensure your servers receive the proper updates.

Eliminating Spectre and Meltdown flaws is critical for healthcare organizations.  Lanlogic’s 24/7 experts can help you design appropriate data security solutions based on your business needs and available budget. If you’re interested in having secure data storage, give us a call today!

Posted in Uncategorized | Leave a comment

Advice from a failed disaster recovery audit


We can write about disaster recovery planning (DRP) until our fingers bleed, but if we never discuss real-world scenarios it’s all just fumbling in the dark. Examining these successes and failures is the best way to improve your business continuity solutions, and the recent audit of a state government office is rich with valuable takeaways.

Hosting certain types of data, or managing a government network, legally binds you to maintain DRPs. After an audit of the Michigan Department of Technology and Budget, several failures lead to a trove of helpful tips for small- and medium-sized businesses attempting to create a bulletproof disaster recovery plan.

Update and test your plan frequently

One of the first and most obvious failures of the department’s DRP was that it didn’t include plans to restore an essential piece of their infrastructure. The plan didn’t include steps to restore the department’s intranet, which would leave employees unable to complete even the most basic of tasks.

The reason for the oversight? The last time the plan was updated was in 2011 — leaving out more than six years of IT advancements. If annual revisions sounds like too much work, just consider all of the IT upgrades and improvements you’ve made in this year alone. If they’re not accounted for in your plan, you’re destined to fail.

Keep your DRP in an easy-to-find location

It may seem a bit ironic that the best way to store your top-of-the-line business continuity solution is in a binder, but the Michigan Department of Technology and Budget learned the hard way that the alternatives don’t work. Auditors found the DRP stored on the same network it was meant to restore. Which means if something had happened to the network, the plan would be totally inaccessible.

Your company would do well to store electronic copies on more than one network in addition to physical copies around the office and off-site.

Always prepare for a doomsday scenario

The government office made suitable plans for restoring the local area network, but beyond that, there was no way for employees to get back to work within the 24-hour recovery time objective.

Your organization needs to be prepared for the possibility that there may not be a local area network to go back to. Cloud backups and software are the best way to keep everything up and running when your office is flooded or crushed beneath a pile of rubble.

DRPs are more than just an annoying legal requirement, they’re the insurance plan that will keep you in business when disaster strikes. Our professionals know the importance of combining both academic and real-world resources to make your plan airtight when either auditors or catastrophes strike. Lanlogic has been making measurable differences for customers since 1995. Contact us today about bringing that expertise to your business.

Posted in Uncategorized | Leave a comment

Is VoIP part of your disaster recovery plan?


Disasters can strike at any time, and can put you out of business if you’re unprepared. One way they can do the most damage is by disrupting your Voice over IP (VoIP) systems. If they’re offline, you lose customers, productivity, and money by the minute. To avoid this, follow these simple disaster recovery procedures.

Invest in VoIP monitoring services
Before implementing any disaster recovery solutions, it’s a good idea to install third-party VoIP monitoring services to check on the status of your phone systems. This identifies whether there are any network issues disrupting your phone systems, so you can resolve them quickly.

Choose your VoIP provider wisely
When evaluating VoIP systems, you must verify your provider’s service-level agreements. Ask them about their security and availability guarantees, and how they’re able to achieve them.

Whomever you partner with, be sure they’re hosting your VoIP systems in facilities that are safe from local disasters and use advanced network security services to protect your calls.

Have a backup broadband line
Because VoIP solutions are dependent on the internet, you should have a backup or alternate internet service in case one network goes down.

Ideally, one internet service provider (ISP) will be dedicated to your VoIP service, while another supports your main computer network. Once you’ve installed both networks, you can then program them to automatically transfer services to each other should one network fail.

In other words, if your main phone network goes down, you can simply switch your VoIP solution to the other network so you can keep working.

Of course, subscribing to two separate ISPs will increase your internet expenses, but the cost to maintain both is far less than the cost of significant downtime.

Route calls to mobile devices
The beauty of hosted VoIP is you can choose where to receive your calls with call forwarding — a feature that automatically reroutes incoming calls to other company-registered devices. This means if your main office ever went down due to a local disaster or network outage, your employees can keep working from their mobile devices as if nothing happened.

To benefit from this feature, make sure to register all employee mobile devices to your VoIP system and configure which devices calls will be routed to.

Also, don’t forget to set policies for remote working. For example, you should have rules that forbid staff from connecting to public WiFi networks, as this can put them at risk of VoIP eavesdropping.

Test your plan
There’s little value in a VoIP continuity plan if it isn’t tested on a regular basis. Test your VoIP service and check whether contact details are up to date, call forwarding features are routing calls to the right devices, and your backup internet service works. Ultimately, your goal is to find flaws in your VoIP recovery strategy and make necessary adjustments to avoid them from occurring in the future.

If managing VoIP is too time-consuming and complex, call our professionals at Lanlogic today. We design, implement, and test a powerful, disaster-proof VoIP phone system to ensure your communications are always online.

Posted in Uncategorized | Leave a comment

Azure virtual machines get a free upgrade


Virtualization is difficult to understand. The technology itself is complex, and the industry is dominated by vendors that the average business owner has never heard of. Almost everyone knows Microsoft though, and its virtualization platform just got a big speed boost that won’t cost users a thing — if they know how to take advantage of it.

Azure: Microsoft’s virtualization platform

As a full-service cloud solution, Azure is a secure and flexible data center that businesses of all sizes can benefit from. Azure services include cloud storage, web hosting, and even some customizable AI features. With the help of a trained professional, Microsoft’s platform can provide access to virtual machines, which are fully-furnished desktops users can log into and work from via the internet.

One of the reasons Azure is such a flexible cloud solution is because it can easily integrate with solutions businesses maintain on premises to become a hybrid platform.

Faster virtualization options

Microsoft has been testing a new feature — referred to as Accelerated Networking — for a year and a half, and it’s finally available for all users. Without getting too technical, this upgrade allows Azure to remove enormous computing workloads from its service delivery process.

Any business that uses Microsoft’s cloud service for virtualization solutions can now access up to 30 gigabits per second of network throughput, which means Azure-based virtual machines and applications will be even faster than before.

Do SMBs really need this much speed?

Although the Accelerated Networking feature is free, enabling it requires quite a bit of IT expertise, so don’t expect it to be set up overnight. In fact, for small businesses that pay for tech support per project or by the hour, this upgrade may not be worth it. However, if you’re on an unlimited support plan from a managed IT services provider, you might as well — it won’t cost you anything extra!

With our team as your 24/7 technology resource, you don’t need to understand the intricacies of virtualization. Whether it’s speed enhancements or security optimizations, our team will make sure your solution always gives you the best return on your investment. Call us today to learn more about our virtualization services.

Posted in Uncategorized | Leave a comment

3 simple and easy cyber-security tips!


Data security and privacy should be a top priority in this age of constant and downright dangerous cyber attacks. However, in your quest for ultimate security, don’t forget to implement these non-technical steps to shield your business’s IT resources.

Cover up your webcam

There must be some credibility to doing this if Facebook founder, Mark Zuckerberg, former FBI director, James Comey, and NSA whistleblower Edward Snowden all believe their webcams could be compromised. This is not just another paranoid celebrity reaction to ruthless paparazzi, there’s a genuine reason behind it. Kindly take a moment to consider the following scenario: hackers using your webcam to spy on you.

Though it might sound unrealistic, this actually happened on several occasions. Sometimes for purely voyeuristic reasons and sometimes what appeared to be espionage. This is a very real threat with disturbing repercussions. Hackers aim to gain personal information based on your surroundings, deduce your location, as well as spy on the people you’re with, ultimately using this information to hold you ransom, threatening to broadcast your most intimate and vulnerable moments if you don’t pay up.

Fortunately, guarding yourself against such danger is really easy and some painter’s tape over your webcam should do the trick. If you’re not confident about regular tape, you can purchase a cheap webcam cover online or at any hardware store.

Purchase a privacy shield

Think of privacy guards as those iPhone scratch protectors, but with an anti-snooping feature. These are thin covers you put on your computer, laptop or smartphone screen to limit viewing angles. Once installed, anyone trying to look at your screen from anywhere — except straight-on — sees nothing. Privacy filters are commonly used to protect work devices, particularly which display or contain critical files with sensitive data or confidential information. However, less sensitive, personal devices are still vulnerable to ‘shoulder surfing’ — the act of peeking at someone else’s screen, with or without ill intent, which is why we recommend using these protectors on all your devices.

Use a physical authentication key

Requiring more than one set of credentials to access sensitive resources is common sense, and has become standard practice for established online services. With something called two-factor authentication in place, you gain access to your account only after you’ve entered the authentication code, which the website sends to your smartphone once you’ve entered your account credentials. Until recently, two-factor authentication relied mostly on text messages that were sent to mobile phones. But professionals have now realised that phones can be hijacked to redirect text messages.

Moreover, authentication codes can be stolen, or users can be tricked into entering these codes via a convincing phishing website. If you’re looking for authentication services that cannot be hijacked, stolen or lost, your best bet is a USB or Bluetooth key you can carry on your keychain. This means nobody — not even you — will be able to access your account without the physical key. Ultimate security at your fingertips.

If you need help setting up two-factor authentication, or any IT security services, contact our experts and experience true peace of mind as we fortify your data to no end.

Posted in Uncategorized | Leave a comment

Enlist IT help when installing CPU updates


When it comes to security updates, time is usually of the essence. The longer you wait to install a fix from a vendor, the higher the risk of being compromised. But in the cases of the Meltdown and Spectre flaws, you might be better off waiting until a more reliable patch is released. Let’s review what’s going on and what the best course of action currently is.

Unsecured data storage

Spectre and Meltdown are the names given to two hardware flaws that allow hackers to see any piece of information stored on your computer. Although slightly different in execution, both take advantage of a hardware feature that computer chips use to access and store private information. For the last 20 years, security experts believed this information could not be stolen or spied on by malicious software, but that assumption was proven false on January 3, 2018.

Now that the Spectre and Meltdown vulnerabilities are public information, hackers can use them to create programs that steal passwords, social security numbers, credit card numbers, and anything else you type into your computer.

Because these problems are hardware-based, none of the updates will be able to secure the vulnerable storage; they’ll simply prevent your computer from storing anything in it. Currently, there are patches for:

  • Operating systems (Windows, macOS, and Linux)
  • Web browsers (Chrome, Firefox, Safari, Edge, and IE)
  • Chip firmware (low-level programs installed on the processor itself)

If you’re using an Apple computer, these updates are relatively easy to install. If you’re using a Windows or Linux-based computer, these patches may cause your machine to freeze, reboot unexpectedly, or significantly slow down.

Why should I wait to install the updates?

Intel, one of the chipmakers responsible for the Spectre and Meltdown flaws, has provided contradictory recommendations on more than one occasion. As recently as January 18, Intel recommended waiting for an updated patch, but in the same announcement also recommended “consumers to keep systems up-to-date.”

Experts believe detecting an attack that is based on one of these flaws will be relatively easy and represent an alternative to installing updates that could render your computer unusable.

What should I do?

IT support experts will be able to quickly and easily assess what is the best option for your computers. For example, our team can determine whether or not your hardware will conflict with the current patches, and either install them or set up a detection strategy that will help you mitigate the risks without ruining your computer.

If you need expert IT support for quick responses and ironclad security — give us a call today.

Posted in Uncategorized | Leave a comment

The risks of auto-complete passwords


If you’re disturbed by advertisements and “helpful” suggestions that are based on your internet browsing habits, recent research has found yet another source of online tracking. It’s a sneaky tactic that also comes with serious security concerns. Let’s take a look at what you can do to stop it from targeting you.

Why auto-fill passwords are so dangerous

In 2015, the average internet user had 90 online accounts, a number that has undoubtedly grown since then. This has forced users to create dozens of passwords, sometimes because they want to practice healthy security habits and other times because the platforms they’re using have different password requirements.

Web browsers and password manager applications addressed this account overload by allowing usernames and passwords to be automatically entered into a web form, eliminating the need for users to hunt down the right credentials before logging in.

The process of tricking a browser or password manager into giving up this saved information is incredibly simple. All it takes is an invisible form placed on a compromised webpage to collect users’ login information without them knowing.

Using auto-fill to track users

Stealing passwords with this strategy has been a tug-of-war between hackers and security professionals for over a decade. However, it has recently come to light that digital marketers are also using this tactic to track users.

Two groups, AdThink and OnAudience, have been placing these invisible login forms on websites as a way to track which sites users visit. These marketers made no attempts to steal passwords, but security professionals said it wouldn’t have been hard to accomplish. AdThink and OnAudience simply tracked people based on the usernames in hidden auto-fill forms and sold that information to advertisers.

One simple security tip for today

Turn off auto-fill in your web browser. It’s quick, easy, and will go to great lengths to improve your account security.

  • If you use Chrome – Open the Settings window, click Advanced, and select the appropriate settings under Manage Passwords
  • If you use Firefox – Open the Options window, click Privacy, and under the History heading select “Firefox will: Use custom settings for history.” In the new window, disable “Remember search and form history.”
  • If you use Safari – Open the Preferences window, select the Auto-fill tab, and turn off all the features related to usernames and passwords.

This is just one small thing you can do to keep your accounts and the information they contain safe. For managed, 24×7 cybersecurity assistance that goes far beyond protecting your privacy, call us today.

Posted in Uncategorized | Leave a comment