Apple’s new year comes with new malware

2017January25_Apple_C

By EDITOR

We love Mac computers as much as anyone does, but even we have to admit the notion of superior cybersecurity can be a bit overblown. Malware still finds its way onto Apple devices, and the only remedy is preparedness. Take a minute to brush up on the first Apple malware of 2017 before it puts a damper on your new year.

Where did it come from?

Dubbed ‘Fruitfly’ by the powers that be at Apple, it looks as though this relatively harmless malware has been hiding inside of OS X for several years. Fruitfly contains code that indicates it was adapted to move from a previous build of OS X to ‘Yosemite,’ which makes it at least three years old.

In fact, there are some lines of code from a library that hasn’t been used since 1998. It’s possible these were included to help hide Fruitfly, but experts have no idea how long it has been holed up inside the infected machines, or who created it.

What does it do?

So far, most of the instances of Fruitfly have been at biomedical research institutions. The administrators who discovered the malware explained that it seems to be written to grab screenshots and gain access to a computer’s webcam.

Considering the specific nature of its victims, and what it can accomplish, Fruitfly seems to be a targeted attack that won’t affect the majority of Mac users. However, Apple has yet to release a patch, and dealing with malware is not something to be put off for another day.

How should I proceed?

We’re always harping on the importance of network monitoring, and now we finally have proof that we are right. Fruitfly was first discovered by an administrator that noticed abnormal outbound network traffic from an individual workstation. Until Apple releases a patch, a better-safe-than-sorry solution is to contact your IT provider about any possible irregularities in your network traffic.

If you don’t have a managed IT services provider, this is the time to start considering one. Despite misconceptions, Apple devices need just as much care and attention as Microsoft and Linux PCs. And it’s not just security; if you want to optimize workstation performance, create a disaster recovery plan, or upgrade your database. Message today to get started.

Posted in Uncategorized | Leave a comment

Hackers use browsers to get credit card info

2017January27_Security_C

By EDITOR

Does filling in web forms sap all your browsing energy? Do you find it especially taxing to shop or register online using a mobile device? Google’s Chrome alleviated this dilemma when it introduced the Autofill feature in 2011, which made filling in forms much faster and making credit card purchases online more convenient. Unfortunately, it didn’t take that long for cyberthieves to find a way to take advantage.

How do they do it?

By concealing other fields in a sign-up form, users are tricked into thinking they only have to fill out a few fields. The trickery at work is that upon auto-sign up, other fields, which could include your billing address, phone number, credit card number, cvv (the 3-digit code used to validate credit card transactions), and other sensitive information, are auto-filled with the user none the wiser.

This sinister trick is nothing new, but since there hasn’t been any countermeasure since it was first discovered, the threat it poses is worth emphasizing. Finnish whitehat hacker Viljami Kuosmanen recently brought to light how users of Chrome and Safari are particularly vulnerable, and he even came up with a demonstration of how this phishing technique is perpetrated. The technique is so sneaky, it’s enough to make one give up online shopping forever.

Using plugins and programs such as password managers is also fraught with the security risk, as having access to such a utility empowers cyberthieves to do more than just obtain your credit card info; it opens them up to a great amount of personal details.

Preventing an autofill-related theft

So what can you do to avoid falling prey?

Using Mozilla Firefox is one of the easiest available solutions. As of today, Mozilla hasn’t devised a mechanism that affords its users the same convenience that Chrome and Safari users enjoy with autofill. When filling web forms on Firefox, users still have to manually pre-fill each data field due to a lack of a multi-box autofill functionality – a blessing in disguise, given the potential for victimization in autofill-enabled browsers.

Another quick fix is disabling the autofill feature on your Chrome, Safari and Opera (for Apple mobile devices) browsers. This would mean that when filling out web forms, you’d have to manually type responses for every field again, but at least you’d be more secure.

It’s not exactly the most sophisticated form of online data and identity theft, but complacency can result in being victimized by cyber swindlers. Take the first step in ensuring your systems’ safety by getting in touch with our security experts today.

Posted in Uncategorized | Leave a comment

3 Reminders for HIPAA compliance in 2017

2017January30_HealthcareArticles_A

By EDITOR

Even if notable punishments and fines for HIPAA non-compliance have only been doled out over the last 6 years, data privacy regulations have been around for 14. And with each passing year, these rules evolve in ways that make it near impossible to keep up without an expert on hand. As we kick off 2017, we want to review just a few of the most important talking points about HIPAA compliance.

Compliance leaves the office with you

When you take your phone, laptop, or tablet with you — as you return home, or go to a meeting outside your office or a seminar out of state — your data needs to get the same treatment it does inside the office. If you access data from unsecured devices or connections, you could be looking at stiff penalties when audit time rolls around.

As an extension of this principle, business partners with any involvement in your data storage, transfer, or protection are also required to employ best practices. If you have a legal firm on retainer with access to your network, it’s your responsibility to ensure that firm also adheres to compliance rules. Business Associate Agreements are the best way to shield yourself from mistreatment of data by a business partner, and they should be reviewed at least every year.

Most “optional” measures…aren’t actually optional

Confusingly, HHS’s Summary of the HIPAA Security Rule page has a heading titled Required and Addressable Implementation Specifications. The synopsis can be interpreted as, “Although we listed some safeguards as addressable, we actually mean that they have to be implemented. But how you do so is up to you.”

2016 saw a massive uptick in the number of HHS audits and the fines the government entity doled out. Consequently, whenever safeguards or measures allow for wiggle room or subjective interpretation, we always recommend going above and beyond. Compared to fines that soar into the millions of dollars, hiring a managed IT service provider is more than worth it.

This is about more than being “careful”

Some providers are quick to point out that compliance is about stringent safeguards to prevent even the tiniest of breaches. How do you think those practices would respond if you told them one Ponemon survey found that 90% of healthcare practices experienced a data breach during a two-year period?

Managing cyber security is becoming a problem for organizations in every industry. Business owners need to acknowledge that the threats are real, and that solutions must be exhaustive. In fact, most states have enacted their own variation of patient privacy legislation. So if you’ve found a thorough walkthrough of compliance written by someone located in another state, that’s not going to cut it.

To confidently achieve HIPAA compliance, you need IT technicians with experience adapting to years of changes to this complicated legal framework. Call us today so we can help you secure and manage your electronic medical records and protected health information.

Posted in Uncategorized | Leave a comment

Tips for a cloud-based unified communications

2017February1_VoIP_C

By EDITOR

The number of small businesses that will move their unified communications to the cloud is predicted to increase from 10% to 48%, while medium-sized firms and large enterprises follow, albeit in smaller percentages. These numbers are not surprising because migrating unified communications to the cloud presents a host of benefits to communication systems: simplicity, flexibility, and lowered costs. You probably have given it some thought, but haven’t concluded that migrating your unified communications is a good decision. These five tips for a successful migration could help your decision-making.

Opt for a gradual transition

Migrating unified communications to the cloud doesn’t have to be done at one fell swoop. You can move UC for departments that can benefit from it, while those with no pressing need for a cloud-based UC, such as a company’s call center, can keep using on-premise systems. This way, users can ease their way into the new system without experiencing network disruptions, which could lead to reduced productivity.

Secure sufficient bandwidth

Issues on speed and performance will inevitably arise, so make sure to cover all the bases before migration. That means securing a reliable internet service provider, checking the stability of your internal network, and having a Plan B. This is a particularly critical point to ponder if you have operations in locations where unstable or slow networks could pose serious difficulties. Determine the level of bandwidth your entire business needs, and get it from an ISP that can deliver.

Test, test, test

Transitioning UC to the cloud may appear seamless, but there may be a few unexpected kinks that would need ironing out long after the migration is declared a success. To soften the potentially costly and time-consuming impacts, test the systems throughout the duration of the migration. Whether you’re testing voice, data, or video, conduct tests, set benchmarks for performance, and predict future usage patterns.

Go live and act on identified problem points

After going live with your cloud UC, consider the overall user experience and availability of support for devices, applications and other components. Are persistent connectivity issues going to cause troublesome conference calls? This and similar issues may prove detrimental in the long-run, so keep them in mind when deciding to keep, enhance, or discontinue a cloud-based UC. Cloud migration should be solving problems, not causing them.

Constantly monitor performance and quality

Don’t be surprised if you encounter a few issues even after extensive testing. Migrating to the cloud simply requires planning and a sustainable strategy, whether your organization is dependent on instant messaging, voice conferencing, or video calling. There’s also a good chance that you will be working with several vendors, so always demand for the best service.

Having your UC moved to the cloud may seem like a daunting move, but with our cloud technology and VoIP know-how, we’ll make sure your unified communications in the cloud precipitates just benefits. Contact us today for advice.

Posted in Uncategorized | Leave a comment

No more extended support for Windows 7

img-window7-170px-op3

By EDITOR

When you grow accustomed to something — like a morning routine, a particular type of coffee, or in this case, an operating system — attempts at change aren’t always successful. Case in point, the struggle between Windows 7 and Windows 10. Users have until 2020 to make up their minds, and unless you don’t mind other businesses leaving you in the dust, it’s time to make a move.

Windows 7 was given extended support in 2015. And with that, Microsoft warned its users that this outdated version would drive up operating costs due to remediating software attacks that Windows 10 systems could otherwise avoid. The three-year countdown toward Windows 7’s twilight officially kicks off with a warning to enterprises that they could face hefty fines for sticking with the platform’s outdated security.

According to Markus Nitschke, head of Windows at Microsoft Germany: Windows 7 does not meet the requirements of modern technology, nor the high security requirements of IT departments. How would this make current Windows 7 users feel? Why are users choosing to remain faithful to the platform’s outdated security? Users can delay upgrades until January 13, 2020, after which extended support for the 2009 OS will end and it will no longer receive patches — unless the customer is paying for a pricey Microsoft Custom Support Agreement.

Markus also added that “As early as in Windows XP, we saw that companies should take early steps to avoid future risks or costs.” The message came as Microsoft published studies that showed Windows 10 Anniversary Update’s built-in security managed to neutralize zero-day exploits, even without patches needed to protect earlier versions of Windows.

Failing to upgrade to Windows 10 means that you and your networks will miss out on noteworthy security features such as the Windows Hello biometric login, the AppContainer sandboxing technology, and Windows Defender Advanced Threat Protection, which will gain new features after upcoming Creators Update.

On top of missing out on all the security features that Windows 10 has to offer, enterprise organizations on Windows 7 soon won’t have the additional zero-day protection that EMET, or the Enhanced Mitigation Experience Toolkit, offered since 2009. Last November, EMET’s expiration date was extended from January 2017 to July 31, 2018.

With the help of newer tools, migrating from Windows 7 to Windows 10 is considerably easier when compared with migrations from XP. Microsoft is still urging corporate users to make the shift before Microsoft permanently terminates support for Windows 7, stating that their business could be looking at real trouble if they fail to comply.

Business owners always do their best to ensure the future of their organization. That includes knowing which tech resources to rely on and which ones to avoid. If you still have questions about Windows 7, feel free to give us a call.

Posted in Uncategorized | Leave a comment

Microsoft ending support for Office 2013

2016September29_Office_C

By EDITOR

To make sure enterprises get the most out of their Office 365 package, Microsoft announced it will no longer support Office 2013 by the end of February. Instead, the tech giant will push enterprises to upgrade to Office 2016. If your business is still using the 2013 version, here are some things you need to know right away.

Effective February 28, Office 2013 client applications and language packs will no longer be available from the Office 365 self-service portal and Admin Center. On top of that, Microsoft will no longer release feature updates for Office 2013 and will focus solely on upgrading the recent 2016 version. And because Office 2016 doesn’t support Microsoft Exchange Servers 2007 or earlier, you’ll need to upgrade your mail server as well.

The end-of-support changes apply to Office 365 Pro Plus, Small Business Premium, Business, Project Pro, and Visio Pro subscriptions. Although critical security updates for 2013 products extend to April 10, 2018, businesses should really consider making the move to Office 2016 to take advantage of the latest productivity features.

With Office 2016 versions of Word, Excel, and PowerPoint, users can look up web information right from the document interface. What’s more, employees have access to advanced, collaborative features like Skype integrations, Office 365 Planner, and Delve.

If your business plans to migrate to Office 2016, don’t forget to consider the minimum system requirements:

  • 1 GHz processor
  • 2GB RAM
  • 3 GB of available disk space
  • 1280 x 800 screen resolution
  • Windows 7 OS, or above

To make the transition process smoother, Microsoft is offering FastTrack migration, a service providing organizations with the tools to help them make the move from one Office version to another.

However, if you need more advice on moving to Office 2016, contact us today. We’ll make sure your Office 365 is always up-to-date.

Posted in Uncategorized | Leave a comment

Choosing the best small business computer

2018December8_Hardware_A

By EDITOR

Your employees are some of your business’s best assets. With that in mind, it is imperative that they work with high-performance computers that will unlock their full potential and contribute to your business’s profitability. If only it were that simple. Selecting a computer often involves several factors such as mobility, quality, and price – there are simply too many things to consider. Choosing the right computer requires careful thought, and this is what we’re here to discuss.

Laptop or desktop?

Laptops are highly portable, efficient, and inexpensive. If these are the most important qualities your business requires in a computer, then by all means, choose them. Clearly, desktops aren’t built for mobility, but what they lack in portability, they more than make up for in storage, processing capacity, and security. Although laptops make perfect sense for small businesses with great need for portability, they are much more prone to security threats and are not as easy to upgrade and maintain, unlike desktops.

Processor

The Central Processing Unit (CPU), or simply processor, determines the speed at which you can access your data and perform business-critical tasks. Speed is measured in Gigahertz (GHz), and a processor that runs from 2 to 4 GHz should be plenty for small enterprises. Arguably the most important item on the list of a computer’s specifications, the processor plays a crucial role in your computer’s speed and efficiency.

Storage

As critical hardware components, hard drives indicate how much information you can store and use. Storage capacity typically ranges from 128 gigabytes on “light computers”, all the way up to 2+ terabytes on more critical machines. If your business doesn’t need to store large files such as videos and images and will be used mostly for email and a few applications, 250- or 500-GB storage should do the job. If processor speed is number one on your list of computer requirements, it’s followed closely by hard drive storage.

Operating System

Operating system (OS) decisions often boil down to choosing between Windows or Mac. It might help in your decision-making to know that Windows remains the most widely used OS mainly due to its high compatibility with business software, not to mention, its relatively cheaper price. Macs can perform just as brilliantly as Windows-operated systems can. And although Macs are usually more expensive, they’re well known for their own outstanding features, such as being less prone to crashes.

Other Components

Not to be confused with storage drives, a computer’s Random Access Memory (RAM) is only used to run open applications. It is responsible for keeping your computer performing at optimum speeds, especially when you’re working with several applications or programs at once. For small businesses, a 1200-2600-MHz RAM should suffice. The higher the MHz of your RAM, the higher its performance will be. To keep your basic programs running, 6-8 gigabytes of RAM is often satisfactory.

Ready to Buy a New Computer?

Deciding which computer to buy is an important business decision. While there are a handful of factors to consider, what you aim to accomplish in your business’s day-to-day operations should be your main consideration when choosing a computer. Businesses that require plenty of remote and mobile work should definitely go for laptops. Those that require regular transfers of large datasets could benefit from the increased storage capacity associated with desktops.

Do you need expert advice in choosing the best computers for your small business? We’re happy to guide you in every step of your purchase decision. Give us a call today.

Posted in Uncategorized | Leave a comment

Adobe Flash Blocked by Microsoft Edge

2016December29_Windows_A

By EDITOR

Recently, Microsoft has made new upgrades to their web browser platform. Despite numerous changes, one making the biggest waves for users of all kinds is the lack of instant and easy compatibility with Adobe Flash. Adobe Flash is a web platform and add-on that many business websites have put to extensive use. However, now that Microsoft has made these changes, it can mean big things for business owners and web designers alike. Get to know more about why Microsoft has blocked Adobe Flash and the possible ramifications for those changes.

The primary purpose behind the recent changes made to Microsoft Edge is to make it more competitive with the popular Google Chrome web browser. Among efforts to do just that is the change to how Adobe Flash works on the Edge browser. Now, instead of Adobe Flash plugins playing and loading immediately when a person navigates a website, the application will be blocked.

An alert will come up near the address bar, letting users know that Adobe Flash has been blocked and will give the option to run the add-on or continue blocking it. For businesses that use Adobe Flash throughout their websites, this can be a frustrating change as visitors will need to take an extra step to access the full website.

However, there are numerous legitimate reasons for these changes to the Microsoft Edge browser. The most important of these issues is the fact that Adobe Flash is a security risk and is easily hackable, making it more likely for information and control to be lost to web users. Another issue is the fact that Adobe Flash is a big drain on battery life for computers and other devices.

The theory is that Adobe Flash is on its way out, and that newer, better systems are on their way in. As of now, Windows Insider users are the only ones with access to these updates, but soon the updates will go global and be made available to all users. In fact, Microsoft plans to eventually automatically load HTML5 web information first without loading Adobe Flash content at all.

Because so many sites use Adobe Flash, this can mean major renovations to existing web content. If you worry about the impact this will have on your business, contact us for immediate help and assistance in maximizing your website usability before these changes go live for all Microsoft Edge users.

Posted in Uncategorized | Leave a comment

Gooligan malware haunts Android devices

2016December15_Android_C

By EDITOR

It is the largest single theft of Google accounts ever reported. And if you own an Android 4 or 5 phone, it has likely already affected you. The Gooligan virus, running rampant in third-party app stores, promises to keep wreaking havoc until developers find a way to shut it down. To help your business avoid malware catastrophe, read on to learn what we know about Gooligan so far.

It is estimated that since Gooligan’s August 2016 appearance, the malware has infected more than 1.3 million Google accounts — one of the largest single thefts in recent history.

With the range of personal data available in Google accounts, it is interesting to note that Gooligan’s purpose isn’t to steal the valuable information; instead, it’s to distribute advertising fraud. With as much as $320,000 a month going into the pockets of Gooligan developers, it is obvious that the ploy is working.

How Gooligan is Moving Through the Internet
Consumers are falling prey to the virus when they attempt to download a fake app from a third-party app store. Instead of getting the program that they were promised, they inadvertently allow the Gooligan malware to root into their Android OS and take control of it. Once in control, the virus downloads apps using your Google information. These apps are infused with ads that belong to Gooligan developers, bringing them a never-ending stream of income.

Where Gooligan Came from and Where it’s Going
Gooligan appears to be a variation of the 2015 Ghost Push malware, which was also wildly successful at infecting Android users. Google is currently working with Android engineers and Internet security firms to quelch the malware; they believe that through cooperative efforts, it will disappear from public attention. As it is, those who have updated Android versions of 6.0 or greater are not affected by the malware.

You can lower your chances of contracting the Gooligan malware by downloading apps only from Google Play and checking your system through the security firm Check Point to ensure your Android hasn’t already been infected. For more information on Gooligan and how you can protect your company, contact us.

Posted in Uncategorized | Leave a comment

New Office 365 updates for collaboration

2016January3_Offce_A

By EDITOR

Every now and then we all need a little help, especially in today’s digital era. To keep up with the competition, companies are gearing up, especially in the IT department. With the help of cloud computing technology, Office 365 is a productivity and collaboration-enhancing software that is changing the way small- and medium-sized businesses operate. Here are four of the latest features added to Office 365:

Real-time collaboration in PowerPoint

Users will now be able to share a PowerPoint deck and update documents with others in real time. This means you’ll be able to see edits as your colleagues make them. Microsoft was committed to expanding real-time co-authoring of a company’s native applications, with Microsoft Word already rolling out this feature beforehand. Currently, real-time collaboration is available for PowerPoint on Windows desktops for Office 365 subscribers in the Office Insider program and for PowerPoint Mobile on Windows tablets.

Move attachments to the cloud and share with colleagues in Outlook

According to Kirk Koenigsbauer, corporate vice president for the Office team, this feature allows users to transform a traditional document into a shared cloud document within Outlook. Previously, Outlook users could only attach cloud-based documents to an email, but this new feature makes it easier to send large files and to collaborate on those files with ease.

Users can upload files into their own OneDrive or a document library as part of an Office 365 group and then designate sharing permissions for the email recipients. The new feature is currently available in Outlook on the web as well as Outlook on Windows desktops for Office 365 subscribers.

Mobile notifications for changes to shared documents

With this new update, users will be notified when any cloud documents in Word, Excel and PowerPoint are being shared or edited. These notifications let you know when changes are being made, even if you are away from a particular document, so you’re always connected and know when you have to act. This feature can be integrated with the activity feed on Windows desktops, and help businesses improve user collaboration. Koenigsbauer says that Microsoft will continue working on the notification feature “to provide more detail and transparency around shared document activity in the future.” Sharing and editing notifications are available for Word, Excel, and PowerPoint users on Android and Windows Mobile for Office Insiders. This feature will be available for commercial users in all Office mobile applications in the coming months.

Find, open, and save documents in a Shared with Me and Recent Folders tab

Microsoft’s “Shared with Me” tab in Word, Excel, and PowerPoint makes it easier for enterprise users to find and open shared documents without having to leave the app you’re working in. At the moment, the Shared with Me tab is available on Windows desktops and Macs for all Office 365 subscribers, iOS and Android devices included. And soon, it will be available on Windows Mobile. And the “Recent Folders” tab — used to help quickly locate files as well — is now available in Word, Excel and PowerPoint on Windows desktops for Office 365 subscribers in the Office Insider program.

Technology has become an integral part of modern businesses, and investing in the right IT resources is needed in order to achieve success. With the latest additions to Microsoft Office 365, small- and medium-sized businesses will enjoy enhanced staff collaboration, increased corporate productivity, and an overall competitive advantage.

Posted in Uncategorized | Leave a comment