Carrollton Dermatology Associates
Dr. Thomas H. Lamb, MD.
Brighter Image, Inc.
RA-Lin and Associates
North Georgia Turf, Inc.
BYOD, or Bring Your Own Device, is one of the most common business trends of the past couple of years. To many, the idea of bringing their own phone, tablet, laptop, or even computer to the office is ideal because it is a system they are undoubtedly familiar with. They may also view personal devices as better than the office models. Even if you don't allow your employees to bring their own devices to work, there is a good chance they do anyways. However, this could pose a security risk that needs to be dealt with.
This could put your business at a higher security risk if the rule is ignored, especially if you don't implement any security measures to protect your networks and data. In order to minimize the potential threats BYOD can expose your business to, we suggest you do the following:
The same goes for phones for your employees. Why not offer to pay for the plan and allow employees to use their own devices? Of course, you are going to want to implement security measures and usage rules, but if this is easily achieved then it may help reduce your overall operating costs. Before you do implement a system like this however, we strongly recommend you read the rest of this article and follow the steps below.
Chances are high that because they use the work Wi-Fi on their device for non-work tasks, they simply keep using the device when they are doing work related activities. This could pose a security risk, especially if you run business-critical operations on the same network. You could nip this potential problem in the bud and simply install another Wi-Fi network for mobile devices and non-critical business processes.
It is usually quite affordable to simply purchase another line and the networking equipment to support this, not to mention the fact that it will keep business-critical processes secure from errant malware. As an added bonus, you will likely see increased productivity because the bandwidth demand will be limited, so important data will move quicker.
One of the simplest ways to prevent this is to educate your employees about proper mobile safety. This includes how to spot apps that could contain malware, sharing security threat updates, and teaching your employees how to secure their devices. You really need to stress just how important security is to them.
On top of this, contact an IT expert like us for a recommended anti-virus and spyware scanner for mobile devices that users can easily install. Encourage employees to not just install this but to keep it up to date too. Many of these mobile specific scanners are free and just as powerful as desktop versions.
It may be that you don't actually need to integrate BYOD but to update hardware or software to newer versions instead. It could be that there is a simple solution to employees feeling frustrated with slow performance of existing systems at work.
If you do implement BYOD, we can help establish security measures and policies that will ensure your networks and employee devices are secure. The best advice we can give however, is to do this before you start allowing BYOD, as it can be far more challenging to implement and enforce changes when employees are already using their devices at work.
Looking to learn more? Contact us today to see how we can help.
Businesses are relying increasingly on virtual machines to handle more critical data and tasks than ever before. Still, many are misguided about their security needs in a virtual environment. There are several myths that if believed can have serious consequences; leaving your organization vulnerable to an attack. Understanding these issues is key to helping you make better and safer decisions about the virtual environment of your business.
Therefore what you need is a solution that has been designed to keep both virtual and physical computing environments secure. There are a wide-number of solutions out there, and the best one for your business will depend largely on the virtual environments you employ. We strongly recommend talking to IT experts like us, as we can help determine, or even offer, the strongest security based.
This high level of duplication can cause massive performance degradation and waste tons of storage capacity. Therefore, you should make an effort to ensure that all of your systems including the main ones are without malware. This not only makes every system secure, but can also speed up overall operations.
Therefore, malware scanners on both the user and main systems would be a good idea. If it does happen to get on a system, the chances of it spreading are drastically reduced.
Additionally, being too eager to create new machines on demand can result in virtual machine sprawl, which happens when virtual machines are created but then forgotten. This leads to an unmaintained virtual endpoint operating without your knowledge. Even if the rest of your virtual machines are secure, it’s possible for one machine to eavesdrop on the traffic of another virtual machine, leading to privacy and security risks.
The best solution to this is to employ an IT manager who can track and maintain systems. Many IT partners offer a solution like this, so experts like us may be able to help ensure your systems are secure.
A non-Web-connected server is going to have entirely different security needs than a virtual desktop of a server that manages customer information. Implementing one without the other simply just won’t do in today’s world, where attackers are set on getting their hands on your data.
Proper security is vital in making virtualization a critical component of your business IT infrastructure. Looking to learn more about virtualization and its components? Contact us today and see how we can help.
No matter what industry you operate in, today’s technological advancements make it inevitable that network security threats will sooner or later come knocking on your door. While it is true that corporate security measures can consume a lot of time and a huge chunk of change, the rapid growth of malicious Internet activity makes it extremely vital for your business to become familiar with and to follow the right security guidelines.
As we increasingly come to rely on cloud-based systems, the browser will likely become even more important to business owners and managers. While there are a number of browsers out there, many Windows users prefer to use Internet Explorer (IE), largely because it is the browser which comes pre-installed on all Windows computers. However, if your business uses IE, there is an important zero-day security flaw that you should be aware of.
The way most software programs work is if a user finds a security flaw, they will usually inform the developer who will then develop a fix and release it in a patch that users download. The problem is, sometimes it is a hacker who discovers this vulnerability. Instead of reporting it, they start to capitalize on the flaw, exploiting it to attack other users before the developer becomes aware of it and has a chance to fix it.
How it worked is that the hackers sent emails to users with links to a website that hosts a malicious code. These emails were largely phishing in nature, meaning they aimed to get the user to click on a link in the email. Some of the subject lines used in attacks included:
To guard against the exploit you should firstly update the version of Internet Explorer that you are using. The easiest way to do this is to go to the Internet Explorer website and download the latest version - version 11 - of the browser. Version 11 can run on both Windows 7 and 8, so the vast majority of users should already be running this latest version.
If you are using an older version, Microsoft has pushed the patch out via both IE's automatic update feature - so restarting the browser should install the update. The other option is Windows Update. Simply running the Update program and installing the updates should ensure that the latest version of IE is installed.
For Windows 7 and 8 users, you can do this by:
If you are using XP, you can visit the Microsoft Update website using Internet Explorer and following the instructions.
Aside from updating your browser, you should ensure that your anti-virus and malware scanners are up to date and scheduled to scan your system on a regular basis. Be sure to look at all emails closely as well, if one seems a bit dodgy, or you receive one from someone you don't know, it is best to ignore it and delete it right away.
Businesses who are using XP should seriously consider updating because Microsoft will not be introducing security updates in the future, leaving your systems at greater risk of attack. At the very least, it may also be a good idea to switch to another browser like Firefox or Chrome, both of which will work on XP and are updated regularly.
Worried that your systems are not secure enough, or still running XP? Contact us today to see how we can help.
Passwords are made to safeguard our online accounts. But in this day and age when rampant hacking incidents happen every day and around the world, security is oftentimes compromised. As a result, private data can fall into the wrong hands. For this reason, it is imperative that the passwords protecting your data are strong enough to throw off hackers. Here are some ways to bolster your passwords.
Passwords should have at least eight characters. It is highly recommended that you use a combination of uppercase, lowercase and special characters. “P@s$w0Rd45%” is a thousand times better than “Password1”. Veer away from using passwords that are found in dictionaries. Furthermore, avoid using your name, a family member’s name, phone number, birth date, social security number or any public information. Hackers have found a way to crack passwords with the aid of the many databases out there.
To create even more secure passwords, try using a password that is a full sentence, with random words. For example "I am a purple donkey" (with the spaces) will take a long time to crack, which means it's more secure then even the examples above.
Get professional help by installing security software from a trusted name in the industry. Build your defences as early as possible. Remember the cliché – better to be be safe than sorry – and nowhere is this more true than in computer system and web security.
In the event that you need to give your password to a co-worker to get an important document or presentation, make sure that you change them as soon as possible. Never use the same combination again.
It’s an unsafe online world out there. These online troublemakers will never be satisfied. So never let yourself or your organization fall prey to hackers. Take note of these safety measures and strengthen your web security arsenal.
The security of systems like servers and computers that connect to the Internet should be one of utmost importance for business owners and managers. However, there are always security flaws being exposed which could expose your systems and data to malicious hackers, who could really endanger your business. Over the past few weeks a massive massive security flaw with cryptographic software has come to light. Codenamed Heartbleed, this bug makes stealing data almost ridiculously easy.
You can tell sites are using SSL/TLS by looking at the URL bar of your browser. If there is a padlock or HTTPS:// before the Web address, the site is likely using SSL or TLS verifications to help ensure that the site is legitimate and communication will be secure. These technologies work well and are an essential part of the modern Internet. The problem is not actually with this technology but with a software library called OpenSSL. This breach is called Heartbleed, and has apparently been open for a number of years now.
Heartbleed is a bug/glitch that allows anyone on the Internet to access and read the memory of systems that are using certain versions of OpenSSL software. People who choose to exploit the bugs in the specific versions of OpenSSL can actually access or 'grab' bits of data that should be secured. This data is often related to the 'handshake' or key that is used to encrypt data which can then be observed and copied, allowing others to see what should be secure information.
Scary right? Well, the second problem is much, much bigger. The hacker won't only be able to see the data you transmit, but how the site receiving it employs the SSL code. If a hacker sees this, they can copy it and use it to create spoof sites that use the same handshake code, tricking your browser into thinking the site is legitimate. These sites could be made to look exactly same as the legitimate site, but may contain malware or even data capture software. It's kind of like a criminal getting the key to your house instead of breaking the window.
But wait, it gets worse. This bug has been present in certain versions of OpenSSL for almost two years which means the sites that have been using the version of OpenSSL may have led to exposure of your data and communication. And any attacks that were carried out can't usually be traced.
We have to make it clear here however: Just because OpenSSL is used by a vast percentage of the Internet, it doesn't mean every site is affected by the glitch.
The latest versions of OpenSSL have already patched this issue and any website using these versions will still be secure. The version with Heartbleed came out in 2011. The issue is while sites may not be using the 2011 version now, they likely did in the past meaning your data could have been at risk. On the other hand, there are still a wide number of sites using this version of OpenSSL.
It can be hard to tell whether your data or communications were or are actually exposed or not, but it is safe to assume that at some time or another it was. Changing your passwords should be the first step to ensuring that you are secure and that the SSL/TSL transmissions are secure. Another thing you should be aware of is what sites are actually using this version of OpenSSL. According to articles on the Web some of the most popular sites have used the version with the bug, or are as of the writing of this article, using it. Here are some of the most popular:
If you have a website that uses SSL/TSL and OpenSSL you should update it to the latest version ASAP. This isn't a large update but it needs to be done properly, so it is best to contact an IT partner like us who can help ensure the upgrade goes smoothly and that all communication is infact secure.
Contact us today to see how we can help ensure that your company is secure.
Malicious software (more commonly known as malware) can be found on almost any system, most often being downloaded and installed on computers. It can cause a myriad of annoyances, like unwanted pop-ups and system freezing, and some forms can even gain unauthorized access to your PC, stealing personal information. It's therefore essential that malware is prevented. Malware on work computers can disrupt a company’s operations and may put the security of data in jeopardy.
If this doesn't work, disconnect the infected computer from the network to prevent the spread of the malware. Furthermore, avoid accessing the Web and using vital information such as bank account and credit card information. Let the technical department or your IT partner handle the concern since they are trained in determining and eradicating system malware infections.
Once the problem has been pinpointed, a tech specialist will go through the process of eliminating the infection. This includes backing up data on the computer and restoring the system to its original state. Depending on the extent of the infection, the computer may need to be wiped clean, or reformatted before restoring backed-up files.
After the whole process, the computer must be tested to ensure that the infection has been totally removed. Moreover, further investigation and studies must also be done to determine where the problem started, as well as to create a strategy as to how to prevent this from happening in the future.
If you have questions or concerns with regards to malware prevention and resolution, feel free to call us. Our support team is always ready to help.
Security of a business's systems and networks should be important to many business owners and managers. In fact, an increasing number of companies are implementing security strategies. While these strategies do keep businesses secure, there is one critical element that could cause plans to fail, leading to an increased chance of a breach of security: The audit.
These elements are: assess, assign, audit. When you develop a plan, or work with an IT partner to develop one, you follow the three steps above, and it may be obvious at the end. In truth however, you should be auditing at each stage of the plan. That means you first need to know what goes on in each stage.
During the assessment phase you or your IT partner will need to look at the existing security you have in place. This includes on every computer and server and also focuses on who has access to what, and what programs are being used. Doing an assessment should give you an overview of how secure your business currently is, along with any weak points that need to be improved.
The assignment phase looks at actually carrying out the changes you identified in the assessment phase. This could include adding improved security measures, deleting unused programs or even updating systems for improved security. The main goal in this phase is to ensure that your systems and networks are secure.
Auditing happens after the changes have been made and aims to ensure that your systems are actually secure and have been implemented properly. Throughout the process you will actually need to continually audit and adjust your strategy.
Keeping systems and computers secure can seem like a full time job, largely because there is a near constant stream of security issues being discovered. From malware to bugs in software, you can bet that you will eventually find a security breach in your systems. The other week news broke of a bug that posed a critical security flaw in Apple's operating systems.
The update notes released by Apple noted that the patch "provides a fix for SSL connection verification." This is a fairly common update as it is aimed at improving the security of communications between websites and the device. However, security experts found out that without the update attackers who can connect to a network are able to capture sensitive information being sent in banking sessions, email messages, and even chat messages using what's called an SSL/TSL session.
In other words, SSL and TSL are used to ensure that information is exchanged securely over the Internet.
According to security experts, this bug has been found to affect devices running older versions of iOS 7, OS X 10.8 and newer, Apple TV, and possibly iOS 6. It is important to note that the bug is only found in Apple's SSL technology. Any app that uses Apple's version of SSL could be affected.
You should also remain vigilant and not connect to any open or public Wi-Fi connections or even secured Internet connections that could be easy to break through. Basically, as long as you update you should be fine. However, it may be worthwhile using another browser if you are really worried about whether you have a secure connection.
If you are looking to learn more about this security flaw, or how you can secure your business from threats like this, contact us today. We can help.
There are numerous ways business security systems can be compromised. A common way is phishing - tricking people into giving up important information via email. Original phishing methods are now well known, and increasingly less effective. So hackers have become more skilled and have adapted their phishing methods into a new form of catching people out with what experts have labeled as spear phishing.
Generally a hacker will first pick a target and then try to learn more about the related people. This could include visiting a website to see what a company does, who they work with, and even the staff. Or they could try hacking a server in order to get information.
Once they have some sort of information, usually a name, position, address, and even information on subscriptions, the hacker will develop an email that looks similar to one that another organization might send e.g., a bank. Some hackers have been known to create fake email accounts and pose as a victim's friend, sending emails from a fake account.
These emails are often similar to official correspondence and will always use personal information such as addressing the email to you directly instead of the usual 'dear sir or madam'. The majority of these emails will request some sort of information or talk about an urgent problem.
Somewhere in the email will be a link to the sender's website which will look almost exactly like the real thing. The site will usually ask you to input personal information e.g., an account number, name, address, or even passwords. If you went ahead and followed this request then this information would be captured by the hacker.
Should someone fall for this tactic, they will often see personal information captured and accounts drained or even their whole identity stolen. Some spear phishing attacks aren't after your identity or money, instead clicking on the link in the email will install malicious software onto a user's system.
We are actually seeing spear phishing being used increasingly by hackers as a method to gain access to business systems. In other words, spear phishing has become a great way for people to steal trade secrets or sensitive business data.