Carrollton Dermatology Associates
Dr. Thomas H. Lamb, MD.
Brighter Image, Inc.
RA-Lin and Associates
North Georgia Turf, Inc.
Our computer systems need a high level of protection against harmful viruses, worms and other malware currently spreading like wildfire over the Web. If you have a layered security or defense in depth strategy in place, then you’re probably well protected. But if not, then our guide will surely help you protect your computer systems.
Just like the human body, a computer system can also be attacked by many viruses that can infect and disrupt computer operations. And what's worse is it doesn’t just disrupt the operations of your computer, but these viruses and other malware can gather sensitive information or even gain access to other private and secured computer systems on the same network.
Although computer viruses aren't deadly, they can spread at an unimaginable rate across your entire computer system, affecting your database, networks and other IT-related sources. You can get these viruses by opening bogus email messages, downloading unknown file attachments, and accidentally clicking ads that pop up your screen. This is why there is a need for a strong and effective security system to protect your network.
One of the tested and proven security strategies used today is defense in depth. This concept focuses on the coordinated and organized use of multiple security countermeasures to keep your database safe from intrusive attackers. Basically, this concept is based on the military principle that a multi-layered and complex defense is more difficult to defeat than a single-barrier protection system.
The defense in depth strategy assures network administrators by working on the basis of the following guiding principles:
Defense in depth focuses on areas by deploying firewalls and intrusion detection to endure active network attacks and also by providing access control on servers and host machines, to resist distribution attacks from the insiders. This multi-layered defense also protects local and area-wide communication networks from denial of service attacks.
The reason for wrapping the network with multiple layers of defense is because a single line of defense may be flawed. And the most certain way to protect your system from any attacks is to employ a series of different defenses that can be deployed to cover the gaps in the other defenses. Malware scanners, firewalls, intrusion detection systems, biometric verification and local storage encryption tools can individually serve to protect your IT resources in a way others cannot.
Perhaps the final layer of defense should be educating your employees not to compromise the integrity of the computer systems with potentially unhealthy computer practices. As much as possible, teach them the dos and don’ts of using the computer, as well as how they can prevent viruses and other computer malware coming in and destroying your system.
If you’re looking to give your computer systems better protection against the harmful elements that the internet can bring, then give us a call now and we’ll have one of our associates take care of you and help defend your business.
The 2014 Olympic Winter Games is underway and athletes from all over the world have made their way to Sochi, Russia to compete. As with almost every other Olympic Games, there have been a number of issues for organizers to deal with. However, unlike the last Olympics, one of those complaints is about hacking of mobile devices and computers.
In the report, reporter Richard Engel took new, never opened laptops and mobile devices to Russia and used them. He found that within 24 hours all of the devices had been hacked, exposing the data stored within.
In part of the segment, Engel and a security expert go to a local coffee shop in Moscow and search for Sochi on a mobile device. Almost immediately the device is hacked and malicious software downloaded. Engel notes that the hackers have access to data on the phone along with the ability to record phone calls.
In a follow-up segment, Engel explains a bit more about the laptop issues. When he boots one up and connects to the Internet, hackers are almost immediately snooping around the information, transferring from the machine to the networks. Within a couple of hours, he received a personalized email from a hacker welcoming him to Russia and providing him with some links to interesting websites. Clicking on the link allowed the hackers to access his machine.
One issue is that it hasn't been stated in any reports whether the Russian government is behind this, or if it's hackers out to steal information. While you can be sure that the Russians are monitoring communication during the Winter Olympics, it is highly likely that they are not the ones installing malware on phones, rather it's probably organized crime rings or individual hackers.
Combine this with the fact that many businesses are going global, or doing business with other companies at a big distance. This has caused many people to go mobile and the tools that have allowed this are laptops and smart devices. Because so many people are now working on a laptop, phone or tablet, these devices have become big targets. The main reason for this is that many people simply don't take the same safety precautions they take while on the office or even the home computer.
Hackers know this, so logically they have started going after the easier targets. The news reports concerning Russia highlight this issue and is a warning business owners around the world should be aware of, especially if they are going to be traveling with computers or phones that have sensitive information stored within.
That being said, there are a number of tips you can employ to ensure your data is secure when you go mobile. Here are six:
This is also a good idea because if your device gets stolen, the data is in the cloud and is recoverable. If you have data just stored locally on your hard drive, and your device is stolen, there is a good chance it's gone forever. For enhanced security, be sure to use a different password for every service.
Also, ensure that the programs installed on the devices are updated. This includes the apps on your phone, including the ones that you don't use.
You should also secure your devices by not only having an antivirus and malware scanner but also requiring a password to access your device.
While this may seem great, hackers are known to watch these networks and even hack them, gaining access to every bit of information that goes in and out of the network. When you are traveling, try avoiding connecting to these networks if you can. If you really have to, then be sure not to download anything or log into any accounts that hold private data.
If you are looking to learn more about ensuring the security of your devices while you are away from the office contact us today. We have solutions to help.
Technology is becoming increasingly complex and many small to medium business owners and managers are finding it an increasing challenge to manage their systems, while also ensuring that they are secure. One way to prioritize security is to turn to an IT partner, many of whom offer managed antivirus solutions. While this is a viable option, it can still be a slightly confusing topic.
A managed antivirus solution is provided by IT partners. These tech experts take care of installing the software on computers and other devices, and will then manage the solution. They will also ensure that scanners are up-to-date and scans are scheduled for a convenient time, thus protecting computers. The best way to think of these solutions is that they are specifically provided by a company to look after your computers and protect them from viruses.
Each new year, experts like to take time and look back at the past year, and try to figure out what to expect in the coming year. It is also a good time to take a look at existing business systems and see if they are ready to handle whatever the coming year can throw at them. When it comes to security, the first step to ensuring your company is ready for the year, security wise, is actually knowing what to expect in 2014.
Here are four security threats businesses should be aware of in 2014.
Cloud-based systems saw solid growth throughout 2013, with numerous systems being introduced and older systems reaching new levels or maturity. Small to medium businesses in particular were heavy adopters of these systems. Because of this, we expect to see an increase in attacks against cloud providers.
Providers know this and take steps to ensure security of systems on their end. Hackers know this too, so will be likely going after the weaker points – end users. It is expected that hackers will begin targeting users of cloud systems with various schemes that try to gain control of computers and mobile devices. Once access is gained, they will go after their main target: Corporate or personal clouds and the data stored within.
This could pose a problem for many companies, especially those who access cloud systems from their mobile devices. January and February would be a good time to look into the security of all of your systems, ensuring that your cloud-based systems are secure on all devices.
Take a step back for a minute next time you are in public and look at how many people have smartphones or tablets in their hands. Chances are, at least 60% or higher will. It is fairly obvious that the mobile device is the most popular trend in tech at the moment, and whatever is popular is also a target.
We predict there will be an increase in mobile malware attacks throughout 2014. This could see either an increase in the number of apps that have malware in their code, or websites that host malware. When you visit a site with this malware, you are informed that you need to update an app, and when you agree to this the malware is downloaded and installed.
This could prove to be a tough for companies to manage, especially since the number of mobile users will likely grow. If you haven’t started looking into how to secure mobile devices, now would be a good time to start.
Social engineering is the act of essentially tricking people to give away confidential information. Hackers have been using this for years – for example, emailing users telling them their bank account has been compromised, and that if they click on the link in the email and enter their account info, the account will be secured. In reality, the link is to a fake site that captures information which can then be used for any number of illegal activities.
As we mentioned above, the number of mobile users is steadily increasing. This means that it is highly likely that hackers will begin to target these users with mobile specific social engineering. This could be tricking them into downloading an app which then steals information stored on the phone, or simply targeting those who use just their tablet.
In order to prevent this from happening, you need to brush up on how most social engineering schemes work. You should also encourage your employees to look where the links in emails lead to and be aware that generally, most major businesses like banks don’t email customers asking for passwords or user names.
Microsoft will stop support for Windows XP and Office 2003 in April of this year. What this means is that they will no longer be offering security updates, software updates or support for these products. It is a sure thing that these programs are about to become a big target, and that new security loopholes and exploits will be found on a regular basis after the cessation of support.
For businesses that are using a newer version of Windows like 7 or 8, you should be secure from these exploits. If you are using XP on the other hand, you might want to upgrade as soon as possible. Contact us, we can help with that.
From the overall looks of things, we think this year will see a drastic increase in mobile based security threats, along with attacks on older versions of software. Now is a good time to review your strategies regarding both mobile and the software/hardware you use, to ensure that it is secure. If you would like help with this, please contact us today for a chat.
There were numerous security threats throughout 2013, many of which put small to medium business user's data and systems at risk. Many companies have implemented security systems, such as virus scanners, that protect their assets and business operations from most threats. One area type of security threat that still exists however relates to passwords.
Many of the major security threats that harm a business have one factor in common - a hacker gaining access to systems by cracking a user's password. The one reason hackers are able to get into systems again and again is largely because users often don't pick strong enough passwords.
Even what we might perceive to be a strong password may not actually be as secure as we think. Sure, when you enter a new password many websites have a bar that indicates how strong your password is, but the issue is, these so called strong passwords are becoming easier to guess as more websites utilize the same requirements.
Think about the last time you changed your password. You were likely told to key in a password longer than 6-8 characters, with at least one capital letter, one number, and a special character like '!' or '$'. Many major systems have these exact, or at least very similar, requirements for password setting. However, If this is the norm, and you use a password like this too often then your passwords likely aren't as secure as you might believe them to be.
The reason for this is because of the way hackers usually capture passwords. The most common method adopted is brute force - getting a username then trying every password combination until the hacker finds one that works. There are programs you can download from the Internet that try thousands or more passwords a second, and many now include special characters, numbers, and capital letters, which makes finding passwords even easier.
The way it works is you enter the first few letters of your password and the system guesses the next. It uses common letters and combinations to help gauge the effectiveness of a password. For example, if your password begins with the letter 'v', it will tell you that 'I', 'S' and 'A' are the most common letters to follow. If the next letter of your password isn't one of these three, there is a good chance it is more secure. If the second letter is one of these three, then your password is less secure. This may sound a little complicated, but you should check out the system here.
It is eerie at how accurate the next letters and characters often match, and this is a good tool to determine whether to create a more robust password. You don't have to worry about testing your password out either as Microsoft has noted that they don't track the keystrokes, so you password should remain secure.
If you are looking for more ways to secure your systems, we can help, so get in touch with us today.
As a business owner you probably have more than one issue on your mind at any given time. One challenge many owners and managers worry about is the security of their organization and the systems used. One of the weakest links, security wise, is the password, as these can be quite easy to crack. This is why many companies introduce password policies. However, quite often these policies are not effective.
If you are in the process of implementing a password policy, or are looking for a way to ensure that your business is as secure as possible, you need to be aware of at least four common password policy pitfalls.
While this may seem like it serves to make passwords more complex, many users will often use a simple password and replace words with a character, or add it at the end. This really doesn't make the passwords complex, it just makes them more difficult to guess.
Because so many systems have these requirements in place, hackers have started to include these factors when they develop password crackers. This means that the are still able to guess many passwords relatively quickly.
This may seem like a good idea, but all it does is encourage users to pick easy to remember passwords. And, any password that is easy to remember is likely easy to guess too.
When making a note of passwords, most people don't take any steps to hide them, often leaving a sticky note attached to their monitor or written in a notebook casually left open on their desk. Needless to say, this is a real security issue.
There is a growing trend among many businesses of connecting to the office from outside, or doing work remotely. In order to do so, most users require an Internet connection, often using public Wi-Fi connections. The issue with many public Wi-Fi connections is that they may not be as secure as you think, and could lead to increased security threats and even loss of data.
If you or your employees work outside of the office, and rely on, or frequently connect to public Wi-Fi connections, there are three security dangers you should be aware of.
The issue is that they may have attached data monitors that collect data - including passwords and other private information going into and out of the network. Some have even gone so far as to set up a portal site that one must navigate to in order to log in and use the service - similar to what you see when you use most public Wi-Fi connections. Only these sites are loaded with malware which can be installed onto your system once you log in.
In order to avoid this, it is a good idea to look at the name of the network you are actually connecting to and check whether there is more than one with a similar name, or if there are any spelling mistakes. If you are unsure, the best approach is to check the name of the network at the business which is providing this connection.
The problem with this is when you connect to a public Wi-Fi connection. Other people on that network may also be able to see those files. If you didn't take the important files out of the folder, they could potentially steal the data contained within. Hackers know this, and may sit on the networks looking for other computers with shared files.
In order to avoid this, you should ensure that you aren't sharing files stored in public folders on your computer. Try using other ways to share documents like a cloud storage provider.
If you or an employee connects to the office remotely while connected to a public network, one way to minimize the chances of data being intercepted is by using a VPN. These connections set up a direct link between the computer and the home network, and make it difficult for those who aren't part of that network to connect to and view data that is transmitted over this connection.
On top of this, it is a good idea to avoid entering passwords or other important information like bank account and ID numbers while connected to public networks.
If you are looking for ways to keep your data secure while out of the office, get in touch with us today to see how we can help.
One of the first steps many companies take when they are looking to secure their computers and networks is to implement an anti-virus or malware program and scanning. While this will go a long way in deterring network intrusions, malware can still sometimes find a way to get onto your systems. In order to minimize the potential damage you need to know how exactly malware can circumvent your anti-virus software to infect your systems.
There are several ways in which malware can be introduced to your systems, even those protected by anti-virus scanners or other security measures. Here are three you might need to know about::
1. Attacking remote users
Traditionally, business was carried out in a physical office. This means that companies only had to protect internal networks and systems. However, businesses are increasingly going mobile and relying on off-site workers. Problems can arise though when steps are not taken to ensure the security of these endpoints - laptops, tablets, mobile devices, etc.
Attackers know this, and have started to attack remote workers who may not be as secure as the company's internal systems. This becomes an even bigger issue when the infected device is brought back to the office and connected to the network - thus likely introducing the malware into your systems. It's necessary to ensure that all remote employees and devices are secure in order to protect your core systems and that they are also following the same security protocols used on-site and in-house..
2. USB infections
The majority of malware is introduced to systems via the Internet and websites. This is the reason why almost all virus-scanners focus on web-based intrusions. To a large extent, these scanners do what they are supposed to and keep companies secure. Hackers are always looking for new ways to attack systems though, and one avenue is through USB drives.
Some of the more popular USB-based malware takes advantage of Auto-Run - when an external hard drive, or USB flash drive is plugged in, this feature automatically opens the drive. The malware on the drive is configured to install itself when the drive boots up and is accessed, thus infecting systems.
To limit the chances of being infected by malware you should either provide drives for your employees to use, or approve drives that come in from outside sources. If you use USB drives to transfer files or share files between computers, try looking into other options like cloud storage drives. Finally, disabling Auto-Run and scanning drives with a virus-scanner, (many programs can actually do this), could go a long way toward deterring infections.
3. Anti-virus misses malware
While many companies have anti-virus scanners and software to deter malware infections, in order for these programs to work they often require daily or weekly updates. These updates contain information about new forms of malware discovered, along with detection and handling rules.
However, many companies may not be allowing the virus scanners to update. Because of this, systems are at an increased risk of being infected by newer malware. Therefore, ensure that your anti-virus scanners are not only up-to-date but are set to scan on regular intervals.
Beyond this, it is important to know that while anti-virus scanners will go a long way in preventing infections, they are often a step behind the newest malware. Taking steps to prevent malware, such as limiting downloads, educating employees and establishing a security policy can also help.
Finally, if you are worried about the security of your systems, working with an IT partner can prove to be one of the most successful ways of minimizing security threats that could harm your organization. IT partners can implement a plan to lower infection rates and employ experts who are able to work with you to restore your systems quickly should they become affected.
If you are looking to make your business more secure, get in touch with us today.
In the past few weeks the CryptoLocker virus has spread rapidly to become one of the more well known, and dangerous, viruses of the year. Because of the fact that if your system is infected, you likely won't be getting your files back unless you pay the ransom, you likely don't want this to infect your work systems. One of the ways to limit the possibility of this is to educate your employees on how to minimize the chances their systems will be infected.
Here are five tips you can share with your employees about how to keep systems free from malware.
1. Don't turn off or stop your anti-virus scanner There is little doubt as to the usefulness of your anti-virus scanners. These are installed specifically by companies and IT departments the world over in an effort to keep systems free from viruses and malware. Because there are always new pieces of malware being developed and released, the companies that run the antivirus scanners often keep an up-to-date as possible database that is consulted when the scanner is running.
It is these databases that companies push to you in weekly, or daily updates. Therefore, it's a good idea to not only keep your virus-scanner on, but also up-to-date, as the chances of it picking up newer and more serious malware are higher.
If your scanner attempts to run during business hours, some systems may slow down. Why not change the time this scan runs to when you aren't at your desk, say after 5:00 pm, or early in the morning. Working with an IT partner to schedule this could really help.
An important factor to remember is: If you don't run your anti-virus scanner, or turn off your scanner, the chances of your computers being infected increases exponentially.
2. Watch what you download One of the more common ways malicious software makes it onto computers is through downloaded files. That Facebook toolbar that a website is advertising as a must-have, or the file that must be downloaded in order to watch a movie online may actually be teeming with viruses.
Therefore, you should only download files from websites that you know are secure and offer legitimate files. And, before you download anything ask yourself, "Do I really need this, and will I really use it?" If you are unsure, check with a colleague, or reach out to your IT partner.
3. Study email attachments closely Another common way malicious software and viruses spread is through email attachments. Sometimes an email account has been compromised and a hacker is sending emails to users with the virus attached, or the host system has been infected and the virus is essentially sending itself. Regardless of how the email is being sent, you should be wary of all email attachments.
Before you open ANY attachment, verify that it is actually referenced in the email, it is the file referenced, and the name is logical. If you see an email that states a document or file is attached, take a look at the name of the attached file. If it ends in .exe or .dmg, this is a program and likely a virus, and should not be opened. You should also look at who is sending the email too. If you don't know the person it is recommended that you do not open the attachment. If you are unsure, try contacting the sender in another email.
4. Avoid using shared disks when possible While external hard drives and thumb drives may be incredibly useful, viruses can actually be spread by them. For example, if an infected file is on a USB drive and is plugged into a system, this can actually infect the system when the file is opened.
If you do use these drives, many virus scanners can check them. So, when you plug in a drive, before you open any files or the drive itself, right click on it and you should see an option to scan the drive with your virus scanner. If not, you can likely do this from the virus scanner itself. This could take time, but it will help keep your systems secure.
5. Ask yourself whether you really need to have an administrator account for Windows On many systems, when you set up a new user, you can set an account to be the administrator of that system. Administrators automatically have the ability to install programs, change settings and even create new accounts. If you don't need to change your computer's settings, or install programs then you likely don't need to have an administrator account.
This could be a great way to minimize virus infections simply because these viruses need to first be installed. If you can't install programs or even download them, then your chances of being infected are lower.
Looking to learn more about how you can protect your computers? Contact us today as we may have the perfect solution that will not only keep your systems secure, but also free from any malicious software.
Malware comes in many different forms and some of the more common are viruses are those that infect systems when they are downloaded and opened by the user. Combating any malware can be a never ending battle. It seems as if there is always some new security threat you need to be aware of. One of the latest is CryptoLocker - a new form of ransomware.
Knowledge is power so finding out more about CryptoLocker is recommended, as well as how you can take steps to protect your systems.
What is CryptoLocker? Ransomware is a virus that locks important files or systems and requests that users pay a ransom to unlock them. This is not a new form of malware, but there has been a recent resurgence and CryptoLocker is leading the way.
This particularly nasty piece of malware infects user systems and locks files, threatening to delete them unless the hacker is paid. It is being spread four different ways:
What happens if I get infected? If your system is infected your files will be encrypted and a pop-up message displayed informing you that your personal files have been encrypted and that in order to get the key to unlock them (the private key) you need to pay up to USD$300, or a similar amount in another currency. This amount seems to change and has increased, with older versions asking for USD$100.
You will also see a timer counting down from 100 hours. If this reaches zero, your encrypted data will be deleted with a very slim chance of the files being recoverable. The preferred method of payment is in BitCoins - a digital currency. The pop-up window has instructions on how to submit the payment - usually through an online payment method like Green Dot - MoneyPak.
The good news is, once you submit the payment, you will receive a key you can enter to unlock your files. The hackers have said that they won't re-infect systems, and network security companies have confirmed that so far, this has been the case.
While many up-to-date virus and security scanners will pick up CryptoLocker, most won't be able to recover or decrypt files even if the malware itself is deleted. If you see the pop-up window, it's probably too late.
How do I prevent CryptoLocker from infecting my systems? This is a serious piece of malware that should not be taken lightly. If you are worried about your systems being infected, here are five things you can do to prevent that from happening: