Blog - BizTek Connection, Inc.

Blog

POODLE Bug Presents a Major Network Security Risk

No, I’m not joking around. It’s real. You may be familiar with bugs known as Heartbleed and Shellshock, which I’ve addressed them in earlier BLOG posts. But now, it’s time that you be made aware of a new bug called POODLE (Padding Oracle On Downgraded Legacy Encryption). Simply put, POODLE allows hackers to access and steal information on encrypted connections.

It is important to note that this is NOT a flaw in SSL certificates, their private keys, or their design but in the old SSLv3 protocol. The bug hijacks pieces of information by using this outdated web communication protocol, leaving systems susceptible to information theft. It’s not believed to be as serious as the Heartbleed bug in OpenSSL, since the attacker needs to have a privileged position in the network to exploit the latest. The usage of Hotspots, public Wi-Fi, does make this attack a real problem. This type of attack falls into the “Man-in-the-middle” category.

How Do They Do It?

Did you ever wonder why you don’t have to log into your e-mail account each time you use it? This is because your browser has a cookie installed which lets your e-mail know that you are who you claim to be. While this is convenient, it can present a problem. If a hacker tricked you into connecting to a bogus wireless hotspot, for example, this bug could allow them to steal a cookie from your computer. This would give hackers a chance to steal enough information from a web connection that they that they would then be able to steal your cookies and effectively pretend to be you.

The Risks

When POODLE emerged earlier this year, security officials got to work and quickly patched many of the sites that were most vulnerable. Unfortunately, it seems, the experts did not go far enough. The bug formerly attacked an outdated version of SSL (Secure Socket Layer), which is no longer used on modern browsers, but is around due to some older sites, which still require it. Another newer layer of security called TLS (Transport Layer Security) has now been found to also be susceptible to POODLE and a fix has yet to be implemented. By the way, some banks are susceptible to the new iteration of this bug.

There are ways to keep your browser safe and to find out whether or not you’re at high risk for such bugs. BizTek Connection wants to make sure you’re doing everything you can to keep your company’s web presence and security safe. For more information, contact us via phone at 501-542-4241 or email at info@BizTekConnection.com

Posted in: Malware, Security

Leave a Comment (0) →

Ransomware – Coming to a Computer Near You!

It seems like it never ends… It seems that Malware is cropping up quicker than the industry can update the virus definitions and today is not different.  But there appears to be a new variety of Ransomware that has recently hit the market.  From what the industry has found so far, KEYHolder appears to be from the same folks that were behind Cryptorbit. It goes by the name KEYHolder.  Although Ransomware may seem like a relatively new type of attack, it actually goes back to the “AIDS” Trojan (also known as “PC Cyborg”) as far back as 1989.  In other words, they are really good at making, and propagating, this type of attack.

Like other Ransomware, KEYHolder will encrypt files (anything/everything from documents, music, videos to images, etc.) on any attached drives, including network mapped file shares. Once the encryption is complete, a ransom of $500 is demanded for the unlock key. The user is directed to download a Tor compliant browser and make the ransom payment through a Tor masked server.

It is thought, although no one is positive at this point, that the initial infection occurred via email.  As this is still developing, the industry as a whole is working to mitigate this threat, there is still much speculation around KeyHolder.  There is some chatter in the security community about infections happening through direct control of systems from the outside, but we have seen no evidence of this. Source files are still being investigated and signatures, to mitigate the risks will be updated by Antivirus vendors as quickly as possible.

This is a very valid, potential threat. Until more is known, and the industry has released fully functioning definition files to reduce the related risks, it is strongly recommended that you inform your users of the following:

1. Do NOT open attachments from unknown senders. While we have seen Ransomware attacks sourced from watering hole attacks, or social harvesting attacks, the vast majority are coming in through email via spear-phishing attacks.

2. Backup often.

3. Do not click on links that seem suspicious

4. Do not allow any software that you do not know the origins of to be installed on your system.

5. Keep endpoint security versions update

6. Keep endpoint signatures up to date

7. Contact BizTek support staff if you have any doubt about your current level of protection, or suspect that you are infected in any fashion.

Malware in any variety, is a pain, even in it’s simplest form.  But some, such as Ransomware and other, can bring your business to its knees.  If you are not confident that you have this base covered, give us a call.

Posted in: Malware, Security

Leave a Comment (0) →

5 Myths about “The Cloud”

5 Myths about “The Cloud”

During 2014 we have seen a definite uptick among central Arkansas businesses taking advantage of “the cloud”. In the US, 72% of all businesses have already adopted the cloud to some degree. Of those, 82% have saved money by making the switch; and 80% have recognized improved processes and productivity.

The term “cloud” is used so broadly that it is difficult to grasp the concept. This causes much confusion about the cloud and how it could improve their business. So we thought we would help you better understand the cloud, and how it can improve your business.

Myth #1: Today’s cloud is like the Wild West, with few controls and security.

While there are hundreds of cloud providers, they fall into 3 categories: public, private and hybrid (a combination of the two). Examples of public cloud are Google Drive, Dropbox and Microsoft’s OneDrive.  These provide an economical place to store data, but you have no control over it, or where the data is stored.  Private cloud provides the opportunity to have much greater control of your data. Most businesses utilize the private cloud for maximum security and support.

Myth #2: The cloud is the reason so many businesses are getting hacked.

Businesses are being hacked because they are struggling to keep up with hackers that are constantly searching for security holes to pillage.  Without an equally vigilant data security team, this is a losing battle. The right private cloud provider is far more likely to maintain enterprise-class security that will minimize chances of a breach.  Today’s typical small- to medium-sized businesses’ security can be no match for today’s hackers.

Myth #3: My company’s data is more secure under my own lock and key.

Even with proper backup disaster recovery plans, firewalls and anti-virus/anti-spam solutions, it is difficult to afford the level of security available from a reputable cloud provider. Typically they utilize multiple, mirrored data centers for redundancy. They employ around-the-clock professionals to manage their security and monitor all systems. They have redundant internet providers, backup power supplies, and access controls.

Myth #4: My systems will be slower if I am accessing data in the cloud.

With today’s bandwidth and data transfer technologies, you will not likely notice any data latency. In some cases, your systems may even run faster. Many businesses today not only maintain their data in the cloud, but utilize computer processing in the cloud as well.  Rather than purchasing and maintaining their own processing power, they rent it from a cloud provider.  This provides improved processing speed that more than overcomes any latency during data transfer.

Myth #5: Making the move to the cloud is traumatic to my daily business processes.

Choosing the right cloud provider is key to a smooth transition. It is their business to assure that the transition is almost transparent to all users with little interruption to normal business processes.

Fact: BizTek can provide customized recommendations for your business to maximize the benefits of the cloud.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Advice from our Service Desk

Advice from our Service Desk

According to our Service Desk technicians, there seems to be a rise in adware among our clients. Whether users are being targeted more frequently, or users are not practicing “safe surfing”, the result is a loss in productivity.  So this article will focus on some of the causes, and how to avoid getting bitten in the first place.

Downloading Software

While there is an abundance of software programs that can make us more efficient, professional and effective, there are landmines out there… particularly with free software downloads.  We’ve seen some clients with 3 or more toolbars on their internet browser, and they are not sure where they came from.

  1. Be sure that you have a professional grade anti-virus program installed and running.
  2. As you maneuver download pages, carefully watch where you click. Sometimes the page will include more than one “Download” button in an effort to get you to download additional packages.
  3. When you download a program, be sure to select “Save” rather than “Open” or “Run”. This allows your virus scanner the chance to perform a scan prior to executing the program.
  4. Avoid the temptation of just clicking through the prompts in order to save time. Sometimes you can avoid a lot of frustration by taking the time to read before you click.
  5. Some software programs, by default, include additional programs. These programs can be from the same software company, or another company that pays them to help propagate their software. As you are installing a program, carefully watch for checkboxes that need to be unchecked to avoid unwanted programs.

Signs of Adware

By design, adware is not always obvious to the user. As adware creeps in over time, the change is not dramatic.  But over time, the change can eat up your time and efficiency.  Watch for the following when surfing the internet:

  1. There are more pop-ups than usual; or pop-ups are difficult to close.
  2. Search results in your browser do not look normal; sometimes you are being redirected to an unintended site.
  3. When you open a new browser window, it opens to a site that you did not select.
  4. Your “Home” button on your browser takes you to a new, unfamiliar search engine.
  5. You notice a new toolbar at the top of your browser that you did not select.
  6. Bookmarks appear that you did not create.
  7. It seems that pages load more slowly and you wonder if your internet speed has decreased. This can be due to high traffic usage on your network or the site itself.
  8. Familiar webpages begin to look unusual.

If you believe that you are victim to adware, call our Service Desk.  We can identify the problem, and get you back to screaming speed in no time.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

Disaster Recovery – Famous Last Words

Disaster Recovery – Famous Last Words

“I’m sure my IT Services Provider tests our backups properly on a regular basis.”

This is critical to your Disaster Recovery program. You should confirm to be sure. Also ask for documentation whenever they occur, and what frequency they follow.

Regardless of the backup medium (tapes, NAS, external hard drive, offsite), if you don’t fully test your backups on a regular basis, you can’t be sure you can recover from a disaster. There are many factors that can cause a system restore to fail. For example:

  • In order to restore your systems, you must first reinstall your backup software. Make note of where it is kept, and that it is safe from the same disaster.
  • If you have to replace your backup software, be sure that a newer version is compatible with the version used with your last backup.
  • If you are still using tapes for backups, your tape drive needs to be protected from the same disaster. Otherwise, you will need to have access to the same type of tape drive.
  • If someone takes your backups home or to a safe deposit box, you need to be sure you can get to them quickly if needed. Make alternate plans in case the person with your backups is out-of-town for the weekend. Or the bank is closed for a 3-day weekend.
  • If your backups are maintained offsite, you need to know the full process for restoring those backups. Determine if the backup service provides assistance and to what level.

“My IT guy runs our backups every day.”

If your backup system requires someone to manually kick-off the backup process, or carry the backups home, you could be at risk. Although intentions are good, sometimes conflicts arise. Important or emergency projects may arise that causes your person to skip a backup or two. After all, one day’s worth of data may not seem critical to them. Or two. Your plan should prevent someone else taking that risk with your business.

“Our tape backups have always worked fine. We don’t need to invest in newer technology.”

Whether you use tape, CDs, DVDs, or external hard drives, you obviously don’t use new media every time. You simply rewrite over a previously used one. This is normal and fine. You should determine how long it is safe to reuse the medium. Hopefully your backup system provides alerts when a backup fails. If it does, hopefully someone is able to immediately rerun the backup on good media, if they have time. Your business is too valuable to depend on chance and hope.

“We always check the backup logs to make sure the backup was successful.”

Initially, with any new backup solution, checking backup logs will be consistently performed. Day 1: Successful. Day 2: Successful. Day 3: Successful. After a few months, it begins to seem less worthwhile to take the time to check it every day. So it is checked every other day. Then once a week. Then once a month. Good habits degrade to bad. And you know that is just when a disaster occurs.

There’s a better way.

A fully automated, onsite/offsite Backup Disaster Recovery (BDR) program is becoming more affordable these days. With the cost of data storage on the decline, and greater bandwidth available, taking the human element out of the process just makes sense. Your BDR program should include redundancy at every level possible. Having the option of receiving email or text messages in the event of a failed backup provides convenience and confidence. Knowing that you can restore systems in hours, rather than days or weeks, helps you sleep at night.

Make 2015 the year that you shore up your disaster recovery plans to make sure your business is not at risk. Give us a call and we’ll show you how easy and inexpensive it can be.

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

What does “Unified Communications” mean?

What does “Unified Communications” mean?

More and more this term is thrown around in business circles. But just what does it mean? Unified communications is the real-time communication within your organization, across multiple locations. It can include instant messaging, telephones, smart phones, video conferencing, presence information, voice messaging, call control and even speech recognition. Some also include non-real-time communications like voicemail, email, fax and SMS.

So what does this mean to your business? Typically, improved employee productivity and mobility, even when out of the office. Communications can be sent from one medium and received by another. With the inclusion of Voice over Internet Protocol (VoIP), phones can literally be plugged into any internet connection anywhere, and automatically perform just as in your office. Today’s VoIP phones are feature-rich and can be easily configured by each user.

How expensive are these systems? Typically, today’s unified communication systems are considerably less expensive than their older counterparts. Some systems do not even require upfront hardware investments. Unlike traditional hardware-based communication systems, today’s systems are software-based. That means they are both flexible and upgradable as new capabilities are introduced. Users can be added and changed easily.

What about cloud-based systems? At first blush, a cloud-based communication system seems counter-intuitive. In reality, putting the switches, intelligence, features, communication horsepower and data in a secure data center delivers tremendous benefits. This enables a consistent experience regardless of access device (desk phone, desktop, smart phone). This truly provides a fully unified communication system.

So what are these benefits?  To list a few:

  • Turn any smartphone into an office phone – send calls anywhere and stay in touch with your business needs, even during a disaster.
  • Make calls directly from Microsoft Outlook – avoid misdialing by clicking on the number.
  • Users can update their configurations from anywhere – from a simple portal employees can update call handling options and voicemail recordings.
  • Consistent communication experience across all office locations.
  • Security – corporate data and phone configurations are protected in highly secure data centers.
  • Feature-rich phone systems without CapEx – unlimited calling with all the latest features to stay connected with employees and customers, without the investment.
  • No maintenance contract – there’s nothing to maintain onsite since the system is maintained continuously professionally in a data center.
  • Dramatically lower your communications expense.

BizTek is ready to assist you in updating your current communication system to one that will grow with your business, both in size and functionality. There’s no reason to use yesterday’s technology, nor watch future advancements leave you behind. Do yourself, your employees, and your shareholders a favor by calling us today!

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

New Windows 7 / Server 2008 R2 Patch Is Bad,

It disables some graphics driver updates, as well as Windows Defender

As a general rule of thumb, I’m a proponent of setting Windows Update to automatically updating the OS (operating system) an Office products. But, in this particular case, accepting/applying one particular update, specifically KB 3004394, can cause a range of serious problems and I recommend (as does Microsoft) removing it.

The first issue that caught my attention is that KB 3004394 blocks the installation or update of graphics drivers such as AMD’s new Catalyst Omega. Nvidia users are also reporting difficulty installing GeForce drivers. Hallock recommended manually uninstalling the update, advice now echoed officially by Microsoft.

The issues related to this newest update isn’t limited to graphics driver problems. Redmond hasn’t directly divulged each and every issue, but Microsoft’s Answer Forum is littered with tech-savvy users reporting that USB 3.0 drivers are broken and User Account Control (UAC) prompts have gone haywire. Microsoft has acknowledged that it may even prevent the installation of future Windows Updates.

An even more troubling byproduct of this update is that the Windows Defender service, which is crucial software that blocks viruses and malware, has even been disabled by the update.

It’s important to note that only Windows 7 and Windows Server 2008 R2 have have issues with this update. .

Posted in: Tech Tips for Business Owners

Leave a Comment (0) →

POODLE Bug (AKA POODLEbleed)

Another bug has recently been found in the Secure Sockets Layer (SSL) 3.0 cryptography protocol which could be exploited to intercept data that’s supposed to be encrypted between computers and servers. This was discovered by three Google security researchers who went on to offer detailed info about how it could be exploited. That info is readily available but far too technical for this medium.

It is important to note that this is NOT a flaw in SSL certificates, their private keys, or their design but in the old SSLv3 protocol.  SSL Certificates themselves are not affected and customers with certificates on servers supporting SSL 3.0 do not need to replace them.

The usage of Hotspots, public Wi-Fi, makes this attack a real problem. This type of attack falls into the “Man-in-the-middle” category. Basically, an attacker that controls the network between the computer and server could interfere with the handshake process used to verify which cryptography protocol the server can accept. It does this by using what is referred to as a “protocol downgrade dance”. This “dance” will force computers to use the older SSL 3.0 protocol to protect the data being sent. Attackers can then exploit the bug by carrying out a man-in-the-middle (MITM) attack to decrypt secure HTTP cookies, which in turn could let them steal information or take control of the victim’s online accounts.  Remediation steps, by webmasters around the world have already begun but there still remains a lot of work to be done.

What End-Users Need to Do

For end-users accessing websites Symantec recommends:

  1. Check to see if SSL 3.0 is disabled on your browser (for example, in Internet Explorer it is under Internet Options, Advanced Settings).
  2. Avoid MITM attacks by making sure “HTTPS” is always on the websites you visit.
  3. Monitor any notices from the vendors you use regarding recommendations to update software or passwords.
  4. Avoid potential phishing emails from attackers asking you to update your password – to avoid going to an impersonated website, stick with the official site domain.

And, as always, if you have any questions, concerns or help, give us a call.

Posted in: Security

Leave a Comment (0) →

Here Data, There Data, Everywhere…

Without a doubt, you work hard to protect your corporate data.  It is the lifeblood of your company.  Whether competitive information about your products and services, or personnel and payroll data, a breach can cost your business everything.  And so far you’ve done an effective job of protecting your data.

 

But nothing stays the same.  We’re continuously forced into paradigm shifts from external factors.  One of today’s biggest challenges is the growth of mobile devices in the workplace.   Exacerbate that problem with your secure (hopefully) corporate WiFi network.  What often results is your highly protected corporate data begins walking out the door inside employees’ smart phones and tablets.

 

Even if you exclude the possibility of employee-initiated data theft, your corporate data is moving around everywhere.  A lost or stolen device can easily result in a hacker accessing that data.  If configured for mobile network access, that thief may also have access to your network.

 

Then when things seem complicated enough, in steps BYOD (Bring Your Own Device).  Many businesses are beginning to encourage (or require) their employees to work from their own desktop, laptop or mobile devices.  While a popular way to reduce the cost of business, particularly among sales departments, this practice further complicates the process of protecting your corporate data.

 

So what is a company to do?  Fortunately, these issues have already been addressed by other companies around the world.  One benefit of being a small-to-medium sized business is being able to learn from larger companies’ investments.  And as those solutions are replicated on a massive scale, the cost of implementation drops dramatically.

 

BizTek would like to assist you in addressing these potential nightmares.  One of our IT Consultants can meet with you to determine your best course of action.  There are numerous ways to protect your corporate lifeblood and we can help you navigate to the right decisions.  Give us a call today!

 

Making your technology seem invisible…

Posted in: Security, Tech Tips for Business Owners, Tips and Tricks

Leave a Comment (0) →

Managing Your Firm’s Password Security

If your organization hasn’t taken a good look at password security lately, you should.  Your corporate data is only as secure as the weakest password.  Anyone that works at a Fortune 1000 company can tell you that the strength of their passwords are managed, along with the frequency of changing them.  This article is designed to provide you with an overview of best practices.

 

Password Enforcement

Most password policies can be automated using a domain controlled server.  Once established, your policies will be enforced without any human intervention.  BizTek is happy to assist you in this process.

 

Password Strength

Policies should require a minimum password length (eight characters is typical but may not be appropriate).

 

Policies should have requirements on what type of password a user can choose, such as:

  • The use of both upper- and lower-case letters (case sensitivity)
  • Inclusion of one or more numerical digits
  • Inclusion of special characters, e.g. @, #, $
  • Prohibition of words found in a dictionary or the user’s personal information
  • Prohibition of passwords that match the format of calendar dates, license plate numbers, telephone numbers, or other common numbers
  • Prohibition of use of the organization name or an abbreviation

 

Password Duration

Policies can require users to change passwords periodically, e.g. every 90 or 180 days.  Systems that implement such policies should prevent users from picking a password too close to a previous selection.

 

Unlike computers, human cannot easily delete one memory and replace it with another. Consequently changing a memorized password is very difficult, and most users resort to choosing a password that is easy to guess.

 

If choosing between the two, requiring a very strong password and not requiring that it be changed regularly is often better. However, this approach does have a major drawback: if an unauthorized person acquires a password and uses it without being detected, that person may have unauthorized access to your network for an indefinite period of time.

 

Common Password Practice

Password policies often include advice on proper password management such as:

  • Never share a computer account
  • Never use the same password for more than one account
  • Never tell a password to anyone, including people who claim to be from customer service or security
  • Never write down a password
  • Never communicate a password by telephone, e-mail, text or instant messaging
  • Always log off before leaving a computer unattended
  • Change passwords whenever there is suspicion that they may have been compromised
  • Operating system password and application passwords should be different
  • Passwords should be alpha-numeric and include a symbol

 

Password Generation

Strategies can be utilized for passwords that can be easily remembered, while meeting the strength requirements.  Symbols and numbers can be replaced for letters in memorable words, e.g. Gun$m0ke, An!ma1Hou$3.  Or phrases can be utilized, i.e. “A penny saved is a penny earned” = Apsiape.  And combinations of both, i.e. Ap$!ap3.

Posted in: Security, Tech Tips for Business Owners, Tips and Tricks

Leave a Comment (0) →
Page 1 of 29 12345...»