Our Blog

Facebook! Where's my check?

 “Facebook is free and always will be.” That’s what Mark Zuckerberg said and it’s true… sort of. Most people think that Facebook makes its’ money selling advertising and to a certain extent that is true. But the real money they make comes from you. 

Read more

Trust

 Trust. Every day we put our trust in others. Sometimes the trust is earned. Sometimes we don’t have much of a choice. When we get in our car and head down the road we trust the drivers on the opposite side of the street will remain in their own lane and not hit us head on. 

Read more

I've been hacked!

 I don’t need a crystal ball to determine if a particular stock will plummet. All I have to do is buy some shares and down it goes. I don’t need to see an advance copy of tomorrow’s newspaper to see which retailer will be hacked. All I need to do is check my credit card statement. If I shop there they have

Read more 

Someone call security!

 Just about everyone who uses a computer knows that there are security risks. You know you need anti-virus software. You know you need to use passwords. You try to avoid opening emails that might be dangerous. But do know the biggest vulnerably to your business’s security?Three basics of Security:

  1. Your Office Computer Network
  2. Your Office Computers
  3. Users

Which is most responsible for the security of your valuable company data, malware, viruses, identity theft and your reputation?

  1. Your Office Computer Network - Hopefully, you have a top-notch IT team protecting your network; the modem, firewall and switches which govern the data flowing into, through and out of your office computers, server and the Internet. The IT team should have several layers of protection to keep everything flowing smoothly and safely.
  2. Your Office Computers - Your office computers are actually only to be used for office work.. Computers, in and of themselves, don’t cause much of a security risk. Provided they haven’t already become infected with viruses or malware, they generally sit passively awaiting instructions from the user.
  3. Users – The most dangerous part of your network. Users are the weakest link in the chain. When a user sneaks a peek at their Facebook account or catches a kitty video on YouTube or clicks on that email that promises to show how to get rich flipping houses or help that helpless Nigerian move his millions into the user’s bank account your network is at risk. Since the office Internet connection is usually faster than the one at a user’s home, it can be irresistible to download music, videos and even full length movies to a USB drive. Any of these activities can be dangerous. Just visiting an infected website, and there are many more infected websites than you care to imagine, can infect your entire network, crash your server and allow the bad guys to take control. Hackers use Social Engineering in masterful ways to trick users into opening links, fake webpages and documents which are laced with malware.

Users are the bane of the IT team’s efforts to keep things safe. They tend to find new and different ways of creating chaos and defeating all safeguards which have been put in place.  If it were legal to do so, it might be helpful to charge the user who caused the entire network to be infected or have all of the company’s data encrypted and held for ransom, for the cost of making things right. This is unlikely as you cannot even sue the maker of the anti-virus program that should have prevented many of these events in the first place. Aside from basic common sense, unfortunately a rare commodity among computer users, there are some basic measures which may be taken to protect the company from harm:

  1. Use strong passwords. The longer the password the better. It should contain upper and lower case characters, one or more numbers and symbols. What a pain! That’s why the most common passwords are 12346 and the word password.
  2. Do not use the same password for multiple accounts. Once the bad guys capture your username and password, they will attempt to use that username/password combination on every site you visit that requires a password. Yes, they can know everywhere you go on the Internet.
  3. Avoid shopping online at work. Stay clear of travel sites. Do not click on links to non-business websites.
  4. Use caution when opening emails. Even if the message is from someone the user knows, train them to look at it carefully and use their best judgement to ascertain if it is genuine. Have the IT team check it out. Use personal email accounts from home for personal email and avoid having friends and family send email to the office email account.
  5. Do not click on links in emails. This is the easiest method the bad guys use for installing malware on your computer and your office network. It's a type of social engineering and often the email containing the link came from someone you know who has a compromised computer or email account. Click on that link and you'll be sharing that virus with everyone on your contact list.
  6. Close all programs and log off every night or whenever you will be away from your computer for a length of time. While one user might not sneak over to another user’s computer to do something nefarious, after the office closes for the night who knows who might look for an unsecured computer? Well, anyone who comes in after hours could. Janitors have been known to seek out computers that have not been logged out. There are many cases of janitorial staff downloading illegal music and videos causing potential fines for the company. Much worse has happened when child pornography has been viewed or downloaded then tracked by law enforcement to the company. The user who allowed the computer to be accessed might decide to log off the following night after the chat with the FBI agent who comes calling.
  7. Have all users sign a “Company Internet and Email Usage Policy” form. This is critical as it lets everyone in the company know what is and is not permitted on the office computers. It details the ramifications for violating company policy. And it helps protect the company.

A “Company Internet and Email Usage Policy” form is available free on our website at www.AnswersNow.com. Download it, have your legal team check it over, print it and actually get all users to sign it. Don’t be shy about it. Announce that it is required. Let your users know you are serious. If you aren’t certain that you have all of the protections you need for your network, we will gladly, free of charge, do a full network analysis and report our findings to you. Even if you have an IT team you are happy with, it never hurts to get a second opinion.  We have a free Network Evaluation form available on our website at www.AnswersNow.com.

We live in two worlds.

  •  Image you saw me rummaging through your trash can and picking out various pieces of paper. Depending on who you are and how you react to such things I’m guessing you are reaching for your .357 magnum or at least a baseball bat. There is actually a term for such activity: Data Dumpster Diving. There are a few groups that  utilize this method of data collection. On the bad guy side, there are criminals who are trying to piece together an identity profile on you so they can get access to more of your data to get access to more of what you have. On the “good guy” side, there are government agencies who are trying to piece together an identity profile on you so they can learn more about you in case they think you are a criminal. There are also private investigators doing the same thing in cases of divorce or other legal conflicts. No matter who is doing the Data Dumpster Diving in your yard, you instinctively know this is unacceptable behavior and you would try to stop it.So after your pointed your gun or waved your bat at the guy in your trash cash, you feel satisfied that you have defended your turf and go back inside your home and sit back down at your computer. No worries here. Nobody digging around here. Well, at least here the bad guys have the decency not to show their faces. But rest assured… they are there.We tend to be very complacent about the connected we use every day. The laptop, desktop, tablet and smartphone are very near and dear to us. It’s almost impossible to believe they would allow anything to harm us. They are like comfortable friends allowing us to commutate with our friends, family and colleagues. They have games that help keep us from being bored. We can even watch the latest edition of Game of Thrones on these wonderful devices.The problem is that all of these activities reveal little bits about us that help complete a profile of what we do, where we go, who we know, what we know, what we have… who we are.If I drive up to your house and start digging through your trash what could I possible learn about who are? I may not have had a clue who are when I drove up to house. But inside that trash can I find a letter mortgage holder and now I know your name, address and I know you own your home. I find two small bottles of baby food and discarded diapers and I can assume you have a new child. I find a few empty wine bottles and I know you, or someone in the house, drinks wine and by the label on the bottle I can probably determine how well you’re doing financially by the value of the wine you drink. Hey, a credit card statement… jackpot! Even though the full credit card number isn’t printed on the statement, I’m getting close enough with my data collection to get that information. Your wife’s name is on the statement as well. Now I know you are married. With very little effort I can now go online and find out every place the two of have lived, where you worked and digging a little deeper I can learn your social security number and find out if you have a criminal past or had financial problems at one time.But you’re OK now because you are in your car, your four wheeled fortress of solitude, heading to meet a friend. You won’t get lost because your smart phone is giving you turn by turn directions. You won’t have any trouble getting back because you have told your smartphone where you live and given the information a name: home. Ah, that little electronic friend of yours is working behind your back giving away a treasure trove of information. You drove to your friend Mike’s house; and now your smartphone knows you and Mike are connected. If you are a female and drove to Mike’s house and spend the night a few times, your devious little phone could infer that you and Mike were having an affair. Yes, yourphone always knows where you are. It knows how long you were there. It fact, the technology exists for your phone to be listening to you or even sending video of you without you even knowing.This sounds like a lot work for one person to through to learn who you are. Not to worry. The guy who dug through your trash can and the guy who’s stealing the data from your phone and the guy who’s snitching information from your laptop may all have bits of information about you. To tie all of these bits up into a nice little bundle, called a “complete profile”, a bad guy can go online into the dark web and exchange the bits he has with the bits that other criminals have accumulated and sell your entire digital life for quick cash.The bad guy who purchases your complete profile can now drain your bank account, take out a second mortgage on your home (or even change the title into his own name!), use your credit card online or apply for a new credit card or a loan in your name. Your wife could be blackmailed due to her indiscretions with Mike. Now with your credit ruined you may have trouble finding a new job or paying for a divorce attorney.In one world, your physical world, you have your garbage can and your gun or your bat, you have locks on all the doors and windows and you have even invested in a home alarm system with video surveillance (that’s how you caught the guy going through the trash).In the other world, your digital world, your gun and bat are pretty worthless (unless you plan selling them on eBay). If you are like most folks you installed an anti-virus program on your computer or laptop. Unfortunately, if you are like most folks, you either bought the cheapest one you could find or found one for free. Probably not the same thought process you used when you purchased the door and window locks or the home security system.If you are like most folks, and most folks are, you have a simple password (or no password) on your laptop or smartphone. You use the same passwords for almost everything (remembering them is such a pain!). You go to Starbucks and use their public WiFi and while there pay a few bills, check your bank balance or stock portfolio or purchase diapers on-sale at Walmart. Just ignore the other guy sitting at Starbucks in front of his laptop sucking up all of your bits of data while he sips on his latte.[NOTE: To see just how easy it is for the above scenario to take place, visit wifipineapple.com. For very little money anyone can purchase this device and get almost complete access to your phone or laptop in a matter of minutes.]You already know how to secure your home from intruders. Now it’s time to start on your digital world. Here a few basic ways you can begin to protect yourself (there are many more but they require some effort, so… baby steps.)1. Use strong passwords. The longer the better. I recommend passphrases that are long and easy for you to remember.2. It may seem obvious, but never share your passwords with anyone.3. Do not use the same password or passphrase on more than one site.4. Use a password manager.5. Do not use public WiFi. Your phone, more likely than not, has hotspot capability. Learn how to use it. And use it.6. Purchase a quality anti-virus program. We use and recommend Sophos with Intercept X for ransomware protection.7. Have your laptop or desktop computer serviced regularly by a professional with emphasis on looking for malware or viruses.8. Be suspicious of all email you receive. If you weren’t expecting an email from old friend, call him up and verify that he sent it.9. Never click on links imbedded in email.10. Rule number 1 (and 2 and 3) If you didn’t go looking for it, don’t open it. If you did go looking for it, be suspicious that it isn’t what you were looking for. Use common sense.11. Use strong passwords on your home or business router or firewall.12. Be sure any and all Internet of Things devices have strong passwords.That should be a good start. Now be careful out there in both of your worlds. 

Houston, we have a problem...

 Houston we have a problem… NASA, our amazing national space program, wasn’t built from scratch. To keep startup costs down, the officials in charge of starting the program looked around at what the government already had built (such as  military bases, technical design centers, etc.) across the country and cobbled together a network of computers, manufacturing facilities and 

Read more

Download

Click on a file to download.