Your IT support provider should insist on a good quality, modern firewall to give your business the best protection from intruders.

In all likelihood your business has at least one firewall (and if you don’t, you’re asking for all sorts of trouble if you haven’t experienced it already).  You know a firewall is one of those “must have’s” for a secure network, but do really know why it’s so important to your business?

A firewall is the device that bridges the connection from your internal network to the outside world.  Anything you do that connects to the outside world (e-mail, accessing internet directly or indirectly) goes through this firewall before your data reaches its ultimate destination.  Conversely, anything received from the outside into your network (e-mail, remote access, handheld communications) goes through this firewall before the data reaches your network. 

     How Your Firewall Keeps the Gremlins Out

Your firewall has a set of rules which, depending on how they are configured, allow communications in or out, or block them altogether.   Essentially, it’s the security guard that’s checking everyone’s credentials before authorizing access in or out of your network.  It’s intended to prevent unauthorized access to your network by ne’er do well hackers and scammers. 

     Old Firewall = Lowered Productivity in Your Business

An older firewall can cause slowdowns in all of your day to day business functions that rely on the internet (e-mail, accessing websites, handheld device usage, cloud / hosted applications) .  This is because the demands put on firewalls to perform their “security guard” jobs are ever increasing due to faster internet access, faster computers and companies’ increased reliance on the internet.   Think of one club doorman checking ID for 100 patrons a night 3 years ago, but now he has to check for 500 patrons – it’s going to take him a lot longer now to determine who is eligible to get through the door.

As your firewall ages, these slowdowns will become increasingly noticeable, affecting the productivity of those of your staff who rely on anything where the internet is involved.

      An Old Firewall Is Opening Your Door To Hackers, Inch By Inch

The software of the older models can’t provide the same level of security as the newer models.  Further, hackers are constantly finding new techniques to attack a network and these older firewalls have a harder time keeping up or may not be able to detect the latest attack on your network that could result in stolen data and disabling viruses.

4 Reasons to Upgrade Now

1.  Is the latest security against hackers and infections important to you?

2.  Is it important that your staff have the very fastest possible access to the internet (this would include
e-mail flow, downloading of attachments, access to hosted applications). 

3.  Are you paying good money to your internet provider for fast service?  If you want to get the most from your current internet service, you may be unable to due to the age of your firewall.  So if you are paying for 15mbps download (which is reasonably fast) this speed could be considerably compromised while your network is at its busiest because the older firewall hardware can’t keep up with demands.

Essentially firewall hardware gets faster concurrently with the processing power of computers.  So a computer built 3 years ago, is much slower than one built today.  Similarly, firewalls built 3 years are much slower than those manufactured today.

4  If your company relies on video via training or video conferencing, the load of these types of applications is quite intense and puts a lot of load on a network.  Video usage is where you’ll see a major improvement with an upgrade to a more recent firewall. 

Talk to a professional IT support provider today about what kind of firewall best suits the needs for your business.

Your IT Support provider should recommend the best battery backup suited to your business.

Is your computer plugged in?  Do you use a power strip with a surge protector?  If so, you are a heartbeat away from disaster and don’t even realize it. The same electricity you depend on to run your computers and network is also trying to destroy your data. 

Believe it or not, electricity is one of the biggest threats to your computer network and the data it contains. Here are four computer power problems you must know about and how to prevent them.

 1) Transients – Commonly known as surges and spikes, these are caused by lightning storms, wind, squirrels shorting out power lines, auto accidents, etc.  Several times each week these spikes can travel up the power cord into your computer damaging everything from power supplies to motherboards.  Conventional wisdom says use a power strip with a surge protector and you are safe.  As is often the case, conventional wisdom is dead wrong.  After several months, these surge protectors become useless having been zapped by the surges they were designed to protect against. 

2) Blackouts – Whether momentary or prolonged, the sudden loss of power can corrupt your PC to the point of not being able to start up again when the lights come back on.

3) Sags – This is when the power drops below normal.  Have you ever seen the fluorescent lights flicker for a moment?  Then you have witnessed a sag.  Sags are more common than surges and are caused when equipment like air conditioners, microwaves, water heaters, laser printers, copy machines and other electrical equipment are turned on or come out of sleep mode.  A typical small
office will experience 30 or more sags each day.  Sags cause many of the weird and unexplained problems computer users complain about every day.

4) Noise – Ever been watching TV and seen fuzzy pictures and/or white lines or dots when you turn on a
blender or vacuum cleaner?  This is the result of electrical noise. While a fuzzy TV picture is an annoyance, this electrical noise causes many computer problems including loss of data.. 

 So how do you protect yourself from electrical problems? The most simple and inexpensive solution to all four of these hazards is a battery backup.  The battery backup (also known as a UPS or Uninterruptible Power Supply) senses when there are problems with the power and automatically switches to the battery protecting you from computer damage and data loss. 

Choosing the correct battery backup for your computer or server can be tricky.  Having one with a battery too small is the same as having none at all.  For most desktop computers, a battery backup with a 500VA or larger rating should be sufficient to keep you going through momentary power problems.  Protecting your server requires detailed knowledge of the server functions and power consumption in order to pick the right battery backup solution.  Speak to a professional IT support provider about the right battery backup to protect your business.

Your computer support provider should urge you to break these bad habits!

Admit it; some of you have some bad habits when it comes to maintaining the security and “health” of the high-tech tools you dearly depend on. Since it’s a fresh, new year, we thought it would be appropriate to point out the top 5 bad habits you should work on fixing in 2012.

1. Not backing up your data. Funny how most people start their confession of not backing up their data with the words, “I know it’s bad, but…” If you know, then why are you still doing it? There’s absolutely no good reason to let this one continue.  Your IT support provider should INSIST you be doing this. As well they should be testing it monthly to make sure it’s always working so you’re not surprised when you need to rely on a backup.  

2.  Relying on tape drives to backup your data. This is almost as bad as bad habit #1. Why? Because tape drives have an average failure rate of 100% – and that’s not a typo. It’s not a matter of “if” but “when” is your tape drive going to fail. Trash ’em and get a better system in place!  Your computer support provider should warn you about the risks of tape drives. 

3. Using weak passwords. If you’ve ever used the word “password” as your password, we’re talking to you! A good password should contain a combination of numbers and upper and lower case letters.

4.  Not installing the latest security patches and software updates. Once a new patch is released by a software vendor, it acts like a green light for hackers who instantly implement viruses and scams to take advantage of those individuals who don’t regularly update (patch) their system.  As part of our Managed IT service plans, we take care of this for our clients so they don’t have to worry about it.

5. Printing and storing paper documents for everything. The cost of installing a document imaging (also called document management) solution has come down dramatically, and it is now easier than ever to implement. Plus you get the added benefits of saved storage space, saved time in searching for documents, instant access to any paper file via the Internet, fewer lost files, less chance of losing critical documents to fire, water, or wear and tear, AND a cost saving on paper and ink. With all these benefits, why would you still stick a paper filing system?

Want help in breaking any of these bad habits in your Toronto business? Contact Joe Stoll at JStoll@TechnicalActionGroup.com or 416-489-6312 x 204 for a no-obligation, no-pressure consultation on how we can help you break these bad high-tech habits for good!

Your IT support services Toronto provider should warn you about these dangers!

You can’t beat the convenience of checking e-mail and hopping on the Internet at (Wi-Fi) hotspots found in airports, coffee shops, bookstores, and even in some major parks. For the uninitiated, Wi-Fi hotspots are areas where you can use your wireless laptop to surf the Web and check e-mail.  But the question you have to ask yourself or your IT support provider is, just how safe is it to connect? With the proliferation of hackers, viruses and identity theft at an all time high, you are smart to be concerned. Wi-Fi spots are very attractive to hackers because they can use what’s called an “evil twin” connection to access your laptop.

An evil twin is a wireless hotspot set up by a hacker to lure people from a nearby, legitimate hotspot. For example, when you log in at your favorite coffee shop, you might actually be logging onto the evil twin Internet connection set up by the innocent-looking person working on a laptop at the next table.

The most dangerous evil twins remain invisible and allow you to do business as usual. But in the background, they record everything you are typing. Buy something online and they are recording your credit card information. Log on to your bank account, and they can grab your password. Some hotspots may even feed you a fake Web page after you log on asking you to update your billing information. This is the same tactic used in phishing scams.

So what can you do to make sure you are not giving an evil twin access to your laptop?  First, know the name of the hotspot by asking someone who works there. Some businesses will give you printed instructions that include the hotspot name. Again, be careful. Hackers will try to name their evil twin network by a very similar name as the real hotspot, and may even show up as a stronger signal.

The best protection you can have is connecting via your company’s VPN (virtual private network). A VPN will protect your online information by encrypting your data and activity even if you’re connected through an evil twin.  If you don’t have a company VPN, you should assume that someone is looking over your shoulder and recording everything you type in. The BEST protection without a VPN is to never type in information such as credit cards, passwords, or social insurance numbers when connected to a public Wi-Fi hotspot.

With a Managed IT Services in Toronto computer support plan, spyware can be detected early through regular scans of your systems.

Spyware is Internet jargon for hidden programs that advertisers install on your PC without your permission to spy on you, gather information, and report this information about you and your online activities to a third party.  Spyware is NOT harmless; it can be responsible for delivering a boatload of spam, altering your web browser, slowing down your PC, and serving up a bounty of pop-up ads. In some of the more extreme cases, spyware can also steal your identity, passwords, e-mail address book, and even use your PC for illegal activities.

Most spyware finds its way onto your computer via file downloads including free programs, music files, and screen savers found everywhere on the Internet. These nasty programs piggyback the download and run undetected on your computer collecting information about you and sending it out to a third party until they are removed. Although spyware has malicious components, it is not illegal, and it is not considered a virus because it doesn’t replicate itself or destroy data.

If you are experiencing one or more of these warning signs, chances are your computer is infected and you will need to seek professional help in getting the spyware removed.

#1. Your browser has been hijacked. If you open your Internet browser and a strange-looking homepage pops up and won’t go away, chances are you have a spyware program installed on your computer. You may also discover that you cannot modify your browser settings and that your
favourites folder has been modified.

#2. You conduct a search but another (unauthorized) browser completes it for you. For example, you type a search term into Microsoft IE but another browser pops up and lists various websites tied to your search term. This is a surefire sign of a spyware infection. You’ll also notice that if you try and remove this program, it comes right back.

#3. Your computer is unstable, sluggish, locks up, or crashes frequently. Spyware programs run in the background taking up disk space and processor speed which will cause serious performance problems.

#4. You constantly get pop-up ads displayed on your screen, even if you aren’t browsing the Internet. Some of the ads may even be personalized with your name.

#5. You receive expensive phone bills for calls to 900 numbers that you didn’t make. Some spyware programs can use your computer to make calls on both a broadband and dial-up line.

#6. The send and receive lights on your modem blink actively as though you are surfing the Internet or downloading files online, even though you aren’t. More than likely this is due to spyware programs sending and receiving information via your computer without your permission or acknowledgement.

#7. Mysterious files suddenly start appearing on your computer, your files are moved or deleted, or the icons on your desktop and toolbars are blank or missing.

#8. Your CD drawer starts opening and closing by itself.

#9. You find e-mails in your “Sent Items” folder that you didn’t send.

Because spyware is so prevalent on the Internet, it’s a good idea to  have a managed IT services in Toronto plan where your outsourced IT support company will regularly scan your systems to clear out any potential infections.  Most spyware programs are designed to run undetected by the user. That means you could be infected and not even know it.

A reputable IT support in Toronto provider will never expose you to lawsuits by installing pirated software on your network.

ALERT!  If your business or your IT outsourcing knowingly uses pirated software (or if you’re not 100% confident it’s not), you MUST read this to learn the expensive hot water your business can get into if it gets caught.

According to the Business Software Alliance, Software piracy is defined as the unauthorized copying or distribution of copyrighted software.

This can be done by copying, downloading, sharing, selling, or installing multiple copies onto personal or work computers. It ‘s illegal, increases security risks, and can wreak havoc on your computer network, diminishing employee productivity.

A Cautionary Tale From One of Our Own Small Business Clients

Last month I received a phone call from a distressed business manager from one of my clients regarding a very threatening letter he received from the law firm that represents the Business Software Alliance. The letter accused my client’s company of copyright infringement by way of installing copies of Adobe and Microsoft software without properly licensing them. Amidst the letter were stern threats of recovery of damages, legal fees, and statutory damages of up to $20,000.

This isn’t the first phone call I’ve received like this and in fact, I’m getting more and more of these types of calls from clients, small and medium businesses ranging in employee size from 15 to 40 staff.

Small Business Is A BIG Target For Legal Action

Given that the small business sector is a fast-growing segment of the economy, software providers are now going after small business with a vengeance to ensure that all their products are properly licensed. And the settlements can be huge, ranging from a minimum of $15,000 to over $15M.

I recently learned of a Halifax based company with under 20 staff that was found guilty of piracy, and fined over $20,000. In addition, this company had to pay thousands in their own legal fees to deal with the suit, and those of the Plaintiff they were ordered to cover.

When that financial hemorrhaging was done they had to purchase the software anyway (as is always the case in these situations).

Thousands Of Businesses Are Using Pirated SoftwareWithout Management Being Aware

Many CEO’s and Management Executives don’t even know (like some of my clients) that pirated software was being used in their business because either a) the software was installed before they joined the company; or b) staff did it without their knowledge; or c) their IT support provider wanted to save them some money. 

In most if not all cases, the employee or IT provider secured pirated software only with the intent to save money – not realizing the potential ramifications of doing so. 

Piracy Can Cost Your Business More Than Cold Hard Cash

Reduced productivity / Performance issues:  Software pirated from sharing sites on the internet is often hacked, and features often don’t fully function as they are supposed to.  Plus, you can’t get access to bug fixes from the vendor as they are released.   If software that you purchased legally has been copied multiple times, some of the copies may not be able to receive bug fixes.

Security Risk:  Software pirated from sharing sites often contain spyware which can infect your network resulting in theft of your confidential data. 

Time and stress:   For management while they deal with a software audit, lawyers and potential litigation. 

 Steps To Make Sure You Are Properly Licensed

To confidently defend a claim or prevent one in the first place, take these steps:

1.    Create a culture of compliance.  Devise a formal policy internally stating that all software installed on every server, computer, laptop, and handheld must be approved by management, and properly licensed.

2.    Create a filing system or tracking sheet where you centrally document all purchased software, license numbers, and each location where the software is installed.

3.    Keep all software media in a locked cabinet where only individuals responsible for installation or maintenance of your system, have access. 

4.    Severely restrict who has the capability to install new software on company assets. 

5.    Complete an audit with your IT support provider.  Ask them what’s currently installed on all systems and assemble a list of all licenses that have been purchased.  Once this has been completed, determine any shortcomings, and purchase licensing as required. 

How Do Companies Get Caught With Pirated Software?  Hell Hath No Fury Than The Disgruntled Employee.

The Business Software Alliance makes it easy and quite lucrative for whistleblowers who come in the form of terminated or disgruntled former and current employees to report knowledge of pirated software.  Through one simple phone call to a 1-800 number, or an on-line form they can confidentially report infractions that pave the way for the Business Software Alliance to start an investigation.   Awards from $5,000 to $1M can be paid to the whistleblower based on the settlement against the offending company.   Clearly, settlements of this size serve as a real incentive for that disgruntled employee to reap their revenge.

In the last few months the BSA has taken to advertising on the radio about reporting software piracy, and the rewards to whistleblowers.

MORALE OF THE STORY: It’s cheaper to buy the software upfront than to deal with the cost and aggravation of an audit, legal fees and fines in the future.  And it’s the law. An honest, and reputable Toronto IT support provider will not install pirated software on any of your hardware.

IT outsourcing in Toronto can reduce phishing attacks in your business network.

A phishing e-mail is an e-mail sent by a hacker designed to fool the recipient into downloading a virus, giving up their credit card number, personal information (like a social security number), or account or login information to a particular web site. Often these e-mails are well designed to look exactly like an official notification from the site they are trying to emulate.

For example, a recent phishing e-mail was circulated that appeared to come from Facebook stating that videos or photos of Osama Bin Laden’s death were posted online. These e-mails looked exactly like a legitimate Facebook e-mail and even appeared to come from “Facebookmail.com.”  Once you clicked on the e-mail the phishing site would attempt to install a virus on your machine.

And now due to recent security breaches with Sony and e-mail marketer Epsilion, phishing attacks are going to increase – and they are going to get more sophisticated and harder to distinguish from legitimate e-mails. That’s because the hackers that were able to access the private databases of the above mentioned companies now have the name, e-mail and interests of the subscribers, and in some cases birthdays, addresses and more. That means a phishing e-mail can be personalized with relevant information that the user provided to Sony, making the e-mail appear to be more legitimate and the user more likely to click on the links provided and take the actions requested. Now more than ever it’s critical that everyone in your Toronto business be wary of e-mail notifications and the actions they request you take. Even having good anti-virus software installed won’t protect you if you give your account information away freely.  But a reputable class of anti-virus is an important part of network support and security / management as part of  IT outsourcing services you purchase for your Toronto business.

Security is a major focus of a Managed IT services plan.

If you’re like most technology-reliant businesses, you’ve spend a great deal of time and money making sure that you have a good firewall, your servers are secured, controlling who logs onto your network and what they have access to. While all of these activities are a vital component in a secure network, very often the workstations (desktops / laptops) are least secured in the entire network and poses the greatest amount of risk because of users trying to get their work done as quickly as possible and don’t understand the security implications of their actions.

In a nutshell, you’re making sure you have a good lock on the door, a good security system that protects the perimeter of your house (windows, doors), but very often little thought is given to who is let in when the doorbell is rung by visitors.

Due to the plethora of new and increasingly sneaky cyber criminals lurking for unsuspecting victims, the area that we most need to focus on is in securing each laptop and desktop in such a manner so that staff members can still meet their daily work objectives, while making sure that confidential business data is not vulnerable to leaving the company and falling in the wrong hands. In a nutshell, you need to protect yourself against those that you let in while your employees do their work.

How do you know if you’re letting anyone dangerous into your network?

Obvious sign: When you get a virus infection and pop ups.

Silent Thieves: When software is installed on your computer externally and sits on your computer dormant until it’s activated from a remote location and then steals your confidential data which could be credit card information, passwords to any and all websites, client contact information. Very often you don’t even know it’s happened.

The most dangerous break-ins are the ones you don’t even know happened.

Who are you letting in? At the least, kids who are just trying to be disruptive. At worst: Cyber criminal rings located off-shore, who are impossible to find.

Here are some steps you need to take with your workstations to prevent your employees from
unwittingly inviting danger into your network:

1. Make sure users don’t have any more access on their computer than they absolutely need. They shouldn’t be able to install ANY software themselves. If anyone other than your key IT contact has administrator privileges, remove them immediately.

2. As a company, make it a policy not to allow any free or pirated software onto your network. Many of these have software imbedded in them that search for passwords, credit cards, and will launch attacks from your network.

3. Make sure you have good quality, up to date antivirus software installed on each PC and laptop.

4. Make sure you have good quality up to date malware. Malware looks at websites that your employees are visiting, and looks for phishing websites. Phishing websites look authentic (could even look like your bank) but their sole purpose (among other destructive goals) is to capture any confidential information you enter into the website (account numbers, credit cards, etc). Malware detects these types of sites and blocks them.

5. Keep all Windows software up to date with current patches and fixes to bugs.

6. Keep all third party software up to date with patches and fixes.

7. Enforce an Acceptable Use Policy and make your staff aware of the risks of not governing themselves appropriately while using their computers.

8. Make sure people have access to only the data they need to, and nothing more. For instance, prevent all non-finance staff from accessing financial information and HR folders . Only provide access to customer lists to the employees that need them to do their jobs.

9. Do not share passwords. Have an automated process in place to force your employees to change their passwords every 90 days. Use complex passwords using a combination of letters, symbols and numbers.

10.For users who need remote access, make sure you have the most secure solution possible so as to prevent hijackers from intercepting information as it’s being transmitted between your network, and your remote user.

Mobile Devices Can Also Invite Trouble

Asking employees to be more careful about where they keep their laptops, phones, and tablets IS a good step in the right direction, but accidents happen and thieves are always on the prowl. That’s why it’s so important to take measures to lock down and secure any mobile devices you and your staff use to access your company’s network. Here are just a few actions to take:

Encrypt All Information – Drive encryption software such as BitLocker (which is included with Microsoft Windows 7) can secure all the data on your hard drive. Also, check your computer to see if it has a Trusted Platform Module (TPM) chip which is generally more secure than those without TPM.

Multi-Level Access Security – Don’t rely only on passwords to keep your laptop safe. Hackers can usually break most passwords in a few hours. We recommend adding a second way for people to prove that they are who they say they are BEFORE they are able to log in. Some people use smart cards to do this, but fingerprint pads are gaining in popularity.

Log / Back-Up Information – It’s critical to log and back-up all information on business laptops to ensure smooth operations in the event of loss or destruction. We can automate the backups so they are done ON SCHEDULE and in a way that won’t interfere with the use of the laptop.

The Right Response – What happens when an employee loses a laptop? Do you have a next step action plan in place? If not, we suggest calling your computer support provider to report the loss. The sooner they know, the sooner they can take preventative actions to lock that laptop out of the network. A blame culture where people are afraid to report losses is actually much worse for security.

Security is a big focus in a professionally Managed IT Services Toronto plan so as to keep your valuable data in your Toronto business secure, keep intruders out of your network, and limit viruses.

With a managed computer services plan in Toronto, embarrassment like this shouldn't happen.

Back in April, the largest known e-mail security breach took place when Epsilon, an online marketing corporation, had their clients’ lists of e-mail addresses stolen by cyber thieves.

Epsilon was in charge of maintaining the e-mail databases and campaigns of some of the largest corporations in the country, including 1-800 Flowers, Best Buy, Walgreens, JPMorgan Chase, Capital One, and more. In fact, there’s a good chance that you’ve received “apology” e-mails from one or two vendors.

While some said the breach didn’t cause a whole lot of damage, we disagree. Essentially, these cyber criminals now have the ability to invent highly sophisticated phishing attacks by creating e-mail offers that look like legitimate promotions coming from companies they (the people whose e-mail addresses were stolen) buy from and trust.

And though it’s already common for cyber thieves to impersonate credible organizations with what appears to be legitimate e-mail messages that seek to verify account information, this recent breach of security allows cyber thieves to be smarter and even more targeted with their scams.

Two Key Lessons To Apply In Your Business—No Matter What Size You Are

First, you need to be a lot more wary of e-mail promotions and communications that ask you to provide your credit card information or to validate your account information (username, password, social insurance number, etc.). No valid company will ever ask you to send important, confidential information in that manner.

Second, this breach serves as a warning to all businesses that they must have the MOST up-to-date security systems in place for their computer network, especially if you handle client data such as credit cards, bank accounts, social insurance numbers, passwords, client lists and more. Epsilon has responded to the security breach, apologizing to all of those affected, but the damage is done to their organization, not to mention their clients.

That’s why we urge all of our clients to enroll in a managed computer services plan in Toronto. With a managed service plan, part of the network support services is monitoring your network’s anti-virus, firewall and security settings to make sure your network is fully protected against these damaging events.