USB Devices Can Pose a Significant Security Risk

USB flash drives have become a popular choice for people needing a convenient, portable, and cheap storage device for their data. Unfortunately, as the use of these devices increases, so does the risk of potential security breaches. Some of these risks include the introduction of malware such as viruses, worms, and trojans to the computer or even your network. By default, many Windows machines are configured to automatically run or execute software on USB devices. Malware can also reside in data stored on USB drives that can be triggered when the files are opened. For many companies, unmonitored USB devices also expose the company to the risk of unauthorized theft or exposure of sensitive, confidential data. You can limit the risks posed by using USB devices a variety of ways. One is to make sure your threat management systems, such as antivirus software, are updated and are set to monitor USB drives connected to your laptop or PC. To protect data on your computers and network, you can use data encryption tools or monitoring systems that log access to sensitive information. A clear policy on the acceptable and proper use of the company’s computing and network resources can help as well. Of course, the safest policy of all is to disable USB devices on company PCs and laptops altogether. Need more information on how to manage the use of USB portable storage devices in your company? Contact us to find out how we can help.

Why Public File Sharing and P2P are NOT good for business

It’s not uncommon for many small and medium-sized companies to use file sharing and peer-to-peer (P2P) platforms as a means to share information and data – especially when it comes to larger files that are difficult and sometimes impossible to attach to emails. And why not? File sharing and P2P is easy to use, simple, and inexpensive. And never mind if some employees download some personal files on the side – a song or a movie here and there never hurt anyone. Right? Wrong. The big catch when using P2P programs and common file sharing platforms is that it compromises your company’s security. Exposing your computers and your system to such a mode is filled with all sorts of risks. First, people can accidentally share files that aren’t supposed to be for public consumption. They may also inadvertently download viruses and Trojans that infiltrate your system, steal sensitive information, and cause untold damage. If you are on a network, even if just one computer becomes infected, it can spread to all other workstations on the network. Some unscrupulous P2P abusers even use other people’s computers to remotely store illegal data, such as child pornography. It’s very important that you have a secure system in place to handle large file transfers that cannot be shared through email. Guarding your network from outside infiltration is a must, but you don’t have to sacrifice efficiency and ease of use. So if you’d like to explore your options for secure file sharing, we’d be happy to lay out a plan that will fit your specific needs.

Could You Benefit From Managed Services?

Managed Services provide enterprise-level IT capabilities without a large initial capital investment for a predictable monthly fee—which can be appealing to small and medium-sized businesses such as yours. Are you a candidate for Managed Services? Take our quiz below. Managed Services checklist o   We’re having difficulty staffing qualified IT professionals. o   We’re concerned about the security of our data. o   We’re concerned about the security of our transactions. o   We’re concerned about the security of our communications. o   We aren’t always able to respond quickly to market demands. o   We need to reduce overhead costs o   Staying up to date with evolving technologies is difficult for us. o   Maintaining current hardware and software is time consuming. o   We need to operate in real time to meet 24-hour demand. o   We need to deliver services to remote offices or workers. o   Our growth depends on our implementation of new technology. o   We need to upgrade our infrastructure. o   We need to relocate our infrastructure. o   We’re undergoing a merger or acquisition. o   The scale of our operations is going to change. o   We want to expand into new markets. o   We’d like to focus our efforts on our core competencies. o   We need to focus only on mission-critical activities. o   We need to implement a global IT network, but we lack the resources. o   We’re concerned about our ability to keep up with the latest security threats. o   We’re affected by privacy or security regulations. o   We’re experiencing dynamic business growth but have a hiring freeze. o   We need to maintain our current IT capabilities but are downsizing. If any of the items apply to you, you may want to consider Managed Services. Bring your completed list to us today, and we’ll let you know how can help.

Debunking the “If It Ain’t Broke, Why Fix It?” Myth

Of course we’ve all heard of the saying “If it ain’t broke, why fix it?” And really, to some degree, that saying holds true. When it comes to technology, though, reality favors the opposite. You might have hardware right now that’s a bit old by industry standards but is still working, so there seems to be no need to upgrade or replace it. Sooner or later though, it’s going to cause you a lot more trouble than it’s worth. For instance, what if you are in a middle of a major project your hardware breaks down? Hardware manufacturers constantly upgrade their technology, leaving past models behind. This means that the older your hardware is, the harder it will be for you to find support or spare parts when things go wrong. Unless you have a backup plan, this scenario can turn into a big nightmare. And IF (that’s a big “if”) you can find the replacement parts you need, you’ll probably wait for weeks for them to arrive and for the repairs to get done, making you lose precious time and profit. The advantage of upgrading your equipment is that the more advanced it is, the higher the quality of your output. Your workflow can be made much easier and more efficient with better performing hardware specs and added features that come in newer models. And with the right support from manufacturers, any glitch or problem can be fixed within a reasonable period of time since parts and other replacement components are in stock and readily available. Of course, you don’t need to upgrade each time a new model is released. The key is to know when give your hardware a boost. If your upgrades are properly planned, you can change systems and replace equipment without compromising your productivity or output. So if you want to assess your current hardware, we’d be happy to sit down with you to create a roadmap for your future upgrades.

Business Impact Analysis Made Simple

Business impact analysis is an often misunderstood component of your business continuity plan—but it doesn’t have to be. First, let’s review business continuity planning, which is simply the creation and validation of a plan for how your business will recover critical activities after an extended disruption, such as a disaster. Business impact analysis is one of the first steps in creating a business continuity plan in that it simply seeks to identify your business’s exposure to a sudden disruption of critical activities. How do you conduct a business impact analysis? Many resources, including templates, are available. Let’s review the basic steps. First, when looking at your firm’s activities and the cost of their loss during a business disruption, you’ll want to be sure you consider both financial costs and non-financial costs (such as customer service, supplier confidence, and market perception). Be sure to consider a number of possible scenarios. For example, what if your building is completely destroyed? What if some key personnel are not available? What if the disruption occurs during a peak period for your business? Second, you’ll decide what’s critical and what’s not. An activity is probably critical if (a) its functionality is required by law, or (b) you consider its disruption unacceptable. Third, for each critical activity, you’ll then assign two values: a recovery point objective, which is the acceptable amount of data that will be recovered, and a recovery time objective, which is the acceptable amount of time to restore the activity. You may want to perform a business impact analysis before you create a business continuity plan—and your IT infrastructure will play a big role in both. Is your data backed up? How often? Give us a call and let us help guide you through answering these questions and developing a plan for your critical business needs.

Security Expert Warns Users to be Wary of Flash

Online security website OneITSecurity recently interviewed Charlie Miller, second-year Pwn2Own contest champion, and he shared several interesting insights on browser security – especially with the use of Adobe’s Flash plugin. In Pwn2Own, a contest held in CansecWest Conference , participants are offered a reward for finding vulnerabilities in popular software and operating systems. Charlie’s interview is particularly relevant with the recent headline mentions of Adobe Flash with Apple’s refusal to make Flash work with their popular iPod, iPhone, and now iPad products , citing its instability and poor security. Microsoft, in its most recent Security Intelligence Report , pointed to Flash was as the most commonly exploited browser vulnerability in the first half of last year. Charlie seems to share the same view, citing security issues as evidenced by the long list of security patches alone this past few months. His tip? Use Microsoft IE 8 on Windows 7 without Flash to be as secure as possible. If you can’t avoid using Flash, make sure you are using the most up-to-date version with all security fixes and patches applied. Too busy to do it yourself? Get in touch with us and we can do it for you as one of the many tasks we take care of with Managed Services.

Handy Tips for Internet Connection While Travelling

If you travel for business, chances are you need to connect to the Internet while on the road. Here are some tips to help: Set up wireless access. If you travel frequently, sign up for a wireless data plan from your service provider. Depending on the features of your mobile phone, you can use it as a substitute for your laptop for accessing your emails or browsing the web. Some devices support tethering—where you use your device as a wireless modem for network access. Newer generation netbooks and laptops natively support 3G, which allows these devices to browse the Internet in places where WiFi is not available. WiFi is your friend. If you haven’t signed up for a wireless data plan, your mobile phone is limited in its features, or you prefer to use a laptop that only has support for WiFi, do your homework and research whether your destination or nearby areas provide WiFi access.  Websites such as WiFi Hot Spot List , JiWire , and provide a database of places offering free WiFi. provides an annual list of Best WiFi Hotels as well. Dial-up as a last resort. You can always resort to dial-up if your location only provides fixed-line telephone access. Some ISPs still provide dial-up as an option and it’s a good idea to keep their access numbers just in case. Feel secure with VPN. If you are accessing sensitive data while travelling, certain programs will ensure secure access via public Internet connections.  One example is the use of Virtual Private Network (VPN) software which can create a private network between two or more computers. If your company provides this service, use it. If not, contact us and we can set one up for you. Note that while you have access to office resources such as company file servers, printers and email as if you were there, you could possibly be restricted to the same security policies as well. Interested in finding out more? Contact us to find out how we can help you stay connected on the road.