Blog

November 25th, 2014

OSX_Nov24_CSafari, the browser of choice for many Apple users, has seen a number of updates in the past, usually with a new version being introduced when a new version of OS X is released. Possibly one of the biggest features introduced has been the keyboard shortcuts. If you use Safari, here are seven shortcuts you may not be aware of.

1. Scroll up and down a screen

While you can use your mouse to scroll, if you are on a laptop or need to quickly scan down one screen, you can press the spacebar. This will move the page down one screen (based on your current screen size). You can move up one screen by pressing Shift + Spacebar.

2. Open a page in a new tab

If you are looking at a page with a link that you would like to click and open, but you would like to also keep the existing page open, you can do so by simply pressing Command + clicking on the link. When you do this, the link will open in a new tab. You can also use this shortcut with bookmarks, and if you are entering a URL, hit Command + Return to open the URL in a new tab.

3. Open and close tabs

If you would like to quickly open a new tab in the same Safari window, press Command + T and it should open to the right of the tab you are currently looking at. If you would like to close the tab you are looking at, press Command + W. Should you accidently close the wrong tab, hitting Command + Z will reopen the closed tab, as long as you have not entered any information in say an address field or form.

4. Cycle between open tabs

Because of the tabbed nature of Safari, there is a good chance that you have one window open with multiple tabs. While you can simply click on the tab you want to switch to, you can also use Control + tab to switch to the tab to the right of the currently open one. Pressing Shift + Control + tab will switch to the tab to the left of the currently open one.

5. See a list of recent pages by Web address

When working in Safari, you can press and hold on the back arrow to view a list of recent pages you have visited. The problem with this is that sometimes you see just the page name, so if you have looked at a site with a long name, or the same pages, it can be tough to pick the right one to go back to.

Instead, press Option + the back arrow to bring up the list of recently viewed pages and their URL or Web address. This only works for the tab you are currently looking at.

6. Go to your homepage

If you would like to quickly go back to your homepage, press Command + Home key. This should automatically load the page you have set as your homepage.

7. Add page as a bookmark and open pages from your Favorites Bar

You can add the page you are currently looking at to your bookmark list by hitting Command + D. To open pages from your Favorites bar (shown below the URL bar) hit Command + 1-9. For example, if you hit Command + 3, you will open the third site on the bar (counting from the left). If you can't see the Favorites Bar, press View and select Show Favorites Bar.

If you would like to learn more about Safari, and other Apple apps, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Apple Mac OS
November 25th, 2014

Hardware_Nov25_CSelecting a Wi-Fi router, much like selecting any other piece of equipment for your business, can be a complicated task. There are so many different models and manufacturers out there that it can be a chore to work out the best option for your business. To help, here are some important features all routers for business should have, and what elements to look out for.

Essential features

For the vast majority of users, there are five main features that all wireless routers must have in order to make them useful in the office. They are:
  • Network type - Look at any router and you will quickly see that there are a number of different networks available. The four most commonly found are 802.1b, 802.1g, 802.1n, and 802.11ac. These designations are for how fast the router can transfer wireless data, with 802.11ac being the fastest of these four. Most offices should be able to get by on n routers, but those who have users connecting via Wi-Fi and cable may do better with 802.11ac routers - which are backward compatible with other slower network versions.
  • Throughput - This is closely associated with the router's network type, and is usually one of the first things listed on router boxes and specifications. To spot the router's throughput, look for Mbps. This indicates the speed at which the router is supposed to transmit data from your connection to users. It is important to note here that if you have a 100Mbps Internet connection, but buy a router that is only say 80 Mbps, then the total speed will be the lower figure, 80Mbps. Therefore, it would be a good idea to get a router with a higher throughput, or a close throughput, to your main Internet connection.
  • Range - This is particularly important for users who will be connecting via Wi-Fi, as they will likely not be sitting right beside the router. Generally speaking, the further you are from your router, the slower and weaker your connection will be. As a rule of thumb: 802.11ac and n routers will offer the strongest connections and greatest range. But this will all depend on where the router is placed and any natural barriers like concrete walls, etc.
  • Bands - On every single router's box you will see numbers like 5Ghz and 2.4Ghz. These indicate the wireless radios on the router. A dual-band router will have both a 5Ghz and 2.4Ghz radio which allows devices to connect to different bands so as not to overload a connection. Those who connect to a 5Ghz band will generally have better performance, but the broadcast range will be much shorter than the 2.4Ghz radio.
  • QoS - Quality of Service is a newer feature that allows the router administrator to limit certain types of traffic. For example, you can use the QoS feature of a router to completely block all torrent traffic, or to limit it so that other users can have equal bandwidth. Not every router has this ability, but it is a highly beneficial feature for office routers.

Useful features

As well as the above features, which are essential for business Wi-Fi routers, there are also some useful features that may help improve overall speeds and usability. Here are three of the most useful, but not essential:
  • Beam-forming - This is a newer feature being introduced in many mid to high-end routers. It is a form of signal technology that allows for better throughput in dead areas of a business or home. In other words, it can help improve the connection quality with devices behind solid walls, or in rooms with high amounts of interference. By utilizing this technology, routers can see where connection is weak and act to improve it. While this is available on routers with many network types, it is really only useful with routers running 802.11ac, so if you have devices compatible with 802.11ac, then this feature could help.
  • MIMO - Multiple-Input, Multiple-Output is the use of multiple antennas to increase performance and overall throughput. Most modern routers don't actually use multiple antennas or extra antennas to increase performance, instead utilizing this concept to ensure that more devices can connect to one router with less interference and better performance.
  • Antennas - Some routers, especially those geared towards home use, don't have physical antennas, while other higher-end routers do. With many wireless routers, the idea behind antennas is that they allow the direction of the best connection to be configured. It can be easy to think that these antennas will help improve connection, but when it comes to real-world tests, there is often only a nominal improvement if the antennas are configured and aimed properly.
While these features can help improve the overall connectivity and speed of a wireless network, they are not necessary for most business users. If you are going to be tweaking networks however, then these may help. Beyond that, concepts like beam-forming only work well if you have a wealth of devices that are 802.11ac compatible and these are still less popular than devices that are say 802.1n compatible.

Features to watch out for

There are a number of router features that manufacturers often tout as essential, important, etc., when in reality these features are often more about marketing and will pose little use to the vast majority of users.
  • Routers with advertised processor speeds - With many pieces of equipment, the processor speed is an important indicator as to how fast it will run, and how well systems will run. With routers however, there is usually a small requirement for processing power. Sure, some features like firewalls require processing power, but the vast majority of routers have the power to run these. Therefore, advertised processor speeds with Wi-Fi routers offer no realizable benefit to the majority of users.
  • Tri-band - While many routers have dual broadcasting bands, some newer ones are now tri-band. The idea and marketing behind this is that with a third band, throughput can be dramatically increased and this is often reflected in the speeds manufacturers say these routers can offer. In reality however, this often isn't the case, as all this extra band really does is allow for more devices to connect. You will most likely not see an increase in overall connection speed.
  • Patented or trademarked features - Almost every router these days will have individual features (also known as proprietary technology) that the manufacturer includes with the idea that it makes the router that much better, or at least uniquely different, than any other. While many of these features can be useful to some users, they should not be the main reason to select a router.

How do I pick the best router?

Go to any hardware retailer and you will quickly find that the sheer number of wireless routers out there is overwhelming. Sure, they all do the same thing, but some will be better than others. One thing to try is to look at the user submitted reviews of different routers online. While the manufacturers may claim one thing, it is the real-world users who can shed the best insight into products. Try to find more business-oriented reviews rather than views based on domestic use.

What we recommend is to contact us. We can work with you to help you find and set up the best router for your business. Get in touch today to learn more.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
November 25th, 2014

BCP_Nov24_CRegardless of what your business is, or where you are located, you may at some point face a disaster that affects your business operations. In order to make it through troubled waters without serious harm to your business you need to have a Disaster Recovery Plan in place. To help ensure that your strategy is ready, here are five tips that other businesses have learnt from facing disasters that you can work into your plans.

1. Have a full copy of your data backed up outside of your operating region

Almost every company, regardless of size, has backup measures in place. These backups can be either physical or digital, and are supposed to be carried out on a regular basis. If a disaster strikes, having access to your data can help ensure that you can recover your systems and resume operations in the minimal amount of time.

While backups are great, if you keep your backups in the same area as your main systems, or even if your offsite backups are in the same region, there is a chance that a large disaster, like a flood, or power outage, could also affect these backups too. One of the best solutions is to keep a current backup offsite, and outside of your operating region, with most experts recommending at least 150 miles (250 km) away from your main business area.

How do you achieve this? The best option is to use cloud-backup. Many providers host their backup service at a number of different data centers in various locations, so that should a disaster strike both your business and a nearby data center, your data is still safe at other centers.

2. Realistically test your plan

It can be tempting to simply develop a plan and then test it in a closed environment once or twice a year, make some changes where necessary and then sit back and hope it works. In truth, for any plan to really be effective it needs to be tested in a realistic environment. If this is not carried out then there is a possibility that the plan could fail when activated.

Because disasters come in almost any form and size, you are going to want to first identify as many potential problems as possible. From here, test your recovery plans based on these scenarios and see how effective they are. Be sure to also involve your colleagues and employees, as they too will need to know what to do when disaster strikes and what their role in the recovery of data is.

A good way to look at these tests is to think of them more as practice runs. As with anything, the more your practice the easier and more effective it becomes. In this case, good practice could literally save your business.

3. Update your plan as you update your systems

When you develop a recovery plan, you need to base it on the systems and technology you currently have in your business. However, these systems and devices may not be in use six months, to a year from now, or you may introduce new systems and improvements.

As soon as you make any changes, your existing recovery plan could become obsolete. Therefore, you need to ensure that when you introduce new systems or technology you are also updating the recovery plan to cover and fit with these changes.

4. Create an accessible plan

Many experts agree that having a physical plan that employees can see and access during a disaster is one of the best ways of ensuring that it is actually implemented properly. Therefore, when you develop a Disaster Recovery Plan make sure that all of your employees can access it at any time. This includes during and immediately following a disaster.

Beyond this, you need to make sure that the plan is consistent. If you update the master plan, but fail to update the copies you store in say a public cloud, or at different worksites, this will lead to confusion and even an increased recovery time or complete recovery failure. When you do update your plan, let all parties involved know that it has been updated and remind them where they can find copies of the plan.

5. Don't be the only fully-trained disaster recovery expert in your company

As a business owner or manager it can be easy to try and run everything yourself. Afterall, it is your business and you know exactly how to look after everything, right?. The problem is that if you are the only fully-trained disaster recovery person you are making yourself the weakest link in the plan.
Published with permission from TechAdvisory.org. Source.

November 21st, 2014

Security_Nov17_CNet Neutrality is one of the biggest tech-related issues currently making its way through the American Government. In mid-November President Obama made his stance on the issue known, while also introducing a plan for it and thereby bringing the subject to worldwide attention. Here is an overview of what Net Neutrality is and how it can affect you.

What is Net Neutrality?

In order to define Net Neutrality, we should first look at the main idea behind what the Internet is: a free and open medium where individuals can express and house thoughts, ideas, and more. It was founded on one principal, and one principal alone: All information and Internet traffic MUST be treated equally.

This free, open, and fair principle is what we call Net Neutrality. In practice, this idea prevents Internet providers, and even governments, from blocking legal sites with messages they disagree with, and restricting access to services and sites that don't meet their business needs.

What exactly is the issue?

At this time, major telecommunications companies providing Internet access are trying to push legislation through the US court systems that will essentially make it legal for them to throttle Internet speeds; asking other providers to pay fees in order to speed up access to sites and to even block some sites.

There are laws currently in place, set by the FCC (Federal Communications Commission), that prohibit providers from collecting, analyzing, and manipulating user traffic. In other words, according to the FCC, the role of the Internet providers should be to simply ensure traffic and data gets from one end of the network to the other.

Last year, it was uncovered that US telecommunications giant, and Internet Service Provider, Comcast demanded that Netflix pay them millions of dollars or they would limit the Internet speed of Comcast users trying to access the streaming service. Netflix tried to negotiate but the result was that Comcast did indeed cut user speeds. Netflix paid to avoid this from happening again. This act is an obvious breach of the main tenet of Net Neutrality: Equal access for everyone.

Combine this with the January 2014 ruling that the FCC had overstepped its bounds in regards to this topic and the increased lobbying by telecommunications giants against Net Neutrality, and you can quickly come to realize that the Internet as we know it is under threat.

How will this affect my business?

If nothing is done, there is a very high chance that you will be paying higher rates for Internet-based services (because the providers will be asking other companies to pay to guarantee speedy access which will then be passed along to you via higher rates). You may even be forced to use services you don't want to use because they offer better access speeds on your network.

Beyond this, because so many businesses rely on websites and the hosting companies that enable us to access them, there is a very real risk that these hosts may have access speeds cut. This in turn could mean that it will take more time for some users to access your website and services. Think of how you react when you can't access a website, you probably just search for another similar site which loads easily - now imagine this happening to your site. In other words, you could see a decrease in overall traffic and therefore profits.

What can I do about this?

First off, we highly recommend you visit The White House's site on Net Neutrality, and read the message that President Obama has recently posted there. To sum it up, he believes that Net Neutrality should be protected and the Internet should remain open and free. He has even laid out a plan with four rules that the FCC should enact and enforce:
  • No blocking - Internet providers are not to block access to any legal content.
  • No throttling - Internet providers cannot slow or speed up access speeds based on their preferences.
  • Increased transparency - The FCC is to be more transparent and push providers to follow the Net Neutrality rules.
  • No paid prioritization - There is to be a ban on providers insisting other companies pay to have equal access speeds.
You can bet that this plan will be met by stiff resistance both in government and by the telecommunications companies themselves. The FCC is an independent organization and it is up to them to select whether or not they want to enact President Obama's plan. One thing you can do is to publicly submit your comments to the FCC via this website. Any comments made will be seen by the FCC and are are publicly viewable. In the past, enough public pressure has been able to sway FCC decisions, so share this article and the links in it with everyone you know, asking them to take action as well.

What about other countries?

For now, the Net Neutrality battle is largely US based. The vast majority of Internet traffic starts or at least passes through the US. This means that if the telecommunications providers (many of whom own international subsidiary providers) can limit access to sites in the US it could very quickly become a world issue. Beyond this, other countries often follow laws that the US enacts, so it could only be a matter of time before we see similar bills passed in other countries.

In short, this is a major issue that could see the end of the Internet as we know it. If you would like to learn more about Net Neutrality and how you can help ensure the Internet remains free and open, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
November 20th, 2014

Windows_Nov18_CWhile there are many IT expenses business owners need to worry about, one of the biggest is usually software. In order to remain compliant and avoid potential legal disputes, businesses often invest heavily in software. If you have Microsoft software licenses, you may receive an email from the company asking you to audit these licenses. Here is an overview of what you should do if you do receive one.

The Microsoft Software Asset Management Review

Earlier this year, Microsoft announced that they will be sending out over 30,000 letters to small businesses who have purchased Microsoft software licenses. These letters or emails are focused on checking that you have the right number of licenses for your systems.

This program actually has three audit elements, or emails, that are being sent out to businesses.

  1. Internal self-audit email - This is the most common letter businesses have been receiving. It asks them to verify that they are compliant with Microsoft's licenses, which is usually done by sending Microsoft the software keys for each license or product purchased. They then compare this to their records.
  2. Software Asset Management (SAM) Engagement - This is a voluntary process where Microsoft sends a Software Asset Management partner to your business to audit your systems and see if you are over or under licensed. For companies who do agree to this, the audit is paid for by Microsoft. The downside is, if you are found to be non-compliant, you will likely face a fairly large bill.
  3. Legal Contract Compliance (LCC) audit email - This audit can be enacted by Microsoft if you put off a SAM or self-audit for an extended period of time. Essentially, this is a legal audit that you must comply with. If you are found to be non-compliant under this audit, you could face stiff legal penalties.

What happens if I receive one of these emails?

Should you receive one of these emails you will be asked to carry out the audit by a set date. Most of the emails contain a spreadsheet that you will need to put your license information into. This can take time because you will likely need to physically check every machine using Microsoft software for relevant information.

Auditors who come to your business will ask you for network and server access and any other form of information they think they can ask for.

Should you be found to be non-compliant or under-licensed, you will likely then be presented with a bill for the extra licenses. If you happen to be highly under-licensed, this bill could be quite large.

What should I do if I am worried about this audit?

An audit like this could be time consuming, costly, and above all is frustrating for any business owner. What we recommend is working with us. We can help ensure that your business is using appropriate licenses and, should you face a request to do an audit, we can help you through the process.

So, contact us today to ensure that your business is compliant.

Published with permission from TechAdvisory.org. Source.

November 20th, 2014

AndroidPhone_Nov17_CAndroid users, especially business owners and managers who use Google Apps, often rely on Google Calendar as a handy tool to help ensure that they stay on schedule. With the recent new version of Android, 5.0. Google has released some updated versions of their mobile apps as well. Google Calendar is one of the latest to undergo an upgrade, with some interesting new features introduced.

The idea behind the new Google Calendar

According to Google, the new Calendar app has been designed to truly help make lives easier. With the older version of Calendar, you have to take time to copy and paste information like location, phone numbers, and details into each event. This leads many users to simply skip adding important information when they create new events on their mobile devices.

With the latest version of Google Calendar, Google aims to make the creation of events and addition of information far easier. To do this, the new app has some useful features including:

Events pulled from Gmail

These days, when you book a flight or confirm a meeting, etc. you usually receive an email with a confirmation number and some contact information. In the new Calendar, events like this will be pulled automatically from Gmail emails and added to Calendar, along with relevant information.

For example, if you book a flight to attend a conference, you will see a new Calendar entry added with the flight information. Beyond this, events will be updated in real time, so if there is a delay with the event or you are sent an email update, Calendar will update this information on your calendar.

Assists

This new feature allows you to quickly and easily create group events. Now, when you create a new event and begin to type in information Calendar will make suggestions based on what you are typing.

For example, if you want to set a meeting with John at Starbucks around the corner you can start typing: 'Meet' and Google will come up with a list of suggested events. Tap Meeting from the drop-down menu and this will pop up in the text box. The drop-down menu changes to allow you to select more options, such as With. Tap this and enter the first letter of a name, and then select who to invite. The drop-down menu will change again and allow you to select a location by simply typing a few letters.

From the demo we have seen, this works quite well and definitely speeds up the creation of events.

Schedule View

This is a new view that has been designed to provide you with an in-depth view of the events you have scheduled. According to the Google blog, this view, "includes photos and maps of the places you’re going, cityscapes of travel destinations, and illustrations of everyday events like dinner, drinks, and yoga."

Essentially, this view makes it easier for you to see what is going on at a quick glance. Many mobile users find Schedule View particularly useful as they don't have to navigate their main calendar which can be tricky to read when you have a wealth of events planned.

How do I get the latest Google Calendar?

As of the writing of this article, the app is available on the Google Play store for all Android devices running Android 4.1. You should be able to get the app by updating the existing Google Calendar app. If you don't have the app, you can find it by searching for Google Calendar from the Google Play Store app.

If you are interested in learning more about Android, contact us today to see how our systems and experts can benefit your business too.

Published with permission from TechAdvisory.org. Source.

November 19th, 2014

Windows_Nov17_CThe discovery of the Heartbleed bug earlier this year was thought to be the biggest security issue of the year. While it has largely been dealt with, Microsoft has recently announced a similar and equally large potential threat. While details are fairly scarce, and there is a fix to avoid this issue, it is a threat all businesses with Windows Servers should be aware of.

The new security problem

On November 11, 2014 Microsoft released a patch for nearly all versions of Microsoft Server, along with patch notes that included the reason why the patch was released. In short, it was released to plug a security gap that the company calls Schannel Remote Code Execution Vulnerability.

This cryptically-named vulnerability essentially allows hackers remote code access by sending specific packets of data to a server. Data packets are made up of basic units of data communication combined in order to send data over a network.

Hackers can structure certain data into packets then breach a bug in Microsoft Server software, potentially allowing a hacker full remote access to that server and the ability to execute whatever code they so choose, including giving themselves full access to the systems and data hosted on your server.

This bug is particularly destructive because it affects the Schannel library on servers, which is responsible for encryption and authentication in Windows.

What versions of Windows server are affected by this bug?

This bug can potentially be found on nearly every version of Windows and Windows Server currently in use by companies, including:
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows 8/8.1
  • Windows Server 2012/2012 R2
  • Windows RT/RT 8.1
In other words, pretty much any business using Windows and Windows Server is at risk.

What should we do?

While this appears to be a big issue, and in truth it is, Microsoft has noted that they are unaware of anyone actually exploiting this bug as of the writing of this article. The company has also released a patch - MS14-066 that is supposed to fix the problem.

Therefore, the best action you can take is to update all of your systems running Windows. While it primarily affects servers, this could become a widespread issue if systems are not updated. What we recommend is contacting us as soon as possible. We can help ensure that all of your systems are updated and protected from this bug.

If you would like to learn more about Windows and how you can keep your systems secure, please do call us today.

Published with permission from TechAdvisory.org. Source.

November 19th, 2014

SocialMedia_Nov17_CYou've heard it before, and will hear it again: In order to have an effective social media presence you need to be active on more than one network. Many businesses realize this fact and are active on networks such as Twitter. The problem with Twitter, however, is that it can be difficult to master. To help, here are 10 Twitter tips.

  1. Keep posts on the shorter side - This may seem ridiculous, after all there are only 140 characters allowed per tweet, but keeping tweets short allows users to add their own comments and ideas when they retweet. Try keeping your tweets below 100 characters.
  2. Twitter is not about promotion - Studies have proven that tweets that promote a company or product don't usually do as well as messages that are more conversational in nature. If you want to ensure maximum interaction, aim for a mixture of tweets that consists of about 80% conversational and 20% promotional.
  3. Know what time to tweet - Each market is different, so take the time to research tweeting habits. If you see that the majority of your target audience is active during after-work hours, then it would make sense to tweet when they are more likely to be online. Remember, many Twitter users are connecting via their mobile devices, so you are probably better off tweeting during lunch hours, as well as pre- and post-work.
  4. Know what days to tweet - Much like knowing what time to tweet, it is a good idea to also know which days are best to tweet in order to maximize engagement. For example, if you are trying to interact more with other businesses (B2B) then it is best to tweet on days when the companies are open and an owner or manager is more likely to be looking at business systems and social accounts. Customers, however, are usually more receptive to messages on days when they aren't working e.g., Saturday and Sunday.
  5. Use hashtags - Hashtags in Twitter allow for categorization and make tweets searchable. For example, if you use the hashtag #fresh in a tweet and then search for 'fresh' on Twitter, you should see similar posts using the same hashtag.
  6. Use hashtags sparingly - There is a common trend in social media to use hashtags for nearly every word. This makes posts difficult to read and usually leads to people not sharing or retweeting your content. Instead, try to work one to three hashtag, at most, into your tweets naturally.
  7. Realize Twitter moves fast - The average trend on Twitter lasts about one hour, to one day. So, if you see a trend developing or beginning, act quick to join the conversation. Posting after the trend has faded will usually lead to tweets being ignored.
  8. Don't act on every trend - Trends come and go so quickly on Twitter that it can be tempting to try to jump on each one, or as many as possible, in order to get your message out to as many people as possible. However, not every style and subject will be relevant to your business. By shoehorning content to fit trends you could come across as insincere and lose interest from followers.
  9. Watch who you follow - Following people is one of the quickest ways to grow your own follower base - usually because users will follow those who follow them. But, when it come to business, you want to be sure to follow users who are relevant. For example, follow your customers, strategic partners, and even competitors. Following Twitter users who aren't relevant to your business is not going to get your messages read by the right people.
  10. Keep an eye on Twitter - In order to effectively spot trends and see what your target market is saying, it is worthwhile to use a program like Tweetdeck, which allows you to see all tweets, track hashtags, topics, and more.
If you would like to learn more about using Twitter in your business, contact us today to see how our services and solutions can boost your social media presence.
Published with permission from TechAdvisory.org. Source.

Topic Social Media
November 13th, 2014

Security_Nov10_CLast year saw a number of highly publicized security threats that many companies struggled to deal with. One of those was some nasty malware called Cryptolocker, which held your files for ransom. While this has now largely been dealt with, news is surfacing of a second version - called CryptoWall - that has begun to infect users.

What is Crypto malware?

Crypto malware is a type of trojan horse that when installed onto computers or devices, holds the data and system hostage. This is done by locking valuable or important files with a strong encryption. You then see a pop-up open informing you that you have a set amount of time to pay for a key which will unlock the encryption. If you don't pay before the deadline, your files are deleted.

When this malware surfaced last year, many users were understandably more than a little worried and took strong precautions to ensure they did not get infected. Despite these efforts, it really didn't go away until earlier this year, when security experts introduced a number of online portals that can un-encrypt files affected by Cryptolocker, essentially neutralizing the threat, until now that is. A recently updated version is threatening users once again.

Cryptolocker 2.0, aka. CryptoWall

Possibly because of efforts by security firms to neutralize the Cryptolocker threat, the various developers of the malware have come back with an improved version, CryptoWall and it is a threat that all businesses should be aware of.

With CryptoWall, the transmission and infection methods remain the same as they did with the first version: It is most commonly found in zipped folders and PDF files sent over email. Most emails with the malware are disguised as invoices, bills, complaints, and other business messages that we are likely to open.

The developers did however make some "improvements" to the malware that make it more difficult to deal with for most users. These changes include:

  • Unique IDs are used for payment: These are addresses used to verify that the payment is unique and from one person only. If the address is used by another user, payment will now be rejected. This is different from the first version where one person who paid could share the unlock code with other infected users.
  • CryptoWall can securely delete files: In the older version of this threat, files were deleted if the ransom wasn't paid, but they could be recovered easily. In the new version the encryption has increased security which ensures the file is deleted. This leaves you with either the option of paying the ransom or retrieving the file from a backup.
  • Payment servers can't be blocked: With CryptoLocker, when authorities and security experts found the addresses of the servers that accepted payments they were able to add these to blacklists, thus ensuring no traffic would come from, or go to, these servers again. Essentially, this made it impossible for the malware to actually work. Now, it has been found that the developers are using their own servers and gateways which essentially makes them much, much more difficult to find and ban.

How do I prevent my systems and devices from being infected?

Unlike other viruses and malware, CryptoWall doesn't go after passwords or account names, so the usual changing of your passwords won't really help. The best ways to prevent this from getting onto your systems is:
  • Don't open any suspicious attachments - Look at each and every email attachment that comes into your inbox. If you spot anything that looks odd, such as say a spelling mistake in the name, or a long string of characters together, then it is best to avoid opening it.
  • Don't open emails from unknown sources - Be extra careful about emails from unknown sources, especially ones that say they provide business oriented information e.g., bank statements from banks you don't have an account with or bills from a utilities company you don't use. Chances are high that they contain some form of malware.
Should your files be attacked and encrypted by this malware, then the first thing you should do is to contact us. We can work with you to help find a solution that will not end up in you having to pay the ransom to recover your files.

If you are looking to learn more about CryptoWall malware and how to boost your security and protect your data and systems, then we could you your first line of tech defence.

Published with permission from TechAdvisory.org. Source.

Topic Security
November 12th, 2014

Productivity_Nov10_CAs a business owner or manager, you likely send out a large number of emails each day. A certain percentage of your emails are probably sent to other colleagues, with the idea that they then create a message to send to a third party on your behalf. One way to ensure that the message gets through, while avoiding too much back and forth communication between you and your colleague, is to pre-draft the email.

What exactly is a pre-draft?

The idea behind pre-drafting an email message is that it helps to reduce the amount of back and forth between two parties when one of the parties is contacting a third party. If you have ever had an employee draft a message that came from you then you are likely well aware of the number of emails that can go back and forth before the email actually goes out.

Essentially a pre-draft is a message included in the original message that is to be sent along to a third party. When you include a draft message, the person who will be sending the message can then just cut and paste the content, personalize it, maybe tweak a sentence here or there, and then send it along.

How do I create one?

If you are currently working on an email message that will be sent by another employee on your behalf, try to come up with the outline and basic message yourself. It's best to clearly mark this message in the original email by using a flag like: "Message to send", and changing the actual message to another font or color.

Because most of these messages will be personalized, include placeholder text where your staff member can personalize the message. For example, To . This not only makes it easier to spot areas that need to be personalized, it also means messages can be sent out quickly and easily.

When is this useful?

To be honest, pre-drafting won't work for every type of email you send. But, there are some situations when this comes in handy, including:
  • When you are asked to provide a testimonial on a service. You can write a basic testimonial with areas for customization.
  • When you need to send follow up emails connected to a recently sent email campaign or message. You can draft a basic follow up message that can then be customized as your employees see fit.
  • When you want to post something on numerous social media sites. You can simply write the post once, then provide spots to customize based on the network.
  • Introductions and references. If you have been asked to provide a reference or an introduction, then draft a standard message which can then be changed as needed.
If you mark these emails as a pre-draft, or place them in a pre-draft folder, they can then be quickly found and modified in the future.

Looking to learn more about increasing productivity in your business? Contact us today to see how our systems can help.

Published with permission from TechAdvisory.org. Source.

Topic Productivity