Are you numb yet?

By No Comments

Security’s important — you all get that — but after a while all of the shouting about passwords, hacks, murky intrigue, money lost, identity theft, Internet outages, and you just stop listening. You’re numb and you do nothing. Unfortunately, the bad guys are continuing their efforts to make money from you inaction. So at the very least, get a handle on your exposure.

But quite frankly, the sky is not falling.

Continue reading

Work Life Balance: In Defense of Work

By No Comments

Come  see us at our luncheon next Wednesday July 19th to learn more about Work Life Balance!

We have all heard the phrase “work life balance” and we all know what it refers to – how to keep from being burned out by our careers or our desire to make money. What I don’t like about the phrase “Life Work Balance” is that it draws up the image of work on one side of the fulcrum and life on the other — as though work and life were at opposite ends of the spectrum, that to work was to have no life and a life at its best means never working. I don’t agree.

Continue reading

The Sky is Falling!

By No Comments

I’ve been talking with some clients during the past several days that seem to think Wanna Cry is worse than anything Chicken Little could imagine.  It isn’t. There really isn’t anything earth shattering or drastically special about Wanna Cry. Let’s take a quick look at Wanna Cry and think a bit about how you may be exposed.

First, what is Wanna Cry? Wanna Cry is ransomware — a bit of malware that encrypts your computer files and then asks for $300 US or so,  to get them decrypted. Nothing new there. Ransomware has been around for years.

Second Wanna Cry is unable to spread to any PC with an updated Windows operating system that is version 7 or above.  In the case of Wanna Cry, Microsoft pushed out an update in March of 2017 that stops Wanna Cry from spreading. If you have an XP machine, you can download the update from Microsoft.

Third, Symantec anti-virus was blocking the actions of Wanna Cry before Wanna Cry appeared on the scene. I would suspect that most of the other anti-virus manufacturers are also blocking Wanna Cry type actions.

 

So why are news reports describing Wanna Cry with such words as “terrifying”, “devastating”, “fear”, etc?  Don’t get me wrong, I’m glad for the news coverage. Such coverage reminds us of the necessity for eternal vigilance. But I think that Wanna Cry became a news item because there was no other news to report at the time.

There’s certainly nothing terribly unique about Wanna Cry — it is ransomware and like many many other viruses it uses an exploit to infect computers. (“Exploits” are flaws in the operating system of a PC that a hacker uses to his advantage — such as encrypting your files.)

Exactly how Wanna Cry gets onto that first PC on your network has not yet been verified but by the time you read this it will almost certainly be found that the first PCs were infected via email. Once Wanna Cry is on your network spreads quickly to any vulnerable PCs on your network. Again, a fast spreading virus is not terribly unique.

Any network shares to which the infected PC has access are vulnerable and Wanna Cry will encrypt them. Again, this is not unique. Most all ransomware will encrypt your network shares.

I’m not saying you can ignore Wanna Cry and go about your business as though it did not exist. The point I’m making is that Wanna Cry can be resisted and treated like any serious malware.

So…to reduce your exposure to Wanna Cry (or any virus), stay up to date with a supported operating system for your servers and PCs. Insure that your computers’ operating systems are receiving and installing the manufacturer’s updates. Use paid anti-virus software (free anti-virus software rarely comes with automatic updates and without timely updates anti-virus software is worthless.) Filter out attacks at your firewall. Use a spam filter for your email. Don’t open email from strangers. Keep good (good = tested and disconnected from your network), backups of your important files.

If you are doing the above, you have basic and solid protection in place. Now do a check up on those systems to make sure they are working. If they are, then go back to managing your company. If you still can’t get any sleep at night, give us a call and we will take a look at your systems for you from an expert’s point of view.

Next Generation Firewalls Are For You!

By No Comments

While firewalls are universally known to stop a lot of uninvited traffic from entering your network, many business owners I talk with do not understand that firewalls can not only stop the outgoing flow of data but that some firewalls can discern between friendly connections and hostile connections and allow or stop traffic accordingly.

These newer or “next generation” firewalls are usually a bit more expensive than those you would pickup at the local office supply store or even the local computer store.  In order to be useful, they come with a subscription fee which allows a periodic (hourly to monthly) upload to your firewall so that the firewall knows what the latest attacks look like or where they are coming from and can block them.

The power of the next generation firewalls comes from their ability to look not only at where the traffic is coming from and where your network is attempting to send information, but from their ability to look at the content of the traffic and discern whether or not the data is malicious.

These next generation firewalls (often referred to as “NG firewalls”) offer a smorgasbord of bells and whistles so it may take a technical person to help you choose the one for your company.  If you are a typical small business it is likely that a basic NG firewall will suffice. Regardless of your choice, it will certainly be better than the firewall you currently have.

Will these new generation firewalls insure complete protection against intrusion?  No, of course not.  There is no magic wand. But the question not if they are the answer to a worry free network, the question is “Does their benefit exceed their cost?” And to that question  the answer is a resounding “Yes!”