Start Using A Password Manager In 2020

Start Using A Password Manager In 2020

Jun 13, 2020 by Patrick

Passwords

Welcome to the digital age, and we do everything online. While some things are now more convenient, we have all run into another nightmare. Too many passwords! Websites usually require the following: an upper and lower case letter, a number, special character, and minimum 8 characters! Are you the person who uses the same password everywhere?

Are your sharing passwords with staff? Many companies are moving work to the “Cloud” suddenly staff needs access to websites and shared passwords. Is your level of frustration rising each day?

If you own a smaller company your employees are probably reaching out asking for a password to access something. Once you have shared your password, you have now put your data at risk. Will you remember to change it? Is it one of those easy-to-remember passwords that one employee can recite to the next employee? No one was ready for the current crisis. Most businesses did not have a plan in place for twenty (or 50 or 100) remote employees.

You do need something better than your favorite sports team’s name followed by a number. Remember there is not some guy is not locked in a dark room trying to guess your password. Today it is a computer trying to guess your password, a computer can  manage permutations of numbers fast!

So, what is the solution? The best option is multi-factor authentication (MFA) or two-factor authentication. Unfortunately, not all cloud providers utilize MFA functionality. A good alternate solution is a password manager or password vault.

Take some time today and Google “password manager.” There are plenty of great options, one I like to use is called LastPass. Managers are nice, you need to remember one password to access the vault and you can access from many different devices. A password manager can store more than just your passwords, they can store information like credit card and drivers license numbers. Hopefully, you are not the person who uses the same password for everything.

Download a password vault today and start using it today. A vault will easily generate complex passwords, store links to the sites you use, and auto-fill usernames and passwords. Best feature vaults encrypt your data, so it is a whole lot safer than writing them down or reusing them.

Cyber security 101 – Work from home

May 31, 2020 by Patrick

In March 2020 the world of working changed, COVID-19 forced many people and businesses began working from home. Employees and businesses were not the only the ones to adjust the way the worked. Hackers have gone into high gear launching new scams and attacks.

Cyber security has become very important and a lot of people, including businesses have not taken precautionary measures to protect from these new tactics. Some people are using their home computers to work, do you have adequate protection, is your company network safe?

Cyber Security Basics 101:

Encryption: Should your computer be stolen, encryption ensures the thief cannot view the content of your hard drive.

Virus protection: One trick hackers are doing is sending a lot more spam. Malware and viruses are often used interchangeably, you do not want either to infect your computer. Does your computer detect malware and viruses?

Update the big three (JAM): The following vendors should be update: Java, Adobe, and Microsoft. The biggest problems occur when one of these three is not up to date. Is there a computer still running Windows 7, Windows should be running at least Windows 10.

Device protection: It is just good practice to keep track of your devices, know where they are at all times.

Passwords: Make a practice of changing your passwords on the following devices: computer, router, and WiFi. If you live close to your neighbors the WiFi password is verify critical. Do not let others share your internet, you are responsible for the actions, especially the bad actions!

Router/Firewall: How old is your device? Have you updated the software on the device?

Virtual Private Network (VPN): This will create a tunnel between your location and your office. The communication is secured by encrypting it so even if you are sharing WiFi (coffee shop or hotel) no one can see it.

If you have any questions on how to achieve any of these or anything else feel free to reach out to DK Systems at 414-764-4465 today.

Do you Assume Apps Are Secure?

May 16, 2020 by Patrick

Don’t Be Fooled. Your Phone Has Tremendous Power to Track Your Every Move – Including Watching You and Listening in…

Without doubt, you’ve seen the TikTok videos popping up across every social media platform during the national quarantine.

Maybe you have made one yourself…or you have employees or friends making them…after all, they help pass the time…

But as it turns out, TikTok is owned and operated by Communist Chinese party members…assume they DO NOT abide by security regulations in the United States.

Which led the United States Department of Defense to warn Americans not to use the app, stating that TIKTOK has the ability to “convey location, image and biometric data to its Chinese parent company, which is legally unable to refuse to share data to the Chinese government”

Apparently, TikTok has the ability to track EVERYTHING you do on your phone…not just inside the app itself, but down to your keystrokes, the other apps you’re using, and even your data (content you post and more).

SCARY STUFF!

Especially since everyone you work with is at home using their personal devices to access and move company data – and they’re sitting next to their TIKTOK-ADDICTED TEENAGERS…

We assume, if an app is available in the app store, it’s ok to use it…don’t be fooled. TikTok is claiming that they’ve resolved the security issue…the Department of Defense isn’t taking them at their word…

Make sure you know the location of your data, who is accessing it, and from where!

What is happening with your Browsers and security?

Apr 28, 2020 by Patrick

With the release of the Corona virus the world has been turned upside down in the past 2 months…

Like most people, you have probably sent your employees home to work on their home devices (in-home network). 

Your data is online (you are not alone so is everyone else’s) – which is super convenient for everyone. Have your employees been trained properly to be well  EQUIPPED to handle your company data SECURELY?

Protection of your online data can be as simple adjusting the settings on your browser. 

The issue of not being able to get to your data when you need it, a security issue referred to as AVAILABILITY.

As a business owner, lack of AVAILABILITY and virus related SCAMS should be on a list of concerns.

Two things to think about…

  1. Are your employees putting data in places you CANNOT access, such as home computers and personal email? What happens if you let them go or they leave the company for your competition, your data will be lost – INACCESSIBLE or UNAVAILABLE. 
  2. Be on the look out for  scams – especially sites with pop-up windows to trick you into changing your home page or opting into something you don’t want (like a malicious browser plug in)…Or an infected site offering Corona Virus updates or something else in the news!

For more information, CHECK OUT these 9 common browser problems here you can see a few simple solutions to keep your employees on track, and your data safe.  

In addition, you will want to make sure someone is watching the data coming in from your home users remember, they probably do not have much in the way of HOME NETWORK SECURITY (e.g. Firewalls, updated antivirus software, or policies for their kids to follow as they connect with all sorts of gamers and TIKTOK enthusiasts around the world).

Work From Home

Mar 19, 2020 by Patrick

Recently America had a major event happen. As a result of this many large employers are requiring employees to work from home. I will be adding to this article as my time permits.

If you are not a large company you maybe asking what options do I have. This blog will go over what you need so your employees and yourself can work from home.

Phone:

Many businesses have moved to Voice over Internet Protocol (VoIP). Instead of using the traditional phone that has a PBX or landlines in a business they take advantage of the Internet. The pros out way the cons. Probably the biggest con with VoIP phones if the Internet goes down, you have no access phones. The pro side has many more benefits including: you can add a cell phone as a fail over (internet goes down calls go to a cell phone), you can take your phone anywhere, just plug it into an Internet port on your router, and international calls can be much cheaper.

Now the question you are probably thinking about more than phones.

How do I access all of my applications and data?

This answer will take a little more explaining because there are different options available. Ask three different IT consultant you may get three different answers. So this will hopefully provide you a little more knowledge.

Cloud apps, a lot has been talked about moving your data to the Cloud. It does make life easier because you can access your data from anywhere. A couple of downsides, security your information sits on someone else’s server that you have no access to, if you want to get your information back the vendor makes it difficult for you to switch back, and if the Internet goes down you cannot access your data.

Virtual Private Network (VPN) this provides a secure connection either between two offices or an end user and the main office. This option may require a different router/firewall. If you are using AT&T they make things a little more difficult to set up VPNs. Another important aspect is your Internet speed, AT&T DSL may work fine for one user, but after that it things might get slower. Spectrum and fiber optic Internet speed is much better.

Remote Desktop Protocol (RDP), is a protocol that allows you to access your computer remotely, with this you now have all of your resources, applications, printers, data, etc. RDP provides a faster connection because it is only sending screen updates back and forth, your PC in your office is doing all the work. In the past consultants would do a port forward so when you typed in your public IP address it would forward to the computer you wanted. Today this is very dangerous as there is a vulnerability and there are bots just trying to exploit this. Today DK Systems will not open up your port to the Internet, instead we integrate VPN and RDP for a secure connection. If your IT consultant offers to open your router/firewall to allow RDP through you need to look for a new consultant.

Cloud based remote access. This is a nice option and there are many to choose from. You install an agent on the computer you would like access to, go home sign into a website and you have access to your computer similar to RDP. Some examples: Splashtop, TeamViewer, LogMeIn, etc. When looking at these options watch for concurrent connections, some may allow you to install this on several PCs, but only access one at a time.

Here at DK Systems we are available to help you set up your work from home solution. Call today to speak to someone: 414-764-4465

Malware Scams

Jan 25, 2020 by Patrick

I decided to try to write this particular blog in hopes people might Google some of the phone numbers or error codes that are intentional scams. Have you ever had a something pop up on your screen and they are telling you to call a phone number, well please do not call any phone numbers that appear. Here is what will happen:

  • They will ask you to look at something like Event Viewer, you will open it, they will say do you see those Red X’s and Yellow !. When you say yes, they will tell you that is part of the malware or issue. These occur in everyone’s Event Viewer you are not special in this regards.
  • They will ask for access to your computer, once you do they will move the mouse around and look like they are looking at things.
  • In the background they could be installing remote control software to gain access to your computer in the future.
  • They may change your primary password, behind the scenes.
  • After they do they will tell you for $200 to $400 they can clean things up, if you say no and they changed your password you may not have access to your system.

Some of these are just ads meant to scare you. It usually works because they include someone talking and horns blasting. Try these steps:

  • Power off the machine.
  • Turn it back on
  • Open your web browser, if it asks if you want to restore pages, click No
  • Clear your Temporary Internet files from the beginning of time
  • Verify your applications are up to date: Java (if using), Adobe products (if using), and Microsoft

As I receive scams or find them I will update them, here is the list: You have a Malicious Pornographic Spyware/Riskware Dedected (Error # 0x80092ee9) Your Microsoft License has expired

As I find phone numbers of scams they will be added below, all of these numbers are being used for scams. DO NOT call the following phone numbers:

  • 1-844-531-2979 (fake malware support)

Ransomware, how to recover

Mar 13, 2018 by Patrick

For your business to be successful, you rely on the data to succeed, which lends itself to the fact that your organization needs to have some sort of security measures put into place to guarantee its safety. According to research 2018 is thought to be the year of ransomware, so is your business should prepare to deal with it. One of the best ways to deal with ransomware is to ensure that your company has a plan to restore data affected by ransomware.

Explaining Ransomware
It is one of the most brutal developing threats, ransomware is a type of malware that can encrypt the files found on a device so that they’re inaccessible by the user.  Files impacted can be spreadsheets, Word documents, QuickBook files, and photos, this malware can also infect system files making your system inoperable. The instigator of the attack will then demand payment for the files to be decrypted, paying this in no way guarantees your files will be returned. There have been several recent successful ransomware campaigns like WannaCry, Cryptolocker, and Petya, because of their success, these types of attack continue to rise.

The Future
Ransomware will continue to increase in popularity throughout the rest of 2018 and beyond. One of the key focal points for ransomware-using cybercriminals is efficiency, as well as creating initiatives and campaigns that will work throughout the year. In 2017 we saw the rise of readily available ransomware kits that allowed anyone to implement ransomware without knowing the technical details behind it. For a little more money services such as a  ransomware-for-hire were available for those who wanted to use it without going all-in on the campaign themselves. The end result was to make ransomware more accessible for those who wanted to take advantage of it. It is not beyond the realm of possibility that ransomware will use more advanced technologies in the future, as well. Artificial intelligence (AI) and machine learning could potentially allow for more effective means of ransomware distribution, which could become a bigger problem down the line.

But Ransomware is not the only Issue
Ransomware is just the tip and there is much more. The most dangerous threats are often the ones found within your own office. Your business’ data will always be at risk due to its users, the ones who rely on it most. Some examples of what can happen: accidentally delete a file, click on an email attachment, or even save a file incorrectly.  These are the unmalicious intended issues that can happen.  If you have never lost data, consider yourself lucky.

Despite the overwhelming odds stacked against you, it is just as likely that your organization could suffer from a hardware failure as a hacking attack, perhaps even more likely. If a natural disaster strikes, for example, there’s little you could do to actually stop a tornado, flooding, lighting strikes, or a power surge.

Solving the Problem
The best way to prevent unexpected troubles like a natural disaster, data breach, or hardware failure is to implement a data backup and disaster recovery solution from DK Systems. We can provide you with a solution that can regularly update backups and make changes to them as often as every fifteen minutes. This minimizes data loss and allows you to restore backups within a moment’s notice.

To learn more, reach out to us at 414-764-4465 option 1.

Tip of the Week: Crucial Pieces of HIPAA Compliance

Mar 7, 2018 by Patrick

If your business requires you to store medical data, you should be aware of how important your data security is, as a problem could potentially put your business at risk of closing up shop permanently. Security has to be a priority with so many regulations setting compliance standards that must be followed. How can you balance the effectiveness of your business without undermining its security?

Regulations like the Health Insurance Portability and Accountability Act (HIPAA) cause your business to have to work to remain compliant. However, this work becomes easier if you formulate your storage of sensitive materials–including medical records, to meet these regulations. For this week’s tip, we’ll go over some steps you can take to optimize your basic business security.

Encrypt your Data
Surprisingly, HIPAA doesn’t dictate that your business data be encrypted. However, this doesn’t mean that you should neglect to implement encryption, as it may just save your bacon if you are the target of an attempted data breach. When data is encrypted, it is scrambled so that it can only be properly viewed with an encryption key. A solid, military-grade encryption should be enough to discourage the average hacker.

Protect Your Data with Comprehensive Security Measures
Would you rather stop an attack before it affects you, or wait until your infrastructure has been compromised? If you’re like most people, you’d select the first option, which means that you want to make sure that you have a Unified Threat Management (UTM) solution in place. This solution leverages a firewall, content filter, antivirus and spam protection to protect your company and its assets. While this doesn’t render your company impervious to threats, they greatly reduce the number of them that you have to worry about.

Restrict User Access Based on Roles
It stands to reason that the more people who have access to something, the likelier it is for threats to get in, too. However, limiting a user’s access to the resources they need to complete their work helps to cut down on your potential exposure. This is especially important in an industry that is as data-heavy as healthcare, with records as extensive as medical ones are.

If your business handles sensitive information like medical records, you may not be compliant to industry regulations, and become subject to fines. DK Systems is here to help by ensuring that your data is secure and you meet all compliances that may apply to you. Give us a call at 414-764-4465 option 1 to learn more.