Data security isn’t a matter to be taken lightly, as too many businesses have found out the hard way. Unfortunately, there are far too many simple ways to correct common security issues - enough that it’s foolish not to do so. We’ll review a few ways to fix security issues, after discussing one of, if not the, most egregious security failings in modern history.
You’ve heard it said that it’s a best security practice to routinely change your passwords. The idea here is that, if a password were stolen, then it would lose its value when the user goes to change it. While this sounds like solid logic, new research shows that it may actually be better NOT to change your passwords.
This may be a hard pill to swallow for IT administrators who have always required users to change their passwords every few months or so. However, seeing as this practice could make accounts less secure, it’s worth considering.
The idea behind this theory is that, whenever a user goes to change their password, they’re often rushed or annoyed and end up creating a new password that’s less secure. The Washington Post puts it like this: “Forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.”
Think about it, how often have you changed your password, only to change it from a complex password to one that’s easier to remember? Or, have you ever kept the same password and just added a number at the end of your new password? This covert move will do little to deter a hacker. Carnegie Mellon University researched this topic and found that users who felt annoyed by having to change their password created new passwords that were 46 percent less secure.
Plus, let’s consider the hypothetical situation of a hacker actually stealing your password. Truth be told, once they’ve gotten a hold of your login credentials, they’ll try to exploit the password as soon as they can. If they’re successful, they’ll pose as you and change the account’s password, thus locking you out of it. In an all-too-common situation like this, the fact that you’re scheduled to change your password at the end of the month won’t change anything.
Additionally, ZDNet points out yet another way that regularly changing passwords can make matters worse: “Regularly changed passwords are more likely to be written down or forgotten.” Basically, having a password written down on a scrap piece of paper is a bad security move because it adds another way for the credentials to be lost or stolen.
Whether you do or don’t ask employees to change their passwords is your prerogative. However, moving forward it would be in everybody’s best interest to focus on additional ways to secure your network, instead of relying solely on passwords. This can be done by implementing multi-factor authentication, which can include SMS messaging, phone calls, emails, and even biometrics with passwords. With additional security measures like these in place, it won’t matter much if a hacker stole your password because they would need additional forms of identification to make it work.
To maximize your company’s network security efforts, contact Info Advantage at (585) 254-8710.
When was the last time that you ran into a problem that was easily solvable, simply by restarting your computer or unplugging a device from the wall, then plugging it back in? Often times, simple troubleshooting tactics can be enough to resolve a problem, but more often than not, there are issues that can’t be easily resolved. It’s these ones that hold businesses back, and we’re here to help.
Next time you run into a PC problem that you just can’t wrap your head around, try out these six troubleshooting tips.
Info Advantage can be your outsourced IT experts. To learn more, reach out to us at (585) 254-8710.
Wireless Internet signals, referred to most commonly as Wi-Fi, are commonplace in every office. Even organizations that don’t often need access to the Internet, like restaurants and coffee shops, have wireless connections available for customers to use. However, just because you can connect to free Wi-Fi, doesn’t necessarily mean that you should.
One of the big problems with free Wi-Fi is that people who use public connections are fully aware of just how dangerous it is; yet, they still want to use it. The Identity Theft Resource Center claims that 78.5 percent of users who connect to free Wi-Fi understand that there are major risks involved, and yet only 26.7 percent use a VPN to keep themselves safe. Thus, free Wi-Fi should be approached with caution. Here are just a few reasons why you need to be careful when accessing public Wi-Fi.
Anyone Can Access It
If the Wi-Fi isn’t protected by a passcode, the network is vulnerable to hacking attacks and other threats. Plus, if the router isn’t configured properly, the passcode doesn’t offer much help. The fact that anyone can access it at their leisure means that there’s virtually nothing stopping hackers from connecting to the router and spying on other users.
It’s worth mentioning that, although we use the term ‘hacker,’ even a mischievous child with a bit of curiosity and the proper know-how could access your files via public Wi-Fi if the connection isn’t secure.
Free Wi-Fi is Highly Used
It’s natural that a free Internet connection will attract attention from people. That said, the more people who connect to a Wi-Fi network, the slower the connection, and the more likely it is to house a hacker. Hackers understand that free Wi-Fi draws plenty of victims, so they’ll use the convenience to find new targets.
Data Isn’t Encrypted
Encryption adds an extra layer of protection to any data that’s sent to and received across an Internet connection. When routers have encryption, hackers have a more difficult time stealing data. Therefore, you should only connect to routers that have encryption, and it’s unlikely that your run-of-the-mill router at your local restaurant has it.
What You Can Do
You may not be able to control who secures their public Wi-Fi routers, but you can take steps to protect yourself if you’re ever in the position where you feel you must use it. Here are three best practices for keeping your devices safe while using a public Wi-Fi network:
To learn more about how you can keep your data safe from prying eyes, reach out to Info Advantage at (585) 254-8710.
When you mention the term 'disaster recovery,' most people think about the big ground-shattering events like earthquakes, fires, floods, tropical storms, etc. While these natural events are certainly disasters and devastating in their own right, smaller things can constitute as a disaster for your business, and they aren't seasonal.
To Info Advantage, a disaster is anything that involves a major loss of data or major downtime. When one of our clients experience a server malfunction that leaves most employees sitting idle unable to work, that is a disaster.
The Cost of a Disaster
Downtime is a very terrible expense to not try to avoid. Try this simple formula for yourself:
Number of Employees Affected by an IT Outage X Average Employee Hourly Cost (NOT WAGES)
+ Average Company Hourly Income X Percentage of Income Lost Due to the IT Outage
This simple formula will tell you about how expensive every hour of downtime is for your company. The hardest value in the formula is understanding the percentage of income lost. Not all companies might have a figure, but you will want to consider it as you do the math. This doesn't include the cost of repair, consultation, parts, or any of the remediation required to get things back up and running.
What Brings Disaster?
Disaster can strike from any direction. Hard drives can go, data can be corrupted, hardware can fail, and networks can go down, and systems can become infected with viruses and malware. User error can cause disaster, as well as theft and other malevolent activity. While companies should take precautions to safeguard themselves against threats both external and internal, and managed maintenance can prevent a lot of foreboding issues, having a solid disaster recovery plan can mean faster turnaround when there is devastating downtime.
Employing a disaster recovery plan starts with the data - your most important IT asset. Computers can be replaced, hardware can be repurchased and software can be reinstalled. Your data is the culmination of countless hours of work by all of your employees ever. It's no wonder why most businesses that suffer a major data loss go out of business within the first year. You can lose your credibility, and things go into disarray. Data needs to be backed up.
Your backed-up data should be archived regularly offsite. Most importantly, your backup solution needs to be easy to test, and tested regularly. You don't want to find out your backups are corrupted when it is too late.
The time to put together your company's disaster recovery solution is now. Contact Info Advantage at (585) 254-8710 to talk about solutions for safeguarding your data and your business in the event of a disaster, large or small.
If you’re constantly on the go, you are going to need a laptop that can keep up with your busy schedule. Many business professionals find themselves in need mobile computing to accommodate with busy travel; to check their emails, go over notes, or even finish up sales presentations. However, laptop batteries can only last so long without needing a charge, and that isn’t always a readily available option. Here are some times on how to extend your laptop’s battery life so you don’t have to worry whether or not it’s going to run out while you’re out doing business.
Adjust your Display and System Settings
There are a multitude of display and system settings that can be adjusted to lengthen the life of your laptop’s battery. For example, you can reduce the display brightness, turn off the screensaver, and set the laptop to hibernate rather than just go to sleep. Hibernation mode will make sure that the computer is not consuming any power while it is not in use. You can also turn off the WiFi or Bluetooth setting when not in use to give yourself a few more minutes of battery life.
Check Your Power Settings
Today, many laptops come equipped with an option of power settings to help optimize the laptop’s life and performance. In Windows, the Power Plan setting allows you to choose between standard settings or customized plans. MacOS systems use what’s known as “Energy Saver,” which will automatically adjust display or other system controls.
Don’t Overload Your Laptop
When you’re in a rush, it can be easy to leave up multiple tabs and applications for easy use. However, the time you save not closing out your apps will cost you in battery life. Having too many tabs open on your laptop’s browser can drain its power and slow down your productivity. Make sure you close all browser tabs and applications after you’re finished using them to save yourself more battery time.
Need an on-the-go laptop, but aren’t sure what features and specifications you want included? Contact the Info Advantage technology specialists at (585) 254-8710 today to talk about which model would be best for you and your business.
Servers are the backbone of many businesses, as it is responsible for the communication and the exchanging of data. Since there is so much relying on servers to run properly, it is imperative to keep them well-maintained to ensure that business will not be interrupted. Here are a few steps businesses can follow to make sure your servers will continue to run without any issues.
Backup Your Data
Regular back up is the first and arguably the most important step of server maintenance. In the case of disaster, such as server failure or a cyber-attack, backup can be used in order to restore your data with little to no downtime needed. Experts suggest that you do multiple backups, making sure to keep at least one outside of your business or network. One of the easiest and safest ways to keep your data backup safe is to use a cloud service, which can be maintained and connected to from anywhere that you can connect to the web. Along with data, it’s also recommended to backup any device drivers, along with the network configuration. This will make it much easier to restore your server in case of failure.
The Right Environment
If you have physical servers, you’re going to need to make sure you have the right environment. Your servers should be in a separate, air-conditioned room. This will ensure that they do not overheat, and that the noise won’t disrupt your employees. It’s suggested to clean the servers, and all of the removable media drives, on a regular basis. Keeping them clear of dust will help keep your servers running at their best condition and running properly.
Keep Everything Updated
An upgrade or patch may be the one thing that keeps your severs safe from malicious attacks. Make sure to keep a careful eye on any new updates, and make sure that everything is up-to-date. In addition to upgrades, make sure you keep all of the other systems that keep your server running smoothly. Experts suggest that businesses should check their security systems, server utilization, and user accounts frequently to make sure there aren’t any issues. In addition, it’s recommended to change any passwords you may use every 6 to 12 months.
Having trouble keeping your servers maintained properly? Call Info Advantage at (585) 254-8710 today to talk to a specialist about the best solution for your business.
If you’re an avid online shopper, you know the struggle of having to fill out your information each and every time you want to make a purchase. For many, autofill is a way to save time when shopping online. While this feature is convenient, it can also put your data directly into the hands of cybercriminals if a user isn’t careful.
How They Do It
Hackers are able to use autofill to their advantage by adding hidden fields in a sign-up form. These fake sign-up forms try to trick users into giving up more information than they think they are. The form may seem to only ask for a name or email address, but can secretly also take any other information that has been saved in a browser’s autofill. This could include information such as a billing address, phone number, credit card number, security codes, and other sensitive personal data. While this method of attack isn’t necessarily new, whitehat hackers have had trouble finding effective ways to counter the threat.
Prevent an Autofill Attack
Autofill attacks can happen to nearly any user on any browser that has autofill enabled. However, browsers such as Chrome and Safari are particularly prone to these types of attacks, as autofill comes pre-configured when the browser is first downloaded. To avoid these types of attacks, experts suggest using a browser without autofill, such as Firefox. If you want to stick with Chrome or Safari, you may want to consider disabling the autofill feature. If you enjoy the convenience of autofill, make sure you only utilize the feature on sites that have been marked as secure. Otherwise, it’s advised that you take the time to fill in each field by hand to avoid giving information you don’t want to give.
Worried that your sensitive data might be at risk of leaking? Call Info Advantage at (585) 254-8710 today to talk to a security expert about how you can keep your private data safe.
We think that it’s safe to say that nobody enjoys their inbox receiving incredulous amounts of emails on a regular basis. Yet, the business owner must maintain their inbox every day, and if a message doesn’t strike them as important, they’ll probably either ignore it or delete it completely. Here’s how you can prevent this from happening.
Depending on who you’re addressing and the context of the email, there are a few different ways you can approach your email heading. One surefire way is to make the subject line relatable and personable.
According to Unbounce, a message with the subject line, “Steve, where are you?” achieved a 43 percent open rate, compared to a Mailchimp report citing the industry average to be 24 percent. This is due to both the personalization of the subject line, as well as the perception that, by not reading the email, the recipient will miss out in some way.
Another great way to reach your email recipient is to include a detail about their recent activities with you. You can use the subject line to catch their attention. For example, you can ask them how their experience was, and customize it to make sure that the message doesn’t get identified as spam. You can do this if someone has recently purchased a new product or service from your company. Doing so establishes a personal connection, and can inspire the recipient to take further action.
Offering a special benefit, like a limited time offer or important information, can also inspire a reader to open the email. Perhaps you could try educating them on how best to perform a certain task, or even a surprising fact. Whatever you decide to include, make sure that it’s either useful or interesting.
On the other hand, if your email is conveying bad news to the reader, it’s best to be honest at all times, as well as authoritative. If the service that you provide is disrupted, it’s best to let them know about the issue, as well as any plans that you have to resolve it.
Basically, the thing to remember is that your message, including the subject line, should be tailored to meet the expectations of the recipient. No two people are the same, and you will have varying purposes in reaching out to them. Your mission should be to make all of your recipients feel like they’re special; otherwise, they’ll suspect that you’re emailing everyone in your contacts, and assume that the message isn’t genuine. This can cause them to put your message in the back of their mind (or in the spam folder).
What are some of your favorite ways to get your emails read? Let us know in the comments, and be sure to subscribe to our blog for more great technology tips and tricks.
The Internal Revenue Service is one organization that you don’t want to mess with. Thanks to their antics filing fraudulent tax returns through the often-exploited Get Transcript site managed by the IRS, Anthony and Sonia Alika have to do some time in the slammer; and that’s not even mentioning what they have to pay the IRS in restitution.
Mr. Alika is set to serve 80 months in prison followed by three years of supervision upon release, and must pay $1,963,251.75 in restitution for conspiracy to commit money laundering. On the other hand, his wife must serve 21 months of jail time, followed by three years of supervision and an IRS restitution of $245,790.08 for structuring cash withdrawals to avoid the required bank reporting. They both pled guilty to their respective crimes.
Their actual crime: laundering $1 million in money stolen from the U.S. Treasury by filing fraudulent forms. In particular, they filed fraudulent income tax returns using data stolen from the Get Transcript service. Get Transcript was originally created so that taxpayers could review their past returns, but the Alikas used it to obtain data that they needed to steal from the IRS.
The Alikas, and their co-conspirators, would then use the funds to purchase prepaid debit cards, and register them to the identities that they had stolen. They would then file their tax returns using the fake identities and receive the refunds on the prepaid cards. The cards were then used to purchase money orders and deposit the money into bank accounts, which was then withdrawn in small amounts to avoid suspicion and bank reporting.
Keep in mind that this isn’t the first time Get Transcript has been utilized for fraudulent activity. In May 2015, 100,000 tax accounts were stolen and used to steal $50 million from the IRS. That’s a ton of cash that could have been saved if it weren’t for the lax authentication requirements. In response to this case, the United State Department of Justice put out a press release outlining some best practices to keep personal information and accounts as safe and secure as possible.
File Your Taxes Early
If you’ve already filed your legitimate tax return, refund criminals like the Alikas can’t file using your identity. The longer a return goes without being filed, the more time you’re giving hackers to file a fraudulent return using your stolen identity.
Use Strong Usernames and Passwords
This tip can be applied to all online accounts--especially those that contain sensitive information, like your tax return. You should have passwords and usernames that are unique to your person; if someone else were to get ahold of your credentials, or if you share them, the chances of them getting stolen multiply.
BONUS TIP: Randomized strings of upper and lower-case letters, numbers, and (if permitted) symbols are the most secure option when selecting a password.
For more information on how to keep your computer systems and your identity safe, reach out to us at (585) 254-8710.
Saving a little on your technology can go a long ways, but cutting too many corners can lead to additional problems and expensive downtime. Here are a few ways you can cut costs without creating long term issues.
The best way to get the most life out of your smartphone is to take care of it. Or, you can ignore proven best practices and witness your smartphone meet its untimely demise. By not taking care of your smartphone in these five ways, you’ll be sure to doom your device.
Tag Cloud
Mobile? Grab this Article
Contact Us
Learn more about what Info Advantage
can do for your business.
Info Advantage
155 Sanford Street
Rochester, New York 14620
