508-909-5961 [email protected]

Kicking off the three-year countdown to end extended user support, Microsoft is bringing an end to the Windows 7 era -- and for good reason. Because it’s so outdated, security patches are no longer able to keep it safe. Without a solid operating system, not only will users work at sluggish speeds, but they’ll also […]

img-window7-170px-op2Kicking off the three-year countdown to end extended user support, Microsoft is bringing an end to the Windows 7 era -- and for good reason. Because it’s so outdated, security patches are no longer able to keep it safe. Without a solid operating system, not only will users work at sluggish speeds, but they’ll also be susceptible to numerous cyber threats that could ruin their business.

Windows 7 was given extended support in 2015. And with that, Microsoft warned its users that this outdated version would drive up operating costs due to remediating software attacks that Windows 10 systems could otherwise avoid. The three-year countdown toward Windows 7’s twilight officially kicks off with a warning to enterprises that they could face hefty fines for sticking with the platform’s outdated security.

According to Markus Nitschke, head of Windows at Microsoft Germany: Windows 7 does not meet the requirements of modern technology, nor the high security requirements of IT departments. How would this make current Windows 7 users feel? Why are users choosing to remain faithful to the platform’s outdated security? Users can delay upgrades until January 13, 2020, after which extended support for the 2009 OS will end and it will no longer receive patches -- unless the customer is paying for a pricey Microsoft Custom Support Agreement.

Markus also added that “As early as in Windows XP, we saw that companies should take early steps to avoid future risks or costs." The message came as Microsoft published studies that showed Windows 10 Anniversary Update’s built-in security managed to neutralize zero-day exploits, even without patches needed to protect earlier versions of Windows.

Failing to upgrade to Windows 10 means that you and your networks will miss out on noteworthy security features such as the Windows Hello biometric login, the AppContainer sandboxing technology, and Windows Defender Advanced Threat Protection, which will gain new features after upcoming Creators Update.

On top of missing out on all the security features that Windows 10 has to offer, enterprise organizations on Windows 7 soon won’t have the additional zero-day protection that EMET, or the Enhanced Mitigation Experience Toolkit, offered since 2009. Last November, EMET’s expiration date was extended from January 2017 to July 31, 2018.

With the help of newer tools, migrating from Windows 7 to Windows 10 is considerably easier when compared with migrations from XP. Microsoft is still urging corporate users to make the shift before Microsoft permanently terminates support for Windows 7, stating that their business could be looking at real trouble if they fail to comply.

Business owners always do their best to ensure the future of their organization. That includes knowing which tech resources to rely on and which ones to avoid. If you still have questions about Windows 7, feel free to give us a call.

Published with permission from TechAdvisory.org. Source.

Read More

Filling out web forms often seems like an unbearably monotonous obstacle that gets in the way of online shopping, booking a plane ticket, and doing other types of online registration. With many of today’s transactions done online, people have become accustomed to relying on their browsers’ autofill function to save time. But being able to […]

2017January27_Security_BFilling out web forms often seems like an unbearably monotonous obstacle that gets in the way of online shopping, booking a plane ticket, and doing other types of online registration. With many of today’s transactions done online, people have become accustomed to relying on their browsers’ autofill function to save time. But being able to save time from manually filling in your information comes at a price, especially if you’re using Google Chrome, Safari and Apple’s mobile-only Opera.

How do they do it?

By concealing other fields in a sign-up form, users are tricked into thinking they only have to fill out a few fields. The trickery at work is that upon auto-sign up, other fields, which could include your billing address, phone number, credit card number, cvv (the 3-digit code used to validate credit card transactions), and other sensitive information, are auto-filled with the user none the wiser.

This sinister trick is nothing new, but since there hasn’t been any countermeasure since it was first discovered, the threat it poses is worth emphasizing. Finnish whitehat hacker Viljami Kuosmanen recently brought to light how users of Chrome and Safari are particularly vulnerable, and he even came up with a demonstration of how this phishing technique is perpetrated. The technique is so sneaky, it’s enough to make one give up online shopping forever.

Using plugins and programs such as password managers is also fraught with the security risk, as having access to such a utility empowers cyberthieves to do more than just obtain your credit card info; it opens them up to a great amount of personal details.

Preventing an autofill-related theft

So what can you do to avoid falling prey?

Using Mozilla Firefox is one of the easiest available solutions. As of today, Mozilla hasn’t devised a mechanism that affords its users the same convenience that Chrome and Safari users enjoy with autofill. When filling web forms on Firefox, users still have to manually pre-fill each data field due to a lack of a multi-box autofill functionality – a blessing in disguise, given the potential for victimization in autofill-enabled browsers.

Another quick fix is disabling the autofill feature on your Chrome, Safari and Opera (for Apple mobile devices) browsers. This would mean that when filling out web forms, you'd have to manually type responses for every field again, but at least you'd be more secure.

It’s not exactly the most sophisticated form of online data and identity theft, but complacency can result in being victimized by cyber swindlers. Take the first step in ensuring your systems’ safety by getting in touch with our security experts today.

Published with permission from TechAdvisory.org. Source.

Read More

Ransomware, Trojan horses, spyware and malware are things small businesses like yours don’t ever want to come across. While the term cyber security was once thrown around to scare businesses into purchasing security software, today’s sophisticated threats can leave immense impact, something that antivirus solution alone can’t handle. With that in mind, we’ve rounded up […]

2017january12_security_bRansomware, Trojan horses, spyware and malware are things small businesses like yours don’t ever want to come across. While the term cyber security was once thrown around to scare businesses into purchasing security software, today’s sophisticated threats can leave immense impact, something that antivirus solution alone can’t handle. With that in mind, we’ve rounded up top cyber attack statistics that prove you need managed services in order to remain safe and operational.

The numbers

Small businesses are not at risk of being attacked, but worse, they’ve already fallen victim to cyber threats. According to Small Business Trends, 55 percent of survey respondents say their companies have experienced cyber attack sometime between 2015 and 2016. Not only that, 50 percent reported they have experienced data breaches with customer and employee information during that time, too. The aftermath of these incidents? These companies spent an average of $879,582 to fix the damages done to their IT assets and recover their data. To make matters worse, disruption to their daily operations cost an average of $955,429.

The attacks

So what types of attack did these businesses experience? The order from most to least common are as follows: Web-based attacks, phishing, general malware, SQL injection, stolen devices, denial of services, advanced malware, malicious insider, cross-site scripting, ransomware and others.

Why managed services?

Managed services is the most effective prevention and protection from these malicious threats. They include a full range of proactive IT support that focuses on advanced security such as around the clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection and more.

Not only that, but because managed services are designed to identify weak spots in your IT infrastructure and fix them, you’ll enjoy other benefits including faster network performance, business continuity and disaster recovery as well as minimal downtime. One of the best things about managed services is the fact that you get a dedicated team of IT professionals ready to assist with any technology problems you might have. This is much more effective and budget-friendly than having an in-house personnel handling all your IT issues.

Being proactive when it comes to cyber security is the only way to protect what you’ve worked hard to built. If you’d like to know more about how managed services can benefit your business, just give us a call, we’re sure we can help.

Published with permission from TechAdvisory.org. Source.

Read More

There’s nothing worse than hardware vulnerabilities that put even the most cautious of users at risk. We could lecture you about how even unimportant tablets with little to no personal information are still a security liability, but until Apple releases a patch to the iPad’s newest vulnerability, everyone who owns one is at risk of […]

img-ipad-170px-op2There’s nothing worse than hardware vulnerabilities that put even the most cautious of users at risk. We could lecture you about how even unimportant tablets with little to no personal information are still a security liability, but until Apple releases a patch to the iPad’s newest vulnerability, everyone who owns one is at risk of losing control of his or her data. Let’s take a closer look at what you need to know.

iPad owners who find themselves in the unfortunate situation of having their device stolen have the option to activate Apple’s Find My iPhone feature from icloud.com. If an iPad has this setting turned on, its GPS can be activated from any web browser to inform the owner where it is located.

Furthermore, if a user is concerned that the tablet may have been stolen, he or she can remotely lock the device. From the moment it is locked, the device can only be accessed by logging into the corresponding icloud.com account.

It’s a wonderfully intuitive feature, and tens of thousands of iPad owners have prevented data theft since it was first introduced by Apple in 2010. Unfortunately, security researchers recently announced a critical flaw that allows common thieves to totally bypass the remote lock feature simply by flooding login data fields with too many characters.

Apple is aware of the issue and has taken steps to address it with an operating system update. The latest version of iOS has fixed the issue for iPhones, but not for iPads.

Although we anticipate a patch to fix this flaw in the near future, the best way to avoid this predicament is to keep valuable data backed up separately from your iPad. One of the Find My iPhone options is to remotely wipe the device, which means as long as you aren’t permanently losing valuable data, the worst case scenario is losing nothing more than the tablet itself.

The more mobile our technology becomes, the more susceptible it is to physical security threats. It’s important to secure your devices not only from networked threats, but also from everyday ones, like someone nabbing your iPad while you step away from the table to order a coffee. For across-the-board security solutions and consulting, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Read More