Nerds On Site Blog | Business Technology Partners | IT Support
Nerds On Site – Local Nerds… Powered by a Global TEAM
If your website goes down, it’s more than frustrating – it can damage your reputation and cost you money. Even the ‘big boys’ struggle with downtime, as this fascinating infographic shows. This infographic was brought to you by KISSmetrics. Click here to see this graphic in full size.
[this post is from Dennis Houseknecht, a Nerd in West Virginia)
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Criminals and security researchers are constantly prodding and testing the code, looking for flaws that can allow a “computer hacker” to take control of a computer or steal valuable data.
When a flaw is discovered, the software vendor issues an “update” or a “patch” to fix the problem. It is like a recall to replace a defective part for a car. Failure to apply these updates leaves the system vulnerable to attack or to be compromised, as these cybercriminals use these same updates to reverse engineer ways to take advantage of these vulnerabilities.
Your organization may think “Why would they want to attack us?” We argue – why give them the opportunity, and put your organization at risk?
On rare occasions, an update will cause an unanticipated compatibility issue with a specific application, and the application vendor normally addresses the issue promptly. The solution is NOT to stop updating the system indefinitely. This WILL leave the system vulnerable, making the entire network vulnerable if infected or attacked. As a last resort, if postponing updates is required, it should only be for as short of a time as possible, and the ideal approach would be to ensure that the system that is not updated is not used for other purposes (taken off the network) and not exposed to threats to which is may be vulnerable.
No application is permanently tied to an older version of JAVA, or any other application. If a JAVA update does cause a problem, it is NOT wise to revert to an older and vulnerable version of JAVA. On very rare occasions, we have seen a situation where a JAVA update causes an application (typically one that is poorly written) to “break”. In all such cases, the vendor responded by quickly updating THEIR software to be compatible with the new version of JAVA.
We do recognize that applying updates to systems that have not been properly maintained and updated properly may cause some frustrations, inconvenience, and perhaps even consternation, to users who were faced with changes in the “look and feel”, or a change in settings. However, any problems beyond this are less related to the updates themselves, and more to the lack of proper maintenance or updates to the systems as a whole.
About two years ago, Nerds On Site implemented a strong password policy for all our email users. Because of todays technology it’s become trivial to “crack” weak passwords, it’s too easy for malicious software and people to take control of email accounts – this means someone could send emails from your account without your knowledge. By strengthening your password, you’re reducing the risk.
It’s easy to reset your password – go to https://mail.nerdsisp.com and enter your email address and current password. Once you’re logged in, the system will prompt you for a new, stronger password – the system will let you know if it’s a good password or not. Try to chose something that will be easy to remember, or maybe write it down in a safe place (Hint: don’t leave it taped to the side of your screen.)
If you use Outlook, or Mac Mail, or another email client on your computer, you will need to update it to use the new password you’ve just chosen.
To help you with this, here’s a step-by-step video to guide you.
For fun, do you wonder just how weak your current password is? Check out security guru, Steve Gibson’s password tester: https://www.grc.com/haystack.htm.
Remember, strong passwords don’t guarantee that your email won’t get hacked, but it is a big step towards better protection.
Here’s an amusing article about just how weak (and common) some password are: http://www.zdnet.com/blog/service-oriented/security-101-users-still-using-extremely-weak-passwords/8003.
Apple’s newly-launched iBooks Author will change everything. Alex Lindsay wrote a comprehensive post about this here. We agree and overall we’re thrilled about how education is entering a new phase, powered by intelligently-applied and practical use of technology. Not just for the sake of technology itself, but because it allows us to learn and understand more in a shorter period of time. As a father, I am very thrilled about my children being able to access iBooks textbooks.
Alex also points out that any author who has had publishing experience, is now looking at a 70% proposition (vs ~17% with publishers).
I noticed that avid bloggers that represent the publishing industry have remained completely quiet about iBooks Author, because they feel like the rug is being pulled out from under them, literally.
While the western world and those that can afford an iPad are excited, this is not the case for the less fortunate. What has not been addressed is how to get an iPad into more learning hands. Competition and market forces will hopefully do their part to drive the price down so a larger scale adoption becomes possible.
Make no mistake, Apple seems to own your books when you use this tool. There’s been a strong voice from social media against this direction of Apple. Arstechnica says they are inviting Anti-trust concerns. This is a battle that is far from over, and it has only begun.
This will be very disruptive to an entire industry and many more battles are yet to come… in the end, there are always winners. The winners will be content creators (and Apple), that’s for certain.
Our team is truly global, and here are just a few photos of our Nerds in action all around the world. Check out the rest of our photos at NerdSpotting.com.
Have you ever wondered why your website doesn’t bring you any sales? Are your competitors more visible when you search for your “product” or “service”? Did you know that 73% of all activity online is in one way or another related to local content? While 82% of local searchers follow up offline via an in-store visit, phone call or purchase. Meaning, people are using the internet to research product information and brand reputation before they decide to buy. Find out crucial information how how to rank high on Google with our SEO audit.
According to a survey conducted by 8e6 Technologies (www.8e6.com), employees are using company computers and resources to conduct non-work related activities. Some of these activities simply wasting time, but others are malicious, or threaten company security or data.
Here are some of the more extreme cases:
Although these are extreme cases, many companies have fired employees for violating company policies. It’s much more common than people realize.
As an employer, if you have an Acceptable Use Policy, which is strongly recommended, it must be enforced. Simply having it may not deter employees from finding ways around it in hopes of not getting caught.
There are excellent solutions that ensure that your Acceptable Use Policy is not violated, intentionally or otherwise. these solutions offer web filtering (gaming sites, gambling, or downloading viruses), email filtering (keywords or inappropriate jokes, etc), and many other must-have features.
Give us a call and let’s talk about your network security and Acceptable Use Policy, and find ways to make sure your company’s resources aren’t being wasted by your employees.
Phishing is alive and well. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.
I wrote this article to help you help others. As it turns out, only a small number of people encountering phishing attempts report them. Here I will show you step by step how easy it is to report phishing attempts to minimize a thief’s ability to steal your friends’ and associates’ money and identities.
I received a phishing attempt this morning as you can see here:
It reads as follows:
Dear Customer,
BMO Bank of Montreal detected irregular activity on your Account on 23 January 2012. For your protection, you must verify this activity before you can continue using your BMO Bank of Montreal Account.
Click on the link below to access and verify your statement.
https://www1.bmo.com/cgi-bin/netbnx/NBmain?product=1 This instruction has been sent to all bank customers and is obligatory to follow.
Thank you
Customers Support Service
BMO Bank of Montreal.
The phishing technique is hidden, as usual. The URL shown above in the email is actually the correct URL. However, when clicked in the email itself, the link is to a phishing site at this URL:
http://chiron.mn/wp-content/plugins/akismet/NBmain.html
Usually this URL is shown if you rest your mouse on a URL (as in the screenshot above when I rested my mouse over it). Naturally I checked to see if this wasn’t already reported on StopBadware.org by using Google’s SafeBrowsing tool. The URL I used is:
http://www.google.com/safebrowsing/diagnostic?site=chiron.mn
You can use the URL above yourself and just replace chiron.mn with the site you are checking. If you see a long URL, the only portion that matters is what’s AFTER the http:// and BEFORE the next slash:
http://someurl.com/something/somethinglonger
You can try my posted URL above for yourself and I expect very shortly it should find and show the malware on this specific site I’m reporting here. However, on my first visit, this is what I found:
This means that StopBadware is not yet blocking this site for unsuspecting users, but the good news is anyone can help resolve that quickly. Here’s what I did immediately: I browsed to:
http://www.google.com/safebrowsing/report_phish/
And here’s how I completed the form (and ask you to do the same for any new phishing URLs you may encounter hidden in emails):
When you’ve completed the submission, you will see a confirmation, but note that the listing isn’t immediate. It takes some time for the phishing site to be verified by others.
Please note that like many phishing attempts they target people everywhere and with different banks. It so happened that I deal with this bank so I am a perfect target. The next one may be to you and your bank.
The best advice I’ve heard is from Brian Krebs:
Never install software you don’t seek out.
By extension the same goes for clicking links. If you are concerned about an email like this having some validity, then close your email program, launch your browser and go to your banking site by typing the URL, using your Bookmark/Favorites or whatever method you normally use. Avoid clicking on links in email.
Please help spread the word and educate everyone you know on the concept of Phishing.
P.S. Please note that all URLs in this article that are ‘clickable’ are safe. I have purposefully remove the click-ability on the bad ones.
Every modern home office and small business relies on technology, and thus a desk to put it on. Every office setup is unique, and personalized. Some are more messy or organized than others.
Thankfully monitors have become less bulky, and computers themselves have become smaller and take up less space. Some prefer to put them under the desk, while others place them on the desk for ease of access. Some use dual-monitors, while others do not.
One thing is certain, we can all be inspired by how other people are creatively using their workspace!
Here is the home office one of our Nerds (Kevin Lloyd in Edmonton, Alberta) What does your home or small business desk look like? Upload a photo to our Facebook fan page!
LifeHacker has a great post on how to better organize and upgrade your home office.
To view the interactive map, click the image!
A CHALLENGE FOR YOU!!
NerdSpotting is a great tool to prove to our clients that we are truly a global team. Take a look at nerdspotting.com and zoom the map in at your location. Do you see areas on the map that you have spotted Nerds or NerdMobiles at, but don’t yet have pins there yet? We challenge you to add as many as you can! Please take a look and contribute a new pin to the map. Thanks!
We have apps for ALL smartphones!
iOS: http://itunes.apple.com/app/
Android: https://market.android.com/
BlackBerry: http://appworld.blackberry.
|
|
© 2011 Nerds On Site. All Rights Reserved.
 |