If your business offers unfiltered access to the Internet, chances are there are minutes or hours in the day where non-work activity takes place. Some employers have a work environment where this unchecked and unfiltered state is actually part of a morale of trust and confidence that the staff will get the work done even efficiently and keep a high level of productivity.

Two weeks ago we offered a free trial of a Unified Threat Management appliance to this client of ours at an insurance brokerage of about 15 staff. They had operated without any filters for many years and wanted to at least know what was happening. So we followed these simple steps to allow for a smooth transition and to keep everyone aware of upcoming changes.

Step 1 – Have an Acceptable Use Policy written and signed off

An Acceptable Use Policy – AUP – serves the purpose of making sure all staff know what is acceptable at the workplace, and what isn’t.

Step 2 – Implement a Unified Threat Management Appliance in Monitoring mode

An appliance can be installed at your office premises without disrupting any exiting access, and simply give the employers insight into how the Internet is being used throughout the premises.

Step 3 – Apply appropriate filters

This final step should be in complete accordance to the Acceptable Use Policy.

Special case considerations

• Social Media use is often restricted as it is seen as personal and has no role during working hours. However, most businesses now have a legitimate reason and role to play on twitter and facebook to maintain their own business presence.
• Time of Day access. The complete filtering of all social media access may have a negative effect on morale, and some companies choose time-of-day rules to allow social media access during lunch hour, for example.
• Logs may be misleading. If it’s your first time implementing a UTM, you will likely notice log entries of websites being visited, and when confronting said employee/computer, you will encounter denial. This can be legitimate because millions of workplace computers are infected with malware that cause the computers to operate silently under the control of botnets. Protection from web-based viruses, malware and spyware is another strong reason to implement and keep a UTM at every office.

It’s also worth pointing out that 3G connectivity through mobile phones is ubiquitous in many areas of the world. So blocking facebook on the work computer may simply cause the employee to use their own mobile phone instead. This is why an acceptable use policy is important to have in place. Consistent use of a mobile phone also leaves an optic that is not hard to detect by fellow employees and supervisors.

Do you have any specific need you don’t see covered here? Chances are it can also be achieved with a UTM.

Our team is truly global, and here are just a few photos of our Nerds in action all around the world. Check out the rest of our photos at NerdSpotting.com.

image courtesy of the Port Huron Museum

The annual March of Dimes Jail and Bail is happening again on Saturday, Feb. 4. We are Streaming it live on marchofdimesph.com the whole day. Nerds On Site also has a Prisoner team for donations. Donations can also be made at the MarchofDimesph.com website.

In partnership with The March of Dimes, Nerds On Site will be conducting a “Fill The Beetle to Feed The People” food drive to benefit the Hunter Hospitality House in Port Huron. Parking their signature Red VW Beetles(NerdMobiles) outside the Super Walmart in Fort Gratiot, Sam’s Club in Port Huron Twp, Super K Mart in Port Huron Twp., and Kroger’s North and South locations, Nerds will be collecting non-perishable food items and donations to help The Hunter Hospitality House stock their shelves.

“Premature birth is the leading cause of newborn death and many lifelong disabilities,” the marchofdimesph.com website explains. “And it happens to more than half a million babies in the U.S. each year. Thank you for helping the March of Dimes find out what causes it and what can be done to prevent it.

One of the March of Dimes favorite events, Jail & Bail brings together community leaders and ordinary citizens for a common cause… fighting birth defects, premature birth and infant mortality. Since its inception in 1957 here in Port Huron, more than 5 million citizens have volunteered their time in the name of fun – and a good cause.

At this event, volunteer “jailbirds” serve time in a “mock jail.” “Prisoners” are arraigned before a volunteer judge on trumped-up, outlandish charges, such as “reckless golf-cart driving.” They are then sentenced to spend an hour in “the slammer” to raise bail in the form of donations to the March of Dimes. Nearly 500 events are held annually across the country.”

Nerds On Site believes in supporting the community in which we live as a way of saying “thank-you” for making us your choice for corporate and residential computer IT services.

When selling our clients hosting services, Nerds On Site strives to keep the process as streamlined and intuitive as possible.  In the web hosting and domain registration world there are a lot of options, and this can get confusing.  One such option is ID Protect, also known as WHOIS Protection.  This valuable service hides your public WHOIS information, such as your name, address and phone number from spammers and Internet thieves.  By hiding this information, you make it much harder for thieves to try to steal your domain name.

Once an add-on service, ID Protect is now included free of charge with every new supported domain registration!  For every new com, net, org, biz, info, name, tv, cc, me, Nerds On Site will automatically turn on ID Protect to keep your domain even safer than before.

Without ID Protect, spammers can obtain your email and contact information and then use it for spamming purposes and redistribution to marketing firms. Your email address can stay on file with various spammers and marketing firms for years. Check out the difference between an unprotected and protected domain registration.

Our team is truly global, and here are just a few photos of our Nerds in action all around the world. Check out the rest of our photos at NerdSpotting.com.

According to a survey conducted by 8e6 Technologies (www.8e6.com), employees are using company computers and resources to conduct non-work related activities.  Some of these activities simply wasting time, but others are malicious, or threaten company security or data.

Here are some of the more extreme cases:

• One employee was caught running a gambling website and acting as a bookie for his co-workers.
• To bypass the company’s web filter, one employee was caught using his desktop computer as an FTP server for the other employees. He had downloaded and saved over 300G of material.
• One employee was busted for giving away confidential information such as price lists, contracts, and software code for application development.
• Another employee was busted for having a side business stealing and selling company inventory on eBay.
• One woman was caught running an online outcall service from her desk.
• One employee was caught renting the corporate IP address to hacker friends to generate DOS attacks.

Although these are extreme cases, many companies have fired employees for violating company policies. It’s much more common than people realize.

As an employer, if you have an Acceptable Use Policy, which is strongly recommended, it must be enforced. Simply having it may not deter employees from finding ways around it in hopes of not getting caught.

There are excellent solutions that ensure that your Acceptable Use Policy is not violated, intentionally or otherwise. these solutions offer web filtering (gaming sites, gambling, or downloading viruses), email filtering (keywords or inappropriate jokes, etc), and many other must-have features.

Give us a call and let’s talk about your network security and Acceptable Use Policy, and find ways to make sure your company’s resources aren’t being wasted by your employees.

To view the interactive map, click the image!

A CHALLENGE FOR YOU!!

NerdSpotting is a great tool to prove to our clients that we are truly a global team. Take a look at nerdspotting.com and zoom the map in at your location. Do you see areas on the map that you have spotted Nerds or NerdMobiles at, but don’t yet have pins there yet? We challenge you to add as many as you can! Please take a look and contribute a new pin to the map. Thanks!

We have apps for ALL smartphones!

iOS: http://itunes.apple.com/app/nerdspotting/id476593195
Android: https://market.android.com/details?id=com.nerdsonsite.nerdspotting
BlackBerry: http://appworld.blackberry.com/webstore/content/68923?lang=en

As a follow-up to Kevin’s previous article on Wi-Fi Protected Setup (WPS) Vulnerability, I wanted to quickly provide an update as to how you can protect yourself and, if you just want someone to take care of it for you, that’s what our business is all about, and we’re here for you, of course (you may call us or request a call/service on-line).

Kevin’s article pointed out that disabling WPS is essential. However, it appears that in most cases that either there is no ability to turn it off, or the switch has no effect (in Linksys, for example). So if you want to secure yourself, here is a guideline of what you may be able to do to mitigate the problem:

• Locate the make and model of your wireless access point or router (whichever device provides your wireless services) and jot it down.
• Locate your router or wireless access point in this list of devices and review the status of vulnerability and vendor patch
• If you find yourself vulnerable and are able to successfully turn it off, that’s the best-case scenario.
• If you find yourself not having an option to turn off WPS, but you want to protect your network from potential intruder access, you have two options:
1. Turn off your router or access point (and therefore have no wireless usage at all)
2. Replace your router with a non-vulnerable unit

Apple Airport not vulnerable

Although Apple is so far been strangely silent on this, our own testing and that of others shows that WPS pin-based is only on if the light is Blue, which in turn is turned on using the Airport Utility. This is good security by design and is the reason why our recommendation for home and SOHO routers/access points should be replaced with Apple Airport devices. This recommendation is limited to areas that are typically served by one or two access points and do not require enterprise management functions.

Meraki not vulnerable

Nerds On Site has been a proud partner of Meraki, wireless network equipment provider of choice for SME and Corporate clients that require a little more than a SOHO wireless infrastructure. Fortunately Meraki products do not have WPS functions at all and therefore are not vulnerable to this WPS concern.

Why do I care if someone intrudes on my network?

I actually personally met a successful business person this week (let’s call him Bill) who admittedly didn’t care if his network was breached, until I pointed out the dangers (and I’m sure there are more):

• His network and Internet access could be used by a criminal to carry out criminal activities while Bill will carry responsibility as his Internet connection was used
• Casual sniffing of his activities online can be captured and in a short while enough data can be gathered to steal his identity or anyone’s identity using his network
• Any equipment that hosts data of any sort is much more vulnerable to attacks “from the inside” when your network is widely accessible

How have you secured your wireless network? Any other comments/questions?

Our team is truly global, and here are just a few photos of our Nerds in action all around the world. Check out the rest of our photos at NerdSpotting.com.

You may have noticed that some of the websites you frequently visit are not working today. This is because countless websites are “going dark” in protest of the SOPA and PIPA legislation in the U.S., which will be voted on as of January 24th. The list includes Wikipedia, Reddit, Tucows, and a few hundred, if not thousands more. Many websites that aren’t going black are still building awareness, including Google.

Here is a good list of websites participating in the protest.

If you’re not aware of what SOPA or PIPA is, you should take some time and get informed, as they could potentially affect how the internet works.

“A good portion of the Web is joining its symbolic hands today in solidarity to oppose the SOPA and PIPA legislation currently being pushed in the United States Congress,” states an article on PCWorld. “Turning off websites sends a message, but hopefully that message reaches the right audience – Congress.”

The article goes on to say that websites can protest all they want, but unless that motivates people to take meaningful action, it doesn’t do much.

“Follow the links on the blacked out sites, and learn all you can about SOPA and PIPA. If you agree that the bills go too far, or even threaten the freedom and future of the Internet, take action. Call your representative, call your senators, and call the White House. Share your support with friends and family, and convince them to research the issue and take action as well.”