Archive for April, 2017

Must Read: 5 likely cyber attacks

April 26th, 2017

The 5 cyber attacks you’re most likely to face.

We found this great story, and wanted to repost it for you.

Don’t be distracted by the exploit of the week. Invest your time and money defending against the threats you’re apt to confront.

The threats companies think they face are often vastly different than the threats that pose the greatest risk. The fact is most companies face the same threats — and should be doing their utmost to counteract those risks. Here are the five most common successful cyber attacks.

Cyber attack No. 1: Socially engineered Trojans

Socially engineered Trojans provide the No. 1 method of attack (not an exploit or a misconfiguration or a buffer overflow). An end-user browses to a website usually trusted — which prompts him or her to run a Trojan. Most of the time the website is a legitimate, innocent victim that has been temporarily compromised by hackers. Usually, the website tells users they are infected by viruses and need to run fake antivirus software. Also, they’re nearly out of free disk space and need a fake disk defragger. Finally, they must install an otherwise unnecessary program, often a fake Adobe Reader or an equally well-known program. The user executes the malware, clicking past browser warnings that the program could possibly be harmful. Voilà, exploit accomplished! Socially engineered Trojans are responsible for hundreds of millions of successful hacks each year. Against those numbers, all other hacking types are just noise.

Countermeasure: Social engineered Trojans are best handled through end-user education that’s informed by today’s threats (such as trusted websites prompting users to run Trojans). Enterprises can further protect themselves by not allowing elevated users to surf the Web or answer email. An up-to-date anti-malware program can’t hurt, but strong end-user education provides better bang for the buck.

Cyber attack No. 2: Unpatched software

Coming in a distant second is software with known, but unpatched exploits. The most common unpatched and exploited programs are Java, Adobe Reader, and Adobe Flash. It’s been this way for a few years now. But strangely, not a single company I’ve ever audited has ever had these three programs perfectly patched. I just don’t get it.

Countermeasure: Stop what you’re doing right now and make sure your patching is perfect. If you can’t, make sure it’s perfect around the top most exploited products, including Java, Adobe, browser admins, OS patches, and more. Everyone knows that better patching is a great way to decrease risk. Become one of the few organizations that actually does it.

Cyber attack No. 3: Phishing attacks

Approximately 70 percent of email is spam. Fortunately, anti-spam vendors have made great strides, so most of us have reasonably clean inboxes. Nonetheless, I get several spam emails each day, and a least a few of them each week are darned good phishing replicas of legitimate emails.

I think of an effective phishing email as a corrupted work of art: Everything looks great; it even warns the reader not to fall for fraudulent emails. The only thing that gives them away is the rogue link asking for confidential information.

Countermeasure: Decreasing risk from phishing attacks is mostly accomplished through better end-user education — and with better anti-phishing tools. Make sure your browser has anti-phishing capabilities. I also love browsers that highlight the domain name of a host in a URL string. That way windowsupdate.microsoft.com.malware.com, for example, is more obvious.

Cyber attack No. 4: Network-traveling worms

Computer viruses aren’t much of a threat anymore, but their network-traveling worm cousins are. Most organizations have had to fight worms like Conficker and Zeus. We don’t see the massive outbreaks of the past with email attachment worms, but the network-traveling variety is able to hide far better than its email relatives.

Countermeasure: Network-traveling worms can be defeated by blocking executables in email, better patching, disabling auto-run capabilities, and strong password policies. Many network worms, like Conficker, will try to exploit network shares by logging on using a list of built-in, bad passwords: 12345, password2, qwerty, and the like. If any of your passwords are listed in the password manifest inside of a worm, you do not have a strong password policy.

Cyber attack No. 5: Advanced persistent threats

Lastly, I only know of one major corporation that has not suffered a major compromise due to an APT (advanced persistent threat) stealing intellectual property. APTs usually gain a foothold using socially engineered Trojans or phishing attacks. A very popular method is for APT attackers to send a very specific phishing campaign — known as spear-phishing — to multiple employee email addresses. The phishing email contains a Trojan attachment, which at least one employee is tricked into running. After the initial execution and first computer takeover, APT attackers can compromise an entire enterprise in a matter of hours. It’s easy to accomplish, but a royal pain to clean up.

Countermeasure: Detecting and preventing an APT can be difficult, especially in the face of a determined adversary. All the previous advice applies, but you must also learn to understand the legitimate network traffic patterns in your network and alert on unexpected flows. An APT doesn’t understand which computers normally talk to which other computers, but you do. Take the time now to start tracking your network flows and get a good handle of what traffic should going from where to where. An APT will mess up and attempt to copy large amounts of data from a server to some other computer where that server does not normally communicate.When they do, you can catch them. There are other popular attack types, such as SQL injection, cross-site scripting, pass-the-hash, and password guessing, but they aren’t seen nearly at the same high levels as the five listed here. Protect yourself against the top five threats and you’ll go a long way to decreasing risk in your environment.

More than anything, I strongly encourage every enterprise to make sure its defenses and mitigations are aligned with the top threats.
Don’t be one of those companies that spends money on high-dollar, high-visibility projects while the bad guys continue to sneak in using routes that could have easily been blocked.

This story, “The 5 cyber attacks you’re most likely to face,” was originally published at InfoWorld.com By Roger A. Grimes


Moving Your Company to the Cloud

April 20th, 2017

The buzz word is out there and everyone is doing it.
Now it’s time for you to take the first step.

Today users can work without knowing the location and other details of the computing infrastructure. Cloud computing services and cloud storage deliver software applications, data access, data administration and storage for everyday businesses saving time and money. Because your server will be part of the cloud you will access your data from anywhere at any time.

Do you require a hosting company that is flexible enough to meet your unique environment? The Computer Company will work with you to architect a design that provides the necessary bandwidth, processing power and storage so your business can seamlessly operate in the cloud.

There are many benefits to moving your business to the cloud:
  • Flexibility of connection options. Access to your data while you are off-site, employees can connect to their virtual office, quickly and easily.
  • Automatic updates. Latest technology, up-to-date software, servers upgrades and computer processing power.
  • Reduced costs (everyone’s favorite!). Moving to cloud computing usually will reduce your cost of managing and maintaining your IT systems.
  • Flexibility for sizing. Your business will have the flexibility required as your needs change for your software and storage.
  • Business continuity. You can relax knowing that you are protecting your data and systems.
  • Collaboration efficiency. Employees can communicate and share work more easily.
The points below are from an article written by James A. Martin, PCWorld contributing editor

Cloud Computing.

For some, the term is wildly nebulous. For others, cloud computing instantly raises concerns about security and reliability. After all, Gmail, a popular cloud-based e-mail service has endured some high-profile outages.

Before you dismiss the cloud as a lot of vapor, though, listen to what small-business people told us about their experiences with it:

  • “We saved over $4000 in up-front costs by moving to an entirely cloud-based solution [for e-mail, Web hosting, virus protection, and more]. We were also able to substantially reduce our power bill and the costs needed to maintain and upgrade hardware.”
  • “As a non-IT person, I find cloud-based applications easier to set up and use than many computer applications, and I don’t need to rely on internal IT support as much for assistance.”
  • “A power surge nearly destroyed our in-house e-mail server. Had we not recovered it, a great deal of historical knowledge and valuable information would have been lost forever, not to mention the lost productivity for days or weeks. Now we have a secure, redundant, cloud e-mail system we can access anywhere, anytime, with a consistent interface, and it’s made our business stronger.”

Small businesses looking to cut computing costs and improve efficiency are finding the many benefits of Internet-based software and services increasingly attractive. Cloud computing evolved as a term to describe free or subscription-based services delivered in real time over the Internet.

Cloud Computing can refer to software as a service, to file storage, synchronization, backup, other utility computing, and to infrastructure as a service.

 

Email Encryption: Ensure Your Communications Are Safe & Confidential

April 12th, 2017

When sending emails to customers, employees, or business partners, your business has to ensure that any sensitive information you send is completely secure.

Every industry in today’s marketplace has a need for encrypted email communications – simply hoping that no unwelcome eyes are viewing your information is not enough. Keep your emails completely confidential with The Computer Company’s encrypted email services.

Encrypting Your Emails is Easy.

Once our email encryption services are implemented, securing your emails is simple. With a click of a button, your emails can be encrypted and decrypted. Receivers of your encrypted email only have to go to a secure site and create an account to view your email. Once your email receiver has an account, they just login to view any of your subsequent encrypted emails. Your email encryption is easy, simple, and fast thanks to The Computer Company. Best of all, it’s guaranteed to be secure. While other companies may have to worry about hacking, phishing, and other digital threats, your company can rest easy knowing your communications are under lock and key.

Email Encryption Is Especially Important For…

Finance

Whether you’re in the finance industry, or simply handle a lot of money in your day-to-day business dealings, email encryption is key to ensure financial information is secure.

Government

Government entities need to be more concerned than the average organization about security and privacy of information. Our email encryption services can handle thousands upon thousands of encrypted emails and receiver accounts. The public trusts you – and you can trust us.

Healthcare

Patient information is one of the most sensitive issues in the medical field. This is true whether you are a hospital, a clinic, or an insurance company. Allowing this sensitive information to fall in the wrong hands can lead to legal troubles, emotional harm, and even patient illness or death.

Law Firms

Email is the staple of a law firm’s internal and external communications. We provide you with the security you need, the ease of use your partners, associates and staff want, and robust support to keep everything running flawlessly so you can concentrate on running your practice.

Your company can’t afford to have your private and confidential information hijacked by a hacker or a competitor. Don’t risk your security – call ( 800) 418 2358 today to learn more about our secure email encryption service.

Get both Spam and email Encryption for $4/per user.

info@computercompany.net

 

Hundreds of various sized businesses and organizations in 30+ industries utilize our services in MA, CT, RI, NY, NJ.

The Computer Company (TCC) enables organizations to gain full advantage of IT to increase efficiencies, improve effectiveness, and reach new goals. Our TCC team of highly experienced, knowledgeable technology and design professionals will work closely with you. We provide the analysis, expertise, tools, and monitoring to help you solve your toughest business challenges through IT solutions.
Find out how you can save thousands of dollars a year by choosing The Computer Company’s server co-location packages.

We offer dedicated servers, data backup, migration and managed hosting services.

 

 

Lights, Camera, Video; How to Add Videos to Your Marketing Mix On Your Website

April 5th, 2017

Should You Add Videos to Your Website?

Stop and think for a minute, how many online videos have you watched lately?

Online videos are a key part of your small business marketing plan. A recent survey by ta consulting firm found 90% of consumer respondents watch video content over the Internet. And that’s not surprising, considering video giant YouTube is the second largest search engine behind Google and it boasts millions of viewers. So how can you make video marketing a part of your promotional efforts? How can you secure a share of that viewership to promote your content and boost your sales? Let’s find out.

Keep it short:

Viewership online may be high, but attention spans are low. With all the quick links and promotions floating around any given page of the Internet, users very quickly tune out when watching long, drawn out lectures or sales pitches. Your video should focus on a single and simple call-to-action. What do you want your viewer to know or do? Then find a way to present that idea in a short and entertaining way. Creates a six-second looping video and can be used to show off the best parts of your product quickly.

Pull back the curtain:

One of the best opportunities you have when using video is to put a human face to your business. By filming your videos  around the office, you give people a better sense of the company they’re interacting with and purchasing from. Consumers love seeing the inner workings of a business, even if it’s just a glance. Additionally, if you have a fun work environment or an interesting product creation process, show it off.

Video tutorials are a great way to bring consumers to your content while teaching them ways to succeed with your product. For  example, if you’re a florist and want to show people easy ways to create a bouquet, make a video tutorial about it, this not only shows potential customers how you go through your process, but also showcases your  talents. Then end the video with your brand and business info. Tutorials are one of the best uses for video and will bring consumers who are searching for how to do something right to your page, where your product or solution is waiting.

Creating videos for your small business marketing has never been easier with video on smartphones, and apps like Vine or Instagram. You can create short, fun and helpful videos to post on your YouTube page or embed on your website. To learn more about using video to promote your business, contact us for a free evaluation of your web marketing efforts and how we can increase your sales.

Discover the overall strength and effectiveness of your website.

30 Second Test – Things to look for:

  • Does your website communicate your message clearly?
  • At the end of the day, what do you want your website to do?
  • Does your website effectively explain your product/service?
  • How do your clients react to your website? Do they like it?
  • What does your sales staff say about your website? Does it help or hurt them?
  • Do you know If people are even using your website?
  • What do visitors do while on your website?
  • Bottom line, all websites have a call-to-action, even if it is to click on the next link or read the next page. Is your call-to-action getting you results?

If one or more of these questions cause you concern, call today at

1-800-418-2358