Protection Details

This image is from Dennis Technology Labs July – Sept 2013 report showing how effectively programs can block or clean an infected computer.

Every business owner wants to be sure their data is protected 24 hours a day. Since its introduction in 2009 Microsoft Security Essentials has been the go to free anti-virus solution for users running Windows Operating systems. It’s popularity was due to being directly tied in to the Windows Operating system and being a light weight application that runs in the background without being a system hog.  Is it enough to protect your files today?

What’s the problem?

This year companies such as Dennis Technology Labs and AV-Test.org released reports showing Microsoft Security Essentials did poorly compared to other anti-virus programs, unable to detect many new viruses.

Protection_Rating

This image is from Dennis Technology Labs July – Sept 2013 report showing each products accuracy when detecting viruses.

Microsoft’s response to this was that the viruses and malware used in the tests don’t represent real world scenarios stating “94 percent of these missed malware samples were never encountered by any of our customers”.

Holly Stewart, senior program manager of the Microsoft Malware Protection Center, mentioned in an interview with Dennis Technology Labs that Microsoft Security Essentials is a good “baseline strategy” and to diversify your protection to have the most effective security available.

Should you take action?

Microsoft Security Essentials is a good baseline anti-virus to run on your home or office computers. However to be as protected as possible, it’s a good idea to run programs with higher success rates of catching viruses such as MalwareBytes Pro. Even if these programs aren’t running on all computers, it’s good to run them on critical systems such as servers.

Read More


DLink_Router

An easy hack that affects D-Link routers has recently been discussed in this article from devttys0.com. The writer of the article, Craig, goes through the steps of how the exploit works in great detail. If you are running a D-Link router in your home or office, should you be worried? We will go over a summary of the exploit here.

What’s the problem?

In a nutshell, if someone is connected to your home or office network they can change the user agent, which tells the website a little bit of information about your computer, giving them access to change the main settings of your D-Link router. The user agent needs to be set to “xmlset_roodkcableoj28840ybtide” which is backwards for “Edit by 04882 Joel Backdoor”, further pointing to this being originally used as a backdoor to the D-Link settings.

dlink-admin-page

Once an attacker is connected to your D-Link settings they can change passwords, network settings and wireless settings. A hardware reset should fix you right up if you are attacked.

How can I check my home/office wifi?

The first thing you want to do is to flip your D-Link router over and check if the model matches any of the following:

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240

Several Planex routers also use the same firmware:

BRL-04UR
BRL-04CW

Even if your model number is not listed, there is no guarantee the D-Link or Planex router you are running will not have the same or similar problem. The exploit was tested on a specific version of the D-Link router software but there is no note of it being fixed. The only way to be 100% sure your D-Link device is not affected is to try the exploit explained in the above article yourself, or ask your office/home IT support staff.

What to do if I am running an affected router?

You do have a few options if you are running a D-Link router that could be vulnerable.

1. Make sure the settings of your router are not accessible from the internet. This will help prevent attackers from the internet, but if someone is connected to your wifi or network in your home or office you are still vulnerable.

2. Replace your D-Link router with a model that is not affected. This may be the only guaranteed way to avoid becoming a victim.

Onsite PC Solution is based in San Jose California and provides small and medium sized business IT support.

Read More


 

Network_Cables

In this article from Information Weekly, Brian Barnier explains some steps businesses can take to make sure they aren’t making costly mistakes when it comes to social media and how internal data is handled.  He goes into specific details in the article, but the main points he emphasizes are:

1. Decide what data is important to you

For example private customer information, the details given out on social media websites, and data gathered from your various sales, marketing and accounting departments.

2. Look for all in one packages

Make managing the above data as easy as possible with programs or solutions that handle everything.  An all in one solution will save time and in the end money.

3. Automate

Taking the all in one packages one step further and automating how your business data is managed will avoid possible breaches and problems in the future.  You can do this through office policies or through a set of processes.

Check out the article here!

Read More