What are the Best Ways to Secure a PC Workstation?

Ophtek, PC Security, PC Tools, Security, Security Threats, , ,
09
Jul 2019

It’s crucial that PC networks are secure and protected. But this doesn’t mean that individual PCs should be neglected when it comes to security.

There are plenty of threats awaiting your employees’ workstations. And these are often threats that are difficult to monitor and identify. Protecting each individual workstation should be a priority. You can achieve this by providing training to your employees. Educating them in the best practices of workstation security allow you to enhance security. And there are measures that you, as an organization, can also take to protect your workstations.

The Best Ways to Secure a PC Workstation

The damage that can be caused from a single PC can have wide reaching implications for your organization. So, protecting these workstations is essential. Make sure you implement the following:

  • Lock Screens: When employees go to lunch they have a tendency to leave their PC unattended. And this is very dangerous. Anyone passing, be they an employee or a visitor, has the opportunity to access the data on that PC. You don’t have to be a security expert to understand how serious a threat this is. However, the threat can be completely nullified by encouraging your employees to lock their screens. In Windows 10 all you have to do is hit the Windows key and the L-key to password protect your screen. 
  • Disable USB Ports: USB ports are a major security risk to workstations as they allow a multitude of devices to connect to your PC. These can be as innocent as a charging device for your phone, but there’s also the potential for malware to be uploaded to the workstation. There’s a myth that gluing up USB ports is a suitable solution, but the truth is that this approach is amateur at best. Instead your IT team needs to be disabling power to these ports to prevent unauthorized devices being connected. 
  • Encrypt Personal Files: Every employee will have unique and sensitive files on their workstations. Giving these files a high level of security should be a priority. And your employees have the opportunity to strengthen this security. All they need to do is encrypt the folders that contain these files. By right clicking the folder in question you can move through Properties and then click the Advanced button to access Advanced Attributes. In here you can select encryption options and set a unique password. 

Final Thoughts 

It’s important that your organization and employees work together to strengthen workstation security. Training should always be a priority. A good training program will deliver skills that are invaluable in protecting workstations. And, by protecting individual workstations, you are significantly reducing the threat of any data breaches.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What Should You Do When Your Network is Hacked?

Hackers, Hacking, malware, Ophtek, Password Security, PC Security, Security, , , ,
28
May 2019

A hacked network is a disaster for any organization, so keeping things secure is vital. However, sometimes things go wrong and you need to know what to do.

Your IT operations are supported by your IT network, so, if it gets hacked, there’s every chance that all those PCs you have lined up in your offices will be unable to operate. Naturally, this means that productivity will drop off almost immediately and affect not just you, but also your customers. With good IT practices in place, you significantly reduce the risk of this happening. Mistakes, be they caused by hardware or human error, are inevitable, though, and it’s rare that a business can claim to have defenses which are 100% secure.

Therefore, it’s important that you know what to do when your network is hacked. Rather than have you learn the hard way, through experience, we’re going to save you some of the pain with a quick guide on how to cope.

Steps to Take When You’re Hacked

Most importantly, you need to take the following steps when you discover your network has been hacked:

  • Put Everything On Lock Down: The stealthy nature of hackers means that it’s difficult and time consuming to determine exactly how much of your network the hackers have breached. So, in order to preserve as much as your network as possible, you have to assume the worst: they’ve gained access to everything. And that’s why you need to lock down and change passwords on everything be it folders on a shared drive or your social media accounts. This is the only way to minimize damage. 
  • Learn from the Experience: As we’ve stated, it’s likely that your network will, at some point, experience a security disaster. However, while in the short term this may feel like nothing but non-stop chaos, there’s an important set of learning to be absorbed for the long term. Mistakes are what allow us to evolve and make better decisions in the future, so make sure you take the opportunity to analyze exactly what went wrong and the steps you can take to prevent it happening again. 

Final Thoughts

A hacked network represents every IT professional’s worst nightmare, but it’s important that you understand the best steps to take in this situation. Not only does it prevent network hacks from escalating into more devastating hacks, but there’s also the chance to learn and strengthen for the next time hacker aims an attack at your network.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are the Basics of PC Exploits?

Best Practices, Company Updates, Cyber Security, Disaster Recovery, Ophtek, PC Security, software exploits, , , ,
02
Apr 2019

 

At the center of all unauthorized access to your computers or servers is a PC exploit. What are these exploits, though, and how do you protect against them?

Without the presence of an exploit, hackers find themselves in a position where gaining access to a victim’s PC is incredibly difficult. However, it suddenly becomes a lot easier if there’s an exploit available that they can take advantage of. It’s probably becoming clear, very quickly, that it’s crucial that you, as a PC user, also know about the existence of these exploits. Unfortunately, the level of knowledge that the average organization has regarding the nature of exploits is disturbingly low. And that’s why so many businesses fall victim to PC exploits.

If, however, your organization can begin to understand even the basics of PC exploits, then you stand to make your IT operations considerably more secure.

What is an Exploit?

The simplest way of looking at an exploit is by describing it as a hole in a security gate. Once hackers become aware of this hole then they can easily bypass your security by climbing through the hole impeded. If we’re talking slightly more technically, then this hole isn’t necessarily a hole but some form of weakness in your PC. These weaknesses can be found in operating systems, software code and any applications installed on your network. And the impact that exploits can have on these components can be devastating.

What Does an Exploit Do?

An exploit can work in a number of different ways; most commonly, a PC exploit is used to infect huge numbers of PCs. It only takes one PC to be infected to help kick-start a process whereby this infection spreads across networks within an organization and, eventually, across the world. This allows hackers to execute the following tasks:

  • Malicious software can be downloaded to PCs without the user’s knowledge
  • Vast amounts of sensitive data can easily be recorded and transmitted to remote locations
  • Ransomware can be used to encrypt data and extort payment in return for the un-encrypted data

How Do You Protect Yourself Against Exploits?

Exploits, of course, are the result of vulnerabilities that are already present on your PCs. Therefore, exploits are down to failures by developers and manufacturers in the design and testing phases of their products. As a result, once an exploit has been identified, any decent developer should work on remedying this exploit by producing a security patch. This patch can be installed on any vulnerable PC to effectively seal the hole in your security gate and keep any hackers out.

Final Thoughts

Exploits can cause major disruption to your organization very quickly due to the ease of access that they gift to hackers. Protecting your organization from these exploits, therefore, is vital to keep your PCs online and productive. Time and knowledge are important commodities when it comes to protecting against exploits, so make sure you remain up to date with not just the latest software patches, but also any breaking news on emerging exploits.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Is Public WiFi Safe to Use?

Cyber Security, Free WiFi, Hackers, Ophtek, PC Security, WiFi, , , , ,
19
Mar 2019

Most public spaces from coffee shops through to shopping malls now contain some form of public WiFi, but are these public networks 100% safe to use?

When your office based employees connect to the internet, they’re making this connection through your own network. And this means that you’re able to monitor all incoming and outgoing activity. Rather that monitoring which websites your employees are visiting, though, the main reason for monitoring these connections is to make sure that nothing malicious is entering your network. Remote workers, however, are likely to take advantage of public WiFi as a considerable amount of their work will be completed away from your work connection.

Due to the unique nature of each and every public WiFi network, it’s crucial that you understand the concerns surrounding these types of connections.

The Dangers of Public WiFi

Public WiFi may appear to be extremely convenient, but there are a number of security issues attached to connecting to public hotspots such as:

  • Lack of Details: When you connect to a public WiFi network there’s no way of knowing exactly what you’re connecting to. This, in itself, is a dangerous move and is one of the main reasons why public WiFi is frowned upon by security experts. 
  • WPA2 Vulnerability: Most public WiFi uses WPA2 encryption to protect data, but the security of WPA2 has been called into question over the last few years due to the discovery of a major vulnerability in its code. 
  • Malware Threat: Due to the lack of security surrounding public WiFi networks, it’s very easy for a hacker to position themselves in between the connection point and, for example, your laptop. This allows the hacker the opportunity to discreetly upload malware to your device and execute its malicious payload.

Should You Use Public WiFi?

Clearly, there are a number of risks involved in using public WiFi and the simplest way to avoid these dangers is by completely avoiding these connections. However, there are certain scenarios where it’s crucial that your remote employee needs to connect to whichever network is available. And in these cases you should follow these best practices:

  • Use a VPN: A virtual private network (VPN) is a service that creates an encrypted connection between your device and the remote server of your VPN. Any hacker who manages to intercept this connection will only be able to view a highly encrypted message which will be absolutely useless to them. 
  • Verify the Connection: One of the simplest ways to evaluate the connection on offer is to double check the legitimacy of the available connections with an employee at the location in question. At the very least they will be able to confirm whether the connection is genuine or fake. 
  • Use Anti-Malware Software: Protecting yourself with anti-malware software should be a given, but when people are using remote devices they fail to appreciate just how vulnerable these are. Even the simplest form of anti-malware software provides an effective defense, so make sure your device is protected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are Zero-Day Vulnerabilities?

Backup, Ophtek, PC Security, Updates, Windows vulnerability, zero-day, , , ,
05
Mar 2019

Zero-day vulnerabilities are frequently referenced in regards to PC security, but it’s also a term which most PC users will be completely unaware of.

Any vulnerability that is present in your organization’s IT network poses a significant danger to the security of your data and equipment. Educating yourself and your staff on the dangers posed by these vulnerabilities is an important security practice, so understanding what zero-day vulnerabilities are is a crucial step in securing your PCs.

To help you get started, we’ve put together a quick guide to provide you with a zero day introduction.

What Happens on Zero-Day?

The definition of a zero-day vulnerability is very simple; it’s any exploit or security bug that is present in software or hardware that isn’t patched as the software vendor isn’t aware of its existence. To be considered a true zero-day vulnerability it must also be known to hackers. And this is where it becomes a huge security concern.

With hackers aware of such an exploit (known as a zero-day exploit), they’re essentially granted free rein to continually exploit this vulnerability in the face of little opposition. Therefore, malware can be installed, data can be stolen and whole networks taken down without software vendors and customers being aware of how it’s happening.

Once the zero-day vulnerability has been confirmed and the software vendor made aware, Day Zero is established. Naturally, any period before Day Zero is highly problematic, but even the commencement of Day Zero provides little comfort. And this is because developing fixes and patches isn’t an instant process. Instead, time and effort needs to be invested in creating these patches and ensuring that customers install them as soon as possible.

What are Some Examples of Zero-Day Vulnerabilities?

Now that you understand a little more about the makeup of zero-day vulnerabilities, it’s time to consolidate that knowledge with some real life examples:

  • Microsoft Windows Vulnerability: Even the seasoned professionals at Microsoft are capable of falling foul to zero-day vulnerabilities with one recently being discovered in the system file Win32k.sys. The exploit can be launched by a specific malware installer and, without the relevant patch, can be considered very dangerous.
  • Adobe Flash Malware: Adobe have suffered numerous zero-day attacks and, in 2016, their users experienced a zero-day vulnerability packaged within an Office document. Activating this vulnerability allowed hackers to download malware to the affected PCs and begin exploiting data until Adobe hastily issued a patch.
  • Internet Explorer Loses Control: Microsoft was, again, victim of a zero-day vulnerability in December 2018 when their Internet Explorer app experienced a severe security risk. It’s believed that the vulnerability is exploited by directing victims to an infected website where the hackers can then assume control of the PC from a remote location.

Final Thoughts

Zero-day vulnerabilities are troubling security flaws as their very definition means that there is no immediate protection available. Accordingly, it’s important that your organization takes the following steps:

  • Always install all updates to ensure zero-day vulnerabilities are treated as soon as possible
  • Backup all data and store it correctly in the case of a zero-day vulnerability disrupting your network and productivity
  • Educate your staff on the dangers of zero-day vulnerabilities and ensure they’re aware of the telltale signs of infection

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3