PDCA_Cycle.svg

A backup plan for your IT system in the case of a sudden disaster is crucial to ensure your business continues operating whilst that disaster is rectified.

Many businesses, however, don’t have a contingency plan in place that will allow their IT operations to continue in the case of an emergency. And this lack of preparation can lead to your business having to cease operations and, therefore, hit you hard financially. Naturally, no one can forecast an emergency or a disaster, so it’s important to get something established sooner rather than later.

To understand, in a little more detail, why a business IT continuity plan is so important, we’re going to take a closer look at what it can bring to your business and how to implement it.

The Main Benefits of Business IT Continuity

Say, for example, your business suffers a huge malware attack, this could seriously compromise all the PCs on your network and render them redundant. And how are you going to process orders or bring up customer records then? Exactly – you aren’t! However, with an IT continuity plan in place, you can put this into action whilst your IT team work at eradicating the malware attack – this allows you to continue serving your customers and helps your organization minimize the downtime.

It’s also quite possible that your business premises could be put out of action due to disasters such as fire or even natural disasters which could visit in the form of hurricanes. With your office, for example, out of bounds, it could appear that there’s no option but to down tools. If, though, you’ve planned for occasions such as this, you could execute remote working accessibility for your staff to work from home or alternate premises. Again, this helps to keep your organization afloat and operating.

IT Services are aligned to the customers needs. Dynamic Lifecycle approach to service. Interconnections between processes. Quality of Service. Reduced cost to serve because of use of standard process. ITIL is NOT… A methodology. A complete set of predefined low level processes – only the framework with which to build them.

Creating an Effective Plan

A good business IT continuity plan is one which has been carefully planned and designed by a team which incorporates all areas of your business. Whilst it may seem sensible to have an IT bias towards leading the project, they won’t necessarily understand which data and which applications are most important for different departments. And this is why we would always recommend a team comprising of individuals who can cover all aspects of the business’ needs.

Once this team is in place, you’ll find that the prioritization of IT resources allows you to get a better understanding of what’s required from your business IT continuity plan. Naturally, these plans are never perfect as they’re relying on a situation which hasn’t happened yet. Therefore, to get the best out of your IT continuity plans you need to put them in to practice to discover how effective they are for keeping your organization in business.

As we pointed out earlier, no one can predict when your business is going to be hit by a disaster be it through hacking, natural disasters or even just plain old equipment malfunction. However, what we can predict is that a business IT continuity plan is going to minimize the impact of such a disaster on your business and should be a prerequisite of any forward thinking organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


DNS-Messenger

We’re used to hackers using conventional attack strategies, so, although we can defend these, it means hackers are looking for more discreet attack methods.

And, just recently, hackers have been looking to exploit routes in and out of our PCs which are not usually monitored for malicious activity. It makes sense for hackers to seek out these poorly defended access points as, for hackers, the best hack is an easy hack.

For businesses, though, it raises a lot of questions on just how in-depth and conscientious your security efforts need to be; in order to help you understand the situation and nature of these attacks, I’m going to discuss the DNSMessenger threat.

DNS as a Means of Attack

The Domain Name System (DNS) is the method by which the domain name of a website, computer or network is converted into an IP address which is a numerical code that can be recognized by PCs e.g. one of the many IP addresses for Google is 74.125.224.72

Now, as DNS helps PCs to communicate with many other systems, it provides a very useful route for hackers to breach defenses. Thankfully, it’s very difficult for hackers to hack directly into the DNS channels, but by using a malware exploit they can gain access. And it’s all part of a trend in the evolution of malware.

Users are prompted to download an MSWord document – containing malicious code – through an email phishing campaign which sets the attack in motion. The malicious payload is written in the Powershell language which permits administration tasks to become automated. It’s at this point that the hackers can identify user privileges and plan the next step of the attack which utilizes the DNS.

Using the DNS, hackers are able to send commands directly to the user’s system and effectively have free rein over that system. What’s particularly deceptive (and clever) about this attack method is that it’s very difficult to monitor; few systems monitor DNS traffic and Powershell operates purely in the system’s memory rather than relying on external files which are easily identifiable.

Combatting DNS Attacks

Security-Icon-Microsoft-696x464

Whilst there are niche software solutions that can help protect businesses from DNS attacks, the simplest solution is by educating your staff on the telltale signs of malware and phishing:

  • If you do not recognize an email address then, under no circumstances, click on any links or files contained within it. And, even if you do recognize the sender’s email address, run a quick audit on the email’s content as the sender’s account could have been hacked – badly worded and poorly formatted emails are often a sign of hacked emails.
  • The DNSMessenger attack is only able to unleash its payload once the infected Word document is opened and the recipient clicks on the pop up window prompting them to “Enable Content”. By enabling the content, the recipient is unwillingly giving permission for their system to be hacked, so always treat this request with suspicion.

These preventative methods are fairly simple, but, due to the volume of emails people receive these days, there doesn’t seem to be the time to carry out these quick checks. However, with hackers taking their attacks in new directions which are incredibly difficult to monitor, a few seconds thought could save your systems from a nasty attack.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


3 Reasons To Watch Your CPU Usage

Your computer processor is the brain of your system.  If your processor runs at 100% capacity there could be a serious problem. Here’s why you should check your CPU.

Modern operating systems like Windows 7, Windows 8 and Mac have come a long way in terms of making the most of your computer’s processor.  Multi-core processors have given computers a big boost too.  These and many other factors mean your processor should rarely be used at 100% capacity.  So what could it mean if your computer processor is being used at 99% or 100%?

1. A bitcoin mining virus has infected the system

Bitcoin Virus

Bitcoins are a fairly new form of online currency that can be transferred and used anywhere in the world.  Bitcoins are generated using a computers processor.  However imagine having access to tens if not hundreds of thousands of unsuspecting processors to generate bitcoins for you.  This has motivated criminals to write bitcoin mining viruses that will use your computers processor to make them money.

2. Trojan infections on the computer

3 Reasons to watch your CPU Trojan Virus

A trojan virus allows someone to connect to your computer over the internet.  They can use trojans to view your screen, record anything you type on your keyboard, steal your files or casually browse the data on your computer.  Trojan viruses are one of the leading causes of identity theft and can sometimes be very difficult to remove.

3. Software is malfunctioning or failing

3 Reasons to Watch Your CPU Buggy Software

As hard as they try, software publishers aren’t always able to keep their software up to date and working smoothly with the latest systems.  Often times the publishers will rely on users to let them know when their software misbehaves so they can release an update or fix.  High CPU usage can be a sign of a malfunctioning program so be sure to save your work often.

All managed services clients are automatically covered against high CPU usage.  Here’s how you can check if your processor working too hard.

For more ways to protect your home or office computers, contact your local IT professionals.

Read More


TL-WR1043ND-01

TP-Link is among the vendors affected by the SOHO pharming campaign.

Recently, it was discovered that several hundred thousand routers fell victim to a hijacking scheme that could become a prevalent problem to many internet users worldwide.  The attack, dubbed as a ‘small office/home office (SOHO) pharming campaign,’ was targeting Vietnam, but according to a report by Team Cymru, the SOHO pharming campaign also made its way into regions like the US and Italy.

The criminals behind the pharming campaign took advantage of exploitable security holes in various consumer-grade routers, and from there they were able to redirect users to malicious websites to steal login credentials and/or dropped malware onto the users’ computer.  The scary part about this SOHO campaign is that more than one type of routers are affected.  According to Team Cymru, the compromised routers could be a brand name like D-Link or and off-brand like TP-Link.

soho-hijack

A diagram depicting the ‘man-in-the-middle’ hijacking scheme from Team Cymru.

Cyber security experts found that once the attackers had control of their targeted routers, they changed the devices’ Domain Name System (DNS) settings to force users to send out requests to the 5.45.75.11 and 5.45.75.36 IP addresses.  The new DNS settings then acts as a ‘middle-man’ and redirect users to malicious sites instead of legitimate ones.

While it is easy to point the fingers directly at the people manufacturing the routers, it’s not completely their fault.  There’s no such thing as a ‘hands-off’ policy when it comes to protecting yourself from intrusions by cyber criminals.  That said, there are a few things many router owners can do to lessen their chances of becoming victims to the router hijacking scheme.

  1. Disable router’s remote user-mode and graphical user interface. Disabling remote access will help keep users who aren’t directly connected to your network from accessing your routers’ admin properties.  Disabling the GUI will, reportedly, mitigate the likelihood that someone can find a hole in the routers’ software.  Instead of making changes to the routers’ setting via a graphical interface, try to change the settings via command lines.
  2. Corporate networks may want deploy tracking systems (i.e. an HTML code on the externally facing servers) to detect possibly malicious IP addresses.
  3. All SOHO router settings (especially DNS) should be controlled at the host level.
  4. Admins must proactively monitor router settings periodically to ensure that the router’s DNS is pointing at those that belong to their internet service providers (ISP).

These are just a few of the basic security measures you must consider if you or your organization is using a SOHO router.  Should you have any questions or concerns regarding the recent SOHO pharming campaign or what you should do tighten up your network security, contact our IT professionals.

Read More


gmail-dash

Google didn’t get to where it is now if it offered only a search engine.  GMail, a member of the GApps family, is perhaps the crown jewel of all the services that Google has to offer.  So what makes Google’s email service more appealing than its competitors?  Why should a business move its email system to GMail instead of relying on services offered by the hosting company which already maintains its website? Below are some of the reasons why we think GMail is such an appealing service:

  1. Spam filter—Unwanted emails are perhaps the reasons why many of us dread checking our emails each morning.  Google has put a lot of effort into developing an extremely good spam filtering system that will send most (if not all) of the unwanted ad/scam/phishing content into the junk bin.  From time to time, one of these dubious emails will sneak past the spam filter, but at least you can instantly notice the bad egg if its among 20 or so legitimate emails you have in your box.
  2. Security—The first step to keeping your digital information safe is to create a good password for your account.  After you’ve done that, it’s up to Google to handle and store this information in a safe vault (not literally of course).  Google enforces secure transmission of your personal messages by encrypting them via the Secure Socket Layer (SSL) protocol.
  3. Automatic sorting—This GMail feature was only recently added, but we have to admit it’s pretty awesome.  If you’re a heavy social media user, chances are your inbox is flooded with notifications from Twitter, Facebook and whatever else you’re into.  GMail sorts out the different types of emails into three tabs: A ‘Primary’ tab, which receives all your important emails, a ‘Social’ tab to store all your social media/networking content, and a ‘Promotion’ tab that contains some of the less spammy ads (deals from Amazon and such).
  4. Speed and uptime—If you’ve been using the internet every day for the last ten years or so, can you recall the number of times Google.com was down?  Maybe once or twice?  If the servers were ever down, we can’t recall it happening. For that exact reason, we can say we’re confident in how Google handles its datacenters so users can have access to all the services it offers 99.99% of the time.  Moreover, Google has invested heavily in its infrastructure to ensure that most of us can access things like GMail in a timely manner.  By timely, we mean broadband users can essentially pull up anything from their inbox in a blink of an eye.
  5. Capacity—There once was a time when most email services offered just a few MB of storage, but that ancient tradition has since been squashed by GMail’s 15GB of free space.  Most emails are just a few hundred KB in size, so just imagine how many emails you can save if you have 15GB.  You also have the option of sending emails with a 25MB attachment, and if you signed up for Drive (Google’s cloud storage solution) you can ‘attach’ a 10GB file.  The 10GB file won’t be directly sent to your recipient (imagine losing 2/3 of the inbox storage in just one email!) as the file is actually stored in Drive as a shared file.
  6. Accessing Google goodies from GMail dash—Lastly, if you’re a Google fanatic and use services like YouTube and Hangout, these services are readily available right from the dashboard.  Thus, there’s not need to manually type in the individual service URLs to get to these pages. What Google basically did was bookmarked most of the services it offers into the GMail dash so you don’t have to do it through your browser.

For small businesses (and even large ones), GMail is an indispensable tool.  One GMail account gives you access to a slew of other Google-derived applications.  Services such as Calendar, Hangout, Docs and Sites all sync with one account.  That means, you can easily access any of the documents or services you started via GApps under one handle.  The added benefit of being able to integrate personal or business domains (i.e. Janesflowershop.com) into the GMail system will greatly improve your workflow and information management. All the pros that we’ve listed above are either not offered via webhosting emails or are just too clunky to work.  For help moving your email to GApps, contact your local IT professional.

Read More