3,000 Patient Data Breach Emphasizes Security Importance

Security,
08
Apr 2015

Data_Breach

A Wisconsin based Chiropractic clinic has leaked data from approximately 3000 patients. Read the story here and learn how to protect your data.

The chiropractic clinic in Wisconsin had to notify all 3000 of their clients regarding an incident which involved their data being breached. It had come to light late November of last year when it was realized that an ex-employee and chiropractic practitioner had extracted critical client information.

The former employee had access to client data to carry out their daily role in the clinic. They went a step too far by stealing client information away from the business. The information breached included details such as client’s names, direct contact details, date of birth, insurance information and even social security numbers. The perpetrator soon resigned after carrying out the dirty deed. Officials believe that this was a classic ploy to solicit clients for the perpetrator’s own gain.

What was the motive?

Without a customer base, there’s no business. So what makes customers highly valuable besides what they may spend on your product or service? In short, it’s their data. With client data, a business will have a deeper insight into the demographics of their client base, along with contact details and other personal information. There is much power to be gained by having a list of hot leads.

In this case, this former employee has stolen the business right from under the clinic’s feet.

How to protect your business from data breaches

Although it’s easier said than done, simply setting up protective measures to safeguard your business information is an essential step.

Practical solutions that can be implemented right away

Non technical solutions

  • Be sure to carry out background checks to ensure that potential employees have no criminal offences- especially if it pertains to fraud. The same can be done periodically for existing staff.
  • Have new and existing staff sign a disclosure document to protect the business’ data, where breach of data can lead to liability.
  • Training and educate staff on what constitutes potential data breaches.
  • Have your attorney update your company’s T&Cs to protect the business in the event of a breach.

For more ways to secure your data and systems, contact your local IT professionals.

Read More

Microsoft Security Essentials Has Little Effect

Security, Uncategorized, ,
26
Mar 2015

microsoft-security-essentials

Microsoft Security Essentials is not as effective as you may think. Here’s a summary of the last two AV testing evaluations carried out by AV-Test.org.

There mare any anti-virus programs available to install, some are free, like Microsoft Security Essentials (MSE) and others, like Trend Micro, Kaspersky and the like are paid with free versions available providing less features such as real time scanning.

Are paid ones any better than free AVs? A better option is to run Malwarebytes. We’ll conclude a little later.

AV-Test Results

AV-Test.org is an is an independent test center based in Germany  where they  carry out tests to evaluate which anti viruses can withstand a variety of malware. This particular test involved approximately 12,327 different malware, along with 153 emulated zero-day attacks, on Windows 7 machines.

Out of the 28 tested AV programs tested, Microsoft fared poorly by failing to protect its own operating system. In fact it came in last compared to all their 27 competitors.  These tests were carried out in December 2014 and they measured usability, performance and protection, which resulted in classifications.

This is not the first time Microsoft came last here.  They’ve also come last in the previous run of tests in 2013. They had gained top marks for MSE usability and were above averaged in performance but scored a big fat zero in the most critical part, to protect against malware!

Microsoft’s Perspective

In defense of Microsoft’s AV-test results, Joe Blackbird, representing Microsoft, wrote in a blog about it. He spoke out against the malware attacks tested by AV-Test, and stated that they’re unlikely to occur in the wild to pose a major risk to users. To support his statement, he mentioned that 94% of the samples carried out in the test were not picked up by MSE and didn’t even end up infecting their systems, hence not posing a serious risk.

Overall, Microsoft has made it clear that the AV-test results in the past does things differently as opposed to prioritizing their protection based on actual real malware threats.

Are paid anti-virus programs any better than the free ones?antivirus

Based on AV-test results, it seems like it’s highly likely. However, not all paid solutions offer the best protection. For instance, McAfee Internet Security is a paid solution and it was not far off from being the worst in protecting from the list of Malware threats. They were next to last on the list, with being only slightly better than MSE.

The highest rated AV from the test results to offer the best protection against malware attacks is Kaspersky, which happens to be a paid solution.

You do not need to necessarily go out and spend money on an AV. However, if you do run MSE, a better option is to run Malwarebytes, which is effective and free.

For more ways to secure your data and systems, contact your local IT professionals.

Read More

What is browser hijacking and why is it so common?

Security, ,
22
Mar 2015

Major-Browsers

Browser hijacking is very common nowadays. Whilst it may not seem like a trivial issue at first, it can turn into a big nightmare!  Read on to find out why.

What is browser hijacking?

Browser hijacking occurs when a web browser is taken over by an unauthorized program, which runs without the user’s permission. We’ll outline three factors as to why it’s common.

  1. Homepage is taken over
    Automated changes are made to the browser’s settings, which usually leads it to replace the current homepage settings with its own designated search page.
  2. Tracks browsing habits
    The aim of such hijacking is to spy on your browser activity and record your personal information.  This information is then sold to advertisers.
  3. Forces users to search through a specific search engine
    Searching through an unknown search page will allow your data to be tracked. Web page redirection may also happen over to a website in order to make money from visitors by presenting search results from paid advertisers.

Some web browser hijacking can be easily cleared, whilst others can persistently remain on your system and reappear even after any attempts at clearing it.

How does browser hijacking happen?

 

No ads when browsing the internet

Many such hijacking programs present themselves as an offer on a website or are commonly bundled with free software. They are designed to trick people into installing browser hijacking programs. This strategy can also invite additional malware to become installed onto the system, creating further problems, to only end up with a heavily infected computer.

Some examples of hijacking browsers, from hundreds and thousands out there, include:

  • Astromenda Search
  • TV Wizard
  • Onewebsearch
  • CoolWebSearch
  • Conduit Search
  • Coupon server

A truly infected computer will open the doors to a barrage of undesirable hacker activity, which is why this problem should be addressed ASAP.

How to prevent browser hijacking

The main causes of browser hijacks to originate from free software download sites and from advertising. These downloads and malicious ads bundle spyware and, what we like to state as, “pretend-ware” – useless programs.

Even “trusted” vendors who offer free software may include unwanted software to be installed by default. Therefore we suggest being extra vigilant and follow our advice, which we’ll disclose later on.

Examples of added software may include, for instance, search tool bars, pc cleaners, registry fixers, and even nastier programs such as other Trojans and viruses.
What is deemed as “free” will eventually come at the cost of the user, who contrary to what most people think, is the desired product! To elaborate further on this, it’s actually people and their information that are worth a lot more than free software. The ones who fair the best are the companies behind it all, and that’s why freeware is free- it’s the incentive to attract people.

There seems to be a fine line between what is considered acceptable and what is, to put it in other words, criminal activity.

If downloading Freeware is a must …

hijack1-e1269202797108-670x670

For more ways to secure your data and systems, contact your local IT professionals.

Read More
Fix Failed Windows 7 Update
Fix Failed Windows 7 Update

What To Do When Windows Update Won’t Work

Office IT, ,
19
Mar 2015

5-installing-updates

Windows updates are always around the corner. Fixing Windows update when Windows update isn’t working is as important as keeping your antivirus up to date.

Just when you’ve finished installing that large update that took forever finish, another 20 pop up the next time you boot. It’s annoying but it is a necessary evil for every PC user. The updates patch security holes in your system so hackers and other cyber criminals can’t exploit them to gain your information or take control of your computer. Sometimes Windows update won’t work however.  Not being able to install these updates leaves the users computer vulnerable to attack.

Here are a few ways to make sure the updates are pushed through to maintain your business’ security and stability.

1. Use a system restore

A system restore point is a snapshot of your computer’s working state at that moment in time. Many Windows events automatically create restore points of your system but you can also manually create your own.

System_Restore

Chances are that you have a few restore points in your system already. To restore your system to an earlier state, you need search for system restore using the Start Menu and open it. Once open you will be greeted with a page to start a restore, click Next. Check the box on the bottom left to show more restore points.

SystemRestore

Each restore point will have a date and time stamp to indicate when it was created. All you need to do is pick one prior to when you were having the Windows Update issue and restore to that point. This should fix most of your issues.

2. Manually download the update installer

Each Microsoft update also comes in its own installer package that you can download directly from the Microsoft website. In order to download the update you must know its update KB number, which you can find from the windows update page on your computer.

Win7-SP1RC-windows-update

Next all you need to do is install the update like you were installing any other program and hopefully your windows update will come out of its rut.

3. Download the Windows Update and Automatic Update Reset tool

Windows_Update_Reset_Tool

If all else fails you can install this handy tool created by the Microsoft Fix it team. This program should resolve most of your issues. You can run the program in default mode first and if that fails then you can run it again in aggressive mode to make sure everything gets patched.

 For more ways to keep your business data safe and your operations running smoothly, contact your local IT professionals.

Read More

What Are Your Data Encryption Options?

Security,
16
Mar 2015

encryption

We invest so much time on our devices that we forget they contain some of our most sensitive information.  Here are 3 data encryption options to consider.

Encryption is a method of transforming your data into something that is illegible to anyone without a key. The key, often a long series of letters and numbers, is what returns your data back to its original state so you may access it again.

There are a number of methods for you to protect your sensitive information on your device.

Whole Disk Encryption

This type of encryption encrypts your entire drive and everything on it. You can encrypt any number of volumes or drives that are connected to your computer. If your hard drives are physically stolen out of your computer, the thieves wont be able to access them without the right key. This is good practice for businesses that keep their data locally on a server. If you happen to have the Enterprise version of Windows on your device then you have the built in Bitlocker software bundled with your OS for free that can encrypt all your drives. There are also free open source options for you if you do not have the right version of Windows.

veracrypt

A great free option is VeraCrypt, the spiritual successor to the wildly popular but now defunct TrueCrypt.

File Encryption

A drawback of whole disk encryption is that your device may take a slight performance hit for being entirely encrypted. For some that is not worth it if they only have a few files or folders to encrypt. If you often have to share your computer with family members or friends this is a great solution. This option lets you encrypt files and folders with just a few clicks. It puts a password on the folder in before allowing access to it. In most cases all you have to do is right click on the file or folder and press the encrypt button. You are then shown steps to follow to complete the encrypting process.

axcrypt

AxCrypt is a great free utility that seamlessly integrates with Windows so encrypting your folders are just a few clicks away.

Compression Encryption

This is very similar to file and folder encryption. It’s possible that most users who have come by a .zip or .rar file already software to see the file contents. What you may not know is that these programs can compress your file size and encrypt that file at the same time. They also seamlessly connect to windows explorer making it just a few clicks effort to encrypt and compress files.

7-zip_encryption

Popular compression software which supports encryption includes 7-zip and WinRAR.

Encrypting your sensitive information is good practice for anyone with critical or sensitive information. Once the device has been stolen or the data accessed by a third party, it’s too late.

For more ways to protect your sensitive business data, contact your local IT professionals.

Read More
1 39 40 41 42 43 48