5 Best IT Practices for Small Businesses

Backup, IT Best Practices, Power Protections, Security, Technical Support, Updates, , , , , ,
09
Jul 2018

It’s important for small businesses to make the most of their IT capabilities, so understanding what the best IT practices are is paramount.

If you can implement the right IT practices in your organization then you’re clearly a smart thinker as it can only lead to increased productivity. However, for a small business this isn’t always the easiest strategy to formulate. The cost of investment can often restrict your use of brand new technology, so you need to be a little bit smarter. And the good news is that costs can be kept to a minimum.

To help you get started on getting the best out of your IT, I’ve put together a list of five best IT practices for small businesses.

  1. Backing up the Right Data

Backing up data can be an expensive process. Not only is physical storage costly, but cloud storage can soon start totting the dollars up. However, this is all dependent on the amount of data you want to back up. Therefore, if you can reduce the amount of storage you need to backup, you can reduce your storage costs. The best way to achieve this objective is by thoroughly researching how your data is used and determining exactly what you need to backup.

  1. Staff Security Knowledge

Cyber security should be a major concern for all businesses, but for a small business it’s crucial. With a wide range of new cyber-attacks such as ransomware and phishing emerging every day, the risk of your business operations being disrupted is high. Whilst firewalls and carefully secured, partitioned servers can make a huge difference, it’s even more useful for your employees to understand good security practices. All it takes is one malicious email to be clicked on to bring your organization to a halt, so ensure that regular refresher courses on security threats are conducted for your employees.

  1. Install all Updates

Keeping on the security theme, it’s essential that all updates for your software and hardware are installed as soon as possible. Once your IT equipment becomes even slightly out of date then it’s at risk of becoming vulnerable to hackers. However, if all the latest updates and firmware upgrades are installed, then you’re improving the defenses of your data no end.

  1. Good Power Protection

Your PC technology is important, so you need to ensure that it’s protected from the damaging effects of power outages and surges. Not only can these events reduce the lifespan of your technology, but they’re also capable of wiping data if they happen in the middle of a backup. To counter this risk, it’s vital that backup hardware comes with adequate battery support to keep backups running. Likewise, ensuring that your servers have reserve power supplies which are uninterruptible can help keep your data accessible and safe at all times.

  1. Provide Good Technical Support

Your business needs professional IT support, there simply isn’t any other option if you’re working with PCs. And when I say professional, I mean professionally trained and not a hobbyist who likes to tinker with their PC every now and then. Knowledge, after all, equals authority and when you’re working with complicated technology, you need as much authority as possible. Maybe this will be outsourced or maybe you’ll build an in-house team, either way it should be a priority for your organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Hacking the Internet of Things For a Few Dollars

Company Updates, Cyber Attack, Hacking, Internet of things, IOT, Security, Security Threats, , , , ,
06
Mar 2018

The Internet of Things (IoT) has many security concerns, but perhaps one of the most pressing worries is that IoT devices can be easily hacked for just a few dollars.

A group of elite hackers have recently demonstrated the ease with which a hardware hack can be unleashed to take control of IoT devices. All they require to carry out the hack is an SD card reader, the ability to solder and a length of wire – all in all, this should come to around $10. And once they’ve taken control of the device they can not only exploit any data on there, but also use it as a stepping stone to get further into the network it’s on.

With the number of IoT devices expected to hit the 20 billion mark by 2020, the risk of attacks on these devices is only going to get greater and greater. And, for a business, where nearly every employee will have access to an IoT device, perhaps it’s time to get acquainted with this low cost and easy to deploy attack.

Hacking on a Budget

The hack in question is a flash memory attack and, as such, targets IoT devices which have a flash memory – in particular a form of memory known as eMMC flash. It’s likely that you’ve never heard of eMMC flash, but it’s built into a wide range of devices such as smart TVs, cell phones, tablets and even refrigerators. Just think about how many of those devices are in your organization and connected to your network – that’s right, it’s pretty scary. What, though, is this $10 hack?

Well, the hackers – who go under the group name of exploitee.rs – have revealed that they can gain read/write access to devices by taking a flash memory card and soldering wires to five specific places:

  1. Data line
  2. Clock line
  3. Command line
  4. Power line
  5. Ground

This access allows the hackers to start stealing data and to issue commands to the device before taking complete control of it. Once the flash memory card in question is put into an SD card reader, it can then be connected to a PC to glean complete copies of that device’s data inventory. And it’s at this point that the hackers are able to identify zero-day vulnerabilities in the device, vulnerabilities which can be applied to that specific device and any other unit of the same product.

With this information to hand, the hackers are then empowered to launch remote attacks against said device and, potentially, use these infiltrated devices to gain access to the networks they’re connected to. And all of this is possible because hardware manufacturers fail to secure flash memory on their devices, they’re only concerned with creating a front line defense with nothing behind it.

Managing IoT Security Concerns

Hardware manufacturers are slightly off the pace as demonstrated by this budget hack, so for the consumer it’s particularly troubling. As ever, the best advice is to install patches and firmware upgrades as soon as possible. However, when a hardware vulnerability is found it means that it has the potential to leave huge numbers of the same devices – if not all of them – at the risk of being hacked. Therefore, identifying the form of flash memory present in devices may become a major buying point for consumers.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Microsoft Rushes Patch for Printers on Windows

Office IT, ,
23
Aug 2016

c04386354 Even in this so called ‘paperless’ age, almost every business still uses a printer on a daily basis, but did you know that even these can get hacked?

Yes, printers are vulnerable pieces of hardware which can allow hackers to gain access to your systems. And this recent scare was all down to a vulnerability identified in the Windows Print Spooler server. Luckily, this susceptibility was identified and Microsoft quickly released a patch to nip this matter in the bud.

However, it’s a troubling scenario given that we’re not used to our printers being used as a back door for hackers to take control of our networks, so I’ve decided to dig a little deeper into the story.

Hacking a Printer

doom_printer_hack

When a new printer is installed, the files required will be downloaded from the Windows Print Spooler server to get the printer up and running. Usually, the correct files will be downloaded and everything will go smoothly. However, Microsoft discovered a critical flaw which meant that Windows would not handle the installation correctly and this would lead to users not connecting securely to their printer.

This would leave a gap in security which would allow hackers to gain unauthorized system privileges and install their own malware files on users’ systems causing all kinds of security issues. There would also be the opportunity to carry out what’s known as a Man-in-the-Middle Attack which would allow the hackers to take control of information being transmitted by the infected PC and alter it.

Perhaps the most damaging effect of an attack like this is that printers tend to be behind firewalls, so any malicious activity would go unnoticed. What’s particularly worrying about this is that large numbers of PCs are usually connected to a printer, so the potential for infecting other PCs becomes greatly magnified.

Is Windows Secure?

Windows-10-Security

This vulnerability in Windows is particularly embarrassing for Microsoft given their high profile security hiccups recently such as a lack of WiFi security, so this latest threat doesn’t instill confidence in Microsoft’s approach to security. To make matters worse, this recently discovered flaw is an issue which affects operating systems going back to Vista which was released 10 years ago, so a huge number of PCs are at risk.

And it’s not the first time that Windows Print Spooler service has been exploited, so it raises some important questions about how Microsoft continue to monitor security vulnerabilities once they appear to have been solved.

Make Sure You’re Safe

The most important step you can take in combating security flaws such as this is to install all updates as soon as possible. It only takes a few seconds for a hacker to gain access to your systems, so it’s vital you don’t leave that install until the morning.

With vulnerabilities which are built into operating systems, of course, you can’t really put any blame on the end users, but it’s crucial that users look out for the following activity:

  • In this particular case, the ability for the hackers to set up a rogue printer on the network presented itself, so any unusual printer activity could indicate a security issue
  • Systems shutting down of their own accord and any ‘File Installation’ progress bars suddenly appearing could be evidence of malicious code being installed

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Old Server Brings Paris Airport to a Halt

Software,
02
Feb 2016

orly airport

Chaos reigned supreme at Orly airport, Paris recently thanks to a technical fault on an old server running the ancient operating system Windows 3.1.

Yes, you read that correctly, the server was running on Windows 3.1 which is an operating system (OS) launched in 1992 and, as far as we thought, made redundant 20 years ago by Windows 95! It was the ancient nature of this OS which caused so many problems.

Let’s take a look at exactly what happened and the lessons it can teach us on maintaining and upgrading your servers.

All Flights Cancelled

flight-canceled

Pilots and air traffic controllers at Orly airport rely on a computer system called DECOR which helps communicate information about poor weather conditions. As you can imagine, this is crucial for taking off and landing, so it’s a vital piece of software. However, the problem is that DECOR doesn’t run on the lovely new OS Windows 10. Neither does it run on Windows 7. Or even Windows XP.

Instead, it uses the antiquated OS Windows 3.1 which certainly seemed a marvel back in the early 90s, but these days it looks like a dusty relic from the past. And, due to a glitch in DECOR, air traffic controllers were suddenly unable to relay critical runway conditions to their pilots. As a result, all flights were grounded as technicians raced to find a solution.

Outdated Software on Old Server

or6p88

For an airport, having all your flights grounded is an absolute disaster, but Orly airport only has themselves to blame.

Upgrading your software intermittently is very important for the health and security of your servers. By ignoring this practice you run the risk of the following:

  • Loss of knowledge: Alexandre Fiacre – from France’s UNSA-IESSA air traffic controller union – has conceded that they only have three specialists who understand DECOR. One of these is retiring soon and they still haven’t found a replacement. Due to the obsolete nature of Windows 3.1 it’s unlikely any newcomers will have the required knowledge either.
  • Lack of Spares: Outdated servers, naturally, use outdated parts. And this becomes a huge issue when a spare part is required. Many manufacturers these days don’t like to give more than a 10 year lifespan for products, so parts are often made obsolete after this cut off point. And if the parts are no longer available for your server you’re going to face a big problem when they fail.
  • Risk of Hacking: The lack of interest in an old piece of software such as DECOR means that the creation of any security upgrades and patches would have ceased a long time ago. This opens up the software to potential hacking incidents where the client will be left defenseless.

How to Avoid An Orly Airport Incident At Your Business

The simplest way to ensure your servers can be maintained efficiently is to upgrade them every couple of years. Sure, this has financial ramifications, but is less disruptive and embarrassing than having to temporarily close your business.

France’s transport minister has promised to upgrade the Orly’s software by 2017, but in our opinion that’s too late. It should have been upgraded in 1997!

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Microsoft Downloading Windows 10 To Your Machine Anyway

Network, ,
09
Nov 2015

c

By now you will have seen the ‘Get Windows 10’ popup on your PC, but did you know that it’s being downloaded to your system even if you haven’t opted in?

Microsoft has decided to start installing Window 10 on systems and this, of course, is eating into people’s broadband usage, so it’s riled many consumers. It’s not the first time that Microsoft has ‘borrowed’ peoples broadband, so let’s take a look at this latest scandal in a little more detail.

Pushing Windows 10

Many users of previous Windows are more than happy with their current operating systems; after the criticism of Windows 8 it’s no surprise that consumers are a little reticent to trust Microsoft’s software.

windows-10-upgrade-notification

Even though Microsoft is working hard to shout “IT’S FREE!” from every available rooftop, some people are still refusing the upgrade. However, it’s been discovered that Windows is prepping your system to accept the upgrade.

Microsoft is so confident that users will want Windows 10 eventually that they’re downloading it to a hidden folder on people’s systems. The folder – labelled ‘$Windows.~BT’ – is around 3.5GB to 6GB, so counts for a significant section of your hard drive.

It’s an intrusive move on Microsoft’s part and, given the recent spate of Windows 10 security concerns, highlights the software giant as being somewhat arrogant and out of touch.

Microsoft Responds

When questioned about this latest accusation, Microsoft has been keen to point out this being for the customer’s benefit:

“For individuals who have chosen to receive automatic updates through Windows Update, we help upgradable devices get ready for Windows 10 by downloading the files they’ll need if they decide to upgrade.”

Now, of course, almost all of us sign up to the automatic updates as we’re advised it’s the best way to protect the security of our systems. However, it feels as though Microsoft is exploiting this need for security to push their own products at the expense of their users’ choice.

How Do You Remove Windows 10?

Understandably, many users are unhappy with Microsoft’s underhanded tactics, so are intent on removing Windows 10 for good and taking back control of their system.

Remove-Upgrade-to-Windows-10

It’s not as simple as just deleting the ‘$Windows.~BT’ folder as it will just keep re-populating and using up more of your broadband allowance. However, it is possible by going through the following steps:

  1. Go to Windows Updates and click on Installed Updates
  2. Locate update KB3035583 as this is the update which downloaded Windows 10
  3. Windows 7 users need to delete and hide this update along with KB2952664, whilst Windows 8 users should delete KB3035583 and KB2976978
  4. Head to the root directory where your current Windows OS is installed and delete $Windows.~BT
  5. Run ‘Disk Cleanup’ on your system and delete all ‘Temporary Windows installation Files’

Final Thoughts

Is it right to sneak a product onto everyone’s system through the patch management interface?

Despite most Windows updates installing new files on our systems the size has never been an issue. In this instance, however, Microsoft may have forced some users into unknowingly exceeding their broadband limits.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 7 8 9 10