Special Report – From the Mind of a Cybercriminal: Reasons Why YOU are a Target

Cybercrime has been a rising trend in the past 10+ years, and it only seems to be getting worse as the criminals continually become smarter and more organized. The scariest aspect of cybercrime is that it has truly evolved into a bona fide industry. From malware-as-a-service to security breaches and inside jobs, it continues to grow and flourish. In 2015, cybercrime on average cost US companies $15.42 million in damages per company attack alone. You more than likely have heard about some attacks in the past few years on large companies such as Target in 2014 or most recently, Ashley Madison in 2015, and you may be thinking that a firm of your size would be of no interest to cybercriminals. You would be wrong to think so, and a deeper look into your internal environment as well as the external environment of cybercrime will provide you not only a better general understanding but also the tools that you need in order to protect yourself. 

chartoftheday_4994_most_cyber_attacks_are_an_inside_job_nSome shocking Cybercrime statistics:

  • The United States was the most attacked in 2015 than ANY OTHER COUNTRY
  • 60% of the time, cyberattacks are an INSIDE JOB, 44.5% of which are from malicious insiders
  • In the past 10 years, large-scale data breaches have compromised the data of some 918 million users in the US alone

External Problems: The Cybercrime Environment Today

With a country as technologically advanced and focused on protection and security as the US is, it may have come as a surprise that we are so heavily targeted. The US however, has become such a target due to not only how relatively cheap it is to infect in respect to other countries, but also the size of the return that these criminals see on these highly inexpensive attacks. It costs less to infect in the US than any other country or region. On average it costs Cybercriminals about $0.07 per infection in the US; it costs twice as much to infect in Asia and Australia, $0.14 per infection, and $0.11 in Europe. While the average cybercrime costs companies $15.42 million in the US, they cost Japan $6.81 million and the UK $6.32 million; a significant correlation when the cost is taken into consideration. US entities affected by large scale data breaches in the past 10 years include Adobe, eBay, the US Military, Target, and Ashley Madison.

The bottom line is that cybercriminals spend less to make more in the US, and it’s not helpful that we have seen decreased media coverage of high-profile breaches. The media does not take these breaches as seriously as they should, which has caused many top executives to retain the belief that their organization will not be targeted. It is important to understand that these companies have teams committed to their IT security and yet cybercriminals were still strong and strategic enough to get into their systems. If these criminals were able to victimize these large countries, then your firm is more than likely a piece of cake for them to infect. You are never 100% guaranteed safety from attacks; there is always a chance that you will fall victim to cybercrime but you can lessen your chances with awareness and implementation of online security policies in your firm.

Cybercriminals are highly effective due to the way they have adapted to the digital environment. They no longer work individually on small scale projects; they have learned to work together and help one another, thus becoming stronger. Their incredible sense of synergy is a major factor in their newfound strength as they tend to collaborate across various groups to combine a wide variety of intelligence and attack methods, utilizing multiple strategies, or blended attacks. They do their research, assess your physical vulnerabilities, look at what you are working on, utilize technical exploits, and look at open source intelligence opportunities. They essentially engineer themselves into a position in which they can cause you the most harm. Furthermore, the concept of malware-as-a-service has become a trend, essentially putting highly sophisticated cyber tools in the hands of criminals with no cyber expertise. The ability to organize cybercrime has taken malware infections to a whole new level, and likely one of the reasons a new strand of malware is popping up consistently.

It is vital to stay educated about the rapidly changing external environment to understand why your firm should be so diligent about protection against cybercrime. That being said, it is important to know what you do in your business that makes you a target, and to accept that some of these apply to the nature of your business; they usually cannot be changed. Being aware of these vulnerabilities will give you the necessary knowledge to look into ways to better protect your firm.

Internal Problems: Your Company’s Environment and How it Makes You Vulnerable

Aspects of your business as a law firm that expose you to the risk of cybercrime:

  1. You are connected to the internet – protect yourself with a secure network that is up to date, firewalls with threat protections, and regularly-changed passwords
  2. You maintain client data – regular backups and encryption will help protect your data in the case that you are hit with malware
  3. You work with data that contains sensitive and confidential information: the more detailed and complete your datasets are, the more likely you are to be a target; top data targets include intellectual property and databases of personal information about employees, partners, suppliers and customers which can be used for identity theft and fraud – stay compliant and protect your data
  4. You are a firm in the highly targeted realm of professional services – there is nothing you can change about this unless you wish to change your business altogether, so heed warnings, stay up to date on the latest ransomware, and continue to protect yourself to the best of your abilities
  5. You have employees: studies show that 60% of cyber-attacks are an inside job with 44.5% of those attacks being from malicious insiders. – be aware of who you are hiring, train your employees well on all processes including security procedures, and implement security policies company-wide with no exceptions.

You may still be wondering why a cybercriminal would waste their time attacking your small firm when they could attack larger entities. From the mind of a cybercriminal, your small firm is the ideal target. It is likely that a firm of your size does not have the same security budget that a larger company or firm would have; smaller companies and firms tend to have a less sophisticated cyber security in place and do not enforce the same level of data protection protocols as their larger firm counterparts. They will exploit vulnerabilities and weaknesses or gaps in your policies and procedures, such as the failure to check something more than once. Small targets also can mean big rewards; although you are a small firm, gaining illegal access to your data can assist a cybercriminal to later hack into a larger entity that you may have done business with. When you are doing business with a large company or firm, you may have passwords and other electronic access to their systems that will be far easier for a cybercriminal to attain through your entity. They will also masquerade as company officials to divert payments, aka “spoofing”; not just as officials inside of your company but officials of large companies and firms that you do business with.

To reiterate, a few of the best lessons and tips we can provide you include the following:

– Keep in mind that businesses and firms are being tricked by email notifications into sending payments to criminals before you act on an invoice

– Remember that blended attacks are becoming increasingly common using any and all opportunities

– Good data governance policies and procedures are key to limiting harm in a breach

– Keeping all software up to date provides criminals with fewer weaknesses to exploit

The cybercrime environment has become a frightening one, all things considered. It shouldn’t stop you from operating your business, but you need to be aware of threats to your business so that you can be proactive in fighting them. When WAMS is your IT partner, we assess your network and work diligently to ensure that you are protected and have the tools that you need to safely run your firm’s business. Please, always feel free to contact us with any questions at (800)421-7151 or email alopp@wamsinc.com.

Dual Monitors and Their Advantages

Certain things should always come in pairs: shoes, glasses, and, yes… computer monitors. While many would agree on the first two, the third not so much. The idea of working with two monitors strikes many as unconventional. Though sticking to familiar territory feels safe, safety isn’t enough to run a successful business. Not ready for the dual monitor journey? These six reasons might help change your mind:

Enhanced Productivity

Published studies conclude that by working with dual monitors, overall productivity increases by 20-50%. Computer programmers, for example, can use one screen for source coding and the other for programming; by using dual monitors, they no longer need to toggle back and forth between tabs. This reduces error and frees up time to complete more projects.

Better Multitasking

Efficient multitasking requires adequate screen space to keep multiple applications simultaneously visible — a view that single monitors alone simply cannot accommodate. Workers who require computers, like customer service reps and web designers, would no longer waste time switching between tabs and resizing windows to fit the limited space; they could now focus on completing their tasks accurately and efficiently.

Easier Cutting and Pasting

This reason resonates with jobs that call for creating newsletters or PowerPoint presentations. Dual monitors would eliminate the need for alternating between tabs and scrolling up and down as you work. Also, the enhanced visibility reduces chances of making mistakes and thus losing more time fixing them.

Image and Video Editing

With dual monitors, the days of stacking numerous editing tools on top of the image or video you’re working on are long gone. Instead of your screen looking like a game of Mahjong, you can put the editing tools on one screen and leave the image on the other. With better visibility, you’re less likely to commit errors and more likely to be finessed, and you’re not sacrificing valuable working time in the process.

Product Comparison

You want to buy a camera, and you have two models in mind. It’s time to make a decision, so you have to compare their specs. If you had only one monitor, you’d need to go back and forth from one tab to another. But if you had two monitors, you could view the models side-by-side to help you clearly see their differences and make an informed purchase.

New Gaming Experience

Working hard means you get to play hard – what’s better than a gaming session? The answer is a relaxing gaming session on dual monitors! With more screen space, you can see enemies from afar, anticipate their actions, plan your retaliation, and attack!
Dual monitors benefit almost every industry because of the enhanced visibility, larger screen space, and how you can briefly nap behind them without getting caught! (though we don’t recommend it) Using dual monitors can enhance even your leisure time activities as well.

Broaden your horizons by getting in touch with us at 800-421-7151. We’ll answer any questions you have.

Coming Soon: 6 Exciting Updates to iOS 10

iOS 10 may still be in its beta stage, but Apple loyalists have grown accustomed to a level of hype in the months leading up to a new product release. Despite the announcements and presentations wrapping up last month, we’re just now getting wind of the unbiased opinions from developers who have courageously installed the upcoming version of iOS – and the news is good. Here are six of the most exciting new updates to Apple’s seminal mobile operating system.

New Lock Screen

Changes to any mobile operating system (OS) almost always include updates to the lockscreen. However, this is no ordinary update. For the first time since the iPhone’s release in 2007, there’s no ‘Slide to Unlock’ feature. Instead, the screen provides in-depth, 3D touch-activated notifications displaying more detail than before without having to unlock your phone. The iPhone will automatically display the lock screen any time you pick it up, and you can unlock it by pressing the ‘Home’ button.

New Widgets

Another upgrade visible on the lockscreen and homescreen is the long-awaited addition of ‘widgets.’ These are basically compartmentalized apps that run on a portion of your screen without having to open the app entirely. With iOS still in beta, the list of available widgets is already quite long, but iTunes controls, weather and calendar are a few of the standout native widgets. Don’t worry though, Apple is allowing third party widgets from the likes of ESPN, Google Maps and Amazon. They can be accessed by swiping from left to right on your lock screen or page one of your home screen.

3D Touch On Control Center Shortcuts

The iPhone 6s has been out long enough that most people have had a chance to interact with its 3D Touch feature, which performs different actions based on how much force you apply when tapping the screen. When combining 3D Touch functionality with the ‘Control Center’ dock that appears with a flick of the finger from the bottom of the screen upwards, each function displays ‘Favorite’ actions. For example, if you use a slightly more forceful touch on the Camera shortcut, you’re presented with the options to jump straight to Traditional, Slow Motion, Video or Selfie recording.

New/rich Notifications

We see a lot more of 3D Touch throughout iOS 10, and another place it’s quite evident is notifications. Whether it’s on the lock screen or the notification center, a strong 3D Touch will open a small window that allows you to interact with that app without opening it completely. This is especially helpful for replying to messages and emails. In addition to this – something that may seem small to some, but huge to others, is the ability to hide all your notifications with just two taps. Simply press hard on the ‘X’ button in the upper right, and then click ‘Clear All Notifications.’

Handwritten Messages

The iPhone’s native Messages app got a thorough overhaul, but we’ll leave the discovery of emojis, invisible ink, and ‘fireworks’ for another time. Those don’t have much place in the business world, but handwritten messages certainly do. Give your professional messages a more personal, attentive touch by writing responses with your fingers with the app’s Digital Touch option.

‘Delete’ stock apps

Unfortunately, you can’t get back valuable storage space by deleting unnecessary native apps. But you can finally remove them from your home screen. Don’t have an iWatch and don’t see why you need to have the app on your phone, albeit tucked away in a folder on page three? Press and hold on the app, tap the shaking X, and tap ‘Remove.’ All gone.

iOS 10 is one of the most significant updates the iPhone has ever received. It’s still another month away from widespread release, but if you’d like to install the beta now, or you just want to learn more about how to automatically convert text to emojis, we’re your guys. Open up your boring, old Messages, and drop us a line. We’ll have you sending handwritten messages in no time.

Enhance Windows 10 with These 7 Features

In today’s modern age, being great simply isn’t enough. With enhanced efficiency, appealing aesthetics, and unparalleled user-friendliness, Windows 10 goes the extra mile to be the best. The new update boasts nifty tips and tricks that help users up their tech game in no time. Here are seven tips to help you become a Windows 10 power user:

Master Virtual Desktops

Virtual desktops allow for better utilization of screen space. You can span your applications and windows across multiple “virtual” desktops. Create one by clicking on the “Task View” icon (located at the right of the Cortana bar) on the taskbar, then click “+ New Desktop” in the lower right corner and add as many desktops as you wish. To move an application to a new desktop, merely drag it into the virtual desktop on the bottom.

Next-level Screenshotting

The original screenshotting methods on Windows include Windows + Prt Scn, which captures the screen and saves it into the Screenshots folder; and Alt + Prt Scn, which captures the screen and copies it to your clipboard.
Introducing the new built-in Snipping Tool. On top of capturing a full screen screenshot, other capturing options range from a free-form rectangle to a specific aspect ratio or even an entire window as well. You can also set the capture to delay a screenshot by a set interval – this comes in handy when you want to screenshot a YouTube video minus the playback controls.

Shake and Minimize

For users who aren’t aware of this trick, you can grab a window by its bar and literally shake your mouse. This causes all the other windows to automatically minimize.

Professional Windows Snapping

Snapping windows to certain parts of the screen is ideal for multitasking. You can now organize and monitor different applications more seamlessly. Make the most of your screen space with the following tips:
Drag a window to the right or left to split it in half. Drag a window to a corner to reduce it to a fourth of its size. Drag a window to the top to maximize its size.

Record Your Screen with the Xbox App

After launching the Xbox app, go to the app you wish to record and press Windows + G. You’ll be prompted with a window that asks: “Do you want to open the Game bar?” Click on the “Yes, this is a game” box and let the recording begin!

Talk to Cortana like a Person

Aside from typing your requests, you can also use natural language to ask Cortana to locate your vacation photos, or provide directions to your friend’s house. No date needed, just specific words and she’s all set. Cortana is also synced with your calendar, so if you’re ever unsure when your meetings are, Cortana will gladly double-check.

Automatic Battery Saver Mode

When activating battery saver in Windows 10, you can limit your portable devices’ background activity and push notifications to prolong battery life. Battery saver also kicks in automatically once your battery life is lower than 20%. To customize your own power threshold as well as which applications you allow to run in the background, go to Settings > System > Battery saver – voilà!

Make the most of Windows 10 with these tips and upgrade your user status from regular to power. Regardless of what you’re using it for – arranging your meetings or planning your vacation – make each computing experience a memorable one. Want to hear more of the latest Windows 10 news and updates? Contact us today.

5 Tips to Help Deal with Security Headaches

Keeping your company data safe and secured is not an easy job, especially as cyberattack threats get more and more sophisticated every day. But fret not, there are a lot of simple solutions that can be achieved with almost any level of tech expertise. In this article, we’ve listed 5 of our favorite cybersecurity tips that will help you deal with the ever increasing threats to the safety of your data.

1. Two-Factor Authentication

Did an attacker get your password? With two-factor authentication they’ll still need your mobile device to do any damage. Here’s how it works: every time you log into a service that requires a password, the service will send a code to your mobile device for another layer of authentication. Nowadays, most internet services have this option: Google, Facebook, Twitter, Instagram, Skype, Slack, etc. Check a full list here to see if you could be using two-factor authentication on any of your online accounts.

2. Password Manager

Say goodbye to the bygone era of memorizing a long list of different passwords for the various websites and services you use. Password manager software may have been around for a long time, but it’s still a viable solution for improving your login integrity. After installing it, all you need to do is create one secure master password and let the software do the rest. It will store and encrypt all of your passwords in one place for future reference and help generate random, more secure passwords for any new logins.

3. Keep All Software Up to Date

Update all of your software and your operating system as often as possible – it’s that simple. New versions come with better protection and fix any newly discovered loopholes. If you are too busy or can’t find the time to do it, check for an automatic update option. Any excuse for postponing updates will feel a lot less valid when it means a security breach or system crash.

4. Disable Flash Player

Adobe Flash Player may be what allows you to play Candy Crush during your work breaks, but it has boasted such a poor security record that most experts recommend that users block the plugin entirely. Most internet browsers have the option to block Flash by default, while allowing you to enable blocked content you deem acceptable by simply right-clicking and selecting Run this Plugin.

5. HTTPS Everywhere

When dealing with technology, long acronyms tend to scare off novice users before they even make it to step two. But don’t panic, there’s only one step to this trick. ‘HTTPS Everywhere’ is a browser extension that forces your browser to automatically navigate to sites using a secured encryption, if the site allows it. The thing is, a significant percentage of websites offer HTTPS connections but don’t present them as the default. When that’s the case, ‘HTTPS Everywhere’ gives your browser a gentle nudge in the right direction.

While in-depth security measures need to be implemented and managed by experts, little steps like the ones listed here can be just as important. Check back often for more helpful cybersecurity tips, but if you have more urgent security needs for yourself and your business, our experts are ready and waiting to offer a helping hand – why not reach out to us today? (800)421-7151.

4 Ways that Hybrid Clouds Benefit Your Firm

Here on earth, clouds are relatively simple phenomena: visible masses of water vapor making their way across the sky. But in the world of IT, “the cloud” is a bit more complex, referring to technology that allows businesses to take a more hands-off approach to managing their IT resources. Also, the “hybrid cloud” is rapidly becoming the most popular variety.

Hybrid clouds, as the name suggests, are a version of cloud computing that are made up of two different components. They are a combination of private clouds (where data and applications that require tighter controls are hosted either internally or privately in the cloud space); and public clouds (which are operated externally by third-party providers with the express purpose of reducing a company’s IT infrastructure).

A recent “State of the Cloud” report indicates that 71% of all cloud users are now implementing hybrid cloud solutions, mainly because the ways in which they benefit firms and small businesses are so numerous. Here we’ve highlighted what we consider to be the 4 most significant benefits of hybrid cloud solutions.

Cost efficiency

Does your industry go through seasonal workload increases? With a hybrid cloud solution, you’ll be able to easily handle spikes in demand by migrating data from maxed-out on-premise servers to scalable, pay-as-you-go “servers in the sky” whenever needed, without incurring any extra hardware and maintenance costs.

Adaptability

Having the ability to choose between on-site/privately-hosted cloud servers and ones on the public cloud gives you more than just cost flexibility. It also gives you the capacity to pair the right IT solution with the right job, like keeping smaller projects on your local or private cloud, while utilizing the more robust computing resources on offer from the public cloud for your bigger projects.

Scalability

What exactly does this common IT buzzword mean for your organization? In a nutshell, it means that the hybrid cloud allows you to “scale up” or “scale down” on an as-needed basis. So if there are last-minute demand increases that your hardware can’t support, or if you’re simply planning for future expansion, hybrid cloud solutions allow for on-demand increases or decreases in capacity.

Security

Last, but certainly not least, are the security advantages of a hybrid cloud solution. Firms are able to host within the private cloud their more sensitive data such as an e-commerce website or HR platform, while using the public cloud space for less sensitive data where it’s more cost effective and there is less likely to be major problems should there ever be a security breach.
firms can set up their hybrid cloud model in a few different ways, depending on their precise needs and the types of providers available to them:

1. By employing one specialized cloud provider who offers soup-to-nuts hybrid solutions
2. By integrating the services of a private cloud provider with those of a public cloud provider themselves
3. By hosting a private cloud themselves and then adopting a public cloud service which is incorporated into their infrastructure

So as more of our customers’ IT infrastructure moves to the cloud, we’re adapting and developing innovative ways to maintain hybrid cloud environments. What this means for you is we’ve got the know-how to provide outright cloud solutions, or at the very least the expert consultation you need, to ensure that your day-to-day operations transition to a hybrid cloud solution without interruption and in a cost-effective manner. Contact us today to learn more about the benefits that the hybrid cloud can bring to your business at 800-421-7151.

The Latest WordPress Release Fixes Major Issues

Although WordPress is more secure than it used to be, outdated installations can be a potential threat to your website and the data that is hosted on the servers. In an attempt to shut down hackers before they can exploit vulnerabilities, the WordPress security team recently rolled out a new version that patches security loopholes and fixes several known bugs. Read on to find out more about the update.

What’s new in WordPress 4.5.3?

The latest WordPress version includes fixes for more than two dozen critical vulnerabilities, including:
Redirect bypass in the WordPress customizer API
Two separate cross-scripting problems via attachment names
Information disclosure bug in revision history
Denial-of-service vulnerability in the oEmbed protocol
Unauthorized category removal from a post
Password change by stolen cookies
Some less secure sanitize_file_name edge cases
All vulnerabilities were found by members of the WordPress community. In addition to the security issues listed above, WordPress 4.5.3 fixes 17 maintenance issues from its predecessors 4.5, 4.5.1 and 4.5.2 (See full list).
WordPress update process

Many sites have an automatic background update, meaning that website admins will receive an email, confirming the update. If your website doesn’t support this feature, you can trigger manual updates by logging in to your WordPress dashboard and click on the ‘Please update now’ link, which is clearly visible on the top of the page.
Before you perform the update, however, we highly advise you to make a backup of your website. This is so that you can quickly restore your site in the event that something goes wrong. Once you have your backup ready, you can go ahead and update your site with the push of a button. Alternatively you can download WordPress 4.5.3 here and install it via File Transfer Protocol (FTP).

It’s important to update to the newest versions of WordPress to ensure that you have access to all of its functionalities and to keep your data and website visitors safe from potential security threats. Google will also demote websites that are running old versions of WordPress in its search results pages – all the more reason why you should regularly check for WordPress updates. If you have any questions about WordPress security, feel free to get in touch with our experts today.

5 Ways To Spot A Social Engineering Attack

“I’m not going to make payroll – we’re going to close our doors as a result of the fraud.”

Unfortunately, that statement is becoming more common among small businesses, according to Mitchell Thompson, head of an FBI financial cybercrimes task force in New York.

The FBI reports that since October 2013 more than 12,000 businesses worldwide have been targeted by social engineering–type cyberscams, netting criminals well over $2 billion. And those are just the reported cases. Often, due to customer relationships, PR, or other concerns, incidents go unreported.

These unfortunate events were triggered by a particularly nasty form of cyberattack known as “social engineering.”

Social engineering is a method cyber con artists use to lure well-meaning individuals into breaking normal security procedures. They appeal to vanity, authority or greed to exploit their victims. Even a simple willingness to help can be used to extract sensitive data. An attacker might pose as a coworker with an urgent problem that requires otherwise off-limits network resources, for example.

They can be devastatingly effective, and outrageously difficult to defend against.

The key to shielding your network from this threat is a keen, ongoing awareness throughout your organization. To nip one of these scams in the bud, every member of your team must remain alert to these five telltale tactics:

Baiting – In baiting, the attacker dangles something enticing to move his victim to action. It could be a movie or music download. It could also be something like a USB flash drive with company logo, labeled “Executive Salary Summary 2016 Q1,” left where a victim can easily find it. Once these files are downloaded, or the USB drive is plugged in, the person’s or company’s computer is infected, providing a point of access for the criminal.

Phishing – Phishing employs a fake e-mail, chat or website that appears legit. It may convey a message from a bank or other well-known entity asking to “verify” login information. Another ploy is a hacker conveying a well-disguised message claiming you are the “winner” of some prize, along with a request for banking information. Others even appear to be a plea from some charity following a natural disaster. And, unfortunately for the naive, these schemes can be insidiously effective.

Pretexting – Pretexting is the human version of phishing, where someone impersonates a trusted individual or authority figure to gain access to login details. It could be a fake IT support person supposedly needing to do maintenance… or an investigator performing a company audit. Other trusted roles might include police officer, tax authority, or even custodial personnel, faking an identity to break into your network.

Quid Pro Quo
– A con artist may offer to swap some nifty little goody for information… It could be a t-shirt, or access to an online game or service in exchange for login credentials. It could even be a researcher asking for your password as part of an experiment with a $100 reward for completion. If it seems fishy, or just a little too good to be true, proceed with extreme caution, or just exit out.

Tailgating – When somebody follows you into a restricted area, physical or online, you may be dealing with a tailgater. For instance, a legit-looking person may ask you to hold open the door behind you because they forgot their company RFID card. Or someone asks to borrow your laptop or computer to perform a simple task, when in reality they are installing malware.

The problem with social engineering attacks is you can’t easily protect your network against them with a simple software or hardware fix. Your whole organization needs to be trained, alert, and vigilant against this kind of incursion.

Don’t let your organization be caught like a sitting duck! You’ve worked way too hard to get where you are today to risk it all due to some little cyberhack you didn’t know about. Call us at 800-421-7151, or e-mail alopp@wamsinc.com before your company becomes yet another social engineering statistic.

Prominent Virtualization Options for Your Firm

Keeping up with tech trends as a firm owner or small business owner is tough. Virtualization may be a great example of this, but it’s definitely worth the effort. Between the boost to network security and ability to scale your workstations and servers according to your business growth, it’s time to start learning a little more about it. One of the first steps towards virtualizing your business is picking a software provider, which is why we’ve put together 5 of the most prominent platforms into one list.

VMware

Any conversation about virtualization for firms and small businesses usually starts around VMware. Although it wasn’t necessarily the first, VMware was the company that really put office virtualization on everyone’s action item list. The company offers a number of different solutions for different sized businesses with a wide variety of needs. Its ease of use and robust security features have secured its reputation as one of the best options for virtualization.

Citrix

An average user may not recognize the company name, but has a good shot at previous knowledge of their popular remote access tools, GoToMyPC and GoToMeeting. Citrix has specifically geared their virtualization software, XenApp, XenDesktop, and VDI-in-a-box toward small and medium-sized businesses and even claims that non-IT staff can easily manage and administer the services. They even provide a free trial to prove it.

Microsoft

Although it may be a little more difficult to manage without an in-house or outsourced IT staff, Microsoft’s Hyper-V option is hard to ignore considering its integration with the popular cloud platform Azure. Whether you’re a Microsoft loyalist or you just want to minimize the number of vendors in your network, Hyper-V offers everything you need from a virtualization service.

Oracle

This company just keeps getting bigger and bigger. Specializing in marketing software, they also offer database management, cloud storage and customer relationship management software. If you’re using any of their services already, there could be benefits to enlisting their virtualization services as well. Oracle does everything, server, desktop, and app virtualization, and they believe that consolidation of all of these into one solution is what sets them apart.

Amazon

Since we’re on the topic of household names, let’s talk about Amazon’s EC2 platform, which hosts scalable virtual private servers. The ability to scale and configure capacity is definitely EC2’s biggest draw for SMBs, who are preparing for the possibility of rapid growth. Although almost any virtualization service is rooted in scalability, Amazon is leading the pack in how quickly and finely you can adjust your solution to your individual needs.

Virtualization is a really hard topic for most firms to tackle. This list only covers the most popular vendors, and there are plenty more out there. Choosing one based on its application possibilities and management requirements is not a subject for the lighthearted. Get in touch with us today so we can break down all of the technobabble into easy-to-understand advice and expertise at 800-421-7151.

Bloatware Elimination in Two Simple Clicks

If the name wasn’t clear enough, ‘bloatware’ is unnecessary manufacturer software that comes preloaded on new hardware. Just about no one likes it, and now Microsoft is giving us a tool to trim the fat. It may seem like small potatoes to anyone who hasn’t spent an afternoon removing apps one by one, but for the rest of us it’s a welcome blessing. Let’s take a minute to examine Windows’ new tool a little more closely.

If this software isn’t trying to drive you back to the manufacturer’s sales stream, it’s paid a hefty chunk of change to be included on off-the-shelf hardware. Regardless of which it is, it’s not there to help you — it’s there solely to increase the manufacturer’s bottom line. So if you think bloatware just isn’t enough of a concern to waste time refreshing your Windows install, consider that PCs without it start up 104% faster, shutdown 35% faster and have approximately 30 more minutes of battery life.

Because this isn’t a new problem, we’ve seen similar removal tools in the past, but they didn’t offer the same level of usability. When using Windows 8’s ‘Refresh and Rest’ the bloatware either wasn’t removed, or if it was, Windows required the reentry of a license key and a lengthy install completely from scratch. ‘Refresh’ Windows swiftly replaces everything on your hard drive with a fresh version of the OS as if it came straight from Microsoft.

Although this tool is best suited for clearing unwanted programs off of your machine right after you’ve purchased it, there’s no reason that you can’t use it further down the road. You might be thinking, “No way, I’ve got way too much important information to sacrifice it all just for a clean install.” Well depending on the extent of your data, that isn’t a problem.

When you open the ‘Refresh Windows’ client there’s only one option you need to select before moving forward, ‘Keep personal files only’ or ‘(Keep) Nothing’. Selecting the former will keep everything stored in your ‘Music’, ‘Pictures’, ‘Videos’ and ‘Documents’ folders. Remember that documents (in these folders) created or edited using Microsoft Office will be kept but the Office suite itself will be removed. Make sure you still have the licenses and installation disks for every piece of software you plan to use after the refresh.

This new feature will accompany next month’s Windows update, but users who just can’t wait to squash annoying ‘crapware’ can find the tool here. Simply download, open, and choose if you want to keep any personal files — one, two, done.

You may be able to adequately navigate your way around a Windows machine, but there are often shortcuts that insiders use to speed up otherwise mundane management tasks. For any Windows projects or problems you have, drop us a line at 800-421-7151, we’ll have them fixed faster than you can uninstall that CD-burner utility that you never asked for.

Microsoft Office 365 Ravaged by Ransomware

The Internet is a powerful platform that brings people together on a global level while giving them access to a wealth of information anytime they please. With the good, comes the bad – some utilize their skills in committing cyber crimes from the comfort of their own homes. Case in point, the recent Cerber ransomware attacked that ravaged millions of Microsoft Office 365 users worldwide. Here’s what a security expert and Microsoft had to say about the matter:

Steven Toole, a researcher for the cloud-security firm Avanan, detailed that his company experienced the first attack at 6:44 a.m. on June 22nd. Another interesting fact is that at least 57 percent of all Microsoft Office 365 customers on Avanan’s platform received at least one phishing attempt that contained the infected attachment. While Avanan did extrapolate the number of Office 365 users involved, the exact number has yet to be revealed.

This is particularly interesting since according to Microsoft’s first quarter reports in 2016, there are over 18.2 million Office 365 subscribers worldwide. On top of the global scale in which the attacks took place, it took Microsoft over 24 hours for the attack to be detected and for any attempts to block the attachment to be made.

Microsoft’s side of the story shares many similarities with slight differences on the detection and actions made about the ransomware attack. In an email to SCMagazine.com, the spokesperson wrote:

“Office 365 malware protection identified the attack and was updated to block it within hours of its origination on June 22. Our investigations have found that this attack is not specific to Office 365 and only a small percentage of Office 365 customers were targeted, all of which have been protected.”

The point is Office 365 was compromised, regardless of how quickly it was detected – many people were asked for a ransom and were told that their files have already been encrypted. Still wanting to come across as polite, the ransom came with an audio recording that detailed what the attack was and what measures must be taken in order to regain access to the files. The unknown attacker asked for a ransom of 1.4 bitcoins or an equivalent of $500 in exchange for the decryption key.

Toole noted that “This attack seems to be a variation of a virus originally detected on network mail servers back in early March of this year,” He also added that “As it respawned into a second life, this time Cerber was widely distributed after its originator was apparently able to easily confirm that the virus was able to bypass the Office 365 built-in security tools through a private Office 365 mail account.”

This proves that cyber criminals go to great lengths to not only use their tools but to improve on them and eliminate flaws. So no matter how many firewalls, passwords or fire-breathing dragons you have to guard your servers and networks, without the right network security measures in place, chances are they’ll manage to find a way to overcome the hurdles and wreak whatever havoc they can.

Network security isn’t something to be taken lightly, if you are unsure about how safe or how capable your systems are in fending off cyber threats – get in touch with us at 800-421-7151. Our experienced and friendly staff will help you with any ransomware or security-related issue you have.