So many of us have had the wonderful experience of being hacked.  You spend hours and hours of your time, and hundreds (if not thousands) of your dollars to get back to normal.  These simple steps below should help you avoid ever having that experience again!

1. Password Power
   If you are worried about being hacked, your passwords are the obvious first line of defense between you and hackers and how you manage them will make or break your security. For starters, chose a strong password with a mixture of letters and numerals - case sensitive letters and punctuation marks are a great way to beef up security.
   
   Secondly, change your passwords often. Password "phishing" programs feed off of stagnant passwords; therefore, stay ahead of the curve and keep your gatekeeper (aka your passwords) fresh and dynamic.
   
   
   IMG SOURCE: http://www.polyu.edu.hk/ags/Newsletter/news1002/images/password.jpg
   
   
2. Believe in Your Browser
   Although Internet Explorer comes standard on most every machine, it is far from optimal when it comes to your online security. If cost is an issue, there are plenty of free web browsers available such as Mozilla Firefox, Safari, Google Chrome, etc - all of which provide exponentially more protection than that of Internet Explorer. Once you've selected your browser of choice, make sure your security settings are properly set.
   
   
   IMG SOURCE: http://nangkacomm.net/Kampanye-Damai-Pemilu-Indonesia-2009/wp-content/uploads/2009/05/firefox.jpg
   
   
3. Fun with Firewalls
   It sounds like high-tech jargon from "24" but look into installing a firewall. Simply put, a firewall is a protective barricade that keeps hackers and viruses away from your computer system. Though you'll have to disable the firewall from time-to-time for particular applications, it will be worth its weight in gold when it comes to fighting worms and Trojan viruses in the long run.
   
   
   IMG SOURCE: http://media.photobucket.com/image/firewalls/pajin09/Firewall4dummies.jpg
   
   
4. Monogamous Money
   When making monetary transactions online, try to keep all of your purchases confined to one credit card account. By using just one card for all of your dealings, you'll limit the amount of information that you publish to the Internet and therefore reduce your pool of hack-able content. As an added bonus, if things do go wrong, the damage will be confined to one single location so monitoring and cleanup should be more manageable.
   
   
   IMG SOURCE: http://www.homeaway.com/webdav/site/ha/users/jdoumas/public/credit%20card.jpg
   
   
5. Email Etiquette
   In many ways, your email is as precious as your bank account. Because your email address is attached to many of your online accounts, if someone were to gain access to your email, they then have access to your greater online presence. Not only should you protect your password with your life but you should also evaluate the way in which you interact with your incoming messages. If an email looks remotely suspect, NEVER click on links within the message because they could be links to false "phishing" sites. As a hint, if it looks sketchy, manually type the url of the sender into your address bar and ensure that you're on a legitimate web page.
   
   
   IMG SOURCE: http://www.b2bfishbowl.com/wordpress/wp-content/uploads/2010/02/spam31.gif
   
   
6. Activate the Alerts
   There are masses of hackers out there trying to use your page as a venue for their SEO practices; embedding links on your page that point to their site and thus damaging your reputation. You can be hacked without even knowing it but by utilizing Google Alerts, you can be notified when your page is mentioned (for better, for worse) and arm yourself against being banned by Google.
   
   VIDEO: Using Google Alerts to Prevent Hacking
   
7. Protection in the Power
   If your computer isn't powered on, hackers can't attack it. Whether it's turned off or simply disconnected from the Internet, turning your computer off at night is the simplest way to keep hackers out and save on your energy while you're at it.
   
   
   IMG SOURCE: http://keetsa.com/blog/wp-content/uploads/2008/01/pull-the-plug-cc-california1.jpeg
   
8. Enlist the Experts
   If you find yourself generally clueless about computers, software, firewalls and any other precaution necessary to ensure your online security, you might want to ask an expert. There are many great IT companies out there that can offer tips and services to get you protected from hackers.
   
   
   IMG SOURCE: http://www.snagablog.com/wp-content/uploads/2009/10/istockcomputerhelp.jpg

Comment (0)

Oh, it is ON between Google and Microsoft. A Google security engineer in Switzerland warned Microsoft of a vulnerability in Windows XP, but after they didn't fix it within five days, he went public.

Tavis Ormandy was the Google engineer who discovered the XP hole in the Help and Support Center of Windows, which normally allows people to download help documents from the internet if needed. The hole though (if you know what you're doing), actually lets you download more than just the help files-you could actually "execute arbitrary commands with the privileges of the current user," according to the engineer, with PCs running Windows XP SP2 and SP3, and IE7 or IE8.

While going public before the flaw was fixed might not have been the smartest move, Ormandy believes it was the only way to make Microsoft sit up and pay attention, rather than shelve the problem for a later day: "If I had reported the...issue without a working exploit, I would have been ignored," he wrote in the Full Disclosure email newsletter. Microsoft understandably hit back, with Jeff Bryant, the group manager at the Microsoft Security Response Center writing of his concern "about the public disclosure of this issue given we were only notified about it by this researcher on the 5th of June."

Security experts are now calling for a public hanging (well, dismissal) of Ormandy, with the CEO of SecTheory, Robert Hansen, wading in and saying that he should be fired. I think that's a little harsh personally, but what do you feel about Google publicly admonishing Microsoft about their security flaws-especially in light of ditching Windows as their HQ OS of choice?

This article was written by Kat Hannaford, and first appeared on www.gizmodo.com.

Comment (0)

In the world of IT, there are a number of maintenance activities that need to be performed regularly in order to keep a network running smoothly. Much like changing the oil or rotating the tires on a car, system updates, backups, hard drive defragmentations and other processes are important for maintaining the overall health of a network or server. Many of these processes require system resources or even system down time, so a certain amount of planning and organization is required in order to minimize impact on end users or overall system performance. In addition, running too many of these tasks at the same time can cause these processes to slow down or even conflict with each other, further complicating the issues associated with system maintenance.

 For these reasons, we have strived to maintain a proper schedule when it comes to system maintenance tasks. Most of these services happen during off hours when end users will be impacted least. In addition, they are set up to run at specific times in order to minimize conflicts, such as updates causing the system to reboot while a backup is in progress. It also allows for greater troubleshooting. For instance, if we know all system updates occur on a specific night, it makes it easier to assess whether or not those patches are related to a specific issue that a system may be having. This kind of organization not only allows us to provide better service, but is also essential to ensuring proper system health while minimizing system down time.

Comment (0)

A few months back we had a client’s network compromised by a former employee, stealing information for a competitor.  This network had a high end firewall, an encrypted wireless network, and security measures in place to prevent something like this from happening, yet it still happened. 

It happened because people don’t like to remember a lot of passwords.  I can’t say I blame them, I think we’re all guilty of using the same password all over the place sometimes for years.  Unbeknownst to me, everyone in this company new the boss’ password.  It’s the same password he used on everything, which forced him to let others know what it was so they could do things like configure the security system, login to web sites, setup the phones, etc.  This ex-employee used that password to login to their system after he was released, and downloaded critical data he used to better his position where he was working for a competitor.

I showed him how to change his password after this employee was let go, which he did.  However, putting a “1” at the end of the existing password in my mind doesn’t constitute a password change. 

I can’t stress enough the importance of complex passwords.  Sometimes we will setup a new server for a client who has never had passwords before, and they complain like crazy that I’m forcing them to have a password to sign in, especially complex ones.  To them I say, “wah.”  A complex password must include 3 out of 4 character types: uppercase, lowercase, numbers or symbols.  If you are using a password that doesn’t meet these requirements, I suggest you change it.  Hackers can perform what are called dictionary attacks, where a program will automatically try every word in the dictionary with your username, attempting to get to your data.  Complex passwords aren’t in the dictionary, and are harder to crack with other types of attacks as well. 

If you have a server in your office, changing your password can be easy.  Simply press ctrl-alt-del all at once.  If you see a change password button, click it and follow the instructions.  For machines without a server, the password can be changed in the control panel, under the users section.  It is especially critical for server based networks, as one password could protect access to your machine locally or remotely, as well as access to email or other data. 

Don’t put it on a sticky note underneath your keyboard either. 

Its not difficult to make an existing password meet complexity requirements, just change a lowercase letter to uppercase, through a symbol at the end, and your password becomes complex, and hopefully you can still remember it.  Changing it at least every 6 months or so is not a bad idea either.  Even if you don’t think you’re data is worth protecting, think of the damage it could do in the wrong hands.

Top 7 password mistakes:

Comment (0)

“Insanity: doing the same thing over and over again and expecting different results.” - Albert Einstein 

For those of you that are following the blog, you may be interested to know that I am writing this post from my new Latitude E4300. Overall, I am fairly impressed with the combination of speed and portability. Usually you have to sacrifice one for the other. But I will leave that review for a different post. For anyone who has purchased a computer from I.T.NOW in the past year, you will truly be amazed by my next confession. I am running Vista on my new laptop. I also must confess that this is my third attempt at converting to Vista. Rumor has it that there is currently a pool going on at I.T.NOW betting on when I will switch back to XP (email Jason if you want in on it).  So why do I run Vista when I tell all of my customers to steer clear of it? I guess it is just one of the things I have to know. I can walk anyone through pretty much all functions of XP without having a computer in front of me, so it is time to achieve that same level of familiarity with Vista. That and when I try to install XP on my laptop, the solid state disk appears to cause a blue screen, in spite of how many things I have tried (and I have sadly tried several times).

So, what am I doing differently this time to ensure that I get a different result and don’t go insane? Here are a few tips for those of you who for one reason or another are on the Vista bus.

·         Don’t complain about it in front of your Mac friends. They will just talk to you about the latest “I’m a Mac” commercial and make you regret your decision.

·         Feed the beast. If you don’t have 4GB of memory, upgrade. If you don’t have a video card, consider adding one. If you can use a faster hard drive (10,000 RPM Raptor or a Solid State Disk), you won’t regret the price.

·         Unvistafy Vista. Part of what makes Vista more secure than XP is all of the extra layers of security, which means you have to click a lot more than you would have to on an XP machine. The technician in me has to warn you that this will make Vista less secure. But you wish you had XP, so this isn’t that big of a deal. Wired Magazine has a great Wiki on some steps you can take to clean up Vista.

·         Relax. In less than two years, you will get to do it all over again with Windows 7

Comment (0)