Blog

August 20th, 2014

Are you still running a firewall that was designed 10 years ago? How about 5 years ago? Well unfortunately those firewalls are already obsolete and unable to deal with current cyber threats.

Previous generation firewalls were designed to block hackers from trying to access your network. Current firewalls, termed “Next Generation Firewalls” or NGFW deal with the increasing usage of web-based applications. Since these applications often run inside of a web browser, or change their behavior over time, they cannot be blocked or controlled by older firewalls. For example Skype cannot be blocked by a conventional firewall because it constantly ‘tunes’ it’s behavior for maximum performance; something older firewalls can’t handle.

Other applications may be appropriate for some users but should be blocked for others. For example, it may be appropriate for a marketing person to have access to Facebook, but other employees should be blocked or perhaps blocked at all times except lunchtime.

Fortunately NGFWs are affordable and work well for small business. Be sure to ask your IT Company or consultant if it’s right for you.

August 19th, 2014

Most people have wireless networks at home. And that’s good since most homes are not cabled for computer networks which means that a wireless signal is the only way to get internet to workstations throughout the house. In addition, wireless internet is needed for smart phones and tablets. In today’s technological world, wireless is indispensable.

For the workplace however, the problem is a lot more challenging for many reasons. For example, one office could have dozens or hundreds of wireless users. The area required for coverage can also be much larger than that at home.

Then there are security considerations. A basic wireless set up will be protected by a single wireless key which provides the only security mechanism to protect the network against unauthorized devices. In a business environment handing out that key to dozens or even hundreds of users is surely not secure. And changing that key can be disruptive.

Business class wireless systems solve these and other problems. Your IT Company should be able to provide you with ideas and options to solve your wireless network problems.

Topic Articles
August 18th, 2014

Everyone knows that it’s important to keep your operating system updated. If you heard about the “End of Support” for Windows XP. What this really means is that Microsoft will no longer be issuing security updates and therefore XP users are vulnerable to new hacking threats.

So if you are running Windows Vista, 7 or 8, you will get all the latest security updates from Microsoft and will be have the latest protection as long as you apply the updates. But what about other common applications such as Java, Adobe Reader or Flash. You may see the occasional popup asking to update these applications and are not sure if it’s legitimate. The short answer is “probably” but you must take care. You do however want to keep these applications up to date because, you guessed it, they can be used by hackers to attack your system.

Ask your IT Company about monitoring and ensuring that these and other applications are kept up to date.

Topic Articles
August 6th, 2014

Laptops, tablets and smart phones are the tools of choice for an increasing number of workers. While not new, these technologies are more pervasive and business critical.

In the past, to access company data stores, the standard solution was a Virtual Private Network. While secure, VPN connections tend to be cumbersome to set up, and performance when opening or saving files can be frustratingly poor.

A better approach worthy of consideration is Dropbox for Business. While similar to the Dropbox that many of us have on our cell phones and tablets, there are a number of critical improvements for business:

  1. Central Management: All company Dropbox accounts are controlled through a single web-based console so a company can have complete control over who has access to what data.
  2. Performance: Files are stored locally so they can be opened and saved quickly. They are synced to the cloud in the background so the user doesn’t need to wait while the file is being transferred, like they do with VPN.
  3. Security: Features such as remote wipe of Dropboxes on mobile devices, and the ability to audit the changes made by any user to any file provide business-class data security.

A secure approach to providing mobile solutions to employees should be a consideration for many if not all businesses. Make sure your IT Company is involved as well.

Topic Articles
August 4th, 2014

Bring your own device (BYOD) refers to mobile devices such as tablets and smart phones that are used by employees for work. This increasingly popular trend can be beneficial for employees since it saves money, and helpful for employees trying to do their jobs.

However this mix of employee (device) and employer (data) property brings forward a number of risks for an employer: For example, do they need to compensate hourly employees who are expected to check their email at home? The answer is yes. Likewise, can a company liable for an employee who uses their mobile device while driving and causes an accident? The answer again is yes.

So how does an employer protect himself? The answer is to write and enforce a mobile device policy, or have your IT department or outsourced IT Company do this for you.

Although mobile devices bring up some major implications for employers, there are a number of straight-forward steps they can do to protect their company.

Topic Articles
August 1st, 2014

The recent cyber intrusions and data thefts at large well-known companies underscores the real threat of cyber criminals to companies and individuals. Cybercrime is no longer being perpetrated by kids and loners, but is run by large criminal syndicates who intend to steal vast sums of money. And most of these syndicates operate overseas, out of the reach of our law enforcement agencies.

So what can you do to protect your data and identity from these threats? Luckily the vast majority of these attacks can be blocked by 4 simple steps:

  1. Application Control: Ensure only approved applications are installed and are run on your network. For web-based applications, malicious apps should be filtered.
  2. Patching Applications: Many cyber-attacks are made using third party applications such as Java, Adobe PDF, Flash and other widely used 3rd party applications. Security patches for these should be applied as soon as possible.
  3. Patching the Operation System: All security patches for the operating system should be applied as soon as possible, including emergency or “Out of Band” patches that are in response to particularly dangerous threats.
  4. Reputable Antivirus and Antimalware: Make sure reputable security software is installed on all systems, checked regularly and kept up to date.

The Australian Department of Defense has published an excellent set of guidelines that you can use in your business to help secure against cyber threats. You can find them here:

http://www.asd.gov.au/infosec/top35mitigationstrategies.htm

Topic Articles
July 28th, 2014

When looking for IT support for your company, there are a lot of choices in the marketplace. The dirty little secret is that the IT industry is not regulated. Anyone can call themselves an IT Professional. So how do you evaluate and select a competent IT company that you can trust with your information systems? Here are 5 things that any IT company should have before you let them touch your IT systems:

  1. Certifications and Affiliations: They should carry multiple certifications with important IT vendors like Microsoft and Cisco. They should also have professional affiliations with major solutions providers in important areas such as security, wireless, networking and if applicable, VOIP or telephony.
  2. References: They should be able to provide references of their clients, citing work that they have done and the benefits enjoyed by the client.
  3. Performance Guarantees: They should be able to provide written guarantees concerning performance in various areas such as response time, system reliability if they are providing manages services, and a warrantee on any work performed that ensure you will not be double billed if a problem was misdiagnosed or otherwise reappears.
  4. A Modern Ticketing System: Any competent IT firm should have in place a systematic way to track issues so they do not “fall through the cracks” and can be accurately tracked to resolution. And you should be able to view the status on any issue at any time by accessing a client portal to the system.
  5. An Early Warning System: Virtually all modern IT firms are using monitoring tools to constantly measure the health of your technology and have the ability to detect problems before they have a major impact. All aspects of a client’s technology such as Cloud, Hardware, Software, and Security should be included.

Finally, a good IT Company should be able to listen to your concerns and combined with a technical evaluation of your systems, be able to provide effective and reasonably priced solutions that have clear benefits for you and your company.

Topic Articles
July 28th, 2014

Wireless networks are now set up in almost every small and medium business. In addition to providing employees greater mobility in the office and lowering data costs for cell phones, it’s a nice service to offer visitors to your office.

However wireless networks have a number of security risks that can seriously impact your business. Fortunately these risks are not difficult to remedy.

  1. Ensure you turn on wireless security: Although most routers are set up with a security and require a wireless key to access, there are still some that neglect this simple but critical feature. If your wireless network is not protected by a key, it’s very possible that someone outside the building can access your entire network including your PC and Servers.
  2. Use guest networks: If you would like to allow visitors or others wireless internet without them accessing your network or other devices on the network, you should install a wireless router with guest network capability.
  3. Give everyone their own wireless password: For wireless networks with a lot of users, giving everyone the same wireless key can be a problem. For example if someone leaves, you will need to change the key for everyone else. And often the wireless key becomes “common knowledge” that gets passed around to people who shouldn’t have access. For this situation, you would want to integrate your wireless router with your server. This way you can have the same password for your desktop and wireless network.

Costs for these solutions vary but are typically commensurate with the network size and complexity.

Topic Articles
July 25th, 2014

Quickbooks is by far the most popular accounting package for small and medium businesses with over 90% market share. It’s relatively inexpensive, easy to install and use, and is quite powerful.

One common complaint we receive however is poor performance in multiuser mode. This is partly due to its original design as a standalone application that was adapted for client server networks. However, there are a number of steps you can take to improve its performance.

  1. Upgrade to the latest version: Quickbooks continues to improve multiuser performance by making transactions more efficient.
  2. Ensure your network and all PCs use Gigabit network components: Virtually all PC and servers made today have gigabit-speed network interfaces. If you have an older 100Mb switch, consider an upgrade to a gigabit switch. They are much less expensive than they were just a few years ago.
  3. Make sure your heaviest users have the fastest PCs: Since Quickbooks only allows 1 user at a time to write to the database, you don’t want a the user who’s making a lot of changes to slow down everyone else.
  4. Open the database using a URL instead of a share drive: For some reason, Quickbooks will often run faster if you use the full pathname instead of a drive letter. For example, open the file using the path \server\qbdata\qbfile instead of Q:\qbfile.
  5. Perform manual backups monthly: When you manually backup a file, Quickbooks will verify that there is no corruption within your database. If it finds any, it will offer to rebuild it. Once a successful manual backup (with verify) is completed, a file known as the “transaction log” (containing a record of all transactions since the last manual backup) will be cleared out and this can lead to improved performance.

And as always, make sure your Quickbooks is automatically backing up every night with a copy to an offsite location.

July 22nd, 2014

Mobile devices have ushered in a new era for the small business and its employees. No longer ‘chained’ to a desk, employees can now have tremendous flexibility in the way they work, both in terms of time and location. Virtual offices are becoming more common. We are working in ways that weren’t possible just 10 years ago.

But with any advance in technology, a new set of risk factors arise. With more and more mobile devices leaving the protective walls of the office, risks in data theft or loss, network intrusion should be considered. There are also HR issues such as compensation policies for hourly workers who check their email on the mobile devices when not at work. And finally, legal exposure can arise such as the risk of employees using their company provided phone while driving.

While these are significant risks to any small business, they can easily be addressed through technical and process-based solutions. Ask your IT support employees or outsource IT company to provide you with help in this area; you’ll be glad you did.

Topic Articles