The FBI has made an unusual request to the masses, "Turn your router off and then back on again".
According to Talos, over 500,000 routers worldwide have been compromised by a Russian based malware that has the ability to block web activity, monitor web activity and otherwise render the device unusable.
This malware has the ability to either individually, or en mass, disable internet activity to up to 500,000 homes or small businesses.
So far the malware's reach, seems to consist of home office or small office routers made by Linksys, Netgear, TP-Link, QNap and Microtik. Restarting the router seems to interrupt the malware, but doesn't prevent the router from being reinfected.
If you want to be sure that your router is secure from this threat you'll want to follow the below instructions:
By now, all of the manufacturers have released articles on the best way to protect yourself if you're using their product. You can find them here for:
As always, if you have any more questions or need help we're here for you!
The new EU privacy laws go into effect on May 25th, 2018. You may think this has little to do with your business here in the US, however, there are some tricky elements to this regulation that all business and website owners should know about. Watch Tim's short video to learn more
Today's guest post is from my buddy Nate. He has the mind and personality to get down and dirty with a businesses books. He loves numbers and making sense of them. Which is why he founded "Small Business Decisions" so that he could help businesses be profitable for a living.
The decision to Lease or Buy your computing hardware is something that comes to many businesses as they grow. Your first few computers were most likely purchased as they were needed. But as you grow, it's worth considering if you should switch from buying to leasing your computer hardware.
The finances of a lease vs buy decision for computer hardware are easy to measure, but that doesn't mean those equations should be driving the decision. The decision-making power of your team and employees should be focused first and foremost on the things that differentiate your company from the competition.
Yes, Computer Hardware is critical to business deliverables, but it is rarely a differentiator for your business. Critical but non-differentiating tasks are prime candidates for contracting out to an expert. The most common method of contracting out the supply of computing hardware is leasing.
What differentiates you from your competition? Why do people choose you over the guy down the street? If the thing that makes you different is your computing hardware, then you need to maintain tight control of that critical differentiator. For example, if you're Google or Amazon Web Services, your computing hardware most certainly is a differentiator. But they are an exception, not the rule. More than 90% of businesses do not gain a real differential advantage from what computing hardware is crunching the numbers. Which means that many businesses would benefit from spending less time worrying about it and letting an expert supplier work that angle for them.
If Computing Hardware does differentiate you from your competition, then you can either closely partner with a key supplier to deliver your differentiation, or you can bring the whole thing in-house. The reality is that you are an exception to the rule, so you might need a detailed discussion with someone like Solve or SmallBusinessDecisions to make sure you are fully supported in your critical tasks.
The timing of when you get new computers plays into whether or not you lease or buy your computers. I like charts and graphs, so here's a chart that lays out the four options we're talking about. The most common pathway through these quadrants is for small businesses to move from the top left, Buy Machines as Needed, to the bottom right, Lease With a Comprehensive Strategy. Often times, leasing is the factor that enables a business to move from replacing machines as needed to having a comprehensive replacement strategy.
Table 1. Lease vs Buy interaction options with the timing of machine replacement.
A comprehensive computing strategy means you spec between two and five machines and every employee in the company gets one of those options. The machines you're using is usually updated all at once on a three or four-year rotation. This type of plan is usually paid for with a lease so that you don't have a reoccurring capital expense every 3 years that you need to fund. With a lease, you pay for the machines over a 3 year period.
The focus here is on uptime for your employees, not commoditized computer hardware. You don't want your $100k a year employee to be unproductive for two days while the part for their specific machine is overnighted in from who knows where. The IT department also has the advantage of knowing the ins and outs of a small subset of machines and limiting the replacement part inventory they need to keep on hand in case of a needed repair.
If you are planning to move to a comprehensive strategy, then leasing makes a lot of sense. If you are taking a buy as you go approach with no standardized hardware, that is OK, but it means that the purchase vs lease of one single machine at a time becomes a much different tradeoff discussion.
Regardless of which strategy you choose, the tradeoffs for lease vs buy look like the following:
Table 2. Lease vs Buy Pros and Cons for relative to a comprehensive computing strategy.
Now that we've discussed a few ideas about how to manage your computing strategy. We should talk about what Solve offers. Solve will handle all sides of your computing hardware strategy. From managing the computing power you already own, to helping you spec and buy new machines. And from setting up a comprehensive computing strategy lease to helping you lease smaller portions of your computing power as needed.
For any questions or discussions about your overall computing strategy, please reply to this email or contact Tim directly. If you have any questions about other business strategy and support needs, please feel free to reach out to Nate directly on www.smallbusinessdecisions.com or by email: Nate@SmallBusinessDecisions.com
The beauty of the Cloud is that it brings important files into reach from wherever you are. But the typical rule of thumb with technology is, the more convenient it is the more vulnerable it is. So if you want to be able to work from anywhere, but the files you're using are sensitive. Read on to learn some tips on how to secure sensitive files in the Cloud.\
1. Change your password regularly. Most enterprise grade cloud storage have a feature to create a policy that will force users to change their passwords every 30 to 60 days. But even if it doesn't, create a reoccurring calendar event that reminds you to change your password.
2. Password protect mobile devices. Any device that you use to access the files(phone or laptop) should be password protected. These devices should also be configured to lock themselves if they've been idle for awhile.
3. Encrypt your devices. If your files are synced to your devices hard drive, it's important to encrypt it in case it's lost or stolen. Even if your device is password protected, it's possible to gain access to the files on the hard drive if it's not encrypted. The good news is Windows 10 Pro, OSX and most smart phones have the ability to be encrypted without any additional software.
As always, if you have any questions we're here to help. We hope this is useful!
If you're running Mac OSX 10.13 or "High Sierra" a major security vulnerability was found that could allow anyone with physical access to your computer have full access to it.
What was found was that if you tried to log in with the username "root" and a blank password over and over again it would eventually let you in. In case you don't know "root" is Apple's equivalent of "administrator". So that person would have full permission once in to do what ever they like.
Since then, Apple has released a security update to patch the issue. So it is highly recommended that you check the App Store to make sure you are up to date on all security updates. To do this simply open the App Store and go to the "Updates" tab and install all of the updates until there's no updates available when you refresh the page by hitting command+R.
If you have anymore questions or concerns about your PC or Macs security feel free to reach out and let us know. That's what we're here for.
Rent or buy? SUV or minivan? Boxers or briefs?
Like any life decision, the answer is determined by need, preference and timing. The same is true in business and IT. I've had many conversations with business owners about assessing needs, but I also like to check in again next year because their needs and timing may have changed.
One common decision that businesses are making, is moving to Office 365. But sometimes it's not a good decision right now. So I came up with a handy survey to help business owners and decision makers determine if they've reached a point where moving to Office 365 could be a good decision.
If you answered yes to any of these questions let us know by going to our Contact Us page! We love helping businesses determine what's right for them.
The Chairman of Equifax, one of the "Big Three" credit bureaus, announced yesterday that Equifax had discovered a data breach that could jeopardize the credit card numbers of up to 209,000 consumers. You can watch the press release below.
In response, Equifax has setup a site where you can check to see if your information may have been affected by the breach and sign up for free credit monitoring. To do so, you can follow the link here:
There have been some reports of this site not working or people doubting the legitimacy of the site. But I tested it myself and the main Equifax page as well as the above press release reference it. So I believe it is legit.
But whether you decide to take Equifax up on their offer or not, this is a good reminder that no one is immune to cyber threats and credit and identity monitoring is becoming just as important and common as health insurance.
UPDATE 9/11/2017***It turns out that the site that Equifax setup to tell you if you've been affected by the breach tells you that you have no matter what information you put in.
There's a helpful article that recommends freezing your credit file. You can click the link below to view it.
We hope you enjoy today's post from Solve technician, Erick Collins.
We all know and “love” the general rules we have to follow when creating a password for a new site or program:
•Capital and lowercase letters
•A total of at least 8 characters
•A index finger of your first-born son
The above may be a slight stretch, but you know the usual. Just remember that these rules help to keep hackers from cracking that confidential password and getting into your information. These are easy rules to follow; but difficult passwords to remember. However, for the past several years, password managers have become a useful component for business as well as the personal computer use. Below, are several great applications for password storage:
Password - I have used 1Password personally, with great ease. At about $3/month, I could access all my passwords with one master password from my iPhone, tablet, and PC browsers, like Google Chrome.
LastPass - At $12 per year, LastPass 4.0 Premium is on the low side for a commercial password manager price-wise, but on the high side feature-wise. It spotlights on syncing passwords across all your devices, powerful multi factor authentication, and automated password changing.
Dashlane - Its automated password changer handles many popular sites, and advanced features like emergency access and secure sharing, which keep Dashlane at the top of the heap. It is famed for its slick interface and ease of use. Although it does have a $40/year premium version, it seems they have a free version for use as well.
If you find yourself constantly having to change your passwords due to forgetting them , or misplacing that magical password sticky note, a password manager may be an unknown necessity.
It's called "Play Protect". Android began making it available to Android phones and tablets and mid May. It's built into the Android system and is meant to be a security system for your phone and tablet so you don't have to go on the app store and find a good third party one.
Here's how it works:
•It scans all apps on the app store before they're downloaded to make sure they're legit. It also periodically, scans apps that are already on your phone for viruses or malicious activity.
•It also monitors apps downloaded from third party sources. If it detects that an app is malicious, it will disable it or alert the user about it.
•It uses an anti-theft feature called "Find My Device". It will allow you to locate your lost or stolen device and if you're unable to recover it, you can perform a remote wipe for all data on that device.
•It has a safe browsing feature that prevents users from browsing to harmful websites on their mobile devices.
You can find out if you have this feature on your version of Android by going to:
Mobile devices are quickly becoming the most insecure part of a companies security profile.
If you don't have a mobile device policy enforced through either Office 365 or G Suite, I would highly recommend making sure any phones that have company data on them have these features enabled.
There's a lot of talk anymore about how the NSA has leaked exploits that hackers can use to get into your computers, and how ransom ware viruses are running amok and causing all sorts of problems. But the leading cause of data breaches and computer infections are not exploited software bugs. It's exploited human fear.
Not only is Information Technology a relatively new field, but it's a rapidly changing field. Where the stakes keep getting raised as more and more of our lives and our livelihood is put into the hands of computers and little "clouds" in the internet.
Human psychology 101 is that we tend to fear what we don't understand. So whenever you get a call from someone at Microsoft saying your computer has a virus and all your data is compromised. Or you get a pop up that locks up your whole computer saying that all your files will be deleted unless you call this number in the next 5 minutes. They're all attempts to insight your fear, so that you'll do something or trust someone that you typically wouldn't.
Here's a few pointers to keep in mind. To help you respond, instead of react.
If you have any questions feel free to reach out to us in the contact page. You may not trust your computers, but you can trust us.