Your Checklist for Addressing the Next Outbreak of Ransomware.

Your Checklist for Addressing the Next Outbreak of Ransomware.

Just like any doomsday preppers out there, in the IT industry we always try to prepare for the next disaster.  The numerous ransomware outbreaks in the last two years have put the spotlight back to Preparedness and Disaster Recovery.  Ransomware can encrypt your data and may or may not encrypt it if you pay the ransom.   There are better ways to prepare for this than having a payoff ready to go.

So here is your Disaster Checklist for managing the next Ransomware Outbreak.

*  Manage Your Backups

If you have data backups, maintain them regularly.  If you don’t, get a backup solution in place ASAP.  Data backups are essential.  Not only do they provide a place from which to recover data that may be corrupted, held hostage, etc, but they also provide a way to recover files that were accidentally erased, or multiple versions of files in the past.

It used to be that data backups had to follow the Rule of Three.  One physical backup (RAID array, or Mirrored Drive), one scheduled backup (Retrospect, Time Machine, Etc) and one offsite backup (Crashplan, MOB Backup, Backblaze.)   These days, many companies incorporate the physical backup and Cloud backup only.  The point is to have a backup strategy though; and to implement it.

*  Configure Your Network

Just like the larger sailing ships have compartments which can be closed off to prevent flooding through the entire ship, so to can networks be segmented to prevent malicious software from spreading. The appliance that does this is the Firewall: a network security system designed to prevent unauthorized access to or from a private network.  In addition firewalls can be setup to accept traffic from known sources.  Just like sailing your ship in safe waters.  Look into investing into a router that allows setting up multiple segments and has IP filtering.

*  Setup a Schedule to Patch, Update or Replace

As security threats present themselves, the big computer companies put out patches or updates to keep computers and network equipment secure.  Apple, Microsoft, Linux, and the many network vendors (Cisco, Meraki) “drop” patches frequently.  A computer that is up to date with all security patches is less likely to be compromised.  Sometimes a machine is so old that it can no longer be patched.  Then it is time to consider replacing it.  Your computer security is only as good as the weakest link.

*  Implement Corporate-Wide Anti-virus and Email Security Programs.

If you are not already using anti-virus programs to protect your systems, START NOW.  If you are, just like keeping up with patches and updates, your clients need to have the latest virus definition engines.  You need to keep up to date with every machine.  In addition, there are several options out there for Email security.  Such vendors as Trend Micro and Norton can protect both incoming and outgoing email and intercept SPAM, Viruses, and Malware before it even arrives in your inbox.

*  Educate Your Staff in Security

One of the ways in which malicious software enters a company is through inappropriate or unsecured email, file sharing, 3rd party programs and applications.  Users need to know how to identify phishing expeditions in their email, the dangers of downloading or file sharing, and the importance of not sharing computer security information in any form except with authorized personnel. 

* Protect your Endpoints.

Endpoint security is essential when dealing with Mobile devices, laptops, and wireless coming into your company network from the outside.  Each device with a remote connecting to the network creates a potential entry point for security threats.  Some of the above checklists assit with endpoint security; the router filters traffic, the anti-virus and email security programs protect communications, and staff education addresses the employee’s role in protecting themselves.  One of the other ways to protect your endpoints are to have strong password strategies.  These may include 2-factor authentication and frequent password expiration, Another way to protect information coming into the network from mobile devices is the use of VPN (Virtual private Networks) to communicate over a secured and encrypted connection to your corporate network.   VPN's can be setup between almost any laptop, and many phones and tablets to securely access data from a remote location.

A disaster is never pleasant, but if you are prepared you can recover from them with minimal downtime.     

 

 

 

Flash over Substance?

Flash over Substance?

We all know the benefits of using Flash for surfing the Internet; animations, enhanced content, visual effects, skins, etc.   it does enhance the surfing experience, but…

Adobe Flash has some drawbacks when running on both OSX and Windows machines that may make you rethink having it on your system.

One drawback comes when Flash is loaded in OSX machines.  Flash is known to slow down Safari (web browser) considerably.  One indication of this is looking at the activity monitor and seeing “Kernal_Task” taking more than 100% of the CPU consistently.

In Windows 8 & 10, Flash sometimes fails to register and upon rebooting, it consistently asks to be installed again. 

Again in Windows, Flash is embedded in Chrome, but takes a significant hit memoryutilization when running Flash content.  This can also slow down your system.

The largest drawback using Flash is that it has been used in the past to hack into machines.  Several vulnerabilities have been discovered and used to infiltrate, infect, and compromise systems.  While Adobe has always responded with a fix to this, it only takes one infection to cost you and your company money, time and resources. 

Many times this is accomplished when visiting a site and you see a notification Remove "Warning! Your Flash Player may be out of date"  Clicking on this allows hackers to download their own code and infiltrate your system.

Due to these many vulnerabilities, Microsoft even recommends not installing or removing flash player from business servers completely.

Well, I don’t want it anymore!

If you care more about performance and security than Flash content there are solutions for you.

Luckily Adobe has a removal tool that will strip out Flash from both Windows and OSX.

For Windows users (not including the embedded flashin Edge or Internet Explorer) you can find the instructions and download on the following:

https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html

For OSX users you can find similar instructions and downloads at:

 https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html

Should I scrub FLASH out of all my devices?

This is really a judgment call.  On tablet computers or personal computers not connected to a business network, you may see enhanced content, gaming, entertainment etc. to be worth the risk Flash may present.  It is up to you.

 

 

Windows Vs. Macs

There is, in the industry, still a cold war between those that love Mac versus those that love PC's.  Some of the discussions have become quite heated.  Yet, if you talk to the real professionals in the field, they will rightly point out that each has it's place in a business.   Each has it's strengths and each it's weaknesses.

I Should Have Had An SSD

When thinking about a new laptop or desktop computer purchase, one of the cheapest but most effective upgrades you can purchase is a solid-state drive (SSD).  An SSD stores all data in memory; has no moving parts, and is fast.  A typical hard drive is essentially a metal platter with a magnetic coating that stores your data.  It has moving parts and takes time to spin up, position read heads, etc. and is slower than an SSD.