, , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Get Ranked Before You Pay, Get Ranked, Get Found, Get Hired, Awareness Equals Opportunity

 

Rank on the first page of Search Engines BEFORE you pay. Ronald E Couming discussing his proprietary systems and offer to get you ranked on the first page of search engines before you pay.

Having an effective and efficient online presence is vital to a businesses success, and through Digital Marketing, you can Attract, Convert and Retain, your ideal clients to achieve even greater

We at RCS Technology Solutions, LLC provides business owners and entrepreneurs the ability to attract new clients with various Lead Generation services, Convert those leads into clients, and retain those clients, while also converting those clients in raving fans.

Contact Us Info@RCSTechnologySolutions.com 978 606 5432

Subscribe to never miss a video http://bit.ly/2qRiVD1

Ronald Couming, is an Internet Marketing Expert, and the Founder and CEO of RCS Technology Solutions He is an internationally recognized speaker, accomplished author, Radio Show host, and successful entrepreneur. Ronald‘s passion is helping business owners to ” Have even greater success, ” by creating scalable and sustainable business models, beyond anything they could ever imagine.

He is, and has been, an “Ask the Expert” (for Internet Marketing) at America’s largest trade show for entrepreneurs and small businesses, reaching 14 major US cities and nearly 100,000’s entrepreneurs.

Leveraging his diverse background in Internet marketing, technology, self-development, Leadership, team building and entrepreneurship, he has created an innovative approach to helping businesses, and business owners, achieve extraordinary, sustainable success.

Ronald has taught and helped businesses all across the country on how to achieve even greater success with proven Internet marketing strategies, coupled with analytic metrics.

Check our websites and connect with us on Social Media

Ronald Couming http://www.ronaldcouming.com/ RCS Technology Solutions, http://www.rcstechnologysolutions.com

Linkedin https://www.linkedin.com/in/ronald-co…

Instagram https://www.instagram.com/ronaldcouming/

Twitter https://twitter.com/RonaldCouming

Facebook RCS Technology Solutions https://www.facebook.com/RCSTechnolog

Facebook RCS Online Solutions https://www.facebook.com/rcsonlinesol

Facebook Ronald Couming https://www.facebook.com/RonaldCouming

digial marketing billerica, digital marketing, digital marketing boston, free online marketing tips for small business, internet marketing boston, interview, marketing, online marketing, online marketing billerica, online marketing boston, online marketing for beginners, online marketing tips for small business, radio show, ronald e couming, seo, seo billerica, website design boston

, ,

SSL 3.0 Vulnerable to POODLE Attacks

Google researchers Bodo Möller, Thai Duong and Krzysztof Kotowicz have discovered a flaw in SSL 3.0′s design that makes it susceptible to attacks with POODLE, which stands for Padding Oracle On Downgraded Legacy Encryption. POODLE was developed by the three at Google for their research paper. Lets start of by explaining what each of these things are in more detail.

SSL 3.0

SSL (secure sockets layer) 3.0 is used by web browsers to encrypts data between a client and server and secures most data sent over the Internet. SSL 3.0 is over 15 years old and has been replaced by TLS 1.0, TLS 1.1, and TLS 1.2 but the reason why SSL 3.0 is still a problem is because many servers are backwards compatible. Servers keep this backwards compatibility to maintain the user’s experience. In a case where someone is still using SSL 3.0 for their browsers, servers still want to be able to let these users access a website without getting SSL encryption errors.

POODLE

POODLE (Padding Oracle On Downgraded Legacy Encryption) is an attack that was developed by Bodo Möller, Thai Duong and Krzysztof Kotowicz to exploit the flaw in design with SSL 3.0. POODLE can steal a users HTTP cookies, authorization tokens and other data, thus gaining access to their usernames and passwords to anything from email to social media accounts to online banking accounts.

Many servers and browsers now use the updated TLS 1.0, TLS 1.1, and TLS 1.2 encryption but because many servers and browsers maintain this backwards compatibility to SSL 3.0, the POODLE attack causes failed connections or glitches with up to date security protocols so browsers will automatically down grade to try older security protocols, in this case, the vulnerable SSL 3.0 encryption.

Should I Be Worried?

While SSL 3.0 does have a major flaw in its design, not many browsers use it because it is over 15 years old. The most vulnerable would be if you are still using Windows Internet Explorer 6 on Windows XP. In the coming weeks, browsers will be coming out with patches to prevent this backwards compatibility from occurring. Also, if an attacker were to try to steal your information, they would need access to the network that you were connected to. You should be safe on your password protected home network. The most possible place of getting attacked would be while using public Wi-Fi such as at an airport, coffee shop or restaurant.

,

MAJOR INTERNET EXPLORER SECURITY FLAW

MAJOR INTERNET EXPLORER SECURITY FLAW REVEALED BY MICROSOFT

On Saturday, April 26th, Microsoft issued a security advisory outlining the first significant security flaw since support for WindowsXP ended earlier this month: a remote code execution vulnerability discovered in Internet Explorer 6, 7, 8, 9, 10, and 11.According to cybersecurity firm FireEye, this vulnerability is being exploited by a sophisticated group of hackers targeting US companies in the defense and financial sectors in an effort called “Operation Clandestine Fox.” The main goal seems to be luring IE users to click on a malicious link, which leads to an attack website, which then allows the hackers to gain total control of the individual’s PC.

“An attacker who successfully exploited this vulnerability could gain the same user rights as the current user,” Microsoft’s security updates states. “If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.” As of April 28th, no patch or fix was available, although Microsoft said its engineers are working diligently to address the vulnerability — and didn’t rule out releasing an emergency, out-of-cycle security update to deal with it. But with 58% of PCs running Internet Explorer, according to NetMarketShare, the flaw could potentially affect millions of users. The widespread nature of the vulnerability, along with industries targeted by it, even motivated the US Department of Homeland Security’s Computer Emergency Readiness team to advise users to consider an alternative to Internet Explorer. So how can you keep your computers and sensitive business data safe? 1. Avoid using Internet Explorer for day-to-day web surfing until the issue is resolved (popular alternative browsers include Chrome and Safari). 2. If your business uses custom applications that require Internet Explorer, avoid visiting any public sites with the browser. 3. DO NOT click on ANY embedded links in email messages or on public web pages unless you know the sender or source. 4. DO NOT browse the Internet from PCs that access confidential data like credit card information, protected health information, or personally identifiable information. 5. Call your trusted IT provider BEFORE clicking on anything that appears suspicious. Still using Windows XP? You’re risk level runs even higher. Once Microsoft does fix this flaw, it WILL NOT apply to XP systems. Many security experts believe this is only the first of many attacks that will look to exploit Microsoft’s cessation of support for the outdated operating systems. Have questions about this new Internet Explorer vulnerability? Unsure whether you can still use the browser to access your custom business applications? Contact RCS Technology Solutions, 978 606 5432 today. We take the security of your systems and your data seriously — and as a Microsoft Registered Partner, we have the expertise and access to services that can provide true protection from threats such as this one.   Thank you Steve Gesing, and Wayne Demers of CMIT

, ,

What the Heartbleed security bug means for you

Internet security experts are scrambling to patch an alarming encryption vulnerability that has exposed millions of passwords and personal information, including credit-card numbers, email accounts and a wide range of online commerce.

How big of a deal is this?

Some reports suggest as many as two-thirds of the sites on the Internet are using OpenSSL, the encryption code that we now know is flawed and vulnerable to so-called Heartbleed attacks.
It’s been a few days, anything new to worry about?

Initially, security experts focused on web sites using OpenSSL. We now know many digital products – including some with difficult to patch firmware – are also vulnerable, including:

  • Antivirus software
  • Email servers
  • Security firewalls
  • Routers and network switches
  • Some PCs
  • Android Version 4.11 (Jelly Bean)
  • Even the security-conscious Tor network

In those cases the hardware and software firms need to introduce patches.

What websites should I be worried about?

The Canada Revenue Agency website is shut down, and not expected to be open again until at least the weekend. The CRA says this move was precautionary, because there is no evidence of a security breach.

Canadian banks, airlines and online retailers such as Amazon.ca, Wal-Mart and Indigo Books all said they weren’t affected by the bug.

The online news site Mashable has an extensive list of other affected sites. They suggest you should immediately change your password if you use:

  • Facebook
  • Gmail (or other Google services)
  • Tumblr
  • Yahoo mail
  • GoDaddy
  • Intuit (TuboTax)
  • Dropbox
  • LastPass
  • OkCupid
  • Soundcloud

Wondering about a site a site not on this list? The Web developer resource Github has been testing sites, here’s a working list of the vulnerable, not vulnerable and no SSL sites: Heartbleed-Masstest. The caveat for this information is that there is no central “is my Internet broken” government agency that can verify these checks; Github’s community of volunteers appears to be our best resource but maybe think of it more like Wikipedia than a peer-reviewed journal.

There are also a few services, such as filippo.io/Heartbleed, that let you test a website yourself. We recommend doing this for any lesser-known site you use regularly.

When should I change my passwords?

It may sound like a good idea to just update every one you have, but it won’t do you any good to change a password on a site that hasn’t updated its OpenSSL yet: The new password will be vulnerable too.

As Toronto-based password-managing site 1Password says “The time to change passwords is after sites patch vulnerability *and* update certificates.”

How can I make my passwords safer?

The smartest thing to do at this point is diversify your passwords, so that if someone hacks your OKCupid account they can’t get into Google with the same password. My rule of thumb is that no site that connects to my credit card shares a password with any other site I use. We just started a series on how to live a more secure digital life and here’s some totally crucial password advice from Technology reporter Omar El Akkad:

Most people use terrible passwords. There are a number of reasons for this. One is the sheer variety of password-enabled devices we have to deal with every day (how many people still have the default “1234” as the password on their vehicle’s Bluetooth connection?). Another is the fault of certain products and web sites that either don’t care what sort of password you choose, or force you to jump through a bunch of hoops that result in the creation of a convoluted password you end up forgetting a week later. As Randall Munroe notes, the most important determinant of password strength is entropy. Basically, the more stuff there is to guess, the better the password. So choose a long password. And if you don’t think you can remember multiple passwords and don’t want to use a password manager, at least memorize a strong password and use it exclusively for your most important digital transaction. The last thing you want is your banking login compromised because someone hacked into a gaming forum you frequent and stole your password.

Is this a virus?

No. A virus is a piece of malicious code that seeks to infect your computer systems. Heartbleed appears to be a mistake, a flaw in the encryption code that many websites use to protect passwords they ask you to use to log in, as well as other information.

How long has this been going on?

According to the researchers who found the problem – and let’s be clear, this is a gaping hole that words like “flaw, bug and vulnerability” barely describe – the bad code was introduced two years ago. To quote Codenomicon (who found and named Heartbleed): The affected code is called OpenSSL and “is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet.”

Can you geek out for a moment, how does this work?

The term “Heartbleed” was coined by Finnish security researchers working in California. The vulnerability affects encryption technology called OpenSSL and could allow hackers to decipher encrypted data without website owners or users knowing any information theft had occurred.

Let me quote the Globe and Mail’s ops boss Steve Mickeler (Team Lead, Web Operations): “The flaw allows the attacker to access 64kb chunks of memory at a time and can often be used to retrieve the private keys, allowing the attacker to decrypt the SSL session and discover usernames and passwords. It can also be used to perform a man-in-the-middle attack by spoofing the site the user is going to since they now have access to the SSL keys and the client would not deem anything to be suspicious.”

As security expert Raymond Vankrimpen explains in our story about the CRA shutdown: “The Heartbleed vulnerability occurs when OpenSSL is used in combination with a communication protocol called the RFC6520 heartbeat. Such “heartbeats” help a remote user remain in touch after connecting with a website server …

“A small chunk of the server’s memory content, about 64 kilobytes of memory, can leak out with each heartbeat.

“While 64 kilobytes doesn’t represent a large amount of memory content, it is large enough to hold a password or an encryption key, allowing an unscrupulous user to return to exploit the server further.”

For an excellent illustration of how this works, check this cartoon from xkcd.

It’s also important to note that 64kb is not the limit of leaked information, a potential attacker could collect many “heartbeats” of data.

Again, for even more information, including info on how to fix your site, check Codenomicon’s specialty site: Heartbleed.com.

One piece of good news? The password you use on The Globe and Mail’s website is not vulnerable to the Heartbleed bug (we use a different security protocol, and in places that use OpenSSL we used the older, not broken, version).

Whose fault is this?

Well, it’s hard not to blame this on the OpenSSL Software Foundation and the developers who maintain this code. According to the Wall Street Journal, there are only four staffers to maintain the open-source libraries, and only one is full time.

“There’s no question more effectively applied manpower would be a good thing,” said Steve Marquess, 59 years old, who is the president of the foundation. “Formal code audits would be a good thing.” Indeed.

What does the guy who made the mistake have to say?

Robin Seggelmann, the German software developer who wrote the bad line of code spoke to the Sydney Morning Herald:

“I was working on improving OpenSSL and submitted numerous bug fixes and added new features…In one of the new features, unfortunately, I missed validating a variable containing a length.”

After he submitted the code, a reviewer “apparently also didn’t notice the missing validation,”  Seggelmann said, “so the error made its way from the development branch into the released version.”

Dr Seggelmann said the error he introduced was “quite trivial,” but acknowledged that its impact was “severe.”

 

 

 

 

Thank you, Shane Dingman, The Globe and Mail

,

Cyber Monday Safety Tips

If you staying home this Black Friday weekend, opting instead for online shopping, you’re likely avoiding the mobs of shoppers and keeping yourself safe from flying elbows and possibly getting trampled in the crowds.But for the growing number of people who prefer to shop on Cyber Monday rather than face the crowds at the mall, be warned; shopping online isn’t entirely safe, either.

With so much money exchanging virtual hands, and the growing threat of cyber crime, it’s important to take precautions. In the first 18 days of this November, online spending surpassed last year’s figure for the same number of days by 16% — reaching $10.1 billion in online transactions alone, according to research by comScore. If this is any indiction of how Cyber Monday online transactions will be, it’s safe to say shoppers should be extra aware of online threats. Mobile shoppers should be wary, too — mobile shopping has increased by 300% in the last year, making protection against viruses and malware key for safe shopping from your device.

“As more people decide to take their shopping experiences online this weekend thinking they’ll avoid the perils of mobs and lines, they should be aware that there is always the chance that they could be leaving themselves open for an attack on their lives through cyberspace,” said George Otte, CEO and founder of Geeks on Site. “In order to minimize the dangers of being hacked or becoming the victim of identity theft there are some precautions that are paramount for safety.”

There are a number of things you can do to ensure your safety when you shop online.

  • Make sure your antivirus and malware protection software is up to date. Also check to see if you have a firewall installed on your computer.
  • Update your browser. “When shopping online, make sure to use the latest brand named browser available for your system, such as Google Chrome, Mozilla Firefox, or Internet Explorer, as the latest versions of each have increased safeguards to prevent adware, spyware, and phishing attempts,” said Otte. “Having an updated antivirus or anti-malware is essential when preventing fraud. Both the browsers, as well as approved antivirus programs offer some type of verification of websites, making sure they are the original site and not a spoofed one.”
  • Don’t click unknown links in your email. “Most phishing attacks will try to scam shoppers with an email that presents some sort of incredible, cant-be-beat deal,” said Brian Jacobs, senior product manager at Ipswitch’s Network Management Division. “If you’re skeptical of an offer or email, go directly to the retailer’s website to confirm the offer, and don’t click the email link.”
  • Don’t use public computers and unsecured wireless connections — shop at home if you can. Computer expert Otte explains, “public LANs and Wi-Fi networks, such as libraries, cyber-cafes, airports or even work computers, could be compromised with malware. Hackers also have access to these networks, and could be tapping into them to get your personal information. Always do your online shopping from network secured with a WEP or WPA password.” Also, “never save your credit card information online in case you get hacked — then it’s open season on your personal info.”
  • Shop only on encrypted sites, advises GreenDot, a leading provider of prepaid phone cards. Websites that begin with “https” are encrypted, rather than just “http.” This means the site allows for secure transactions.
  • Save or print all payment confirmations. Michael Brim, founder of BFAds.net, tells Mashable, “During Black Friday and Cyber Monday, stores can often get overloaded with orders that may impact their ability to process payment and order confirmations. Sometimes during these sales, your order can go through, you close the confirmation window and never receive an email confirmation. The order may also not show up in your order history on the merchant’s site. Printing these order confirmations allows one to have written history of their shopping expenditures. That way, if your order never shows it was processed in the site, you can counter with proof of your order and can sometimes get it processed retroactively – regardless if the sale is now over or if your product is out-of-stock.”
  • Use your credit card, not your debit card. Debit cards are directly linked to your bank account. Since credit cards let you use borrowed money from the card provider, if someone steals your card you have more protection. Just contact the card provider and dispute the charge. With debit cards, that can be more difficult to do. And get a new credit and/or debit card one-to-two times per year and change the pin numbers, advises Scott Olson, VP of product at iovation, an online fraud prevention company. You should also monitor your bank statements for unauthorized transactions.
  • Update your passwords frequently. Use at least eight characters and a combination of numbers, letters and symbols from strong passwords. Don’t use any of the most common passwords.

 

 

,

Five Things to Consider When Buying a Laptop Computers

Purchasing a laptop computer is a large investment, and one that can be complicated by all of the options, manufacturers, and technical mumbo-jumbo that needs to be sifted through. Before you spend a lot of money on a laptop, it is important to spend a little time considering some basics that may affect the decision-making process. This Tech Tip will take a look at five of the innumerous things worth considering when buying a laptop computer.

Ergonomics

If you are going to be spending any significant amount of time working on this laptop computer, you’re going to want to be comfortable. A well-designed interface is essential for comfort, as well as good health. Carpal tunnel syndrome or tendonitis may be some of the more common conditions associated with extended computer usage, and selecting the most comfortable laptop may help avoid them all together.The keyboards on laptops generally feature compressed layouts with smaller keys, which may place a strain on hands and wrists as users try to adapt to these miniature arrangements. Generally speaking, the larger the laptop, the larger the keyboard, as they are usually designed to span the entire width of the unit.Most laptops use either a touchpad or tracking pointer (knob) as a replacement for a mouse. These may be adequate for occasional use, but even the best designs can become frustrating and uncomfortable when used extensively. Plus, when used for game play or other applications where precise motion is critical, they just don’t cut it.Purchasing a separate mouse may be the best bet, as it allows you to place your arm in a more familiar (and comfortable) position, as well as providing something that may fit your hand much better. Notebook mice are available in a wired or wireless version, and generally feature a slightly smaller footprint than your typical mouse.

Connectivity

Being able to connect to common devices is just as important on laptops as it is on desktops, but being able to add these connections down the road is not as easy on a laptop. Upgrades aren’t as easy on laptops due to the basic design, so make sure what you need is included up front.Wireless networking is almost a must-have feature on laptops now. The cord has been severed to every other shackle confining you to your desk; don’t let network connectivity hold you back. Wireless networking adapters are available as upgrades via either PCMCIA cards or USB adapters, but many now offer it onboard, hidden inside the system’s housing. Integrated wireless is the best option if available, as it requires fewer accessories to carry and to configure, and leaves those expansion ports open for other uses.USB 2.0 may be the most common peripheral connection, and many laptops may still come with just one port. That’s fine if you don’t mind carrying around a USB hub, but the more you have to carry, the less mobile you are. A good example of the importance of USB is that many people decide they want to use a separate mouse for ergonomic reasons, and generally it will connect via USB. On a laptop with just one port, you now have to juggle the use of the mouse with connecting anything else, like a digital camera, MP3 player, or an external hard drive.Firewire may not be as popular as USB, and as such, it doesn’t show up at all on many computer systems, regardless of whether they are desktops or laptops. Having this connection may not be necessary for everyone, but for those who want it, keep in mind that its inclusion on any particular laptop is not a given.
Bluetooth is another type of connectivity you may want in a laptop, but its popularity has yet to really catch up to its hype. More and more consumer electronics devices are starting feature Bluetooth technology, but for general computer applications, it may be more trouble than it is worth.This Toshiba Satellite features a solid assortment of connections with three USB 2.0 ports, a Firewire port, integrated wireless and wired networking, and even a modem.

Power Management

If you are going to use a laptop as it was intended, away from your desk, you’re going to want it to provide as much battery life as possible. The first step is to shop around for a unit that offers the best battery life possible, and then seek out independent reviews to verify this performance. A good laptop should be able to run for four hours or more on a full charge, and as the technology advances, finding units that can double this time isn’t unrealistic.

The operating system on most laptops will allow for the hardware to be configured to utilize the battery as efficiently as possible. It is just up to the user to navigate their way to these tabs and set things like the display to turn off, hard drives to power down, or even the processor to slow down when it isn’t needed to run full speed. Not all processors can provide this speed throttling, but finding a system with a Mobile Pentium/Celeron or Centrino processor may be your best bet to ensure this capability.

Another way to ensure extended life away from a power outlet is to just add a second battery. Although you can obviously carry a charged spare in your bag, some laptops allow for two batteries to be installed at once, with one generally replacing the optical disk drive.

Size / Weight

All laptop computers are not created equal, and the size and weight of the various models reflect that. Some may weigh more than others due to the quantity of components included, but it may also be due to the quality of the components. Larger displays, multiple hard drives, and other integrated components will all contribute to the weight of a laptop. The largest single source of weight in a laptop may be the battery, and systems with two batteries as described above, should be expected to be much heavier.

No laptop may be considered heavy in the grand scheme of things, but just a few pounds more may be noticeable if you regularly have to lug it through a busy airport or across a large college campus. Geeks.com may not provided the exact weight of each laptop they carry, but they do provide a shipping weight for each, which is a good approximation of what the laptop and various accessories will weigh when loaded into your carrying bag.

The overall size of a laptop is generally governed by the size of the display included. You may have seen the commercial where Yao Ming (7’5” basketball player) and Verne Troyer (Mini-Me) compare their laptops with 12 inch and 17 inch monitors. It is an excellent demonstration of the range of sizes available in laptop computers, and how the various sizes may be appropriate for different users. Those seeking a replacement for their desktop computer may insist on a 17” display, while those seeking to minimize size and weight in the name of portability may be willing to select a laptop with a smaller display.

Future Proof

Basically, purchase as much laptop as you can afford, so that a year or two down the road you may be less likely to need a replacement.Processors in a laptop are generally not upgradeable, or at least quite difficult to upgrade, so picking something with marginally adequate speed for today’s needs will no doubt be obsolete sooner than you might expect. Desktop computers generally offer the convenience of having their processors (and other components) upgraded, making it less of an issue, but it is important to plan ahead with laptops, or to plan on buying another one in a few years.The graphics processor is another integrated feature that should be considered before making a purchase, as there is no upgrading. Many laptops may offer somewhat basic graphics intended for good 2D display and 3D displays that may be hit or miss as far as the quality is concerned. In general, laptops were never intended for 3D gaming, but things are changing and many manufacturers now offer higher performance graphics solutions that can rival many desktop computers. ATI is well known for their high performance graphics products, and offer the Mobility Radeon X series of graphics processors based on their popular desktop solutions.Laptop memory is less of a bottleneck, as it is readily available and can be upgraded rather easily. That said, many notebooks offer a base configuration of memory that may not be adequate for your particular needs. It is suggested that a Windows XP system have a minimum of 256MB of memory, and you may find that this is what is offered on many systems. 512MB is the recommended amount of memory for smooth operation on Windows XP, and many users with more intensive applications to run may insist on 1024MB. If you intend to run serious business applications or want to play some modern 3D games, it may be worth having that base 256MB upgraded before the laptop ships to you.

Final Words

Picking a laptop computer will probably be more involved than reviewing five simple steps, but you have to start somewhere! Each of these steps will hopefully guide other decisions and make the process less frustrating, while also leading to the selection of the best laptop possible.
, ,

Tips For Securing Your Wireless Connection

With over 50% of people admitting to having used someone else’s wireless internet wwithout permission, how can you stop your neighbors from stealing your Wi-Fi connection? Securing your wireless network is just a matter of following a few simple tips:

       Use encryption

Wireless routers give you the option of encrypting your data, so bank details and passwords can’t be intercepted. Wi-Fi Protected Access (WPA and WPA2) is a much stronger encryption system for securing your communications than WEP, which can be easily cracked by hackers.

  • Use a password
    Set up a password for your wireless internet connection. Choose a strong password for securing your network – don’t use the one that came with your Wi-Fi router or a dictionary word that is easy to guess or crack. (You may wish to read our article on sensible password use for help with this.)
  • Don’t broadcast the name of your wireless network
    The name of your wireless network, known as the SSID, should not be broadcast to passers by. In addition, choose an obscure hard-to-guess SSID name to make life harder for Wi-Fi hackers. SSIDs such as ‘home’, ‘wireless’ or ‘internet’ are not good choices.
  • Use MAC address filtering
    Wi-Fi routers and access points normally have the ability to prevent unknown wireless devices from connecting to the network. This works by comparing the MAC address of the device trying to connect to the Wi-Fi router with a list held by the router. Unfortunately, this feature is normally turned off when the router is shipped because it requires some effort to set up properly. By enabling this feature, and only telling the router the MAC address of wireless devices in your household, you’ll be securing your wireless network against neighbors stealing your internet connection.
    Securing your wireless network using MAC address filtering is not a total solution as it is possible for a determined hacker to clone MAC addresses and connect to your Wi-Fi network, but this measure should still be taken to reduce the risks.
  • Restrict internet access to certain hours
    Some wireless routers allow you to restrict internet access to certain times of the day. For instance, if you know you will not need to access the internet from home between 9-5, Monday to Friday, then schedule your router to disable access between those hours.
  • Make sure your computers are properly secured
    Check you have up-to-date anti-virus, security patches, and client firewall software, this will help to protect your wireless network by stopping malware-based connection to your
, ,

Simple Steps to Defend Against Viruses, Spyware and Adware

Use antivirus software

Install anti-virus software on all of your desktops and servers, and ensure they are kept up to date. Because new viruses can spread extremely quickly, it is important to have an updating infrastructure in place which can update all the computers in your company seamlessly, frequently, and at short notice.RCS Technology Solutions, solutions can be automatically updated, ensuring the latest virus and spyware protection is in place against the latest threats even when your office is unmanned.

Run a consolidated email filtering solution at your email gateway as well to protect your business from the threats of email-borne viruses, spam and spyware.  RCS Technology Solutions, Solutions checks all email traffic passing through your email server, providing an extra layer of protection against mass-mailing worms and viruses at the gateway.

And don’t forget to protect your laptop computers and desktop computers used by home workers. Ensure they are running up-to-date virus protection as viruses, worms and spyware can easily use these devices to enter your business. RCS Technology Solutions, can easily ensure that your laptop and remote workforce are automatically updated with the latest virus protection every time they connect to the internet or your network.

Set your filtering

Consider filtering potentially malicious emails at the email gateway as this can provide a level of pro-active protection against new threats.

You could:

  • Block file types that are often virus carriers
    These include EXE, COM, PIF, SCR, VBS, SHS, CHM and BAT file types. It is unlikely that your organization will ever need to receive files of these types from the outside world.
  • Block any file with more than one file type extension
    Some viruses attempt to disguise their true executable nature by using “double extensions”. Files such as LOVE-LETTER-FOR-YOU.TXT.VBS or ANNAKOURNIKOVA.JPG.VBS may appear to be ASCII text or a harmless graphic to the inexperienced.
  • Ensure all executable code sent to your organization is checked and approved
    Ensure that all executable s received from the outside world via email goes directly to your IT department or, in the case of small businesses, your IT person, for checking and approval.This serves two purposes. First, your IT department (or person) can confirm not only that it is virus-free, but also properly licensed, unlikely to conflict with existing software applications, and is suitable (for instance, not pornographic). Second, IT will always know what software is installed on which computers.

Protect the gateway and remote users with firewalls

Computers connected to the outside world should be properly protected from internet threats via firewalls. Laptops and remote home workers should be included; they will also need firewall protection and might not be able to take advantage of a central firewall inside your business.

Stay up-to-date with software patches

Many software vendors issue advisories on security issues. For instance, Microsoft runs a mailing list which warns of security loopholes and issues found in Microsoft’s software and advises on patches which are available for protection. IT should subscribe to such mailing lists, and act upon the advisories as appropriate. When a new security hole is found in an application or operating system, and a patch is available, organizations should have an infrastructure for testing the patch works properly and rolling that patch out across their user base. Some vendors may provide automatic patch updating for home users, and such systems may be appropriate for updating your mobile workforce and remote homeworkers with the latest security fixes.

Back up your data regularly

Make regular backups of important work and data, and check that the backups were successful. You should also find a safe place to store your back-ups, perhaps even off-site in case of fire.

Disable booting from floppy disks

Although they are not as commonly encountered as they used to be, boot sector viruses can still affect computers and yet can be easily countered. Change the CMOS bootup sequence on PCs so that rather than booting from drive A: if you leave a floppy in your machine, you boot by default from drive C: instead. This should stop all pure boot sector viruses (like Form, CMOS4, AntiCMOS, Monkey, etc) from infecting you. Should you need to boot from a floppy disk the CMOS can easily be switched back.

Introduce an anti-virus policy

Produce a policy for safe computing and distribute it to all staff. Make sure every employee has read and understood the policy, and that they know who to speak to, if they have any questions.

Such a policy could include:

  • A ban on downloading executables and documents directly from the internet.
  • A ban on running unsolicited executables/documents/spreadsheets within the organization.
  • A ban on playing computer games or using screensavers which did not come with the operating system.
  • An IT checking and approval system for executable s that arrive via email from the outside world.

It could also ask staff to do the following:

  • Save all Word documents as RTF (Rich Text Format) files as DOC files can harbor macro viruses.
  • Treat with suspicion any newly arrived email that they weren’t expecting.
  • Forward any virus warnings or hoaxes directly to IT (and no-one else) to confirm whether they are genuine or not.
  • Staff should inform IT immediately if they think their computer has been infected with a virus.

 

, ,

Simple Steps to Network Security: Device Passwords and Key Locks

Allowing, family friend, and employees to use their personal mobile devices for work can provide a multitude of advantages: productivity, simpler connectivity, access to the resources they need from virtually anywhere. But along with the benefits, bring your own device (BYOD) opens the door to risks, including security vulnerabilities, data leakage, compliance and potential liability issues.The magnitude of the problem is big, considering millions of these devices are lost, stolen or misplaced every year (120 thousand phones were lost in Chicago taxi cabs alone last year…).

When presented with these challenges, most of the time IT groups automatically start thinking about Mobile Device Management (MDM) solutions. And they are right. MDM products monitor, secure manage and support all those mobile devices across the enterprise and do it well. What IT managers sometimes fail to realize is that they may already have at hand tools and procedures that can be implemented very quickly and minimize or at least alleviate some of those problems.

One such simple thing is: lock the device with a PIN, password, pattern!

That’s always a good idea. Users may have secure tokens and password encrypted information on the phone, but keeping others from even getting that far is easy to do and increases the overall security by an order of magnitude. And there is nothing needed in terms of infrastructure for this to be implemented. Just defining the policy and communicating it to users will do. Different devices (iOS, Android, Blackberry, Windows) may require different steps, but in all cases, it just takes two or three minutes to apply a PIN and screen lock to any device. There is no reason not to do this.

Of course, a big improvement to this would be to enforce or to make that policy mandatory. The good news is that companies frequently run applications that include capabilities to “force” users to lock the device, and sometimes even a lot more. Many existing applications, such as MS Exchange ActiveSync, Google Apps Management and even some certificate management systems, for instance, may be sufficient for enforcing these policies.

Then, as we were discussing earlier, if you need more control over devices, secure specific applications, access to resources, plus the ability to have visibility on BYOD use, an MDM system may be the way to.

, ,

5 CRUCIAL UPGRADES

“Upgrade” —  Can strike fear in the hearts of humble computer users.Upgrading doesn’t have to be a dreaded deed, especially when the health and safety of your computers are on the line.

Don’t believe us? Take a look at the recent changes announced by Microsoft. Along with the retirement of its CEO, Steve Ballmer, in August  — and the heated search for his successor — the Pacific Northwest-based tech giant has stepped up its marketing efforts in relation to several major upgrades on the horizon. CMIT Solutions has compiled a list of the five most crucial ones, along with reasons why you should act now.

1)    The biggie: Windows XP. If you haven’t heard, Microsoft will discontinue all support for Windows XP on April 8th, 2014. Why? Per the company’s Support Lifecycle policy, all Microsoft products are entitled to 10 years of support — five at the mainstream level and five at the extended level

2)    The blue-collar hero: Office 2003. In tandem with Microsoft’s big push away from Microsoft XP comes a similar end-of-support breakclick here to read more from Office 2003. The good news for frightened upgraders? Moving to Microsoft Office 2007, 2010, or 2013 provides for a much more seamless transition than moving from, say, Windows XP to Windows 8…[ Click here to read more]. 

3)    The nerve center: Windows Server and Small Business Server 2003. While these business server solutions are intrinsically linked to Windows XP, Microsoft has mercifully extended both products’ support lifecycles through July 2015…[click here to read more].

4)    The efficiency keeper: Exchange 2003. Although Microsoft has no plans to discontinue support of this version of its business email, calendaring, and contact database software, the company’s general rule of thumb is that support stretches back two previous versions…[click here to read more].

5)    The sleeper: Windows Vista.  Anyone using Windows Vista is probably breathing a huge sigh of relief that they’re not part of the 37% of current PC users still using Windows XP. But even Charles Songhurst, former Microsoft Head of Corporate Strategy, once admitted that Vista is a “less good product.” With Windows XP on the chopping block, Windows 7 the new norm, and Windows 8 rolling out a top-to-bottom updated version next month, Vista will soon be the odd man out. Plus, as Computer World said back in 2009, “Windows 7 simply does everything Vista does, except better.”

Need help navigating the tricky upgrade paths listed above? RCS Technology Solutions has years of experience working within the Windows environment.  Call today, 978 606 5432, and let us put that relationship to work for you and your business.