Consumer PC Price Cuts!

In an effort to bridge the gap between current Windows 8.1 and upcoming Windows 10 (not sure what happened to Windows 9), Microsoft is shepherding a dramatic decrease in the prices of consumer PCs and Windows-based devices.

These price decreases started in October with year-over-year reductions of 10% and falling, particularly for consumer-class PCs; higher-priced, business-class PCs will also be affected. Most are attributed to Microsoft’s decision to fight Chromebooks with a low-cost version of Windows 8.1 with Bing.

The potential consequences:
• PCs will become even more commoditized
• Smaller, PC-centric vendors will struggle to survive
• Prices may drop on popular, after-market, Windows-based software

For details, please see the Gregg Keizer of ComputerWorld article: “Drastic price cuts may damage PC industry, jeopardize Microsoft’s hopes for Windows 10”.

Winner of our monthly Service-Ticket Survey drawing

Monthly, we select a winner from all respondents to our service-ticket surveys. Congratulations to AS of PI, our survey-response winner from last month.

Our winner received a $10 gift certificate, compliments of Bryley Systems.

Email Best Practices

Recommended practices – Part 4:  Email use

This is a multi-part series on recommended practices for organizations and their end-users.  Additional parts will be included in upcoming newsletters.

Email is still the primary business application, although alternatives like texting and social media are gaining ground.  Most business people email to clients, prospects, vendors, stakeholders, etc. on a regular basis; they also accept emails from those in the outside world, occasionally with unforeseen consequence.

Organizations should consider email use in these areas:

  • Inbound – Email received by the organization’s end-users
  • Outbound – Email sent from end-users to others outside the organization
  • Etiquette – The appropriateness of the email’s message and content
  • Archiving – The ability to store and retrieve historic email

I’ll describe the specifics and offer IT solutions to manage each area.

Inbound email

End-users constantly receive email, usually without incident.  However, one misstep in responding can lead to a malware outbreak (or worse).  Plus, failing to block inappropriate email content, even unknowingly, can lead to legal repercussions.  (For example:  An employee could object to receiving an email with explicit pornography and decide to pursue legal recourse.)

Most email-based attacks occur via an attachment; the attachment holds malware designed to activate, usually without fanfare, when the attachment is opened.  Often the email message is enticing, in-disguise, or just plain compelling; the end-user believes that opening the attachment is the right thing to do.

Basic rules for opening an email:

  • Do not open email from an untrusted source; when in doubt, check it out
  • Do not click on an attachment before verifying its integrity
  • Always ask for help if uncertain

The best tool is an email-filtering service or device; a service sits outside your organization (Cloud-based) while a device typically sits inside (on-premise).

A Cloud-based, email-filtering service can improve Internet performance by reducing incoming traffic; all emails are captured by the service before they enter the organization’s Internet connection.  Some services (i.e.: McAfee SaaS Email Protection and Continuity™ or MEPC) also offer email continuity, which provides the ability to receive and respond to email even when your email server or email service is unavailable.  Most email-filtering services are billed monthly on a per-user basis, requiring little or no up-front expenditure.

An on-premise, email-filtering device requires upfront expenditure, but can provide a cost-advantage solution at organizations with many users.  To calculate the true cost per user, you would figure the annual cost of the device, add the annual maintenance fee and support costs, and divide by the total number of users.

Both offer advantages; pick one or use both.  (We offer McAfee Email Protection and Continuity and our Secure Network™ as service options, but also deploy, on-premise, Barracuda’s Spam Filter, Cisco’s IronPort, and WebSense.)

Outbound email

Outbound email should be secure; you don’t want to expose confidential details to an outsider.  However, email is typically sent via open-text format; the contents of the email are unencrypted and can be pieced together by others.

Email typically flows in this fashion:

  • Sender composes the email; this might be on a standalone application like Microsoft Outlook or on a web-based interface like Google Gmail.
  • Sender sends the email, which ships it to the sender’s email server/service.
  • The email server/service addresses the email according to the recipient’s email domain and then forwards it to the email server/service within the recipient’s email domain.
  • Email server/service within the recipient’s email domain receives the email, verifies that the recipient exists within this domain, and then forwards the email to the recipient.
  • Recipient receives the email.

Email within an organization’s email domain via an internal email server is usually secure; an external email service must be examined to ensure messages are encrypted between the sender, service, and recipient.

Security can be enforced through encryption, which offers levels of enforcement.  For example:  You can be forced to encrypt any email with the words “social security number”, but not encrypt other emails.  Likewise, you can encrypt all email from the Accounting team while not encrypting emails from the Marketing team.

Email encryption is available via external services (we recommend McAfee SaaS Email Encryption™) or through an on-premise device (Cisco IronPort or WebSense).

Email etiquette

You should consider what you are saying and how it might affect the recipient.  Even more important, for legal reasons, you should block inappropriate content and malware from being emailed by end-users within your organization.

Outbound policy enforcement and management is available as an external service through McAfee SaaS Email Protection and Continuity, which monitors outgoing email for inappropriate content and malware.  Both Cisco IronPort and Websense provide this capability on-premise.

Beyond the basics listed above, email etiquette extends to these areas:

  • Sending – Always verify grammar, spelling, courtesy, and content
  • Formatting – Don’t type all CAPS; use a white background for readability
  • Forwarding – Don’t forward emails unless relevant and desired by recipient
  • Attachments – Zip large attachments and virus check before sending
  • Privacy – Hide recipients email address when sending to a group

My favorite rules (which I sometimes break):

  • Don’t say things in an email that you would not say verbally to the recipient.
  • If your email is emotionally tinged, sleep on it overnight before sending.

For tips on email etiquette, please visit http://www.101emailetiquettetips.com/.

Email archiving

Archiving is all about reliable storage and quick retrieval; you never know what you might need to bring back to life or when it will be needed.  Saving tens or hundreds of thousands of emails can be challenging; finding the right email can be virtually impossible, but might be required at a moment’s notice.

Archiving can reduce management and storage costs while satisfying e-discovery and compliance requirements.  Archiving can also simplify requests for email histories during litigation.

We recommend these archiving options:

 

Bryley video from DiscoverHudson.org

Bryley Systems will be featured at DiscoverHudson.org, a website that extols the virtues of Hudson, MA and its business community.

You can also view this video, as well as others, on our Video’s page at https://www.bryley.com/resources/videos/.

Bryley Systems’ President Gavin Livingstone Interviewed On Chamber Exchange

Tim Murray (President/CEO of the Worcester Regional Chamber of Commerce and former Lieutenant Governor of the Commonwealth of Massachusetts) interviewed Gavin Livingstone (President of Bryley Systems Inc.) on Charter TV3 earlier this year.

Gavin Livingstone Interview On Chamber Exchange

Visit http://www.Bryley.com/resources/videos/ to check out the rest of our video library.

Winner of our monthly Service-Ticket Survey drawing

Monthly, we select a winner from all respondents to our service-ticket surveys.  Congratulations to SO of RR, our survey-response winner from last month.

Our winner received a $10 gift certificate, compliments of Bryley Systems.

Bryley Basics: Fixed-disk drive recycling and destruction

Fixed-disk drives are located in most personal computers, servers, and even some copiers and printers; they store business data and confidential information.  When retired, they require special handling and recycling to ensure that this information is not available to others.  In addition, compliance and military standards dictate specific procedures regarding erasure and destruction.

Most fixed-disk drives house spinning disks within a metal enclosure; a read/write head passes over these disks to retrieve/record information.  Erasing the spinning disks is a good first step; physically destroying the spinning disks is also good since it then renders these disks unusable.  (Of course, someone can always try to put a disk back together, but the complexity and cost of this effort makes it extremely difficult and unlikely.)

When we recycle personal computers and servers, we take these steps to obliterate the contents of all fixed-disk drives:

  • When mounted within a computer, we run a multiple-pass cleanup utility that not only erases existing data, but also rewrites nonsense data back onto the drive to overlay previous data.
  • We then smash the drive into insignificant pieces using our Manual Disk Drive Crusher from Pure Leverage.

Our Manual Disk Drive Crusher quickly and easily destroys fixed-disk drives by crushing them in half.  The remnants are then recycled with confidence.

 

Mike Carlson achieves VMware VTSP 5.5

VMware awarded Mike Carlson, our Chief Technology Officer (CTO), with the VMware Technical Solutions Professional 5.5 (VTSP 5.5) certification; a significant milestone in the VMware certification process that requires detailed product knowledge and the successful completion of six modules with corresponding tests.

Bryley Systems participates in the MetroWest Career Pathways at Hudson High School

Bryley Systems participated in the MetroWest Career Pathways at Hudson High School, a fair held on November 19th for area juniors and seniors that are on track to graduate high school, but may not have a clear pathway for what to do after graduation.  Pictured are co-owners Cathy and Gavin Livingstone; they met a lot of  students who expressed an interest in a career in information technology.

IMG_0697

Recommended practices – Part-3: Password security

This is a multi-part series on recommended practices for organizations and their end-users.  Additional parts will be included in upcoming newsletters.

October is National Cybersecurity Awareness Month, and to help you celebrate, we have compiled a list of best practices for password-strength optimization.

Passwords are the primary tool for online authentication; as such, they are targeted information for cybercriminals looking to gain access to your workstation, mobile device, and/or personal records.  Proactive measures are vital to prevent online identity theft, network infiltration, system crashes, and the spread of malware.  By following the practices described below you will fortify yourself against these malicious cyber threats.

1. Create a “strong” password:

A strong password is one that cannot be easily identified by a cybercriminal.  When creating your next password, here are the do’s and do not’s of password strength:

  • Do not draw from the obvious: When selecting a password, do not draw from obvious sources – your name, your child’s name, not even something as seemingly ambiguous as your favorite flavor of ice cream or a random word.  With social media, today’s cybercriminal can easily aggregate personal information and crack obvious passwords.  Even if you feel that your password is obscure and/or unconnected to yourself, if the password is simply a word or phrase, dictionary attacks – programs that plug in every word from a database – can still compromise you.
  • Do use a mixture of letters, numbers, and special characters: Make your password complex and you help make it secure.  Random placements of letters, numbers, and symbols will make it very difficult for cybercriminals to hack into your accounts.
  • Do not use the same password: Using the same password for every login is a recipe for disaster:  A cybercriminal now only needs to crack one password for unlimited access to all of your online accounts.
  • Do use longer passwords: When it comes to password security, the longer the better.  According to online security experts, a password 15 characters in length could take up to two trillion years to crack.  However, password length isn’t everything:  You must be sure to utilize a mixture of letters, numbers and special characters.

By creating long, complex, and unique passwords for every one of your authentication accounts, you will guarantee password strength.

2. Change your password regularly

It is very important to create strong passwords, but even strong passwords can be discovered by expert cybercriminals – especially if they are given ample time for discovery.  That is why it is essential for you to get into the practice of routine and mandatory password changes.

A perfect time to schedule updates is with the change of seasons as they divide the business year into obvious and unforgettable quarters.  And, as it is now fall, it is the perfect time to begin this excellent practice.  You can start by announcing a mandatory password change in the next few weeks and update your business calendar for three more alterations for the winter, spring, and summer.

3. Keep written reminders secure or use a Password Manager

Long, complex, constantly changed passwords are hard to remember.  You may need to write them down as a practical safeguard.  Just be sure to avoid the bad habit of keeping these written reminders close to your computer – or even worse, taped to your screen for all to see.

If you need written reminders, keep them in a secure area away from your workspace, such as at home or in the glove compartment of your car.  Better yet, consider using a Password Manager to record and manage your passwords.  (See the July 2014 Bryley Tips and Information for a review on Password Managers.)

4. Keep reset information up-to-date

There will be moments when you simply cannot remember a password and will need to request a reset.  As a precaution you should always be certain that your online accounts have your relevant email address on file so that when reset information is sent, it is sent to you and not to an abandoned account that has the potential to be exploited.  It would be best to get into the practice of checking reset information on the scheduled dates for password changes.

5. Review your organization’s password policy

Take the time during your quarterly password changes and reset information checks to review and/or update your organization’s password policy, which has the rules and procedures employees are required to adhere to in order to ensure password and network security.  If your organization does not already have such a policy, be sure to create one and distribute it to all technology-enabled employees.

6. Expunge temporary usernames and passwords

If you recently employed any temporary staff or summer help, be sure that their usernames and passwords no longer access your system.