98% of mobile-device malware attacking Android (DROID) phones

Worldwide, a significant portion of the population owns and uses a smartphone;  mobile users search Google over 5.9 Billion times daily while over 6 Billion hours of YouTube are watched each month on mobile devices.  (Statistics taken from a presentation by Intel Corporation at the MOBILE World Congress 2014.)

Since most smartphones are based on Google’s Android operating system, these are the primary targets of malicious attacks.  Kaspersky Labs, a prominent anti-virus software manufacturer, reports that 98% of malware targeted at mobile devices attacks Google’s Android (DROID), which confirms “both the popularity of this mobile OS and the vulnerability of its architecture”.

Suggestions for DROID (and other smartphone) owners to suppress malware:

  • Keep your mobile phone updated with the latest patches
  • Deploy an anti-malware application

Visit http://blogs.computerworld.com/mobile-security/23577/98-mobile-malware-targets-android-platform for the entire article by Darlene Storm at ComputerWorld.

Fitness regime for your IT equipment: Keep it clean, cool, and empowered

IT (Information Technology) equipment is somewhat temperamental; it requires reasonable temperatures; stable, uninterrupted power; and some air flow to operate efficiently.  Cleanliness is important.  Here’s how to keep it toned.

IT equipment should be kept in a clean, neat, and (preferably) dust-adverse/static-resistant area; walls with painted surfaces, tiled or coated floors without carpeting, etc.  Fire-suppression equipment is a plus, but cannot be water-based.

Access should be restricted; a separate, locked room is ideal, but a closet with sufficient space and air flow can work for smaller sites.

Dust is the enemy of fans and electrical components; a reduced-dust environment and regular cleaning of equipment fans can lengthen the life of most items.  (Note: cleanings should be performed when equipment is powered-down, which is not always desirable or feasible.)

The area should have dedicated electrical circuits with sufficient amperage to match the power requirements of the equipment.  We also recommend an Uninterruptible Power Supply (UPS) for all critical items (and require them for equipment that we cover under our Comprehensive Support Program); the UPS provides emergency power when the input-power source is unavailable, but it also helps to regulate fluctuations in power, both spikes/surges (voltage overload) and brown-outs (reduction in voltage) that can damage sensitive equipment.

Cooling and humidity control are very important; most equipment runs optimally within a narrow range of temperature (64° to 81° Fahrenheit) and a maximum range of relative humidity of 60%.  HP, in an effort to be “greener”, lists current specifications on its DL360 server that provide a wider range of 50° to 90°F with 10% to 90% humidity (non-condensing).  However, cooler temperatures do make things last longer.  (The DL360 will actually throttle-back the CPU when the air-inlet sensors detect temperatures over 85°F.)

The area should have continuous air flow (to provide new, cool air while removing heated air that is exiting the equipment) and remain uncluttered to facilitate this air flow.  A dedicated A/C unit combined with a closed door is optimal; locating all equipment within a rack enclosure (with blanking panels over open areas) can enhance air flow.

TechAdvisory has 9 tips at http://techtimes.techadvisory.org/2011/11/9-steps-you-must-know-to-prevent-a-server-crash/.

CryptoLocker Case Study

The following event depicts a real-life malware attack that infected a New England manufacturing firm. The company has chosen to share its story anonymously to help other businesses avoid a similar fate.

The unsuspecting sales rep certainly reacted in a way anyone would expect. He received an email with a voicemail attachment that looked like it came from the company CEO. When the CEO calls, reps jump to attention, and at this particular manufacturing firm based in New England, the business relies on a communication system that sends voicemails as email attachments. So the sales rep had no reason to suspect anything was wrong.

As it turns out, something was very wrong.

Click the link below to read the full article.

Bryley — CryptoLocker Remediation — 2013

Bryley Data-Backup Guidelines for 2014

Please note that this document has been depreciated, and a more up to date version can be obtained from our articles page.

Bryley Systems is pleased to present our updated Data Backup Guidelines for 2014.  This free guide is updated annually and includes these topics:

  • The Importance of Backups
  • Backup Technologies
  • Cartridge-Based Backups and Scheduling
  • Backup-Rotation Calendar
  • Backup-Event Log

 

 

Comparing Cloud-based services – Part 2: Storage

Many Cloud-based services fall into one of these categories:

  • Productivity suites – Applications that help you be more productive
  • Storage – Storing, retrieving, and synchronizing files in the Cloud
  • Backup and Recovery – Backing-up data and being able to recover it
  • Prevention – Prevent malware, typically spam and related components
  • Search – Find items from either a holistic or from a specialty perspective

In this issue, we’ll explore popular options within Storage, the highlighted item above, and compare them with one another.

Storage often comes in a free version with separate professional/business (paid) versions that includes advanced features.  The basic premise is that your data is stored in the Cloud – hopefully in a secure manner with sufficient redundancy – is available from any location on any device, and is synchronized between devices.

Most free versions offer these minimum features:

  • At least 2Gb of storage with synchronization across multiple computers
  • Easy access from mobile devices and PCs via downloadable client software
  • Direct access to files through a web browser
  • File sharing with other users

However, you typically must upgrade to a paid version to receive these capabilities:

  • Access control – Define and control who can access what, where, and when
  • Additional storage – Purchase extra storage once your limit is exceeded
  • Auditing – Identify and record what files are stored where and by whom
  • Integration – Integrate with other platforms (i.e.: Active Directory)
  • Security – Enable advanced encryption and security techniques

Popular services (alphabetically) include:

  • Box – 10 Gb free storage with NetSkope’s second-highest rating
  • Dropbox – 2 Gb free storage with over 200 million subscribers
  • Google Drive – 15 Gb free storage shared with Gmail and Google+ Photo
  • SkyDrive – 7 Gb free storage and integrated within Microsoft Office apps

Box

Box (www.Box.com) is a Q3-2013 leader in Forrester’s “File Sync & Share Platforms”.  It offers a free version, but is built for professional use with available integration to Active Directory and LDAP, security with rotating encryption keys, access control, and auditing.

According to Netskope’s review of Cloud-based applications, Box was the second highest-scoring Cloud application, coming in the number two spot on the NetSkope Q3-2013 Cloud Report.  (Please visit Netskope’s http://www.netskope.com/reports-infographics/netskope-cloud-report-q3-2013 for the complete report.)

My take:  Box is the most-comprehensive offering, but a bit more complex due to its advanced features.  It is a serious choice for those that value advanced features (access control, auditing, integration, etc.) and are willing to pay to get them.

Dropbox

With over 200 million users, Dropbox (www.Dropbox.com) claims market leadership.  It is built upon Amazon’s S3 storage and is easy to use.  The free version offers 2 Gb, but there is a professional (Dropbox Pro) version with greater functionality (and storage) and a business version (Dropbox for Business) that offers team collaboration.  All three versions offer synchronization and file-sharing; the help screens are brief, useful, and entertaining.

My take:  Dropbox is the easiest and most-fun to use, but it has the least amount of free storage and its paid plans are a bit more expensive than others.

Google Drive

Google offers Google Drive (www.GoogleDrive.com) as a stand-alone service or bundled within Google Apps.  The free version offers 15 Gb with synchronization among devices and sharing among peers.  It is a no-frills alternative with little glitz, just reliable storage at reasonable cost.  It is the base of Google Apps.

My take:  Google Drive has fewer doodads and the least amount of whimsy, but it is reliable and offers the greatest amount of free storage.

SkyDrive

Microsoft offers its free version of SkyDrive (www.SkyDrive.com) with seven Gb plus an additional three Gb for students.  SkyDrive is an option in newer versions of Microsoft Office and integrates to Facebook, Twitter, LinkedIn, and Bing.  You can also “fetch” files from your base computer via web-browser on a remote computer.

My take:  SkyDrive offers the most for the least, although there is some buzz about slow synchronization between devices.  Its “fetch” feature is unique among these alternatives and its integration within Microsoft Office is a killer feature.

Upcoming changes to major Microsoft products

Microsoft Windows 8.1 released on October 18th

The second iteration of Microsoft Windows 8, 8.1, occurred on October 18th.  Significant changes to this operating system include:

  • Boot to Desktop – Yes, you can restore the Start button and bypass the tiles, but don’t expect the traditional Start menu to appear since pressing Start takes you to the live tiles of the current Start screen.  (You can, at least, shut-down from the Start button once again.)
  • Help + Tips – Helpful clues are sequenced to usage, permitting an easier start-up and shortening learning times.
  • Smart Search – Windows 8 Search charm on steroids; all search results, local and otherwise, pooled together in a comprehensive summary.
  • Snap – Open up-to four applications and display them simultaneously on a single screen.

An excellent review of Windows 8.1 by Brad Chapos of PC World is available at http://www.pcworld.com/article/2048508/windows-8-1-review-the-great-compromise.html.  He also provides the top-five reasons to upgrade to Windows 8.1 at http://www.pcworld.com/article/2043268/the-top-5-reasons-to-upgrade-to-windows-8-1.html.

Microsoft Windows Server 2012 R2 release date was October 18th

Release 2 (R2) of Microsoft Windows Server 2012 is now available. 

Per Microsoft:  “Windows Server 2012 R2 offers exciting new features and enhancements across virtualization, storage, networking, virtual desktop infrastructure, access and information protection, and more.”

Along with this revision, Microsoft increased pricing on Windows Server Data Center to $6,155 and on Remote Desktop Services (RDS) Client Access Licenses (CALs) to $118.

For details, please visit http://www.microsoft.com/en-us/server-cloud/windows-server/windows-server-2012-r2.aspx.

The end is near for Windows XP, Office 2003, Server 2003, and Exchange 2003

Microsoft is ending support of Windows XP, its most-popular, desktop-computer operating system, on April 8th, 2014.  In addition, Office 2003, Windows Server 2003, and Exchange Server 2003 will reach end-of-life (EOL) on this date.

Basically, Microsoft will discontinue patching and updating these products, which exposes them to security and compliance risks; it will likely also end support for third-party applications that work with these products.

Microsoft’s message:  Upgrade these products now or risk problems later.

Bryley Systems receives SBIEC’s Massachusetts Excellence Award

Bryley Systems has been selected for the 2013 Massachusetts Excellence Award amongst all its peers and competitors by the Small Business Institute for Excellence in Commerce (SBIEC).

Bryley Systems has consistently demonstrated a high regard for upholding business ethics and company values which is a trait seldom found in its industry. This recognition by SBIEC marks a significant achievement as an emerging leader within various competitors and is setting benchmarks that the industry should follow.

The (near-term) future of computer technology – Microsoft versus Google

The crystal ball is still foggy, but here are my thoughts on Microsoft versus Google and (what I believe is) the battle for world domination.  (Microsoft sales are around $77B, primarily from Windows software (25%), business software (32%), and server software (25%); Google is about $55B with approximately 87% of its revenue from advertising.)

Notice, I did not include Apple:  The big play is between Microsoft and Google and it is occurring across multiple lines:

  • Google (search) versus Bing
  • Microsoft Office versus Google Apps
  • Google Android versus Microsoft Windows

Google (search) versus Bing

In the search-engine market, there is no comparison with Google (#1) capturing an average of 67% of monthly queries in the US while Bing (#2) captures only 17%.  In search, queries equate to advertising revenue, the heart of Google’s success.  (Search is currently not a significant part of Microsoft’s sales.)

Google’s familiar, plain-white background seems functional, but also trendy with the occasional changes to the GOOGLE moniker.  Bing’s full-screen, image-based background usually displays beautiful vistas or current events; the scrollable “Popular Now” bar across the bottom adds an items-of-interest aspect.

Bing (aka Microsoft) suggests comparing the two via www.BingItOn.com.

Winner (by a wide margin) is Google; Bing is interesting, but it will take some major work to break Google’s dominance in this area.

Microsoft Office versus Google Apps

When it comes to productivity applications; Microsoft Office 2013 owns the market at 92% while the newer Office 365, Microsoft’s Cloud-based answer to Google Apps, exceeds $1B per year.  (For details, please see the April 19, 2013Forbes article athttp://www.forbes.com/sites/greatspeculations/2013/04/19/microsoft-shakes-off-pc-slump-as-office-and-servers-sales-swell/.)

Microsoft continues to focus on Office 365; pricing now starts at $96 per year, new features have been added, and partners can sell this service directly to users.

Although Microsoft productivity applications dominate on the desktop, Google Apps is a serious contender to Office 2013 and Office 365 with an estimated 33% to 50% share of Cloud-based productivity apps.  The primary difference: Google Apps was Cloud-based from the start; it doesn’t have all of the features of Microsoft Office, but is relevant on more platforms, is free to consumers, and costs just $50 per

year for users of Google Apps for Business.

So, Google Apps plays well in a heterogeneous, consumer/small-business world.  Also, Google has moved its popular Postini anti-spam service into Google Apps, a move that has angered and confused many of its (former) Postini clients, but one that makes sense from the perspective of beefing up Google Apps for Business to battle against Office 365.

For details, please see the 4/23/2013 article by Kurt Mackie of Redmond Magazineat http://redmondmag.com/articles/2013/04/23/gains-for-google-in-cloud-office.aspx?sc_lang=en.  To compare Office 365 to Google Apps, please visit http://www.youtube.com/watch?v=gBtYFM6Zy0o

Winner (by a strong, but potentially diminishing margin) is Microsoft; Microsoft dominates the desktop, but mobile users are changing the landscape.

Google Android versus Microsoft Windows

In terms of projected sales of mobile devices, Google’s Android (DROID) owns the market at 79% while Microsoft Windows is at just 3.3%.  However, if you include desktop computers, a declining market, Windows is still prevalent across organizations throughout the world.

Google introduced Android in 2007; it is a Linux-based, open-source operating system designed for touchscreen devices.  Its strength is its robustness and ease-of-use, which led to a brisk rate of adoption by users and application developers.

Windows 8 was introduced in October of 2012.  It was designed to be compatible with its predecessors (Windows XP and Windows 7) while introducing a touch-enabled, tile-based, user interface that has been more frustrating than enabling.  To date, it has failed to meet even modest expectations.  (Windows 8.1, a free, significant upgrade to Windows 8, will release on October 17th with the hope of changing this trend.)

Currently a draw if you include both mobile devices and desktop computers:  Microsoft owns the desktop while Google owns mobile devices; Windows 8.1 provides hope, but might be too little too late to penetrate the mobility market.

If nothing else, expect prices to decrease as the competition heats up.

Bryley Basics: Getting you informed in 100 words or less

Tips on email attachments

Most folk send attachments with their emails; it is a quick, easy way to share a file with the email recipient.  However, attachments can have a negative impact on your computer-network infrastructure:

  • Emails saved with attachments consume storage.
  • Large attachments slow performance and may be rejected by the provider.
  • Attachments copied to a distribution list (a group of email users) are copied multiple times, once for each user, which can impact network bandwidth.

In addition, emails received with attachments should be treated cautiously, since attachments may become sources of infection.  Basic suggestions when receiving:

  • Do not open if the sender is unknown or suspect.
  • Limit total attachments to under one Gb; zip files greater than one Gb.

 

 

Security concern with popular, home-based, Internet routers

Independent Security Evaluators, a Baltimore-based security firm, stated that 13 Internet routers sold for home use were vulnerable to attack if the hacker had network access and could obtain the username and password of the router.  These routers include:

  • Linksys WRT310v2
  • Netgear’s WNDR4700
  • TP-Link’s WR1043N
  • Verizon’s FiOS Actiontec MI424WR-GEN3I
  • D-Link’s DIR865L
  • Belkin’s N300, N900 and F5D8236-4 v2 models

Basic suggestions:

  • Check to see if your home-based Internet modem/router is named above.  If so, check with the manufacturer to ensure that all security updates have been applied.
  • Change the login credentials using a complex password.  (Please review the article “Simple passwords = disaster” in our January 2013 Bryley Tips and Information.)

 

ComputerWorld.com — Popular Home Routers Contain Critical Security Vulnerabilities has the full story by Jeremy Kirk at ComputerWorld.