3 Simple Steps To Secure Your Mobile Device

Three simple steps to keep your mobile device secure:

  • Turn off the Wi-Fi capability when not using it
  • Turn off GeoLocator when not needed
  • Logout and lock when finished

See Ray Ramon’s article at http://www.smallbiztechnology.com/archive/2014/02/3-simple-ways-to-be-secure-no-wifi-no-geolocation-logout.html/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Smallbiztechnologycom-SmbNewsAndInsight+%28Smallbiztechnology.com+-+small+biz+tech+news+and+insight%29 for more information.

Bryley Basics: Encrypt your iPhone

iPhones, versions 3GS and later, offer hardware encryption; it is activated through the data-protection feature by enabling a passcode:

  • Tap Settings > General > Passcode.
  • Follow the prompts to create a passcode.
  • After the passcode is set, scroll down to the bottom of the screen and verify that “Data protection is enabled” is visible.

Note: Your encryption protection is only as good as the passcode; try to make this difficult to guess and keep it hidden.

You should also encrypt your backup for added security.  Check the “encrypt local backup” in iTunes if you back up to your computer.  If you back up to iCloud it is automatically encrypted, but be sure you have a really good iCloud passcode.

Maintaining your dynamic website

Guest writers: Al Morel, Carlos Ramos, and Dan Rouse of www.CommAreUs.com

Your car, house, and most things in life, take some amount of maintenance. Add to that list your website. A website can be comprised of thousands of files working with all kinds of tools and underlying code.

The days of ‘static’ websites, i.e. built with just HTML, is essentially over for most organizations. This article will speak to the steps to take when using a Content Management System, CMS, such as WordPress.

Your essential strategy is: BackupandUpdate.

Backup

This is your ‘get out of jail free’ option. Even if your website gets totally hacked, you forget to pay your hosting bill, the data center in Utah gets hit by a meteor, you should still be able to roll back and get your website back up.

With a dynamic site, it’s a little trickier because you have the site files such as the HTML and images, graphics, etc. And then there’s the database files, which in the WordPress scenario, starts at several thousand files.

The traditional method of backing up a site involves the lengthy process of manually backing up all your site’s files, exporting your database, and finally moving everything somewhere safe. There are software additions (called ‘plugins’ in the WordPress world) that will simplify this process and even automate it for you.

We add a plugin with all of our builds that lets you quickly backup, restore, and migrate a site – often times with only a single click. Most backup plugins will offer two different types of backups: full and database. Full covers all site files and the database, the database option only includes the database. The full backup is the safest bet and is generally the recommended option, however the database only backup might be more appropriate if you’re simply experimenting with settings on a plugin, or some other activity that only involves the database.

One key feature and advantage over manual backups, is that using a backup plugin allows you to set up an automatic backup schedule. For example, we recommend our clients schedule a weekly backup of the database and a monthly full backup. Manual backups can also be performed whenever needed.

In addition, most plugins have the capability to back up the site to your hosting server and to another source as well. So you can have redundant backups to a third party service such as Amazon S3.

 

Update

It is critical to schedule regular updates of your website as well. In WordPress, there are regular updates to the core code and also plugins. Your administrative interface or ‘dashboard’ will tell you when to update.

It goes without saying that no update (WordPress or Plugin) should be done before a full backup has been made.  Your dashboard will go to great lengths to tell you to backup first, so don’t ignore them! Although we haven’t seen many updates go wrong, it can happen.

Generally, we recommend to our clients that updates be applied as soon as they are available for security and stability reasons.

Once you have your backup completed, proceed to the Updates screen in the WordPress Dashboard. From here you can update WordPress, plugins and your themes. If you have an update to WordPress and plugins waiting, perform the WordPress update first, then proceed to update your plugins.

It’s worth noting that in recent WordPress releases (security and maintenance related) are installed automatically to promote better security.

 

Google’s ChromeBook – A realistic alternative to a Windows Ultrabook?

Google introduced its Chromebook in 2009; sales have increased and it can be considered a low-cost alternative to the pricier, Microsoft Windows-based Ultrabook, but Chromebooks have significant limitations.  Some also say that a Chromebook can replace a tablet, but comparison1 suggests otherwise.

Chromebooks run Chrome OS, Google’s Linux-based operating system integrated with Google’s Chrome web browser.  (Chrome was recently ranked the number one Internet browser used in the US with 31.8% of sampled traffic, followed closely by Microsoft’s Internet Explorer at 30.9%; reported by ADI, a marketing research branch of Adobe Systems.2)  As such, they are designed to be used primarily when connected to the Internet and are closely linked to Google’s Cloud-based services like Google Drive, Google Apps, etc.

Reasons to buy3 include:

  • User interface – Intuitive; easy to use and simple to navigate
  • Offline – Works best online, but supports some offline activity
  • Platform agnostic – Can access all Cloud-based data
  • Fast boot-up – Access the Internet within 8 seconds
  • Security – Google Rewards for bug notification
  • Apps – Growing application options
  • Price – Starts at just under $200

Primary disadvantages of a Chromebook:

  • Thin client that gets its best features only via an Internet connection
  • Offline mode requires setup and has severely reduced functionality
  • Fewer compatible apps and games than Windows-based devices
  • Limited connections to printers, scanners, and mobile devices
  • Low-end processor not built for intensive use

My take:  A Chromebook is a good, low-cost option under these circumstances:

  • You do not use processor-intensive applications (i.e.: games),
  • You use Google Apps for content creation and review,
  • Your data is completely based in the Cloud,
  • You do not connect to other devices, and
  • You always have access to the Internet.

Note:  Google dominates the search industry and makes its money through Google AdWords and other advertising programs.  The core emphasis of all of their efforts is to drive consumers to their advertisers.

Visit http://www.eweek.com/pc-hardware/slideshows/chrome-os-features-to-look-for-in-current-chromebook-crop.html?kc=EWKNLEDP06112014A&dni=132495452&rni=25374491 for an informative overview by Don Reisinger of eWeek.  And, visit Microsoft’s take on Chromebooks at http://www.scroogled.com.

REFERENCES

1Please see http://blog.laptopmag.com/chromebook-vs-tablet for the article “Chromebook vs. Tablet:  Which should you buy?” by Cherlynn Low of LAPTOP.

2Visit http://redmondmag.com/articles/2014/06/06/chrome-surpasses-ie.aspx for details on browser rankings from Kurt Mackie of Redmond Magazine.

3Visit http://blog.laptopmag.com/chromebook-buying-advice to review the article “Should I buy a Chromebook?” by Dann Berg of LAPTOP.

5 Facts About Malware

One of our folk compiled this brief list on malware issues:

  • Vulnerabilities in Java are the #1 exploited vulnerability.  (Java is a popular, computer-programming language used in web-based applications.)
  • One of the main causes of malware is “Drive-By Downloads” where all you have to do is browse a website or click on a website from a search engine (Google, Yahoo, Bing, etc.) and you are downloading an infection.
  • Sales, R&D, HR, and other, multi-user email-boxes are targeted by malware distributors since these recipients are the most customer-facing employees; they typically have busy mailboxes and are accustomed to receiving a lot of email and opening it.  They are also accustomed, as part of their jobs, to regularly downloading attachments (resumes, pdfs, etc.).
  • 88% of attacks are on non-government (private) entities.
  • Small businesses with less than 250 users are the most-targeted group.

Are you curious about how to avoid any of these common vulnerabilities?  A member of our staff would be more than happy to discuss the steps you can take to secure your data.

Beware CryptoLocker

We have seen a rise in CryptoLocker virus attacks; these attacks can cripple the data files on your computer and on your computer network.

CryptoLocker is a destructive, ransomware virus; once downloaded, it locates and encrypts data files, which renders them inaccessible.  CryptoLocker does not announce its presence until all data files (Microsoft Office files, PDF files, etc.) are encrypted; it then asks for payment (ransom) to unencrypt these files.  (This type of ransomware is called “cryptoviral extortion”.)

The usual virus-delivery method is via email; the email looks legitimate and includes an attachment.  Once the attachment is clicked, the virus starts and then continues until all data files are encrypted or until the computer is powered-down.

You will not be able to unencrypt these files.  There is no cure.  There is no fix.

If the infected computer is connected to a computer network, data files on other computers and/or on the server(s) may also be encrypted and made inoperable.

Although payment is demanded to unencrypt the files, it should not be sent since any type of response to these criminals could open your computer network to future attacks.  The only recommended recovery method is to restore the encrypted data files from the latest backup.

Please visit http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information for more information on CryptoLocker.

Mike Morel, Engineer at Bryley Systems, suggests adopting these practices to reduce the risk of activating the CryptoLocker virus on your computer:

  • Do not open attachments within emails from sources that look legitimate, but are unexpected.
  • If you are expecting an attachment from someone, save the attachment first (without opening it) and then scan the attachment with your malware and anti-virus scanners before opening it.
  • Backup all data files regularly.

If you discover this virus, please immediately power-down the offending computer; if it is connected to a computer server, shutdown the computer network.  Then, call Bryley Systems at 978.562.6077 and select option one for technical support.

For additional information, see our lead article “Cybercrime targets smaller organizations” from the September 2012 edition of Bryley Tips and Information at

https://www.bryley.com/news/newsletter/bryley-tips-and-information-september-2012/.

Bryley Basics: Getting you informed in 100 words or less

Tips on email attachments

Most folk send attachments with their emails; it is a quick, easy way to share a file with the email recipient.  However, attachments can have a negative impact on your computer-network infrastructure:

  • Emails saved with attachments consume storage.
  • Large attachments slow performance and may be rejected by the provider.
  • Attachments copied to a distribution list (a group of email users) are copied multiple times, once for each user, which can impact network bandwidth.

In addition, emails received with attachments should be treated cautiously, since attachments may become sources of infection.  Basic suggestions when receiving:

  • Do not open if the sender is unknown or suspect.
  • Limit total attachments to under one Gb; zip files greater than one Gb.