Archive for December, 2013

3 Security Concerns with Employee’s Personal Smartphones

Monday, December 30th, 2013

Man using a mobile phone on sofa, indoorNielsen’s recent research study on smartphone penetration reveals that 61 percent of cellphones in the U.S. are smartphones. With a smartphone in the majority’s pocket, there’s a good chance at least some of your employees are using theirs during work hours. This brings a number of troubling questions to light. Security issues abound with personal mobile devices, whether or not you allow the employees to access the network.

Virus Threats

Arconis found that more than 80 percent of employees aren’t aware of the threats to their personal devices, or the issues that using a personal device on a business network brings to their employer. If an employee device is not properly protected with anti-virus software and connects to the company network, it’s possible for viruses to attack. Training employees in the best practices of mobile security helps mitigate this problem. Create awareness to help protect the company. Another way to help avoid these issues is through mobile device management. These applications allow system administrators to monitor and manage the devices on the business network, heading off any problems as they may occur. Some MDM applications, such as the one offered by BlackBerry, also provide virtualization features so the work functions take place on apps and virtual desktops entirely separate from the main device. Blackberry’s MDM solution also covers cross-platform devices so you can offer a BYOD plan that will fit any employee’s wants or needs.

Legal Risks

It’s not simply viruses you need to worry about when employees bring their devices into the workplace. Wired reports that many legal issues stem from BYOD. If you suspect that an employee is taking pictures of prototype products, you may want to go through the phone’s gallery and the user’s personal data to determine whether or not they took unauthorized photos. However, this may run afoul of privacy laws in your area, opening you up to a major lawsuit. Consult with a lawyer about the risks and liability that surround personal device usage before taking that type of action against an employee. You should then set up a all-encompassing contract that all employees need to agree to and sign before participating in your BYOD program.

Data Theft

Some employees may want to sell off trade secrets, leak product announcements, and otherwise damage your business — especially if they are let go. In the past, this was made more difficult by having to sneak in cameras or thumb drives. These days, a smartphone can instantly upload a picture to social networks or cloud storage, giving you limited ways to deal with the problem. Keep strict policies in place over what happens in the event of data theft, whether you wish to include them in with BYOD policies or as part of your overall work environment policies. Make sure these rules apply if a device is lost or stolen as well. For high security areas, have smartphone checks where you hold all smartphones before someone enters the area.

Adobe Products

Monday, December 23rd, 2013

Adobe has several commonplace programs out that you more than likely already have on your computer. These are primarily Adobe Flash and Adobe Reader. Flash is very prevalent on the Internet, with many websites having Flash components, Flash games or advertisements, and Flash-based tool sets. Reader allows you to open and view PDFs (Portable Document Files) as well as load them online, using browsers such as Internet Explorer, Google Chrome, or Mozilla Firefox. Adobe Reader integrates into these platforms and allow you to view forms and documents on the web.

It is vital that these programs remain up to date. As of the writing of this article, December 2013, the latest version of Adobe Reader is XI (11.0.04) [Windows Vista’s last version is Adobe Reader X] and the latest version of Flash is 11.9.900.170 (for most major systems). While it’s generally okay to be a couple of minor versions behind (for example, 11.9.900.122 or so on), you still should check to make sure you’re not too far behind. One of the reasons Adobe does these updates is to patch security holes in their software so you are not vulnerable to exploits or attacks that can damage your system.

At the time of writing, the easiest way to ensure your Flash player is working (and check what version) is to go to this link: http://www.adobe.com/software/flash/about/ This website checks your version and displays it in a little information box, then there’s a chart of the most up to date versions for different operating systems and browsers. As for checking Adobe Reader, just do a Google (or your favorite search engine) search for “Test PDF” and click a couple of the links. If they load, you should be fine.

If you don’t have Flash, or need to update it, (at the time of writing) the easiest link is to just go to http://get.adobe.com/flash and for Reader – if you need it or need to update, it is similarly: http://get.adobe.com/reader .

There are fake Adobe Flash updates out on the Internet. Read the screen carefully, and you can usually tell these aren’t real. The only time you should ever receive an update automatically is from Adobe, or the Adobe product itself. (Adobe Flash, Adobe Reader, Adobe AIR – etc) These are usually windows that pop up when you turn your computer on (If you have it set to automatically search for updates, which is enabled by default) or on the bottom right of your desktop – unrelated to any Internet browser you are using. If it came up in a pop-up window or another tab, there’s a good chance it’s a virus or malware. If you see the request to update, and are not positive of your current version, download it from the adobe website: http://adobe.com or use one of the aforementioned links.

So just try to remember to check your Adobe products once in a while and don’t be fooled by a website advertisement telling you to get an update. These are some good simple steps to keeping your computer safe from attack and maintaining your PC’s health while making sure you are able to view and use common Internet resources.

Phone Scams Involving Your Computer’s Health

Friday, December 20th, 2013

I recently posted on our Facebook page about a recent development in our area of Northern Minnesota – but it’s happening everywhere as well.

A client received a phone call from a man claiming that he knew she had a Microsoft Windows computer and that it was on its way to failure – something about crashing or viruses, either way they told her that this was legitimate because they apparently had their computer’s “ID number”. For all we’re concerned this could be something like 1343GFQ032RD and it might sound legitimate to someone who is unsure all while being completely meaningless.

Regardless of what someone on the phone tells you, there is no legitimate reason why someone would be calling your phone to warn you that your computer is about to break. Not only would they have no way of knowing (without already having backdoor access to your computer – which you may want to have examined if strange events continue) but there is a 99% chance that if you do fall for their trap, you’ll be paying them to “fix” the problem – and they will instead either actually create real problems or further increase problems and then they’ll want to be paid again to “fix” the last problem.

If you get a phone call from someone who is asking or demanding money to help you with your computer PLEASE do not pay them or give them any details, or download anything they ask you to. You can do whatever you like – if you’re the kind of person who likes to toy with telemarketers then string them along and waste their time. Otherwise, just hanging up on them and/or ignoring their calls will save you from potentially being bullied into paying for illegitimate service.

Windows Live Mail, Connecting to Cold Snap-Provided Email

Friday, December 20th, 2013

Connecting To Cold Snap Technology Email

via Windows Live Mail

This tutorial will teach you how to use Windows Live Mail to connect to CST Email services. While this is focused on setting up Windows Live Mail, some of these elements are similar to other Email client programs, and services.

For a details on connecting with SSL or with Thunderbird, Outlook, or other clients please contact us.

If you have not started Windows Live Mail before, the window below will pop up automatically. If it does not, you can access it by clicking the Accounts tab across the top of the window, and then click the button labeled Email.

Adding a new email address

Adding a new email address

Step 1B

In this window,

Email address: Fill this in with your email address (in example, johndoe@mysite.com)

Password: Fill this in with the password set up or assigned to your account.

Display name for your sent messages: This can be what you like, but should be your real name.

Please make sure to checkmark the box beside Manually configure server settings.

Then click Next.

 Step 2

Incoming server information

Server type: Please select POP.

Server address: This should be mail.your-domain.com. (Your-domain to be replaced with the website you have through Cold Snap. For example, if your website is http://mysite.com, then this would be mail.mysite.com)

Port: Please type in 110, if not already present.

Do NOT checkmark Requires a secure connections (SSL).

Authenticate using: Clear text should be selected.

Logon user name: This is your full email address. (in example, johndoe@mysite.com)

Outgoing server information

Server address: This should be mail.your-domain.com, as explained in the previous section.

Port: Please type in 587.

Do NOT checkmark Requires a secure connections (SSL).

Do checkmark Requires authentication. (If you have an older version of Outlook or Outlook Express see how to enable outgoing authentication here.)

Please click Next.

Step 3

If all was well, this should be all that is required! We can check back on our main screen after clicking FinishEmail should download automatically at this point, if the account was set up correctly. Your Cold Snap provided email service should now be fully set up.