Showing posts with label viruses. Show all posts
Showing posts with label viruses. Show all posts

Monday, February 8, 2016

The 2015 Annual List of the Worst Passwords

Sorry Star Wars Fans, But You Just May Need to Change your Password.

It’s that time of the year again. SplashData releases its 5th annual report of the most commonly used passwords in order to highlight the insecure password habits of Internet users.

The purpose of this list is to encourage users to become more conscience of Internet security and the threat of stolen passwords. Using weak passwords puts the user at risk for hacking and identity theft.

Here are the top 25 worst passwords that made it onto the annual list:
  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. football
  8. 1234
  9. 1234567
  10. baseball
  11. welcome
  12. 1234567890
  13. abc123
  14. 111111
  15. 1qaz2wsx
  16. dragon
  17. master
  18. monkey
  19. letmein
  20. login
  21. princess
  22. qwertyuiop
  23. solo
  24. passw0rd
  25. starwars

Numerical sequences have taken several spots on the 2015 list, along with keys that are in order on the keyboard, such as qwerty & 1qaz2wsx. Of course, pop references are always a hit and this year was about Star Wars, but even The Force can’t protect you from malware.

Longer keywords did appear, but using a longer password does not add security if the password is simple or has a detectable pattern.

The thing we want you to remember is that the list above was compiled from passwords that were compromised and leaked this past year, so they have already proven to be “hackable”.  If you would care for a downloadable PDF document with the passwords and security tips from SplashData, you can safely download it from CMS.

Tuesday, June 23, 2015

The Importance of Password Security

Passwords are everywhere.  From your Windows login to your banking software, to the online store where you purchase your "can't put down" books from; everyone wants you to log in with your special login.

But how "special" is your login?

It's simple.  We are busy people with lots to do; so to remember long, secure passwords may not be high on our priority list.  And if we have to have a different one for every site or device that requires one, then we are really in trouble.  After all, we aren't just speaking of websites, but phone apps, computer logins, email accounts, and well...you understand.  The list can be endless.


So how can we make things easier for ourselves and harder for the criminals? Let's break it down into 5 easy steps.


First, Don't Share Your Login.

As simple as it sounds, it's a very common problem.  It could be a matter of you giving your login to a best friend, or it could also be a case of 8 employees all logging into a network using the same username and password.  Either way, you're setting yourself up for disaster.

Next, Make Your Password Secure

Believe it or not, password is still one of the most commonly used passwords. It actually was the second most common password for 2014, preceded only by 123456 that came in at #1.  Others include 12345, qwerty, and letmein.  For a complete list, visit gizmodo.com.

Best password practice would recommend that your passwords are 8-12 characters long and include alpha, numeric and special characters.  Using both upper and lowercase is also good practice.  A perfect example might be: h*3Dxy8vM.

Worried about remembering your password?  There are multiple sources available for password keepers.  Just always look for one that is secure and from a reputable publisher.

Our Next Recommendation is Locking Your Desktop

This may be the easiest of them all.  If you're walking away from your desk, "Just Lock It".

In the "good ole days" when security wasn't an issue, we would leave our desktops unlocked and leave.  When we returned, we would have strange replies to emails that were sent from our account.  We always knew who the usual suspects were and it was all in fun & humor, but now, leaving your computer available for anyone's access is just not safe.  Information is more critical than ever and customer data is everywhere.  It's our job to protect both our company and our customers.

Let's Not Use the Same Password for Every Account

If someone steals your only username & password, they could access everything you own.  Many of us are guilty of using one login for everything.  When you add that to the simplicity of our passwords, we have just done a major portion of the legwork for the criminals.  Use different credentials for different sites.

Finally, Don't Use Your Username as Your Password

Again, this is done as a time-saver and for ease, but you are only making it easy for the password stealers.  Your password should be unique, only used as a password and nothing else, and only by you. 

Unfortunately, we are in a time where malware and viruses are accessible everywhere as little bots do nothing but infect networks and break passwords all day. And the sad truth is that, for some, creating these infections is a full-time job.

If you are concern about your network or how to determine where your network stands on security, contact a local IT provider, such as CMS IP Technologies in Beaumont and set up an appointment for a no-obligation network evaluation.
 

Monday, April 6, 2015

The Value of Managed IT Services

So, What is "Managed IT Services"?

We like to call it...your virtual IT department.  Imagine staffing an entire company just to be your IT support, but not having to worry about training, employees calling in sick, or any other issues with an in-house staff.  Managed IT services means that you have access to an entire technology company when you need it, staff who is watching and proactively protecting your business data and network.

Here's How Your Business Can Benefit from Managed Services.

Remote Support - Most managed services providers will offer some type of remote support. Here's your scenario....
It's the end of the month and Sally comes to work to get payroll done. She turns on her computer first thing in the morning, opens an email attachment from a "customer", and sees an alarming pop-up on her screen, warning her that her PC has been infected and to immediately click below to fix her computer.

Instead of clicking, Sally places a quick call to her IT support help desk so that her managed services support can gain remote access to her PC and verify that the popup is indeed part of the virus.  Being trained and familiar with this type of malware, they then properly remove any traces of the malware without the PC getting completely infected and Sally is able to go back to work.

If caught quickly before anything else was loaded into the PC, this call may have only taken 15-30 minutes of her time. Now, there are instances where things are worse and it does take longer, but Sally's issue was resolved without having to schedule an engineer to come out on-site, saving both money and time. After all, productivity in a business is what really matters.

Scheduling Priority - So what if Sally's PC was already infected beforehand. This may prevent IT staff from gaining remote access to her PC, because unfortunately, that is what malware does. Your IT company may offer their managed services customers a scheduling priority. Basically, your emergencies take priority over other minor IT calls from customers who may not subscribe to managed services.

Proactive Network Management - aka..."Stopping threats before they happen."

Monitoring software can help manage your network, notifying staff when your server is no longer connected to the internet or your business network.  They can also receive status updates on possible hardware failures, keeping your network running and preventing problems before they happen.

Let's not forget to include email services that not only block SPAM, but blocks malicious programs that may try to enter your network through a email link or fake attachment.  What if Sally's virus-infected fake email was blocked before entering her email client?  She would have never seen the threat.

Management of your network security through your firewalls, routers, and even your antivirus software can prevent threats from ever entering the playing field as well.

Other benefits of managed services can include:
  • Disaster recovery planning & data backup management
  • 3rd Party vendor management & assistance
  • Software updates and Microsoft patch management 
  • and more depending upon your IT company's profile

How many people would you have to staff to take care of everything mentioned above?  

Don't forget, along with salaries, there's employee benefits to include. And the larger your company network is, the larger your IT staff would need to be to properly secure it.  So just maybe using a Managed IT services provider is what your business needs. And if you're not sure, find a local IT company like CMS IP Technologies that is willing to do a free evaluation of your network.





Monday, March 17, 2014

Computer Viruses In The Workplace

Those Pesky Bugs....

Just about every office or workplace environment has experienced virus issues at some point. Sometimes it's a mild one and then sometimes it causes complete desktop or network devastation resulting in hours, days or weeks of downtime and limited productivity.

So What's the Answer?

I've been in the technology business for almost 20 years and some things never change.  There are several things that the industry has been battling for what seems like forever and it doesn't seem to get any better.  Viruses is one of them.  Others are printer repair and network backup solutions - but that's another blog post.  The truth is that there is no definitive answer for completely eliminating viruses.

As a technology company, CMS IP Technologies deals with viruses every day and we spend far too much time on removing them off infected PC's and network servers.  We sometimes have to change or create policies to protect and educate our customers as well as limit our exposure to time consuming tasks that we don't always get to bill for.  For instance, it may literally take 10 man hours (yes!  and sometimes more) to clean an infected PC.  Well, at a conservative average of $100 per hour, that's $1000 to clean a virus from a PC.  There aren't many customers that are just going to pay that without complaining and asking for relief of some sort.  Then, there are the viruses that we clean, or we think we clean, and they pop back up the next day or so and we get to start over again and then the customer feels like they shouldn't have to pay because we should have "fixed it right the first time".  It's really a no win situation.  So at CMS IP Technologies, the approach we take is to educate our customers.  It's a multi-level approach using technology best practices along with policy and usage control of company owned technology.  CMS has a proactive service offering that we call NetWatch, and compliancy is a big part of what we teach and insist upon.

Firewalls:

There has to be a sufficient level of network protection from the outside world such as a firewall from reputable manufacturers such as Cisco and SonicWall.  This is your border and it should not be taken lightly.  Your firewall should be properly configured by a trusted reputable experienced engineer that understands firewall and security best practices.  Buying a Netgear router from Best Buy and just plugging it into your network is not a solid solution and you're simply asking for trouble.

There are many things that need to be considered here.  If your a bank or credit union, you may be required to have an Intrusion Detection and Prevention solution in place.  If your a medical facility there are HIPAA laws that are in place that will need to be taken into consideration.  These are things that an experience network engineer should be familiar with.

Antivirus:

Once you have your firewall in place and your border secured, a stable antivirus solution should be implemented.  CMS in Beaumont Texas uses and recommends Viper.  We have found this to be an effective light weight solution that has minimal impact on the workstations OS environment yet offers quality protection.  Your antivirus solution should be configured to download and direct automatic updates on a daily basis and run a virus scan on all network devices at least once a week.  This should be done after work hours and a policy should be in place that all PC's should stay on during the scheduled time.

Some proactive service providers such as CMS offers this as part of the network monitoring.  In our case the cost to the customer is the same or less than it would be if they just purchased Viper or any other solution such as Symantec out right.  The biggest differences are that we can actively monitor virus activity and are better prepared if we see that a network device may become or has the potential to become compromised.  The other good thing about this is that our customers don't have to worry about their annual subscription running out.  All of that is taken care of by the service provider.

Policies & Procedures:

Last on the list is policy and procedure control.  This is probably the most important part that a company can take to minimize it's exposure to lost productivity to viruses.  Every user in the company should have a copy of the company's policy for use of company technology.  And in that document it should be very clear about usage polices.  Things such as accepted internet usage, personal software usage,  and personal email usage should be addressed.  This is critical!  Some users simply don't realize the impact that going to certain non business websites can have on the network that everyone uses.  Some users assume that they can't get a virus because the company has protection.  That's obviously not true, so you have to educate them and also put policies in place to protect them and the company.

CMS NetWatch clients get a printed Accepted Usage Policy to add to their company employee handbook that educates and outlines the accepted usage policies for the company's technology.  We require that all employee's for that company sign it and we keep a copy on file, otherwise we will not cover viruses as part of the proactive services agreement.

So, protection from viruses takes serious consideration and in summary there are three basics that should be covered.  Firewall border control, Antivirus, and company policies outlining proper use of company owned technology.  There are several other things that can tighten the screws even more, but that's another blog post.  If you questions on the information that I discussed in this blog, visit the CMS website at www.cmsiptech.com.

Subscribe to: Posts (Atom)