Keeping Tabs On Children’s App Purchases

by

Children today have grown up surrounded by technology their entire lives. Since before they are old enough to read they can pick up a tablet or smartphone and swipe at apps and games with ease. Modern kids have an intuitive understanding and ability with technology that older generations can barely imagine. The abundance of technology, however, comes with a price.

Easy access to any marketplace can be a double-edged sword. The convenience and ease of use is a boost to those of us needing a quick app, but accidental purchases can cause a lot of headaches. One-click online shopping was once one of the biggest dangers our bank account faced. Now, many of us carry multiple devices, each with their own marketplace and app stores.

With modern tech, mobile applications, whether on iOS or Android devices, are easier than ever to buy and download. So simple in fact, that a child could do it.

Designed to Appeal – Children love to download mobile applications that feature their favorite characters, cartoons and TV shows. Advertisements are aimed specifically for children in ways that will invite them to click a link and instantly download a game.

These games are typically free, meaning they don’t require authentication by default before downloading. A new game can be downloaded, installed, and ready to run seconds from clicking an ad.

Developers commonly use, what is known in the business as, a ‘freemium’ model. This means that the game is free to download and start, but inserts paid ‘upgrades’ designed to make the player part with cash.

Freemium Games – Upgrades to games may unlock more levels, purchase an in-game currency, or outfit a character with special attributes. Competitive online games commonly employ a strategy that gives paying players an unfair advantage over ones who don’t pay. This is often referred to as ‘pay-to-win’ and entices players to spend more to get on the same level.

Many mobile-based games are designed purely to encourage in-app purchasing. Some deliberately design a deceptive or tricky user-interface that makes it easy to miss-click or make purchases by accident.

There are regular stories in the news featuring kids spending thousands on in-app purchases for virtual characters. In some cases, children can use real-world money to buy items thinking they are spending in-game currency.

Apps to Help – Of course, it’s unfair to give all applications a lousy name. Many deserve it, but not all apps are guilty of behaving badly. There are fitness apps, productivity apps, and educational apps that can act as useful tools to help enhance your day. Children can get a lot from high-quality applications in the same way educational software for the computer can be a huge classroom boost.

Getting the most out of your phone or tablet is about keeping your device safe against applications designed merely to take your money.

Secure Your Device – The best step you can take to prevent running up enormous app bills is to disable in-app purchases on your devices. This prevents apps from being able to take funds for digital items. The process to do this is simple, takes less than 2 minutes, and can save you huge amounts.

  • On iOS: Enter the settings screen, tap on ‘General’. Then tap on ‘Restrictions’ and tap the ‘Enable restrictions’ option. Make sure to turn “In-App Purchases” off.
  • On Android: Inside the Google Play App: press the phone menu button and go to Settings. Scroll down to “User Controls”, tap on the “Set or Change Pin” option and set a pin that only you will know.
    In the “User Controls” menu check the option to “Use Pin for purchases”. Newer phones may label this pin as a password instead.

Safe Apps – With these options enabled, whether using an iOS or Android device, your phone or tablet is safe from app purchases in any hands.

SSD: Make Your Old Computer Your New Computer

by

The solid-state drive (SSD) has swiftly become the go-to upgrade to breathe new life into an ageing computer, and for good reason too. An SSD swiftly brings an old laptop or desktop up to date with modern machines in just a single step.

The price of solid-state memory has fallen dramatically in recent years. As costs have dropped, the popularity of the technology has increased exponentially. At one time an SSD was a rare treat for serious PC enthusiasts, now it’s cheaper and more readily available than ever. No other single solution is as cost-effective, quick to swap, and impressively effective as swapping out an old hard drive in favor of the faster and more modern SSD.

Out with The Old

The hard disk drive (HDD) is a technology that dates back as far as the 1950s. They became the default solution all PCs would use for decades to come. Most old laptop and desktop machines still contain their original, worn hard drives they left the factory with.

The HDD was a mostly mechanical device. Inside a solid outer casing was a series of spinning disks arranged in a delicate stack known as a platter. Each disk could read and save data using a tiny needle moving across the disk’s surface.

The technology looked and worked much like a miniature record player. Like a record player, widely in use at the time that hard drives were developed, the hard drive had some serious drawbacks in their use.

The series of tiny disks and needles that made up the HDD were incredibly fragile. Vulnerable to dust or movement, computers commonly succumbed to hard drive failures that rendered the machine and its stored data unusable. Occasionally, simply moving a laptop while reading or writing data can damage a hard drive’s spinning disk.

In with The New

The primary reason to switch to a more modern SSD, on top of their impressive durability, is the incredible increase in speed. The SSD has no moving parts at all, working more like a digital camera memory card than a vinyl record player.

An SSD simply makes the process of retrieving and saving data to storage many times faster. Eliminating the mechanical component, removing the need to move a physical disk, and not needing to physically pick up the data means a much faster and smoother operation.

Computer startup, where the operating system loads all its data from storage, can take as little as one-quarter of the time of a comparable HDD. Additionally, loading regular applications and data from an SSD takes a fraction of time of an HDD.

An SSD completely breathes new life into an old machine. Computers with an SSD replacement for the hard drive feel like using an entirely new machine for a fraction of the cost.

Replacing the main mechanical component additionally eliminates wear and tear working to break down your machine. While an HDD slows over time, degrades, and can eventually suffer mechanical failure; an SSD remains as durable as the day it was purchased.

Ideal Laptop Upgrade

In a laptop setting, the SSD makes complete sense. They require less power than older hard drives, making the most of your battery charge.

In addition, not needing a large disk platter, mechanical parts, or protective outer case means they are about half the weight of a mechanical drive. Making an old machine lightweight brings it another step closer to a modern machine.

They run almost silently too. The familiar click-clack of the hard drive inside a laptop is a thing of the past. Many users comment on the noise their laptop used to make starting up and loading programs. Noisy laptops are a tech throwback we’re happy to leave behind.

For many who feel like their old laptop or desktop is showing its age, the prohibitive cost of purchasing a whole new machine keeps them invested in their old one. A simple, fast SSD upgrade can make your old machine new again at a much smaller price. If swapping long startups, and slow load times sounds right for you, consider upgrading to an SSD. You won’t look back.

Give us a call at (515)422-1995, and we can give your machine a new lease on life.

Remote IT Will Create Tech That Works for You

by

There are few things as frustrating as IT issues getting in the way of your work. Even the simplest of problems can break your flow, ruin your productivity, and waste your time. IT should be working to boost your day instead of slowing you down.

Tripping up on a computer glitch can happen at any moment. Working to fix one can take hours. You might try a few steps that have worked before, ask a colleague for help, or try a web search to see what turns up. All of these take time from you or your colleagues, and often make the original problem worse.

When you outsource your help desk, your IT problems become our IT problems. We take charge of righting the ship to keep your tech on the right track.

Setting Up Your Business for Success

Many businesses try a break/fix model to deal with IT issues. This means waiting for problems to happen before contacting IT to resolve them. Break/fix adds costs and downtime to every IT issue as they happen. To us, this makes it an unacceptable long-term solution for business.

The process of scheduling a mutually suitable time to visit, diagnosing the issue, and resolving every issue on a case-by-case basis is massively time-consuming. Both IT technicians and in-house staff waste productive hours dealing with, often trivial, problems.

We think that time could be better spent building your business instead.

Your Personal Help Desk

When you outsource your IT help desk, you get a custom service dedicated to resolving your issues fast. Technicians with the knowledge and experience of years in IT can work without creating new problems or making the original issue worse. In modern IT, knowledge and experience is the key to successful solutions.

Many of the issues we resolve on a day-to-day basis are problems we have seen many times before on many different systems. IT is our business, and we know it very well.

How Outsourced IT Works For You

Outsourcing your IT means simply submitting a ticket to have issues taken care of. Having your own help desk to rely on means having help available exactly when you need it. Waiting on a local firm, or nearby technician to become available should be a thing of the past.

Queueing for an ‘advisor’, waiting on hold, and spelling out your problem over and over again is no fun for anyone. There should be better ways your time can be spent. There are certainly many ways firms can benefit more from ours.

Submitting an electronic ticket to resolve your issue is an easy, one step, process. Detail the problem once, email the ticket, and you can return to your work. We’ll call you back to work on a solution when the timing best works for you.

Managing Problems Remotely

To resolve system issues, diagnose, update, or maintain systems, we often log in remotely and take ownership of the problem personally. We’ve found there is little advantage to wasting time asking staff to find menus, click on links, and tell us what they see. We get straight to the heart of the problem and fix it there and then.

Problems that tie up one or more machines for a long time can be scheduled for out-of-hours, holiday, or weekend fixes. Large, system-wide updates or upgrades can be done remotely when they won’t get in the way.

For staff, updates appear to happen without anyone around to see them. You would be forgiven for thinking the IT is fixing itself.

Our golden rule is to make sure IT works for you, not the other way round. If you are wasting staff hours on hold, arranging meetings just for your tech, or structuring your day around simple problem solving, your firm could be upgraded in a flash.

Call us at (515)422-1995 or just submit a ticket and we’ll sort out the rest.

Preparing Your Business Tech to Start the New Year

by

The start of a new year is a challenging time for businesses. It can be a good time to reflect on the wins and losses of the previous twelve months. It’s also an excellent time to take stock and evaluate what your business needs to go forward.

IT demands move at a staggering speed, meaning last year’s tech may not fit next year’s needs.

The new year can bring major change to both the business and the environment it operates in. Regulations, contract terms, and seasonal spending habits mean that adaptations have to be made for continued growth.

A smart business knows how and where to incorporate flexibility to win more business and adapt to a new environment. As we move into the new year, there are fundamental questions we should ask about our IT to ensure we are ready to tackle the next twelve months too.

Is Your Hardware Still Up to The Task?

Businesses are often challenged by their client’s demand for files that seem to continually increase in size and resolution. The storage needed to handle, use, and archive these enormous files appears to grow at a near exponential rate.

Every device today is capable of capturing more data at a higher resolution than ever before. Huge data needs have become the new standard.

The expectation of bigger and bigger data is only set to continue as we progress into another new year. Many clients expect, or demand, exceptional quality from professional services and with a fast turnaround time too.

These competing demands put as much strain on network hardware and computing power as they do physical storage. One of the most important things a business can do when reviewing IT demands is to ensure there are no bottlenecks in the productivity pipeline.

Is Your Backup Reliable and Ready?

Almost every business in the modern day has learned enough to put a backup in place. Whether simply transferring files manually to USB storage, copying documents over to a local server, or saving media to the cloud. However, not every business is testing their backups. Fewer still are testing them reliably.

A backup is only as good as what we know can be reliably restored from it. Cases have emerged where big-name firms had famously believed they were backing up successfully for months or years, only to find out their backup was failing when they really needed it.

Whether impacted by missing assets, unable to transfer files, or affected by corrupt data, an untested backup may be as useful as not having any backup at all. A critical goal for the safety and reliability of any business should be to have dependable backups that are tested at regular intervals.

Is Your Compliance Still Up to Date?

Nearly every business in the world has compliance and regulations standards it must adhere to if it is to keep its position in the marketplace. These may be industry specific such as medical or automotive certifications, or regional protections such as data protection regulations.

Requirements for each of these areas change regularly. It is up to each firm to keep on top of both changes to rules and changes to the firm which may impact them.

Changing IT can often impact certifications in a big way. Many feature rules which affect storage, processing, or altering the way in which data is used; it’s essential to check your usage against strict requirements relevant to your business.

While time-consuming and difficult, these checks require a strong knowledge of both the rules and your IT system. The penalties for failure can be severe and crippling. It is a critical area of the firm you can’t afford to get wrong.

If you are looking to boost your business in the new year, check up on your systems and technology, or dust up your certifications to the latest standard: there’s never a better time than now.

Give us a call at (515)422-1995 to get your new year off to a flying start.

5 New Year’s Resolutions for Your Computer

by

Running the Best Security Software

Most computers today run at least some form of basic antivirus. In the modern day however, threats have evolved to be more sophisticated, more damaging, and much more common. Ransomware, malware, phishing, and zero-day attacks all work to attack unpatched systems without strong security.

Today, to keep up with increasing threats, you need a complete internet security package. A layered system means more than just virus scanning. A comprehensive security package includes prevention, detection, firewall and system monitoring at a minimum. These layers work together to provide security many times stronger than a stand-alone system.

Reliable, up-to-date, security keeps you safe online. It’s a resolution you simply can’t afford to skip.

Clean Up Files

Cleaning up unnecessary files is the number one way to gain additional storage space on a typical device. It’s cost-effective without any extra hardware purchases too.

Almost all computers have files hanging around from old software, data or applications they no longer need. Just like tidying the spare room or de-cluttering the kitchen, clearing files off your desktop and organizing your emails will leave your computer feeling refreshed and new again.

Restart Your Computer

Fully shutting down a computer and rebooting can take time. When you are watching the clock, waiting to start a task or get work done, it can feel like an eternity. Most of us enjoy simply opening the lid or powering on the screen to have everything ready to run.

At times, a computer may not be fully restarted in weeks or even months. Our poor habits can cause issues with running software and the operating system too. Hardware updates, security patches, and critical updates often wait for a reboot before they install. Waiting too long can leave security flaws open and the system vulnerable to attack.

Merely performing a reboot every once in a while can secure your system and help get rid of software problems. Often updates prevent new issues from cropping up too.

Use A Password Manager

Hacks of large institutions and popular websites are frequently in the news today. Almost every month a major service reveals they have been hacked, their database compromised, and their customer credentials have been stolen.

For this reason, it is very unwise to use the same password to access multiple websites. This can be a challenge for many. It’s clearly impossible to remember a unique and secure password for every site you visit. We recommend using a password manager that can store and recall your passwords for you.

A good password manager relies on just one, very secure, remembered password to safeguard an encrypted database of all your login credentials. The password database is often stored in the cloud for access from all your necessary devices. A manager can typically assist in creating a strong, secure password for each of your accounts too.

Using a good password manager and unique password for every site protects you against the attacks commonly in the news. Hacks compromising major services from your providers will be powerless against directly affecting your other accounts and services.

Keep Your Computer Away from Dust

Dust, hair, and household debris are one of the major causes of premature death for computers. Fans, used to cool components, suck in house dust as well as the air they need. This dust often clogs up the inside of the device and overheats internal components.

If possible, keep a tower PC off the carpet, don’t run your laptop sitting on the floor, blanket, or soft furnishings. Cleaning out your device is as good a resolution as any, and there’s never a better time than now.

For a little help sticking to your digital new year resolutions and starting off on the right foot, give us a call today at (515)422-1995.

Why 2-Factor Authentication is Important

by

You hear about hacks all the time. The news covers major websites who have had data leaks containing your email and password. Computers get infected and capture your login details for bank accounts and credit cards. In the worst cases, identity theft occurs because it is an easy crime to commit with a high reward.

In 2020, the passwords you used to trust to keep the bad guys out of your accounts are not enough anymore. Cyber attackers now use methods such as phishing, pharming, and keylogging to steal your password. Some have the power to test billions of password combinations to brute-force their way into your accounts.

If you’re like the majority of people, you use the same password for several websites. That means anybody who has that password has access to everything you’ve logged into with it. In a time when it is extremely easy to look up what a person named their first pet or high school mascot, security questions aren’t much help.

Consider how a jewelry store operates. They don’t simply keep their valuables locked away with one key. There are alarms ready to be triggered, motion detectors, and sometimes even bars on the windows. Your data is valuable, just like jewelry. You need more than one line of defense to protect it.

In the computer world, your second line of defense (after your username and password combination) is called “2-factor authentication” (2FA). Sometimes it is also referred to as multiple-step or multi-factor verification (MFA), 2-factor authentication is a way to double check a person’s identity by proving you have something like a cell phone or fob. This can be enabled every time a person logs in or just under certain circumstances. For example, signing in from a new device or different country might trigger a 2-factor authentication prompt.

Many of the services you may already use, such as Facebook, Gmail, Xero Accounting, and more, have 2-factor authentication options available. If your bank has ever sent you a special code through text or email to enter before logging in, you’ve already used a type of 2-factor authentication. They can also be in the form of a smartphone app or a physical electronic dongle.

2-factor authentication is absolutely crucial for online banking, email, and online shopping such as Amazon or PayPal. It’s also a must-have for cloud storage accounts (like Dropbox or Sync), password managers, communications apps, and productivity apps. This is especially true if you frequently use the same passwords for different websites and apps.

Some may consider 2-factor authentication unnecessary for social networks, but these are actually very important to keep safe. For ease, a lot of websites and apps allow you to sign up through your Facebook or Twitter account. You need to keep these networks safe so that somebody with your password can’t suddenly get into every account you have linked.

The point of using 2-factor authentication is to make hackers’ lives harder and prevent them from getting into your accounts. If they have captured your login username and password, they still need a second device to get in, especially when the computer or phone they are using has never logged into your account before. This makes it significantly more difficult for anybody to breach your account.

Plus, if you receive a notification with a special code to enter for logging in, and you weren’t trying to log into that account, you have a good signal that somebody else was trying to get in. That means it’s time to change that password and be grateful you had 2-factor authentication.

It’s unfortunate that there is currently an abundance of skilled hackers ready to take advantage of those unprepared. Luckily, you can still stop them -even if they have your login information at hand. 2-factor authentication is one of the easiest methods to keep your accounts safe.

Give us a call at (515) 422-1995 to help secure your business and accounts.

Can Private Browsing Protect You Online?

by

Maintaining your privacy while using the internet has become more challenging over the years. The recent Facebook privacy scandal made that abundantly clear, with users shocked at how much information had been recorded about them. While it’s almost impossible to enjoy the internet and leave zero digital footprints, there are things you can do to hide your online activities – some more effective than others.

1. Get a virtual private network (VPN) VPNs aren’t just for business and downloaders now, they’ve gone mainstream. Once set up, it creates an encrypted connection from your computer to the VPN providers computer. The other computer could be in another city or another country. When you visit a website, it can only see the VPN computer – not yours. You essentially run around the internet pretending to be another computer, in another location. Since your connection is encrypted, even your ISP can’t see what you’re doing online, making your usage anonymous.

The downsides: Because your internet usage has to route through another computer first, your browsing and download speed could be affected. They can be tricky to set up and not all VPNs offer the same privacy levels (the better ones tend to be more expensive). Some websites may even block visits from people using VPNs, so you may end up switching it on/off as required.

2. Go incognito Most browsers have a private browsing mode, each called something different. For example, Google Chrome calls it ‘incognito’, Microsoft calls it ‘InPrivate’. Before you take the name at face value, it’s a good idea to talk about how they define ‘private’. Unlike a VPN where you can dance around the internet anonymously, private browsing simply means it won’t show up in your browser history, or what you entered into forms. This feature is free, so you always have the option to use it, and it’s actually more helpful than you might think. Common uses include price shopping to reset sale timers and access local-only pricing and overriding usage limits on certain sites. Some sites use cookies to control your free trials and private browsing can help you get around that. For example, some news sites limit you to 5 free articles a month unless you pay. Private browsing can extend that trial quite easily!

The downsides: It can’t pre-fill saved passwords and it won’t help you type in the website name even if you’ve been there before.

3. Think about who’s watching While you might be naturally careful when using a public computer have you thought about who’s watching what you do on your work computer? Some workplaces have employee monitoring software that tracks all sorts of data, including taking screenshots of your desktop. It helps them create rules about computer usage but it may also provide them with evidence you’ve been breaking those rules. Stepping out to the internet cafe can be even more risky, as people can install keyloggers that record every keystroke, including your credit card numbers and logins. You’ll never know your activities are being recorded, even if you use private browsing.

The downsides: None. Awareness of the risks and the possibility of being watched ensures you’re more likely to use the internet safely.

While private browsing can help keep your internet usage under wraps, it’s not a magic bullet to cover all possibilities. Many people believe they’re invisible AND invulnerable while private browsing, a mistake they end up paying for. You’ll still need solid anti-virus and password habits to protect against threat, and to be a smart internet user who avoids suspect websites. Consider the options above as privacy-enhancing measures, not one-stop solutions.

Need help with your online privacy? Give us a call at 515-422-1995.

More Than A Virus, Common Malware to Watch Out For

by

The term “virus” is often used to describe many different types of infection a computer might have. Virus, when used as a blanket term, can describe any number of potential computer programs. What these programs have in common are they are typically designed to cause damage, steal data, or spread across the network.

Malware describes software designed to act maliciously on a personal computer. The name ‘malware’ is a shorthand for ‘malicious software’ and describes exactly what it is. A computer virus is a single type of malware that can cause harm to your PC, but it is only one of many.

Adware

Short for advertising-supported software, adware is a type of malware that delivers advertisements to your computer. These advertisements are often intrusive, irritating, and often designed to trick you into clicking something you don’t want. A common example of malware is pop-up ads that appear on many websites and mobile applications.

Adware often comes bundled with “free” versions of software that uses these intrusive advertising to make up costs. Commonly it is installed without the user’s knowledge and made excessively difficult to remove.

Spyware

Spyware is designed to spy on the user’s activity without their knowledge or consent. Often installed in the background, spyware can collect keyboard input, harvest data from the computer, monitor web activity and more.

Spyware typically requires installation to the computer. This is commonly done by tricking users into installing spyware themselves instead of the software or application that they thought they were getting. Victims of spyware are often be completely unaware of its presence until the data stolen is acted on in the form of fraudulent bank transactions or stolen online accounts.

Virus

In technical terms a computer virus is a form of malware that is installed inadvertently, causing damage to the user. A typical virus may install a keylogger to capture passwords, logins, and bank information from the keyboard. It might steal data, interrupt programs, and cause the computer to crash.

Modern virus programs commonly use your computers processing power and internet bandwidth to perform tasks remotely for hackers. The first sign of this can be when the computer sounds like it is doing a lot of work when no programs should be running. A computer virus is often spread through installing unknown software or downloading attachments that contain more than they seem.

Ransomware

A particularly malicious variety of malware, known as ransomware, prevents the user from accessing their own files until a ransom is paid. Files within the system are often encrypted with a password that won’t be revealed to the user until the full ransom is paid.

Instead of accessing the computer as normal, the user is presented with a screen which details the contact and payment information required to access their data again.

Ransomware is typically downloaded through malicious file attachments, email, or a vulnerability in the computer system.

Worm

Among the most common type of malware today is the computer worm. Worms spread across computer networks by exploiting vulnerabilities within the operating system. Often these programs cause harm to their host networks by consuming large amounts of network bandwidth, overloading computers, and using up all the available resources.

One of the key differences between worms and a regular virus is its ability to make copies of itself and spread independently. A virus must rely on human activity to run a program or open a malicious attachment; worms can simply spread over the network without human intervention.

If you would like us to make sure your systems stay safe from malware, give us a call at (505)422-1995

Protecting A Business from Internal Threats

by

When considering IT threats to your business many articles focus on hackers, viruses, and attacks from external threats. These dangers are real, constant, and easily identifiable. In many cases, however, the largest threat to a firm comes from inside the business itself.

People inside the firm often pose the largest single threat to systems and security. These individuals often have trusted access and a detailed working knowledge of the organization from the inside. Employees therefore deserve the largest security consideration when designing a safe business system.

It is important to first distinguish the type of dangerous employee we want to defend against. We’re not talking about an otherwise model employee accidentally opening a malicious email or attachment. Rather, a disgruntled employee seeking to do damage to your business. An employee who may wish to destroy services or steal clients and files from your firm.

Security Policy

Some firms, particularly young businesses, grant employees system-wide permissions from day one. This can make administration appear simple, preventing further IT requests in future. Granting system-wide access is an inherently risky strategy.

Private information relating to the business should be restricted access information. Many types of files need to remain confidential, often as a legal requirement. Human resource files, salary information, and employee documents should be limited to only a select few employees. Yet, businesses often keep confidential information in public places on the network.

Granting system-wide read and write access can appear to save time short term. It is, however, a security policy which only serves to cause security, administration, and potentially legal troubles in the future.

The Principle of Least Privilege

The principle of least privilege is a vital tool, helping you to handle internal IT security. It defines a security policy which ensures staff can access only the resources, systems and data they require to carry out their job.

The policy protects the business from many different types of threat in day-to-day operations. Even where malicious attachments have been opened by accident, the damage is limited only to the work area of a single employee. This results in contained damage, less time needed to restore from backup, and drastically reduced downtime for the firm.

Along with limiting accidental damage, malicious employees looking to destroy or steal data are limited too. With restricted access, an employee with a grudge or profit motivation can only damage or steal from their own area of operation. This helps to ensure that no single employee can damage the entire firm’s operations.

Security Policy In Practice

A member of staff within Human Resources, for example, may have read and write access to the employee database. This will likely include payroll information and sensitive data. This same member of staff would have no need to access sensitive client data, such as sales information, in normal working conditions.

Likewise, a staff member from the sales department should have no need for accessing sensitive HR records.

Using the principle of least privilege, each employee may only have full access to systems that are directly related to their role. Similarly, some systems may be visible to a wider group of staff members even if they can only be edited or removed by one or two people.

In some cases, a security policy may be defined by even finer details than a person’s role within the organization. An HR employee should not be able to edit their own file to change salary information for example. An employee file might only be edited by their superiors in such a case.

Additional parameters can be used to assign privileges to enable the business hierarchy to work within the IT network. Seniority, physical location, and time are all examples of factors that can restrict access to critical systems and secure data.

We can tailor your network to your business, locking down your data to ensure data is only accessed on an “as needed” basis. Call us at (515)422-1995 now.

Protect Your Firm Against Zero-Day Attacks

by

Protecting your business against the latest IT threats should always be a top priority. Updating antivirus and patching your operating system is a great way to start. What happens, however, when a threat appears at your door before security firms have had a chance to catch it?

A security threat that exploits a previously undiscovered vulnerability in the computer is known as a zero-day threat. The name “zero-day” is designed to imply how long since the vulnerability was discovered. The term also indicates that system developers have had zero days to fix it.

A newly discovered attack might be packaged into a computer virus or worm. This will allow it to spread far and wide while inflicting the maximum amount of damage possible. When spread successfully, a new exploit has the potential to reach hundreds of thousands of computers before an operating system or anti-virus update can even be issued.

There are a number of ways we can protect your business or lessen the damage from a zero-day attack.

Preventative security

The number one way to mitigate the damage from any attack to your system is to prevent it from happening in the first place. Maintaining a good firewall and up-to-date antivirus is the best step you can take to ensure the security of your system.

A firewall, monitoring traffic in and out of your network, reduces unauthorised entry over the network. Even without knowing the exact nature of the attack, suspicious activity travelling in and out of the system can be stopped.

The same is true of modern Antivirus. Even when it can not identify the specific zero-day threat from its virus database; it can often identify malicious intent from learned behaviour in the system.

A Locked Down Network

Should a zero-day threat make it into your network, our next goal should be to limit its effects. By restricting user access to only essential files and systems we can limit the damage done to the smallest number of systems. Good security policy dictates that each account should only have full access to the systems needed to complete the user’s job. For example, users from the accounts department shouldn’t have access to sales department databases.

In this way, the damage of a single compromised account is limited to only the network area it operates in. Such limited impact should be easy to control and can be reversed with regular backups.

Good Data backup

Whether your entire network has been exploited or only a small area has been affected; good data backups are your protection against major lasting damage. Having a good backup means having the procedures in place to both create regular backup copies and make sure they can be restored at a later date.

Reliable and well-tested backups are worth their weight in gold. Knowing your data is safe and your system can be recovered is peace of mind against even the most highly destructive zero-day attacks.

Intrusion Protection

While the precise methods of a zero-day exploit can’t be known in advance, a network intrusion protection system (NIPS) can monitor the firms’ network for unusual activity.

The advantage of NIPS over a traditional antivirus only system is it does not rely on checking software against a known database of threats. This means it does not need updates or patches to learn about the latest attacks. NIPS works by monitoring the day-to-day patterns of network activity across the network.

When traffic or events far out of the ordinary are detected action can be taken to alert system administrators and lock down the firewall. Devices such as USB drives and mobile devices can all introduce threats to the network. They can often make it past the firewall because they are physically introduced to the system.

NIPS protects against threats introduced to the network from both external and internal sources.

Full Cover Protection

Used in combination these techniques can prevent, protect, and mitigate against the kinds of threats that even the top security firms haven’t patched yet. We think it’s important to keep your firm secure whatever it might come up against in the future.

If you could use help protect your business against online threats, give us a call today at (515)422-1995.

Click to see our BBB Report

VISIT US