ZR Systems Blog

Windows is perhaps the most common workplace computing tool, and hackers have been trying for decades to uncover holes in its security. In some cases, like with unsupported operating systems, they’ve succeeded. However, Microsoft’s latest addition to their OS family, Windows 10, seems to have exceptionally potent built-in security measures, many of which have the hackers at the Black Hat conference scratching their heads and scrambling to find threats to talk about.

If you panic in the event of a hacking attack, imagine how the National Security Agency (NSA) feels knowing that some of its exploits are for sale on the black market. While there isn’t any proof that the NSA has been breached, there’s evidence to suspect that their exploits are available for purchase on the black market. This means that a willing hacker could get their hands on government-grade hacking tools--a dangerous concept.

After implementing their current infrastructure for almost a decade, the U.S. Department of Education have plans to upgrade, directing their attention toward ensuring that the new initiative keeps mobile capabilities as a high priority.

There’s an ongoing debate concerning whether the United States Constitution gives the American government the right to access data held on electronic devices by its citizens. In case they didn’t make themselves heard clearly enough, the director of the FBI, James Comey, has released a statement at Symantec’s Annual Government Symposium. You might not like his answer.

Commuting to and from the office is a regular occurrence all over the world. In the United States alone, according to the U.S. Census Bureau, the average commute for the everyday worker is around 25 minutes. Even if this commute is necessary, it could be holding your business back from achieving its full potential.

Sitting at a desk all day is probably the worst thing you can do for your health. The average office worker sits for 9.7 hours each day and after one hour of sitting the production of enzymes that burn fat declines by as much as 90 percent, significantly slowing metabolism. Then there’s ongoing back pain and eye strain. What’s the modern office worker to do?

In a recent hack attack, Twitter had 33 million user login credentials stolen. This is unfortunate, but not surprising; an incident like this routinely makes the headlines. Although, what is surprising is what this hack reveals about people’s poor password security habits.

It’s well-known that publishers are a major component of an author sharing their work with the world, but recent innovations threaten to disrupt the status quo of the industry. Like many industries, the publishing industry has been changed significantly by the introduction of new technologies that afford writers more liberty when producing their work. What can the business owner learn from these changes?

Microsoft has been looking to cover more ground in the business environment by offering a new Technology as a Service (TaaS) offering, which will allow small businesses to purchase Surface products, accessories, and support for their devices, all with a monthly payment plan. Also, when it comes time to upgrade, customers can easily make the switch, as per their lease agreement.

In a world where mobility is king, it can be challenging at best to implement new solutions without first taking into account how they can affect your business’s mobility. Especially with the cloud gaining ground, companies have their eyes on mobility and the requisite security, hoping to achieve greater flexibility and profitability by doing so.

A vulnerability has been discovered that affects all versions of Microsoft’s Windows operating system, including the long-unsupported Windows XP, going all the way back to Windows 95. The vulnerability, called BadTunnel, allows attackers to directly bypass system defenses and initiate a man-in-the-middle attack. The vulnerability isn’t limited to just Windows, either; it also affects Internet Explorer, Edge, and other Microsoft software.

File storage is a staple in the office, and chances are that even your work desktop is jam-packed with files and folders that could use a bit of sorting. This might include moving all of your files to different locations, but you don’t have to move each one individually. We’ll go over the many different ways that you can move files, many of which can save you considerable time and effort.

“What’re you in for?” a prison inmate asks. “I shared my Netflix password with my sister,” you say. This conversation might be absurd, but according to a recent ruling in accordance with the Computer Fraud and Abuse Act, it’s one that could actually happen. Now, sharing your Netflix password to let someone catch up on their favorite TV show can be considered a federal offense.

One of the main ways to keep an account’s credentials secure is by changing them consistently. However, we ran across an article recently that plays “devil’s advocate” on the password security issue, and they made some fair points about how changing passwords too frequently can lead to decreased security as a whole.

There’s a new augmented reality game on the market these days. Perhaps you’ve heard of it - a title called Pokemon Go, which lets you capture virtual monsters that “appear” on your smartphone’s camera. However, hackers have seized this opportunity to infect players’ mobile devices with a backdoor called DroidJack, which uses the mobile app’s immense popularity to its advantage.

Working remotely is made much easier thanks to today’s modern technology solutions. Many organizations have at least part of their workforce working remotely, but without the proper support, remote work wouldn’t be possible. With the latest technology and a couple of best practices, the remote worker can be just as productive, if not more so, than the in-house worker.

Businesses need to take security into account and make it a priority. In fact, security is so important that Verizon has compiled a report of the various types of attacks and data breaches that occurred in the past year. This is Verizon’s Data Breach Investigations Report, or DBIR, and it offers insights into how you can protect your business and secure your assets.

Microsoft recently issued security patches to fix 27 vulnerabilities, many of which are critical in nature. The vulnerabilities are significant and popular titles are affected like Windows, Microsoft Office, Internet Explorer, and the new Edge browser. Microsoft users that ignore these security patches are putting their system at unnecessary risk.

Not that long ago, the trading floor of the New York Stock Exchange was filled with business-tie clad gladiators, climbing over each other in what looked like a capitalism-induced mosh pit. The Open outcry pit had its language, its own weather, its own smell. Nowadays, these pits are more subdued. They still are populated with people, and some are gesturing to buy and sell, but most of the transactions are done digitally. It is this role where the computer has changed the way financial markets work; from the ground up.

If you’re like every other small business out there, you know that the more employees you hire, the more technology that you have to procure. However, when you have more end-users, you provide more avenues for threats to slip into your network infrastructure unnoticed. When all it takes is one simple mistake from a single end-user, how can you minimize the chances of falling victim to an untimely hacking attack?

We’ve put together ten honest mistakes that any end-user can make, and how they can be prevented.

• Clicking on malicious links: With so much information on the Internet, it’s easy for an employee to search through countless pages without any regard to the sites and links that they’re clicking on. You need to emphasize the importance of safe browsing, including double-checking the destination of a link before clicking on it. You can do so by hovering over the link and looking in the bottom-left corner of your browser.
• Using weak passwords: Employees frequently use passwords that aren’t strong enough to keep hackers out. Often times, they’ll simply use something of personal significance, like the name of their pet or a specific date. This isn’t the right way to approach password security. Instead, users should attempt to put together passwords that are private, randomized strings of numbers, letters, and symbols.
• Ignoring mobile security: Even if your company has the latest and greatest security solutions installed on its desktops, you should also be thinking of your mobile devices, like smartphones and tablets. It’s arguably more important that your mobile devices have solid security solutions implemented on them, as they are often on the road, connecting to potentially dangerous hotspots. You need to make sure that security is a top priority in your Bring Your Own Device (BYOD) policy.
• Accessing sensitive data through unsecured connections: If your employees are using the local café’s free wireless Internet to get some work done on their lunch break, it could be a dangerous gambit. Public Wi-Fi hotspots are notorious for being cesspools of online threats. Implementing a virtual private network (VPN) can be a handy investment that can encrypt data while it’s in transit, mitigating this risk somewhat.
• Losing unencrypted devices: It’s not unheard of for an employee to use company devices in public places. If they accidentally leave their smartphone on the bus, or their tablet on a park bench, there’s always the risk that it can be stolen. Unless you practice proper encryption protocol, any information available on the device can be accessed by the person who finds it, be it a good samaritan or a tech-savvy thief.
• Implementing unapproved solutions: Some employees simply prefer to use solutions that aren’t provided by the company to get their work done. The problem here is that the employee is moving forward without consulting IT about it, and that your data is being used in a solution that you can’t control. Plus, if the employee is using free or open-source software, these often come bundled with unwanted malware that can put your data in even greater peril.
• Targeted business email scams: Phishing and spear-phishing attacks are growing more common. One example of this is an HR employee checking their inbox to find what looks like a job application or employment inquiry. All of the right information is there and nothing appears out of the ordinary; that is, until a malicious link contained within it starts to download malware or other nasty threats to your infrastructure. Other types of phishing attacks will ask end-users to confirm personally identifiable information or sensitive account credentials. Educating your team on how best to identify phony email messages is imperative to keeping your network secure.
• Personal email use: It’s one thing to check your personal email account while at work, but another entirely to use your personal email account to perform work purposes. As the recent debacle with Hillary Clinton shows, people don’t take kindly to sensitive information being leaked via an unsecured email server that their organization has no control over. Add in the fact that personal email accounts are often not as secure as those in a professional productivity suite, and you have a recipe for disaster. You need to reinforce that your team should keep their work and personal email separate.
• Leaving workstations unattended: Besides the fact that some tech-savvy employees are practical jokers, it’s a security risk to leave a workstation unlocked and unattended for long periods of time. Imagine if someone from outside of your organization walked into your office and accessed confidential files without authorization; that’s on the employee who got up and left the device unattended. Encourage your employees to always log off of their workstations, or at least lock them, before stepping away from their computer.
• Using external storage devices: Your organization should only be using IT-provided USB devices and external storage. Otherwise, anyone with a random flash drive can connect it to your network, unleashing a horde of who-knows-what into your infrastructure.

User error is a primary cause for concern among businesses, but it can be mostly avoided by providing your staff with the training required to do their jobs properly. For more information about IT best practices, give us a call at (808) 369-1000.