Network Management Group, Inc.

People and Technology Working for You

(620) 664-6000    Remote Support
  • Home
  • About
    • Who We Serve
      • Accounting Professionals
      • Financial Institutions
      • Healthcare Providers
      • Small Businesses
      • Public Sector & Education
    • Testimonials
    • Authorizations & Certifications
    • Vendors & Partner Organizations
    • Careers
    • Events
  • Services
    • Managed IT Services
      • Remote Monitoring & Management
      • Firewall Security Management
      • Cloud Computing & Virtualization
      • Email Security Management
    • Data Backup & Disaster Recovery
    • Technical Support
    • Business and IT Consulting
  • Resources
    • Helpful Links
    • Brochures / Literature
    • Forms
    • Videos
  • Contact
  • Support

Educate to Minimize Your Risk from Viruses

October 28, 2013 by webcare Leave a Comment

by Randy Johnston, Chairman – Network Management Group, Inc.

I have the pleasure of working with some really brilliant people, including technicians and accountants, in my NMGI and K2 businesses. Throughout this year, we have been warning people that virus attacks are more aggressive and invasive. These attacks are frequently delivered via email, social media such as Facebook and embedded in PDF files. The anti-virus companies are having more issues keeping their software ahead of the threats and the creators of viruses and malware are becoming smarter in their attacks. Even if your IT team or managed service provider is diligent in updating your firewalls and anti-virus signatures, your organization is still susceptible to attacks in the current environment.

Why are we so concerned about the attacks now? Haven’t viruses been around since the early 1980s? The first virus discovered in the wild was the Elk Cloner on the Apple II in 1981 and the first PC virus, Brain, was reported in 1986. Some key ideas about viruses are:

  • Viruses exploit weaknesses in operating system controls and human patterns of system use/misuse.
  • Destructive viruses are more likely to be eradicated.
  • An innovative virus may have a larger initial window to propagate before it is discovered and the “average” anti-viral product is modified to detect or eradicate it.

More important, systems can be infected and unusable during the recovery period. Viruses make attempts to hide intelligently and re-infect the systems where they have made initial entry. It may take 24, 48 or 72 hours to completely eradicate the viruses from your systems and to restore all of your files to a usable state. What will you have your team do while their computers are not working? How do teach them to be careful in the first place?

We suggest that end users attend regularly scheduled and ongoing prevention training and this training be recorded in human resources records so that there is a permanent record of training, accountability and liability. Such training should include customized basic training for your firm, especially since firms have unique virus protection strategies. An employee should sign an acknowledgment that training has been received and understood. This training record should be added to the employee’s permanent record and should occur at the completion of training. All team members of the firm should be required to attend from the janitor to the CEO/Owners.

What to do?

One of the best strategies is to schedule security training at least annually for your organization. The importance of compliance with your firm’s policies, and using your best efforts to make sure everyone has been exposed to the issues and has a chance of understanding the threats is a good use of time.

As a starting point, we are recommending teaching the following topics:

  1. Name the product being used: It is important for team members to know if your firm has GFI Vipre Antivirus, Trend Micro, AVG, Sophos, etc.  Next, train on the basics of that specific product to familiarize the end users with the protection they have been provided by their company such as:
    1. “Here is your Icon for VIPRE Antivirus” see it in the Windows tray (VIPRE is just an example – different products may be in use in your firm)
    2. Blue indicates that protection is on, active and up to date. Green indicates a scan in progress. Yellow means there is a problem with the program and to contact your IT support team immediately. Red means contact your IT support team immediately.
    3. If you do not have an icon, contact your IT support team immediately.
  2. Explain how your AV protection works: Examples of features to explain might be to explain what the firm has purchased and installed:
    1. Email gateway Antivirus
    2. Exchange Antivirus
    3. Firewall based Antivirus
    4. Desktop Antivirus products to help protect our computer network from email threats.
    5. However, this protection only works if it is enabled, up to date and employees follow these basic principles:
      1. Don’t click links in emails without determining where they go first
      2. Don’t open attachments unless you know the source of document AND were expecting to receive it
      3. When surfing websites and popup windows come up, (ALT-F4) is the proper way to close them
  3. Protect Outlook properly: Outlook has improved its virus protection and spam filtering with each version, but there are still fundamental features to consider and use:
    1. Turn off the reading pane for the Inbox
    2. Disable links for messages in the Junk Email Folder (Outlook). This should disable attachments too.Junk Email Options
  4. Ensure AV is on and current on your desktop at all times: AV is only as good as the most current signature file. Vendors frequently release updates to protection for the known threats in the world and these change hourly worldwide. Often, it can be several days or even weeks before some vendors have definitions, (the file that allows identification of the viruses) to protect from the newest threats. Our team has submitted samples to Avert Labs, ThreatTrack and Symantec for items that we could easily recognize as being a virus. It is not unusual for it to be several days, and on a couple of occasions, several weeks before the vendor released new specific definition protection for the new variant.
  5. Do not open emails that are not recognized: or any file that may have questionable business content, especially if the email has hyperlinks or attachments if you are not expecting this type of email from other sources. We frequently see spoofed emails from Intuit, Bank of America and Citibank, which I have personally seen recently as examples.
    1. These emails are very clever nowadays and often include spoofed senders (senders pretending to be someone they are not), content that seems to come from valid business senders, and my personal favorite from current times are emails from “spoofed” Intuit that contains a QuickBooks update that needs to be installed NOW to correct a program problem or improve performance. These emails have hyperlinks to an external virus payload and ZIP attachments that contain executable files which are email worms or Trojans, that is programs that hide and attach themselves to your systems causing infections. These emails actually contain images from Intuit’s website and appear very legitimate. We need users to ask themselves, did I contact Intuit support and speak with someone about a specific problem that I needed an update for? Should I be receiving unsolicited email notices from Intuit about updates when that process is managed by my IT Support team? Staff need to regularly communicate with their IT Support team before opening questionable emails or files.
    2. Even more recent, we have seen emails sent from spoofed Citibank containing valid images from Citibank’s website that linked to external virus code and included ZIP attachments containing executable files that appeared as PDF (payroll) files, but were actually executable files with subject line “Payroll processing received” and the body contained instructions to open the attached PDF file to verify the amounts of each employee’s payroll amounts. Needless to say, these emails were not sent to the Controller nor were they actually requested by anyone. However, these worms were opened because staff thought they might actually get a peek at what others in the company are getting paid. If they would have paused before opening the attachment or links and asked themselves, did I contact Citibank for payroll information or am I actually running payroll thru Citibank, then they would recognize they received a new worm email variant that their Antivirus was not protecting them from and the worm would not have been unleashed.
  6. Explain your procedures for recovery: Hopefully, you never have to recover, but if you do:
    1. Outline your reporting and shutdown procedure
    2. Have everyone stay off of their systems until given the all clear
    3. Unplug infected machines from the network.
    4. Explain how you intend to estimate the recovery time
    5. Explain what systems are likely to be made available first
  7. Consider other topics related to security: You probably don’t get your team together frequently enough. Take this opportunity to discuss other important security related matters such as:
    1. Review the firm’s acceptable use and other computer policies
    2. Encryption
    3. Protection of portable computers and removable media
    4. Properly handling USB devices from home or clients
    5. Password strength and changes
    6. Social networking site safety
    7. Security of smartphones and tablets
    8. Instant Messengers – AOL, MSN, Google Chat, ICQ
    9. Weather Bug – should not be used
    10. Personal email access from Gmail, Yahoo or Outlook.com
    11. Transferring documents to and from clients via your portal or secure email

Training is the best prevention

In summary, the best training is customized for each firm. Your staff should know how they are being protected and what the limitations of that protection are. Human Resources and IT should work together to deliver ongoing, regular training that is recorded into employee records. In between regular training sessions, IT should inform staff of high risk known threats via alerts whether that is through email, intranets or bulletin boards. There should also be training required for new employee onboarding since the next regular training might be months away and the new employee might put the entire training program at risk unless we educate them. Please use these ideas to schedule and hold a training session with your team to minimize your risk of virus infection.

Filed Under: Newsletter Tagged With: anti-virus software, Randy Johnston, security, virus protection, viruses

The perfect BYOD recipe:”Finding the balance between protecting corporate data and providing privacy”

September 16, 2013 by webcare Leave a Comment

used with permission from HP Technology at Work
by Mike Jennett, Senior Program Manager, HP Enterprise Mobility

byod recipeI was just listening to Jon Stewart interview NY Times writer Michael Moss about his new book Salt Sugar Fat and he said something that struck a chord with me. He was talking about the science of creating food and something called the “Bliss factor.” That perfect balance that will ensure that the products are a smash hit with consumers. That’s where I want to go with BYOD policy. I’ve been searching for that perfect mix of hardware, software and education that will protect my IP—yet give my consumers that rush they get when eating a Twinkie. OK, I know it’s a bit of flight-o-fancy to think that a BYOD policy can compare to a Twinkie (they are coming back!), but why not, why not venture out on that quest, at least for a little bit.

[Read more…]

Filed Under: Newsletter Tagged With: BYOD, mobile, privacy, security, smartphones, tablets

Safely Using Airport Wi-Fi

September 16, 2013 by webcare Leave a Comment

airportwifiHeading out of town to visit relatives during the Holidays is as traditional as turkey dinners, electronic gifts, mistletoe, and snowmen. But what many people do not look forward to is the hustle, bustle, and time-consuming activity of actually heading into, through, and out of airports. This year, more than ever, millions of travelers will be using the public Wi-Fi systems available at municipal and International airports around the world. You may be one of them. With your handheld device, your laptop, or your tablet computer, you’ll be checking on your flights, sending out email, or maybe even working on that report that you promised your boss by January 3rd. But how safe is the airport’s wireless security?  How do you protect yourself – and your private information – from identity theft, fraud, and other cybercrimes?

[Read more…]

Filed Under: Newsletter Tagged With: mobile, security, travel, Wi-Fi, wireless

Patch right and keep hackers out

September 16, 2013 by webcare Leave a Comment

isitsafeIn the arms race between network administrators and hackers, battles are fought over the security holes in enterprise software. Your best defence is the patches that vendors release to plug those holes.

Vendors are working to make patching easier and more trustworthy – like Microsoft and its monthly Patch Tuesday release – but you shouldn’t necessarily deploy every patch to every system in your enterprise the day it’s released. To best protect your network, you should develop a plan for patching that is based on best practices and tailored to your unique enterprise.

[Read more…]

Filed Under: Newsletter Tagged With: networking, security

Get smart about security

April 18, 2013 by webcare Leave a Comment

used with permission from HP Technology at Work

security

Congratulations, you’ve taken every step to secure data on your networks and PCs against increasingly malicious worms, Trojans and viruses. But don’t rest easy. All infrastructure elements, including printers, servers, storage, Wi-Fi networks and cloud computing are just as susceptible to surprising security threats. Forget them and your sense of security is nothing but a dream. Whether they’re criminals looking to blackmail your business, technically savvy vandals getting their kicks, revenge-minded former employees or even competitors, hackers all have one thing in common: they want to disrupt your business operations for money, other gain—or simply for fun. So, what can you do? Read on for some valuable tips to bolster your overall IT defense. Combined with regular and diligent employee training and education, these pointers can help you better spot and prevent disruptive security attacks.

Mobile dos and don’ts

More than large companies, small businesses are issuing or implementing bring-your-own device (BYOD) policies regarding smartphones, tablets and other mobile devices. The ubiquitous nature of such products can cause companies to assume that their business information safely resides on them. Wrong. Your IT department is responsible for protecting company data, regardless of where it’s housed. What to do? For one thing, businesses must set firm policies about what data are allowed on employee-owned devices. It’s also wise to weigh the relative safety of available smartphone operating systems and perhaps require data to be stored on an approved server or in the cloud.

Safe and secure storage

Servers and storage devices also present a unique set of security challenges. Denial-of-service (DoS) attacks, for example, can overload those running web applications and compromise network bandwidth, memory, CPU use and hard-disk space. Solutions like the HP ProLiant G8 servers deliver comprehensive data and client protection and security.

Working without wires

Wi-Fi networks aren’t immune from sabotage-minded attackers, either. Consider these dangers:

  • Weak personal identification numbers (PINs) allow the ability of any user to access any wireless network at will. A laptop-equipped troublemaker sitting in your parking lot might be able to hack into your important data this way.
  • Security gaps allow wireless users to snoop on each other’s networks.
  • Operating system flaws provide easy backdoor access to a single computer—or even up to an entire network.

Easy first steps to securing your network include simplifying network management, implementing clearly defined BYOD security policies and making rogue Wi-Fi access more difficult with services like HP TippingPoint networking security solutions.

Consider the cloud

True, the cloud improves server, storage and network access and is less expensive than physical systems. But with easy data-access comes serious confidentiality concerns. Careful monitoring, strict access control and encrypted data are among the best security measures, along with the use of a private, rather than a public enterprise cloud. IT infrastructure aside, simple password security is surprisingly often overlooked in developing an overall security plan. Increased password complexity, and the use of single sign-on and other technologies, is essential. Staying one step ahead of cyber criminals demands detailed development of security policies and processes. Proactive businesses that develop comprehensive security plans better ensure their own safety, integrity, reputations and bottom-line profitability.

Filed Under: Newsletter Tagged With: mobile, security, wireless

Topics

anniversary anti-virus software awards BYOD cloud Doug Elliot Ingram Micro leadership Microsoft mobile networking partners press release privacy Randy Johnston SaaS security small businesses smartphones soni mcclelland Steven Harper tablets travel virtualization viruses virus protection website Wi-Fi Windows 8 wireless

Categories

  • Announcements
  • News
  • Newsletter
  • Press Releases

Archives

  • May 2014
  • November 2013
  • October 2013
  • September 2013
  • June 2013
  • April 2013
  • February 2013

Contact Us

Network Management Group, Inc.
734 E 4th Ave
Hutchinson, KS 67501

(620) 664-6000

https://www.facebook.com/NMGI.KS/

 

Support

  • Remote Support
  • Client Access
  • Service Center

© 2023 Network Management Group, Inc.

 

Loading Comments...