Wednesday, August 25, 2010

The Bottom Line: Thanks

There is no better place than this public forum to say thanks to those who make it possible for Georgia Business Net. I want to send out a “thank you” to our customers, and a “thank you” to our staff. This summer has treated us well, but not without our staff’s great effort. We’ve got our sights set on great things ahead, but that is not to say some praise isn’t due as we see some progress and a milestone or two in our rear view mirror. Nothing pleases me more than to hear stories from clients that contain words like “above and beyond.” The innovative ideas to help a client, the stretching and striving for a continuous improvement in our processes and products, make it awesome and fun to come to work each day. And yes, this is all true in spite of what we hear about the economy. Opportunity exists to succeed in every economy. And regardless of how challenging the landscape, I work around people that ignore the news and press on towards our goals. Because of people that care about the big picture, I work in an inspiring environment that motivates and breeds success.

Wednesday, August 4, 2010

Latest Tips for Virus Avoidance

We have all been there, and there is no doubt we will all be there again.  It's inevitable that our Internet connected devices will get infected and spread viruses.  New vulnerabilities occur every day, and not everyone is proactive in playing defense utilizing anti-spyware and anti-virus protection.  Here are some excerpts and my related comments from a TechRepublic blogger to build awareness and to help any user avoid viruses and spyware:

"Oh, the deck is stacked. Don’t think for a minute it’s not. As a technology professional responsible for securing office networks, workstations, and servers from viruses, spyware, adware, Trojans, and other malware infections, I can tell you that the situation is only getting worse.


A Computer Economics report showed that annual worldwide malware expenses increased by $10 billion (to $13 billion) over a recent 10-year span. Google Research suggests that one in every 10 Web sites is infected with “drive-by” malware. "

With that kind of growth, the IT staff has an uphill battle in informing users of threats and performing preventive maintenance.  Posting these tips around the office or distributing them in an email is a great way to pass the word to end users.  Take back a part of that $13 billion!

1.  Install Quality Anti-Virus

The best software packages on the market will give the user the ability to update frequently throughout the day.  As the vulnerabilities are revealed, the user will be protected in near real time.

2.  Install real-time anti-spyware protection

The best protection is one that checks as the user browses around the Internet.  Prevention is always a better strategy than detection and removal.  Most free versions only allow detection and removal.

3.  Keep All Software Packages Current

For security purposes, this is not a bad idea.  I understand that for operational purposes there are times where compatibility issues prevent immediate updates.  For those of you with these obstacles, please consult a technology professional for an alternate strategy and response.

4.  Setup Daily Scans

Even real time active anti-malware engines will fail and your system will get infected.  Daily scans will allow all of the running processes and system files to be analyzed, which could lead to isolation and/or automatic removal of a "sleeping" threat.

5.  Disable autorun

Users most certainly will have some autorun features turned on for convenience.  A good example is when a user connects a USB Thumb Drive and the routine task starts automatically.  This is a great way for a virus to propagate to the connected drive.
"Computer users can disable the Windows autorun feature by following Microsoft’s recommendations, which differ by operating system. Microsoft Knowledge Base articles 967715 and 967940 are frequently referenced for this purpose. "

6.  Disable image previews in Outlook

Automatically downloading images received in Outlook opens the door for a user to be automatically infected.  Many Windows features are convenient, but can result in unintended security breaches. 

7.  Don't click on email links or attachments

Professional grade anti-malware software can help protect the user by scanning the link ahead of browser download.  As a best practice, always try to manually navigate to the sites by opening a browser first and then typing in a link. 

8.  Surf Smart

 If the user has software that has phishing filters, link scanners, pop-up blockers, make use of all the tools.  If the user arrives at a website by manually typing the link, it is most likely okay to enter his/her user name and password.  If an online banking website appears automatically via pop-up window, close the browser immediately and avoid entering any personal data. 
"But even manual entry isn’t foolproof. Hence the justification for step 10: Deploy DNS protection. More on that in a moment."

9.  Use a hardware-based firewall

A separate device other than a user's PC is the best defense.  My general philosophy is that there is safety in numbers and diversity.  Whether it is investing in the stock market or computer security, having options is not a bad idea.

10.  Deploy DNS Protection

Our technicians have seen this a number of times right here at home for our customers.  Certain viruses like to translate friendly website names like Google or Yahoo and redirect the PC to malicious websites.  This is an advanced topic for the average user.  However, I would suggest to your company to consider talking with an IT professional about an implementation strategy if this is a concern for your organization.

If you are interested in reading the entire article (Yes, there is more, I actually shortened it with my comments),  it is available here.

Taking care of this yourself has become quite a burden.  Outsourcing your IT work to a company that focuses on monitoring and prevention is certainly a way for you to take a rest and focus on your business and core competency.