Security Updates – The Better Way to Patch

Updates often come at the worst moment: you shut down your laptop to rush to a meeting and see the dreaded “Windows is updating. Do not power off” message! Or you leave your desktop for a minute and come back to find your computer has restarted in your absence – those unexpected bug fixes and performance improvements lost your unsaved work.

You know updates are important as they help patch security flaws. Updating helps you keep your systems up to date and secure. Software updates can also add new, useful features and remove outdated ones. Security patches protect your business from attacks that could also impact employees, customers and partners.

Updating can be a pain but is so important!

The WannaCry ransomware in 2017 attacked hundreds of thousands of computers all across the world. Big and small companies and organisation were hit with the UK National Health Service, FedEx, Telefonica, the Russian Interior Ministry amongst those that were infected.

The Petya ransomware was released after WannaCry and preyed on the same vulnerabilities. But despite the publicity around WannaCry and Microsoft having already released a patch it again spread rapidly around the world.

Still, despite all the warnings and infection people don’t bother updating their computers. According to a Skype survey, 40% of respondents didn’t update their machines when prompted and almost 25% required a second prompt. Nearly 45% of users worried that installing the update would weaken their computer’s security.

Keeping just Windows up to date is not enough. You also need to be patching third-party applications such as Java, MS Office or your Adobe suite. More employees are also bringing their own devices to the workplace. Overlooking security updates for these entry points is like leaving a window wide open and letting criminals walk in.

Equifax’s failure to update a Java virtual machine proved costly. Hackers accessed over 145 million credit reports in 2017. The company lost more than $5 billion in market cap, and the CEO lost his job.

Businesses need a better way to keep your software security patches current and here are some ways to do just that.

Keeping security patches current, conveniently

Avoid the inconvenience of any interruptions by setting up automated patching. Determine when downtime won’t be as disruptive and schedule patches during that time frame. This lets you update an entire department when they aren’t there, or patch individual computers around the employee’s schedule. For instance, if your bookkeeper comes in only on Fridays don’t patch their computer on Fridays!

This approach also creates a consistency your employees can plan around, which allows them to manage all security updates without them having to lift a finger.

To do this, you can outsource the patching to a IT support provider. The provider can install remote monitoring and management (RMM) software to manage all your security updates without you having to lift a finger.

The RMM software gives your IT partner visibility into your business technology. They can also track your hardware software, and network environments to keep ahead of issues. This sets up the IT provider to respond much faster to any events.

Conclusion

Automating or outsourcing your software updates can improve security and compliance. Your employees enjoy new features, extended support and access to the latest technology. A reliable, secure system can improve stability, speed up processes and drive increased productivity.

Get expert help determining patching priorities, or partner with us to handle your updates and also monitor and resolve issues remotely. Contact us on 08 8326 4364 or support@dpcomputing.com.au.

The Dark Web and How it Can Affect Your Business

Every Internet user should already know that the internet has many people looking to exploit the Web for ill intent. These people congregate on the Dark Web and small businesses need to understand what it is and what the risks are.

What is the Dark Web?

You and your employees spend time daily on the Web. They may be researching products and clients, checking out competitors and searching for information. Generally they are not accessing the Dark Web. The Dark Web houses dangerous and more than often illegal activity. Some of the dark side includes black-market drug sales, illegal firearm sales, and illicit pornography.

The Dark Web’s collection of websites is inaccessible using the standard search engines or browsers. To browse the Dark Web users need to employ a Tor or I2P encryption tool to hide their identity and activity.

To go into the Dark Web, you also need to be using the Tor or I2P service and you need to know where to find the site you are looking for. There are Dark Web search engines or directories, but they can be unreliable. Most often the people running websites on the Dark Web don’t want people to easily find them. Ultimately, it’s not somewhere you or your employees should be.

So, why do business owners need to know or worry about it? Because Dark Web users can buy a multitude of information that could affect your business. This information includes:

  • usernames and passwords.
  • counterfeit money.
  • stolen credit card numbers or subscription credentials.
  • software to break into people’s computers.
  • operational, financial, or customer data.
  • intellectual property or trade secrets.

The Dark Web is also where someone can hire a hacker to attack your computers and server or write a virus to infect your computers.

The Dark Web business risk

The Dark Web itself is not illegal and not all that happens on it is criminal. It is also visited by journalists and law enforcement agencies and is used in countries where their governments prohibit open communication.

But the ways a business can be adversely affected by information and activity on the Dark Web is growing. A 2019 research study found that 60% of all Dark Web listings could harm enterprises, and the number of those listings has risen by 20% since 2016.

Business risks from these Dark Web listings include:

  • denial-of-service or DOS attacks.
  • malware infection causing business disruption and / or data loss.
  • undermining your brand reputation.
  • loss of competitive advantage.
  • IP theft.
  • fraudulent activity.

With media attention on data breaches impacting millions, it is easy to think a small business is not at risk. However, bad actors don’t target a business for its size as they look for ease of access.

Dark Web information is up to twenty times more likely to come from an unreported breach. Privacy specialists told a Federal Trade Commission Conference victims included medical practices, retailers, schools, retail shops, service based offices and many other small businesses.

Reduce your risk

If your information ends up on the Dark Web, there’s little you can do about it. The positive is that you know that information is out in public and your business security has been compromised. So be proactive and takes moves to lessen the impact of the release of that information and keep your security protections current and install security patches regularly.

Consider upgrading your security by installing a unified threat management (UTM) device. A UTM plugs into your network and serves as a gateway to protect your business from malware, illicit access and other security risks.

Depending on the brand and model a UTM security appliance can provide the following features:

  • intrusion prevention
  • URL and content filtering.
  • application control.
  • anti-malware scanning.
  • data loss prevention.
  • email security.
  • wireless security.
  • remote access management.

A proactive services provider or IT consultant can help you take care of all aspects of protecting your business. For a monthly fee they can handle all your technology, patching, monitoring and assessment needs.

Stay on top of the latest cybersecurity threats with an us, or learn more about installing a UTM. We can help protect you from the dangers of the Dark Web. Contact us today on 08 8326 4364 or support@dpcomputing.com.au!

O365 – Why you need to implement 2FA

Unknown threats

Why just passwords are not good enough?

As you know, Microsoft regularly release new options and new security features as part of their Office 365 platform.

As part of their focus on security, they highly recommend that all users implement 2FA or MFA on all their O365 accounts.

2FA (two-factor authentication) or MFA (multi-factor authentication) is an additional security layer for your business (moving forward we will just refer to this as 2FA). It helps to address the vulnerabilities of a standard password-only approach.

With 2FA a user will first enter their username and password. Then, instead of immediately gaining access, they will be required to provide another piece of information. This second piece of information could be an number of things including:

  • a code that was sent to a nominated mobile phone.
  • an answer to one or more “secret” questions.
  • a token or code linked to a hardware device.
  • a fingerprint or other biometric pattern.

With this additional security measure, a potential compromise of your password won’t provide access to your account. As O365 accounts are being hacked on a daily basis we highly recommend implementing 2FA to help stop unauthorised access to your account ASAP.

There are a few options available to you:

1) Setup this feature yourself (bear in mind if you break something you may lose access to your account).
2) Lock us in to do the work for you – we’ve put together a fixed fee price of $550 (user limits apply) to set this up for you. Just contact us and we will get you scheduled in.

As with all jobs we will be working through all these projects on a first come, first served basis so get in ASAP.

Of course, if you have any questions at all – just contact me at david@dpcomputing.com.au.

Why You Need Professional Virus Removal

Do Macs Get Viruses?

“Your computer has a virus.” Such a dreaded phrase!! With a “human” virus we can feel awful and miss work but when a virus hits our computers, we can lose valuable information and be vulnerable to attack. Continue reading

6 Areas to Check Out to Reduce Your IT Costs

Renewal of services

Businesses are always looking at ways to reduce costs and looking at the IT budget line can cause headaches. So much money is spent in one area, and there is so little you can do about it! But is that really true? Your IT expenses may not be as fixed as you may think. Here are some target areas where you might reduce costs. Continue reading

How to Destroy Your Digital Data

Secure data destructionWhen we accidentally delete something, it feels like the end of the world. If a client file or your latest proposal is deleted, you may have to start again. Yet deleting files may not as permanent as many think. When it comes to destroying data properly, you will need to take a more thorough approach. Continue reading

Getting Rid of Single Points of Failure When “Failure is not an Option”

Single Points of FailureYou might think that your business is going to be fine if a single device goes down. After all, there are other devices your staff can use and your entire systems are not going to fall like dominoes. Or will it? Get rid of single points of failure to make sure that one vulnerability does not take down your entire network. Continue reading

What to Do When You Get a Renewal Notice

Renewal time

Your business will rely on a number of service providers. You are likely using third parties for services such as Internet access,  domain names, website hosting, software licenses, just to name just a few. So, when a renewal notice arrives, you might just  pay it and then file it away for future reference. Here is what you should be doing instead. Continue reading

How Backup Software Can Save Your Business?

There’s a saying you may have heard before: “Two is one and one is none”. This simple phrase emphasises the importance of having a backup plan. Things can get lost or even break in the field. It’s why skydivers always have more than one more parachute on any given jump. If the main parachute malfunctions for any reason, they can disconnect it and deploy the reserve parachute to safety.

It’s an extreme example but it illustrates an important point that’s also applicable in business – You need to have redundancy. No business owner likes to think of the possibility of losing their valuable data. The reality though is that the future is never absolutely certain. Anything can happen.

Here we’ll look at how utilising backup software can save your business. Continue reading