Category Archives: Security

Articles relating to computer security, viruses, malware etc.

3 Internet Habits To Keep Kids Smart and Safe

Posted on by
Reply

How can you make the internet a safer place for your children? It is a common concern for all parents as they want their kids to be protected and happy whenever they go online. It’s relatively easy to supervise and monitor the very young ones but the risks increase greatly as the kids get older and more independent.

You have probably heard the term ‘cyber safety’ before, but safe internet usage goes beyond reminding children to not to talk to strangers. With the evolution of the internet and the way it is now woven seamlessly into all aspects of our lives, the focus needs to be on ingrained habits. This means ensuring that your children have the tools and predefined responses to online events so that no matter what happens, they are not placing themselves (or your family) at risk. Setting up these habits is straight forward and begins with three basic understandings:

Downloads are a no-go

Most kids can not tell the difference between a legitimate download and a scam or malicious link. It is not their fault, the online world is full of things that even trick the most savvy adult. The difference is that children tend not to take that extra moment to check exactly where that link is pointing, question whether it’s too good to be true, or even read what they’re agreeing to. They just want to get back to what they were doing, and if something pops up, their first instinct is to click ‘yes’ – so it goes away. Unfortunately, that single click may have just opened the doors to malware and viruses that will ruin their computer and your network. Start a family rule that everyone needs to ask permission for all downloads (and an adult will check it first), and to never ever click on a popup. When you are called over to give download permission or check a popup, talk through with them exactly what and why you are checking. As your child matures, get them involved in this process so their safe habits can extend outside the home.

Critical thinking is a must

Most youngsters think the internet is a must have and can not imagine life without it. With that thinking, comes unwavering trust that the internet would never lie, trick or hurt them. While we adults know better, it’s only because we already view the internet with a certain level of distrust. The best way to keep kids safe is to teach them to approach every aspect of the internet with critical thinking. That includes teaching them to question the motives of other people online. Is that person really a kid? What do they really want? Unfortunately, all kids do need to be aware that predators use the internet to target and lure children. Ensure your children tell you immediately if a stranger makes contact. Along with this stranger danger, teach them to identify what marks something as suspicious, and what they should avoid. If they come across anything inappropriate, they should shut down the computer and immediately come and see you.

The internet is forever

Kids don’t think twice about recording a video, jumping into a chat room or onto social media. The internet really is their playground! But what they don’t understand is that anything they upload, write or say, stays on the internet forever. Even if they delete it or use a platform where content self-erases, someone can still screenshot, send it right back out or save it for some future occasion. Many cyber-bullying cases are based around this exact type of event. Once your kids know that everything they post is permanent, they’ll be more likely to pause and think.

If you need further help – give us a call at 08 8326 4634.

3 Essential Steps Before You Fire an Employee

Posted on by
Reply

Before you fire an employeeYour employees need access to your IT resources and accounts so that they can do their job, but what happens to that access and those passwords when you fire them? Nobody likes to think of firing their employees, or why you’d need to, but nonetheless, it is a responsibility of every business owner and they will face it at some point in time. While your book keeper or accounts team will stop their paychecks it is important to take the same proactive stance to stop their system access.

Most of the time, former employees leaves under good terms and you’ll wish them well. If you are lucky they may even manage the hand-over to their replacement (so your productivity losses are minimal). Other employees may leave your business reluctantly and / or angrily. While you will have very different feelings about the two scenarios, the risk to your business remains high until action is taken. Here are 3 steps you can take to protect your business from an angry ex employee:

Step 1: Limit access to a need-to-know basis

You might be surprised how often a new employee is presented with access to every ones account and has access to all the company data. Accounts, staff & customer details, strategy, marketing etc etc…all those sensitive parts of your business that have made it a success are exposed. A better policy is to limit access to only what the employee needs for their job. Rather than view it as a lack of trust, your employees will appreciate the care you’ve taken to protect your business (and their job). It also helps keeps them from becoming overwhelmed, confused or tempted if the situation ever turns sour. Likewise, take a few moments to delete old or temporary accounts that are no longer required – you never know when a hacker or disgruntled employee will squeeze through those gaps.

Step 2: Quickly change passwords

On average, it will take at least a week before passwords are changed after an employee is fired – if at all! Unfortunately, this type of delay is one your business can’t afford. In 2017, an ex-employee from the American College of Education held their entire email system to ransom for $200,000 after an unhappy exit. Stories of others stealing client databases are also common – especially if they leave to start their own business or work for a competitor. It is not just full-time employees either, contract and part-time employees such as social media managers and customer support email specialists often have access to more of your business than you might imagine. Yes you may be able to get the person involved prosecuted but it only takes seconds to login and wreak absolute havoc on your network. Knowing you can force those bad eggs into a lengthy court case is poor comfort considering the extent of damage you’ll likely endure. The best option is to change their access credentials fast – even before your employee knows they are fired. This lessens the chance of revenge attacks and opportunistic access.

Use a password manager

If you have good password manager like KeePass or LastPass, reducing your risk becomes mostly automated. You will be able to keep your passwords in a central vault and only share passwords to those who need that access – plus you can section off the passwords to different sections or job roles. If an employee leaves or moves to a new internal position you can change or revoke access.

We can help you secure your network and use a password management tool. Contact us at support@dpcomputing.com.au or 08 8326 4364.

4 Smart Reasons You Shouldn’t Have In-House IT

Posted on by
Reply

In house IT.It can be tempting to hire an in-house IT technician to take care of your network and set them up with a cozy office just down the hall, but is it the right decision for your business? If you are like most businesses, you’re always on the lookout for ways to save money while improving results. Sometimes this means expanding your staff to include a team of tech specialists to be at your beck and call, but this can often be an unnecessary expense that leaves you with highly paid employees twiddling their thumbs when not needed. For SMEs who are looking for the best of both worlds, we recommend Managed IT services.

Put simply, Managed IT is our solution which gives you that team of specialist technicians and network experts, without the ‘quick, look busy’ element – and at a fraction of the cost. Naturally, you’d rather see your IT budget working to support your growth and be kept as low as possible. That is our focus too, and why we don’t simply maintain and repair your systems, we proactively monitor to avoid downtime and work with you to ensure your IT increases productivity and efficiency. Whether you already have in-house IT staff and are auditing the value or are curious about what having external IT support might be like for you, we have put together a few factors to consider before making your choice:

Availability: Most employees work 9-5, but what happens if something goes wrong with your systems outside these hours? Your in-house technician won’t appreciate being woken at 1AM and being called in for an emergency. It is more likely that they simply won’t answer the call (or “hear” it), or if they do, expect some hefty contract renegotiation come the next business day. Managed IT is very different as we are ready for after hours issues and have support technicians ready. We know that every minute of downtime is affecting your revenue, plus your business reputation, so we prioritize getting your systems up and running ASAP. As a bonus, with our Managed IT these types of disasters are rare as we are constantly monitoring and correct and problems before they become an issue.

Total cost: One of the things that may have attracted you to having an in-house technician is the cost. Yes, you may be able to pay them a lower hourly rate but there are extra costs like hiring, training, sick leave, holidays, ongoing training and superannuation. Once you start adding up the cost of an in-house technician, you may find it is eating up your IT budget and leaving you scrambling to fill gaps you didn’t expect. Upgrades get delayed, opportunities missed, and IT expenses become a sore point. In comparison, Managed IT is one fixed monthly rate delivering enormous value, including access to specialists with a wide range of knowledge and experience.

Ongoing Training: Putting aside the fact your technician will often spend entire weeks away upgrading their skills and leaving you scrambling for support while they’re gone, those training costs quickly add up. With a salaried technician, you will have to pay all their ongoing training and certification costs (including travel and accommodation costs for industry conferences). We know how important it is to remain current, certified and skilled in new technologies, so we spend the money to invest in our technicians so that we can serve you better. We are also part of industry related associations and attend multiple conferences each year, all at our own expense (saving the end clients money).

Different goals: For most employees, a higher wage is the goal and many move jobs to achieve that. You may spend time and money training a salaried tech only to see him move on to a better paying job. In these modern times, switching jobs regularly is expected, with an average of only 3 years in each position. Considering how much it cost your business to acquire, train and upskill your technician, 3 years is an unreasonable ROI. Unlike an internal staff member our goals couldn’t be more different – we only aim to keep you a happy customer for as long as we can!

In the end, your business needs to find the right balance between profit and expertise. When you partner with our Managed IT, you’re securing availability, ever-increasing expertise and a commitment to your success. We work closely with you to provide the very best support and protect you against costly disasters by taking preemptive action to keep you safe and operational. There’s no doubt Managed IT is a better decision than hiring an in-house technician, and we’d be delighted to prove it to you.

Talk to us about Managed IT for your business. Contact us at support@dpcomputing.com.au or at 08 8326 4364.

Are You Backing Up Correctly?

Posted on by
Reply

BackupThe 31st of March is World Backup day and it’s a great time to check your backup or put a backup in place. Businesses lose huge amounts of data every day, purely because ‘backing up’ is stuck at the bottom of their to-do list. So this is your reminder, that even if you only do this once a year when the calendar tells you to make it happen now! But how? What is the easiest, most effective way for your business to backup?

You’ve probably heard of file backup by a number of names: Cloud Sync, Cloud Backup or Cloud Storage. They’re all similar enough to be confusing and meaningless enough to be anything. Here’s what they mean and which one you need today.

Cloud Sync

Google Drive, Dropbox, iCloud, etc are services that sync up with a single folder on your computer. They mirror it. When a file changes in one, the sync service rushes to change it on your other computers too, so they are always the same. Cloud Sync services are hugely flexible for remote employees or for those squeezing in a few quick tasks while riding the train to work. They are ridiculously easy to use, require no training, and the free tiers are enough for most small businesses and individuals. This all sounds amazing, right? Except…when things go wrong, they go wrong big time! Accidentally deleting a file means it disappears from the Cloud Sync drive and your other computers – almost immediately. Overwriting a file does the same thing, and if an employee edits the wrong file, then those edits are there to stay. If disaster strikes and your local copy becomes corrupted (or ransomed), well you guessed it, the corruption is uploaded too. While some Cloud Sync services now offer a 30 day backup option, you may not notice the file was missing within this time frame.

Cloud Sync services are fantastic for productivity and accessing files on the go, but they simply can’t be relied on as your backup tech.

Cloud Storage

Amazon S3, Microsoft Azure, etc are massive buildings full of storage drives that work just like your local hard drive but you access them securely via the internet. In fact, when you use a cloud sync app like Dropbox, they’re actually sending your data to one of these locations. While the sync services have a constant back and forth connection between the storage center and your folder, and as explained above aren’t good for backup, you have another option. You can access cloud storage on a per/GB basis yourself and upload your entire backup as desired. It won’t update with changes on your local network, but it will be safe from disaster. When you need to retrieve a file, you simply login and download it.

Your backed up data is secure, protected against disaster, and always available to you. However, because it relies on you or your employee to handle the backup plan and manually take care of the uploads, this is a high-risk solution. Unless your employee is scouring your network each day/week/month for changes to files and uploading them with fervent dedication, chances are this plan won’t work. We recommend an automated or outsourced solution so you can get on with business AND also be protected.

Cloud Backup

Carbonite, Soonr, Crashplan, etc might not be names you’ve heard before, but they work in the background to monitor changes to files on your computer or network and make sure you’re backed up. You can roll back individual files or whole drives, and even select from earlier backups, not just one. Like sync services, they use cloud storage centers with extra-high security and redundancy so that your data is always there when you need it. Even better, neither you nor your employees need to worry about when it was last done.

The One You Need

Let’s take a moment to talk planning. We recommend starting with the 3-2-1 strategy. This means having 3 copies in total, 2 of them locally such as on your computer and an external drive, and another offsite in the cloud. Using this strategy keeps your business operating when data disasters occur and is an investment in your uptime. We can help get you set up with the 3-2-1 method, including selecting the best cloud service for your needs. If you’re looking for a more scalable, cost-effective solution that gives the utmost peace of mind, ask about our managed backups service.

Need help with your backup then call us at 08 8326 4364 or support@dpcomputing.com.au.

Why Spam is a Small Business Nightmare

Posted on by
Reply

Why Spam is a Small Business NightmareFifteen years after the Internet world  united to crack down on spam emails, we are all still struggling with overloaded inboxes. All that unwanted email continues to flood the internet, much of it targeted towards small businesses and the impact goes wider than you might think. Here’s the breakdown of how modern spam works and how it is hurting your business.

What is spam?

Spam is any unwanted message that lands in your email, comes via text, social media messaging or any other communication platform. It might be sent to your main business account, eg your ‘contact us’ email or directed to your employees. Most of the time, spam are annoying but relatively innocent messages from another business inviting you to buy, do or see something. They are newsletters, reminders, invitations, sales pitches, etc. You may know the sender and have a previous relationship with them or they might be a complete stranger. Spam may even be part of a cyber attack.

Why you are getting spammed.

Maybe you or your employee signed up for a newsletter or bought a raffle ticket to win a car. Perhaps you got onto the mailing list accidentally after enquiring about a product, not knowing that simply getting a brochure sent through would trigger a spam avalanche. Often there is fine print that says they’ll not only use your details to send you their marketing, but they’ll share your details with 3rd parties so that they can send you messages too. That single email address can be passed around the internet like wildfire and before you know it, you are buried under spam. Sometimes your details are found through a hacked website, like the recent LinkedIn leak. More often though, your email is simply collected by a computer ‘scraping’ the internet – scouring forums and websites for plain text or linked emails and selling them to spammers. It is easy to see now, how individual office employees receive an average of 120 emails daily, over half of which are spam!

More than annoying.

We all know spam is annoying but did you know it’s also consuming business resources? Your employees are spending hours each week sorting their email, assessing each one for relevance and deleting the spam. Your email servers along with your Internet links are getting clogged with the spam flowing into your business. Too often, legitimate emails from clients and customers get caught up and are accidentally deleted. Plus the temptation to read the more interesting spam emails and productivity drops to zero. On the other side of the business, your email server might be dedicating storage and processing power to spam emails, occasionally to the point where inboxes get full and real mail is bouncing out. While most spam is simply an unwanted newsletter or sale notice, there is also the risk that any links may be a cyber-attack in disguise. Remember one click can open the door to viruses, ransomware, phishing or other security issues which a hacker can then take advantage of.

How to stop the spam?

The 2003 Can Spam Act (a global set of anti-spam laws) requires all marketers to follow certain rules – like not adding people to mailing lists without permission and always including an ‘unsubscribe’ link. So make sure you’re not accidentally giving people permission to email you – check the fine print or privacy policy. Next, look for the unsubscribe link at the bottom of the email. Unfortunately, not all of them include the link, or they hide it somewhere impossible to see. The worst spammers take that ‘unsubscribe’ click to confirm that your email address is valid/active and then sell it on.

Take control of your email and talk to us about your anti-spam protections. Call us at 08 8326 4364 or support@dpcomputing.com.au.

How to Maintain Your Computers and Network (Without Lifting a Finger!)

Posted on by
Reply

Computer maintainance

For a device that’s supposed to make life easier, computers involve a lot of work! As there is so much to keep track of most people forget the routine maintenance that is needed until it is too late. Of course then the damage is already done. Critical business data can get lost forever in a crash and information gets stolen in a hack. It’s a bit like closing the gate after the horses have already fled. This is where proactive people come out on top. Thousands upon thousands of businesses around the world are using managed services to put computer and network problems firmly behind them. It’s a done-for-you maintenance program we offer, and here’s why it is the best choice for your business:

  1. You’re always up to date. It seems like every other day there is some new and urgent update waiting to be installed. Whether they are patching security flaws or adding new features they seem endless. Even if the updates install automatically, they tend to do it at the worst possible moment and do you actually know if it will break something else in your system?. Using our special managed services software, we can make sure your computer’s updates are all finished and done – before you sit down to use it. As part of our service, we also make sure all updates are compatible not just with your hardware, but also with your other software. After all, updates are supposed to make you computers more secure and more enjoyable!
  2. You’ve got super anti-virus. The best anti-virus is the one that’s up-to-date and running, yet you’d be surprised how many people switch it off, never let it update and / or let the subscription expire. While you might be in the habit of scanning files and browsing safely, others in your office might not have the same priorities. Having managed services ensures your anti-virus is always running and dealing with any viruses it finds. As soon as a new virus becomes known, we make sure your system is actively protected against it. We can also monitor for cyber-attacks and alert you before they become a problem.
  3. Your hardware stays healthy. While a reactive person is always stuck without a computer when hardware fails, proactive people with managed services have already had the problem fixed. Our special software monitors the health of your hardware, eg, your hard drive, looking for early warning signs of failure. If detected, we can let you know in advance. This means you’re able to get it repaired at your convenience, making sure no files are lost and no other hardware is damaged in the failure.
  4. You never miss a backup. The worst part of a crash isn’t the financial cost, it’s losing your data forever.  Whether it is a report you have just created, a recipe handed down for generations or a novel you’ve been working on for longer than you’d care to admit, managed services ensures your backups are working correctly. Backed up files are ready to go when you are, and losing files to corruption, failure or theft is a thing of the past.
  5. Support is a call away. Just got a new printer and it won’t play nice? Got a weird error popping up? Your laptop won’t talk to the wifi? Our remote support team can help with whatever technology issue has been annoying you and wasting your time. No nonsense advice is just a phone call away, and our team can remotely connect to diagnose and fix any problems. This means you can likely skip the cord shuffle and carting your computer into the shop and get your most pressing computer issues fixed fast.
  6. You’re always optimized. Whether your computer is actively playing up or not, our monitoring service can keep in touch with your event logs, services and processes and look out for anything that needs correction. This means we’re effectively stopping problems before they get to you, making sure that when you sit down to use your computer, it’s doing exactly what you want.

Put computer problems behind you – get managed services today. Call us at 08 8326 4364 or at support@dpcomputing.com.au.

Office 365 & Email Security

Posted on by
Reply

Spam email

As an IT Expert, I get client calls and emails asking me about various emails they receive and whether that particular email is fake or real – almost all time the emails are fake.

To help my clients and others in a similar situation I’ve put together a video that goes through some security tips on how to protect your self from hackers and phishing attempts. The video goes through:

  • First alerts of being attacked.
  • How scammers and hackers try to fool you.
  • How to tell if an email is fake or not.
  • The Do’s and Don’ts.
  • How to tell if you’ve been hacked.
  • What to look for after you have been hacked.
  • How to prevent and protect from hackers.
  • What is 2-step and MFA?
  • What to do after you’ve been hacked.
  • Screenshot examples of phishing emails.

Check out the video below and leave any comments in the fields below.

EBOOK: Spectre and Meltdown: How you’ll be affected

Posted on by
Reply

Spectre & Meltdown ExposedSevere design flaws in modern CPUs were recently discovered and made public. These flaws put users and businesses alike at risk of attacks known as Spectre and Meltdown, where private data can be called up and stolen.

Chip manufacturers including Intel and ARM have responded by working with software developers to correct the flaws, however these fixes are affecting computer performance. Discover exactly how this vulnerability works, how you’ll be impacted, and what you can do to protect your systems.

We have written a free Ebook that explains these vulnerabilities in more detail and also covers:

  • How these vulnerabilities works
  • The impact to your business.
  • What you can do to protect your systems

Click here to subscribe to our monthly newsletter and access your copy of this book. If you are already a subscriber and would like a copy please email david@dpcomputing.com.au.

10 Internet Rules For Kids (and Adults Too!)

Posted on by
Reply

With school starting back next week I thought it was a good time to talk about Internet safety and how to stay safe online. Yes the Internet is a great tool but it comes with risks which can cause problems for not just children but adults too.

I have talked about online safety previously but here is a infographic with some great rules which we all should follow.

10 Internet Commandments for Kids Going Online

10 Internet Commandments for Kids Going Online [Infographic] by the team at Pumpic.

Protecting Your Ecommerce Platform from Hackers in 2018

Posted on by
Reply

Security

 

2017 saw an increase in cybercrimes in Australia. Back in May, News.com.au reported on the massive ransomware attack across the world, mentioning that at least three private businesses in Australia were hit. While Australia didn’t experience any major attacks, other countries suffered losses. In total, the incident affected around 200,000 people in 150 countries. Countless computer systems were examined in relation to the extortion plot where users would get kicked out unless they sent payment.

2018 brings a clean slate of opportunities for online businesses to strengthen their security systems. Ecommerce platforms are the most at risk, since they involve payments and valuable information. In determining how strong your website’s defense is against hacker threats, consider some of these factors:

Customer data

Identity thefts will not occur if there is nothing to steal. Therefore, you should refrain from saving any customer data that isn’t important to your business. Storing payment card details is against PCI (Payment Card Industry) standards anyway. These details are usually handled by the payment provider. What you can do is use an encrypted checkout tunnel so that your servers won’t save any payment data.

Firewall

For your ecommerce business to have decent security, it should at least be able to withstand common attacks. Business2Community suggests to begin with a firewall, because it weeds out the untrusted networks and controls the website traffic. Firewalls serve as a great first line of defence against the usual hacking threats.

DoS and DDoS Protection

Once in a while, your server may be attacked by malicious queries that intend to keep your website from functioning properly. These Denial of Service or Distributed Denial of Service attacks can keep you out of business for a long time, which is why security measures should be taken to prevent them. DoS and DDoS raids can come from different sources, like applications and traffic flooding.

The best defence is to invest in more bandwidth, since a large amount of space will render it difficult for attackers to flood your site. The downside is that this is also the most expensive solution. However, it’s in your best interests to spend on security. DP Computing previously explained the importance of not being cheap when it comes to security technology, as it serves your business in the long run.

HTTPS

Another DP Computing article advised to pay close attention to the URLs on Google, because hackers would sometimes use phishing scams to acquire sensitive information from customers. These involve links that if accessed, will install malware on your PC that can steal information.

When checking URLs, be wary if the website uses only HTTP. It is more appropriate for ecommerce platforms to use HTTPS, especially on pages where data is created. Unlike in HTTPS, information entered on HTTP is not encrypted. The data is only sent as plain text, making it an easy target for hackers to intercept. Although, remember that not all website pages need to be in HTTPS, or else your website speed will suffer.

Pay attention as well to how your website appears on Google search results, especially if your business is using paid search ads. Ayima noted that Google has improved its algorithm on paid search ads, stating that emphasis is placed on close variants. This means that advertisers will have an easier time of building lists to match user queries. Since paid ads are becoming more rampant now, hackers have taken the opportunity to promote their malicious sites in order to fool thousands of victims. If by any chance, your website’s ad appears shady or seems similar to a malicious ad, take it as a sign to rethink your campaign.

In today’s digital landscape where hackers are getting more creative with their attacks, the importance of cyber security cannot be stressed further. For ecommerce businesses, security investment should be one of the top priorities. Left unchecked, your website could close down at any time, resulting in huge losses in revenue.