Category: Security

08 Jan 2018

Webroot Updates Coming!

Many of you are now protected by the Webroot anti-malware agent we’ve installed last year. During the month of January we will be activating the features listed below to your devices.  Just like the at the airport, increasing security can have some unintended consequences.  Some of these features could bring to the forefront latent issues that have been around for a while. If that’s the case, give us a call and we will have the matter addressed.

Scan Schedule

Your computer is scanned for malicious software, during a time of reduced activity.  We will be setting your machine to preform a scan at 6PM.  All you need to do is ensure that your PC remains on for the evening and the scan will work fine.  

Firewall

A basic security feature of a computer is the firewall.  This should never be disabled as a fix for ‘something not working right’.  However, we have noticed some PCs have had their firewalls turned off.  Going forward, Webroot will ensure the firewall is always active.

Web Threat Shield

This blocks known threats encountered on the Internet and displays a warning. The Web Shield maintains information on more than 200 million URLs and IP addresses to comprise the most accurate and comprehensive data available for classifying content and detecting malicious sites.

When you run an Internet query such as a Google search, SecureAnywhere shields modify the results display with icons that give you safety information about each website returned as a result of the search.

Identity Shield

The Webroot SecureAnywhere Identity Shield protects you from identity theft and financial loss. It ensures that your sensitive data is protected, while safe-guarding you from keyloggers, screen-grabbers, and other information-stealing techniques. If the shield detects any malicious content, it blocks the site and opens an alert.

Recycle Bin

How long a security scan by Webroot takes is a function a few factors, one being how many files are stored on your PC.  To improve this performance, we have set the recycle bin to be emptied every weekend.  

If you ever receive a pop up which does not make sense to you, please do not hesitate to reach out to us so we can investigate.

08 Jan 2018

It’s All About Security

Everybody and every publication is finally pushing the need for tighter security. What’s lacking in much of what you read is the balance necessary between security and usability. If we make the network so secure that our teams can’t get any work done, it’s useless.

This year, Quo Vadis will be encouraging our clients to embrace Microsoft’s Password Guidance. Many of you may be reading in your own trade journals about the idea of passwords with no expiration. We agree! Our goal is password diversity to provide the best security. Today’s general password policies actually do the opposite of our intended goal.

A University of North Carolina study found 17% of new passwords could be guessed in five tries or less, given the old password. And almost 50% could be guessed in a few seconds of un-throttled guessing! So much for diversity.

Two-factor authentication (2FA) is crucial to the security plans of the future. By way of reminder, two-factor authentication uses two out of three factors to confirm your identity.

  1. Something you know (like your password)
  2. Something you have (like your mobile phone)
  3. Something you are (like your face or fingerprint)

I use 2FA for my Amazon account, my online banking, my email, remote access… everything I can. You should too!

Here are our recommendations to move forward.

  1. Don’t use your business credentials outside work.
  2. Use two-factor authentication whenever possible.
  3. Use biometrics whenever possible.
  4. Invest in a password manager.
  5. Don’t store passwords in your browser.
  6. Don’t reuse passwords!
  7. Keep your operating system and application software updated. (We can do this for you.)

 

We will be reaching out to you shortly to remove your password expirations.

04 Aug 2016
data security

Data Security Class

We are protecting your digital assets with firewalls, passwords and other digital methods. We detect intrusion attempts and virus attacks with special software that runs on the firewall and your workstations. We respond to your calls when you have a problem or when we a problem is detected. Between protection, detection and response, which is the most important? We believe it’s detection – as would you if you didn’t detect a large man with a big knife was standing over your bed at until you opened your eyes!! The best investment you can make in your security is to train your staff. Give them the tools and training necessary to detect attempted data breeches by signing up for our Security Awareness class. The content is updated with current events and true stories all the time. 

The class is 1 hour long, $250 for 1-25 people.

04 Aug 2016
multi-factor authentication

Multi-factor Authentication

You’ve seen this already. You try to access your Gmail account and you have to put in a code Google texted to your phone; or you add a credit card to Apple Pay on your iPhone and you have to approve the addition from another Apple device. Everybody has passwords – and they’re getting longer and more complex all the time! We all hate it. The answer coming down the pike is multi-factor authentication (MFA). Here’s the idea. Instead of just providing your password to access your data (email, files, etc.) you provide at least two of the following: Something you know (like your password), something you have (like a code from your mobile device) or something you are (like your fingerprint.)

MFA is being used more and more. There are apps that you can put on your mobile device that generate a code every 30 seconds. Your bank may require you to put in a code that was texted to your mobile device. Your online shopping site may require you to put in a PIN to login. You can receive a code via text message. You can use facial recognition (read about the Enterprise-grade security of Windows Hello here.) You can use the fingerprint scanner on the home button of your iPhone.

Get used to it. MFA is here and it will become the norm. If you want to increase security, give us a call. 704-814-8819

04 Aug 2016
mobile device management

Mobile Device Management

How do you deal with the fact that your digital assets are on your employee’s phone? What if they lose the phone? It can not only be bad for business, it may be against the law, depending on your market and the data that has been compromised. Mobile Device Management (MDM) is built into Office 365. Even if your employees own their own devices (which is most common) you can have them register their device with Office 365 in order to have email on the device. Then you control access to the data. You can use MDM for Office 365 to do a selective wipe to remove only organizational information, or a full wipe to delete all information from a mobile device and restore it to its factory settings.

If you’re interested in learning more about MDM, give us a call. 704-814-8819

15 Jul 2016

Do you hate changing your password?

HERE’S A TIP:At Quo Vadis we don’t have to worry about the constant password change. We use 1Password, a helpful, easy-to-use, secure app that stores all your logins, passwords, and more!

Tired of remembering all those passwords? Tired of the constant change? Do you want just one password for everything?

1Password.

Who doesn’t? As hackers become more real and more prevalent, passwords need to be much more complex. If you’ve taken the Security Awareness Class you know the danger, and you know how critical your password security is.

Every one of your businesses are connected to the internet, which makes you a target for cyber-attacks. Unfortunately, small businesses have a misconception that they are an unlikely target, but a quick Google search will produce a number of results showing small and medium businesses are attacked at nearly the same rate as enterprise level. Hackers know many companies don’t take cyber security seriously – and they’re right. It has come to our attention that many of you have simple passwords equivalent to having a key code entry of 1234! This is completely unacceptable.

It may be that, when you signed up for Network Care, you dismissed our counsel to implement strong passwords for your users. It’s time to reconsider. Ensure that you’re using strong passwords! Use these helpful guidelines to help create complex and secure passwords:

  • 8 characters long
  • At least 1 uppercase letter
  • At least 1 lowercase letter
  • At least 1 number
  • Simple enough to remember without writing it down

Of course, additional security measures are always encouraged, like adding special characters and making the password longer. Make sure your password doesn’t include your name, and avoid generic ones like “Password1”. If you’d like us to enforce complex networks in your network or if you have any other questions or concerns, please call the Help Desk to discuss.