Open Source Stinks (for business)

Open Source, Open Source, Open Source it’s all the rage. But is it the right choice for your business or does it really stink?

Before getting everyone crazy and tons of emails and complaints, let me start by saying open source has its purpose. Not to mention that we, in fact, do support it … to a degree. We believe Open Source can drive innovation, and it is this innovation that makes it better for us all.

The issue actually comes from the fact that everyone believes that everything should be free, especially software. This drives us all crazy because free is not always better, in fact, it stinks when it comes to business or enterprise.

Let’s take SSL, which is an essential component of the global e-commerce system. The most common implementation of SSL is an open-source version called OpenSSL.
It turns out that within OpenSSL there is something called the heartbeat protocol. This is needed to ensure that communications between user and site are kept alive even when the line goes quiet. What seems to have happened is that when one of the programmers who worked on OpenSSL was doing a software update all the way back in 2011, he made a coding error that went undetected for several years.
So why does this matter? Well because this heartbeat protocol is at the heart (no pun intended) of the biggest security flaw in computer history called Heartbleed. On a scale of 1 to 10 this would be an 11.

As vulnerability like this could happen in any software open source or paid. The reality is that paid software support would have identified this issue far before it left such a long term security hole in place.

The biggest point of concern with open source is the quality of the product, lack of real support, and trend toward accepting this (often substandard) software over fully supported licensed versions of software that are typically far better (did we mention supported!) than open source products.

Open Source is a fantastic playground for developers, but, running your business isn’t a playground.  No business can afford to be without the tools they need to conduct business and make a profit.  Don’t ‘play’ with Open Source in your business, purchase reliable, supported, industry standard products to guarantee that you are getting the best return on your investment.  After all, the cost of ‘real’ software is miniscule compared to the loss of productivity of one or more employees for a period of time or the loss of business because your business was unable to capture an order.

In a world of commodity pricing, service stands above all.  Get real support and service with paid applications.  We at Slick Cyber Systems can help you do just that.

AAAAHHHHH PASSWORDS!!!

Long Ones, Short Ones, Special Characters Should I add numbers? Passwords they are like opinions. Everyone has at least one, and no surprise, most of them stink.

With the complexity and frequency of account take overs and account hacking you cannot take a chance these days with simple passwords like “password” or “1234”. Believe it or not we still see these grossly inadequate passwords all too often.
Short passwords, names, or words in the dictionary are easily cracked by computer software or anyone that might know you and want to order something online. And adding the @ symbol instead of the letter a, well that’s old news too. The bad guys know this trick too.

Jim Slick, President and CEO of Slick Cyber Systems offers up some the following suggestions to help you manage and create a more secure password:

1. We recommend that you use a phrase, or “passphrase”, which is a sentence you can remember. From this sentence you replace each of the words of the phrase with its initials, or even random characters to represent it.

For Example:

Fluffy My Cat Likes To Play With Red String.
f m c @ l 2 p w R $
The new password is fmc@l2pwR$ (We don’t recommend using this.)

2. As we recommend that you NEVER write down the password, should you have too reference your password. Jim recommends that you write down the phrase, NEVER the password.

3. We do not recommend that you use the same password for multiple accounts.

4. We do recommend that you change your passwords at least 4 times a year.

4. If you have trouble remembering passwords or need to manage a bunch of passwords we recommend that you use an encrypted password protection program like eWallet to safely and securely protect your passwords. Never store them on post it notes stuck to your computer or in a spreadsheet on your computer as this would be very unsecure.

Need more help call Slick Cyber Systems at 570-371-5800
or visit us at www.slickcybersystems.com

Related posts:
WTF is my password? (Don’t worry we’ve been there too.)
8 Security Habits Putting Businesses at Risk.
STAY OUT OF MY COMPUTER!

HEARTBLEED BUG (Real or Hype?)

Over the past few days you may have heard of a problem that maybe affecting as few as 17% or much as 67% of the internet. A much talked about problem, but still confusing issue called Heartbleed.

So what is Heartbleed you may ask?  Well it’s a security flaw or vulnerability in OpenSSL, which is used for security on many webservers.  OpenSSL is designed to allow the encrypted and secure transfer of information like usernames and passwords from your computer to the website.  This flaw allows an attacker to ‘steal’ a server’s digital keys that are used to encrypt communications and get access to a company’s secret internal documents.

Are all sites affected?

As OpenSSL is a popular, SSL/TLS option, many others security SSL/TLS options do exist, so not everyone is affected.

It is possible to have OpenSSL, and not be affected. (How?) Well if you are running older versions, which were not affected because they did not have the function or feature called “heartbeat” which is at the core of the issue.  This does not solve the problem but minimize the possible impact of the flaw.

Should I Worry?

Slick Cyber Systems believes that you should be concerned, but we do not believe that you should panic.  What we recommend you to do is to change the passwords for any account that may have been affected by the Heartbleed vulnerability.

We also believe that you should change the password for any account that may have fixed the issue.  As we acknowledge that changing the password is a precautionary action, anything you can do to help protect yourself is always the right choice.  This includes changing passwords on a regular basis to ensure the best security of your personal information.

Contact Slick Cyber Systems if you have any specific questions or concerns and our staff can help.  1-888-850-8882 or got to www.slickcybersystems.com

Come on, Outsource your I.T. It’s a ‘NO BRAINER’.

You may have heard that outsourcing might be a way to help your business cut costs by focusing on those things you do best and “outsourcing” non-core functions … you’re probably right.

Businesses that are outsourcing have learned that by sticking to those core functions that make them experts in there industry they are able to maximize profits and make best use of internal resources.

Even though outsourcing IT is nothing new; some companies still resist the trend to outsource their information technology services. If you have not yet looked into outsourcing, and the value of utilizing theses services, we’ve compiled a list of reasons why you should consider outsourcing your IT services to Slick Cyber Systems:

  1. By outsourcing IT you get a competitive edge by accessing the latest enterprise level technology and expert IT ‘know-how’.
  2. Increase your productivity by allowing your staff to concentrate on core business activities, rather than wasting time dealing with IT ‘glitches’.
  3. Enjoy a responsive IT support service delivered by experienced engineers. This will reduce downtime and inefficiencies due to technical problems.
  4. No need to hire, train and retain an in-house IT support team, so you can reduce your labor costs.
  5. You can choose to replace variable IT costs with a somewhat fixed monthly fee that can be budgeted more effectively.
  6. Take advantage of relationships and knowledge that an IT company like Slick Cyber Systems can give you.  You can also leverage purchasing power and save money on procurement.

Would you like help choosing an IT support partner?  Contact us at 1-888-850-8882 or send us an email at info@slickcybersystems.com.

 

Other Recommended Articles:

STAY OUT  OF MY COMPUTER!!!!

Save Money on Ink?  Please tell me more you say…

I Always Feel like Somebody’s Watching Me.  (Well Maybe They Are!)

STAY OUT OF MY COMPUTER!!!

‘Small business is at an even greater threat of cyber criminals’, Symantec, an internet security company, recently reported. They went on to say, “Most small companies aren’t taking steps to protect themselves.”
The recently released Symantec security threat report stated that ’2013 saw a heightened and sustained criminal activity against small businesses’. Brian Burch, Symantec’s vice president of Global Consumer and Small Business Segment Marketing, went on to say, “Targeted attacks against small businesses almost doubled last year – it was up 91%. And it lasted three times longer than what we saw in 2012,”
These attacks against smaller business last longer, and tend to hurt small business more than do with larger companies. These prolonged attacks have the ability to damage smaller companies by wearing them down.

[ 3 New Cyberthreats You Don’t Know About Yet ]
The attackers know that they can steal more information from customer data, to financial information and other proprietary data much more easily from smaller businesses because SMB (small to medium business) may not have the ability or resources to protect against these kinds of attacks.
The attacks can something as common as ‘ransom-ware’ attacks, where the cyber criminals represent themselves as law enforcement and say that an illegal activity has occurred, and the computer has been locked by law enforcement or the FBI. They then demand a fee to have the computer unlocked. These fees can vary in from a few hundred dollars to as much as thousands.
“If your business has been affected by this these type of attack you’ll likely need a professional to resolve the issues.” says, Jim Slick, President and CEO of Slick Cyber Systems.
Jim continued to say “Cybercriminals are even attacking small businesses through trusted vendors and supply chain partners. They know that if they can attack trusted partners and gain access to their system, they can potential gain access to other companies they do business with.”
Jim offered the recommendations too small to medium businesses.
1. Always back up your data. This is the most important thing you can do to protect your information from loss.
2. Did you read number one? ALWAYS BACK UP YOUR DATA! Jim says “Work with trusted partners like Slick Cyber Systems to guide you when choosing a backup solution.”  A USB drive is not an acceptable means of backup.
3. Virus protection is just the first step. You need to ensure that you have layers of protection to provide you the best solution and protection to your network. This should anti-malware, anti-virus, and intrusion protection to name a few.” Talk with your solution reseller to discuss the proper software and hardware to protect your business.
4. When in doubt encrypt any valuable data like customer credit card information. So if your system is compromised by a hacker, you want to make it difficult for them to steal your important information.

Jim Slick says that properly securing your information does not have to prohibitively expensive or break the bank. You can secure your information with true business level protection services and products with your budget in mind. Trusted security advisors from Slick Cyber Systems can be reached by calling 570-371-5800 or going to http://www.slickcybersystems.com

Related Posts

8 Security Habits Putting Businesses at Risk

I Always Feel like Somebody’s Watching Me.  (Well Maybe They Are!)

 

 

 

WTF is my password? (Don’t worry we’ve been there too.)

Everyone has had that moment when logging into a website. You enter your username, and then the dreaded password. You know the type of password I’m referring to.  The one that is a random string of characters, containing no less than 10 numbers, six special characters and 31 letters. Not to mention the letters have to be a combination of upper and lowercase letters. (Does this sound all too familiar?)

If you’re like many of us, when working with a computer, some chores are easy.  However,others, like updating and remembering passwords are a … well … the word ‘nightmare’ seems to come to mind, doesn’t it?!

So what happens if you don’t keep a strong password?  Cyber criminals, or hackers could access financial information or worse try to take over your Facebook page and start posting pictures of cute kittens? (I bet this would be hard to explain to the rest of the office!)

Very soon you’ll be able to say goodbye to passwords. The next wave in computer security may be here and it’s called biometric authentication. This is an almost science fiction practice of using biological traits, such as fingerprints, or even the shape of your ear, or the beating of your own heart to confirm your identity.

Even though Windows-based notebooks have been running fingerprint authentication for years now, recently, Apple took an early stab at this technology by embedding a fingerprint sensor into the home button of its iPhone 5S with mixed results. As Biometrics still have some distance to close the gap before totally replacing the dreaded password, very soon they may gave all the kinks worked out.

1. Ear Shape is the unique indicator the Ergo Android app by Descartes Biometrics uses. This technology uses the uniqueness of the shape of your ear to act much like swiping your finger print over a finger print scanner. By holding your ear pressed against the screen of something like a touchscreen phone you can capture images or scans of your ears shape to act as a password. Currently this technology is only being used to lock and unlock mobile phones but maybe soon you may only need your ear to log into a locked file. Wouldn’t that be cool or maybe weird you decide.

2. Facial Recognition, a security technology utilizing cameras to take the image of someone’s face and scan against a database of authorized personnel that can access a device, secure area, or secure files. This technology is effectively being used around the world by law enforcement, military, computers, the gaming industry, and even the smartphone industry. As this technology advances us we may all have to stare into our laptop or tablets cameras to login before work. (Not only the ladies will have to worry about their faces in the morning, huh?)

3. Heartbeat, The Nymi wristband was designed to eliminate the need for physical keys or passwords by reading an individual’s electrocardiographic signals (ECG) or the beats of your heart. Your heartbeats are very distinct and even more difficult to reproduce. Recent advancements have allowed the technology to be minimized and can be shrunk into a small device, which could be worn as a wrist band. This technology maybe much more acceptable to the average user as companies like Fitbit have become more mainstream tracking how much activity the wearer gets during atypical day. Maybe the Nymi wristband will be able to tell us when we are under the most stress so we can eliminate it from our work day. (Wishing the boss away right?)

4. The next Biometric uniqueness maybe something those businesses could adopt rather easily. Typing Speed, yep your heard me right, typing speed. As each person’s ability to type and how fast they type is as unique as a person’s speech pattern. Keystroke biometrics records how each person types. Then calculates this unique pattern, rhythm and speed. It also determines how long each of us hold down each key and the time between different letters to build a profile of your typing biometrics (including all us who backspace a lot!!). Currently Coursera uses a technology of Signature Track, who want to get verified certificates for online courses they have taken. The process requires students when taking classes online to type a simple phrase when they need to verify their identity. The keystrokes could be used to verify anyone using a computer is authorized to access a system, files. Allowing companies to keep secure and eliminate the need for passwords. (Wouldn’t we all love to see them go away?)

Do you want to eliminate passwords, but still want to keep your information and system secure? Call Slick Cyber Systems 1-888-850-8882 to discuss how we can make your business a password free business.

Do you think long complicated passwords have seen their day and will go away in light of biometrics?  Tell us what you think.

I Always Feel like Somebody’s Watching Me. (Well Maybe They Are!)

Computers can be wonderful tools that allow you to interact with data in ways never thought of before.  Now couple this with the power of the internet connecting all the worlds’ computers into a web of information, with opportunities to buy or sell all sorts of goods to anyone in the entire world. View pictures of animals, people, and fantastic places from around the world, or learn how to do just about anything.

This is truly amazing, right?  Well sure, but there are down sides to computing that are all too often over looked until it’s too late.  You see the darker side of owning a computer and internet connections that many people or businesses don’t give enough thought too until its often too late.

The following list should have you good and paranoid, but at least you’ll understand what you’re up against.

 

They are spying on you.  

Large and small corporations sift through the information and habits of your internet browsing data eagerly looking for ways to convince you to buy their products and services.  Yes, it’s true they are spying on you and it’s all legal.

Question: So you ask what I can do.

Answer: Turn off Java and Flash in your Web browsers.

The programs of Java and Adobe Flash Player plug-ins are common points of vulnerability for many web browsers. Both of the platforms a power a lot of interactive content on the Internet, but these platforms provide too much risk and should be turned off.  Knowing this many websites have already begun to move to much more secure platforms in efforts to eliminate this issue.

We see you.

Hackers, cyber criminals, peeping toms and weirdoes in general can intentionally expose your computer to viruses, malware and other malicious software with the purpose of actually watching or listening to you without you even knowing it.

Question: So What Do I Do?

Answer:   You would always want to be certain your computer and network have up to date, compliant software, hardware patches, malware, firewalls and threat protection in place for best protection but for this specific threat let’s keep the solution simple.   Simply unplug or covering the lens of any unused camera when you’re not using it.  (Not a bad idea to muffle the microphone either if that camera thing really spooked you out)

 

My favorite websites are doing what?

 

Many websites compile and send a lot of information about you, and your habits to other websites.  Some of the information is sent to websites that you may never have even actually visited.  ( A little too much like George Orwell novel for me.)

 

Question: So what do I do to protect myself?

 

Answer: We would recommend that you eliminate any accounts you may have social media websites like Facebook.  Understand that these websites may be a great way to share fun things with friends or family even colleagues.  The problem is that almost any piece of information you post on a social-networking site could later be used hurt you.

Your ATM could be stealing from you too.

ATM’s are the latest devices being used against you by criminals to steal your hard earned money.  Cybercriminal are using small nearly invisible cameras to record your keystrokes as you enter a PIN.  While card readers called skimmers are added to a compromised ATM to capture data from your cards magnetic stripe.

 

Question: What do I, how should I handle this?

 

Answer: Always use caution when using an ATM for the obvious reasons.  (But in addition to your situational awareness if the ATM looks like it might be tampered with don’t use it no cash advance is worth compromising your banking information.). also you should whenever possible block the line of site of the keypad when entering your PIN. Remember if the crook in question captured your information through a skimmer they put in the ATM, and they see your PIN, then can now access your account. So by blocking the numbers, on the keypad you minimize the chances of your PIN being exposed.

 

So you forgot your cellphone when traveling?

 

If you did not get to hear about the horror stories coming from the winter Olympics in Russia this year (apart from bad water quality, and no doors on the bathrooms) Western travelers are often the victims of very organized efforts to steal data when your traveling.  In fact the problem is so prolific that travelers often will have their mobile phones confiscated by local authorities, or find that spyware has been installed on laptops and smartphones to steal your information.

 

Question: What do I do to protect myself?

 

AnswerFirst like the headline suggests.  Leave you phone at home when traveling. If a phone is needed when traveling get a local cellphone which are available on a “Pay As You Go” plan.  And be sure to keep your laptop secure and avoid local Wifi Hot Spots.

 

Please Don’t Click The Link.

Most Malware is very strategically placed online.  On infected websites, or worse in emails share with you by people you may already know.  These emails will contain links, when the link is clicked the malware install onto your computer and goes about stealing information from you.

 

Question: So what do I do?

 

Answer:  Much like before you would always want to be certain your computer and network have up to date, compliant software, hardware patches anti-malware, firewalls and threat protection in place for best protection.  In addition to this, NEVER click unsolicited links.  This also goes for websites like Twitter, (if you still use it after we told you to cancel your account.) where it is common to use URL Shortening to hide the links true location.

 

As always you should have questions concerns or need advice on security concerns or I.T. questions call Slick Cyber Systems at 570-371-5800 we can help answer your questions.

Save Money on Ink? Please tell me more you say…

A recently reported article which has gained some popularity with main stream media, from CNN, FOX NEWS, ABC NEWS (to name a few) is that the costs of printing could be dramatically reduced by something as simply changing some of the more popular fonts to one that is much lighter.

Anyone that owns a printer can attest that the costs of printer ink, have grown so expensive that many compare the cost of ink to that of gasoline, oil, or expensive designer perfume.

Many have turned to digital technologies, in hopes of trimming their ink expenses. However the paperless office still has not come to fruition.  Printing is considered by many, to be something of an old technology.  The digital age has not been able to absorb the vast majority of business printing needs.   So the news agencies  were quick to run with a story that exposed potential governmental savings of its printing costs.

The story describes that a 14-year-old student Suvir Mirchandani may have discovered a clever way to lower printing costs.  Suvir claims that by swapping the common font Times New Roman for the less popular font Garamond, this will save as much as 30 percent less ink.

Mirchandani made his discovery during a science fair project, which was aimed at potential savings at his school.  His research was then published by the Journal of Emerging Investigators and then applied his findings to the printing costs of the U.S. government.  From there this story became an overnight success appearing on countless TV shows, Newspapers and internet blogs.

This is where the story starts to turn, and take a life of its own as the illusion of cost savings is propelled by those who are not experts in the printing industry.   The article does not get an opinion from any printing industry expert to offer their perspective if the possible savings could be realized.

So the question is how this could have happened?  

The answer to this question is that many people because they know little about something proclaim themselves experts and immediately dismiss those who do have experience and expertise in a field.

Jim Slick, President and CEO of Slick Cyber Systems offered his perspective saying,“We see this type of DO IT YOURSELF mentality all the time.”  Jim went on to explain that many companies attempt to do I.T. themselves, and always fail.   Jim said, “I never understood why anyone would risk their business thinking that they could make I.T. decision without understanding potential problems.  Let alone legal, and compliance issues that could potentially have catastrophic repercussion to themselves, their customers and their business.”

Jim recommends that regardless of whether you’re starting a new business or growing your current business.  Talk with trusted solution providers and partners; they are there to help you succeed.   Jim said, “That is why it is important to deal with I.T. experts like Slick Cyber Systems, we have the needed expertise and knowledge to help you achieve the goals of your project.  Call us, discuss any concerns you have, or goals your trying to achieve, we can provide you with sound advice that will help you in achieve your goals.”

Counting Down The End Of Windows XP and Office 2003

Microsoft has been counting down the days until it is through with the Windows XP operating system for personal computers, and so is Slick Cyber Systems. (See our countdown clock to help send off Windows XP.)

Microsoft over two years ago used a blog post to remind the world that it will no longer support the generations-old operating system.   Some listened, but many people and businesses have clung to this aging operating system despite the releases of several successors.  Windows Vista, Windows 7, Windows 8, and Windows 8.1 currently.

[ See Also Impending Windows XP Disaster ]

As Windows XP and Office 2003 were great software releases, the time has come to say goodbye to this aging operating system.  Software and direction have changed and the security risks have changed so the time is now to migrate to a new operating system and version of Office.

Jim Slick, President & CEO of Slick Cyber Systems, advises computer users, particularly businesses, to “migrate” machines to the latest versions of the programs well before Microsoft puts XP to rest on April 8, 2014.  As with any change there may be confusion, or concerns that need special attention.  Jim addresses these concerns by telling any business, “contact an IT Solution Provider like Slick Cyber Systems”, so they can “provide valuable direction and support during this transition”.

Slick Cyber Systems, a full service IT Managed Services Provider (MSP), has been in business since 2002 and operates throughout the United States.  “We have customers of all sizes, from small business to large corporations.  We also support quite a few customers from around the globe in faraway places like China, Germany, Mexico, and Canada to name just a few.”

Slick Cyber Systems provides value and knowledge to either a company’s exiting IT staff or completely replace a company’s IT staff with a more cost effective, fully managed, service.  Slick Cyber Systems can even augment the current staff with I.T. professionals to support any business big or small with the expertise it needs, when it needs it.

Jim went on to say, “Regardless of the industry, Manufacturing, Legal, Medical, Retail, … we have done it all and can help provide your business the direction and support needed to succeed”.

Call us today 1-888-850-8882 to see how Slick Cyber Systems can help your business.

The Impending ‘Windows XP Disaster’

Many have warned about the impending ‘Windows XP disaster’, driven by hackers and cyber criminals looking to exploit those still using the Windows XP operating system. It looks like the ‘disaster scenario’ might come a little bit sooner than originally expected:
If you have not heard by now, Microsoft will end its support for its aging Windows XP operating system on April 8, 2014. Many, still, have not upgraded equipment or migrated software to a newer operating system. Evidence is already mounting that the April date could result in mass chaos for companies still using this venerable, but outdated, operating system.
Jim Slick, President and CEO of Slick Cyber Systems, said, “I’m shocked and appalled that any business or institution would still be using Windows XP knowing the extreme security risks this will pose.” When talking with Jim it becomes abundantly obvious that he is passionate about security of his customers IT infrastructure. Jim went on to say, “Companies like Target have fallen victim to attacks from cyber criminals in the past few months and this is just a small precursor of things to come.” “The most targeted business of cyber criminals is small to medium businesses … just because you’re not Target’s size, doesn’t mean you are immune to these threats. In fact, it is a bigger problem for your small business because cyber criminals know smaller business’s more often than not run with less (or no) good security practice. These attacks, and the growing threat of cyber criminals, should have any consumer and ultimately every business concerned. Cyber criminals are already ramping up for XP attacks … if you have data on there, it will be compromised … it’ll be like a skeet shoot for them with absolutely no recourse for the business who was attacked”
[The End of Windows XP Support: What it really means for businesses? ]
Jim went on to say, “Knowing that these threats exist underscores the importance of moving off of Windows XP now. You need to protect your customers and your business from threats like this, and the best place to start is to work with an IT partner that can quickly identify potential problem areas and design a solution to eliminate these potential risks.”
If a migration can be made now, do it. If not, consult with IT experts (like Slick Cyber Systems) that can help guide you in the right direction.