Monthly Archives

February 2017

Are your printers safe?

By | Hardware

This is not a question often asked by anyone who has ever used a printer. Given the increasing sophistication of hackers’ capabilities, the discovery that cyber thievery can, in fact, be performed through some popular printer brands hardly comes as a surprise. One study reveals that at least 20 printer models are vulnerable to Distributed Denial-of-Service and other types of attacks. Let’s take a look at this chilling development in cybersecurity.

Which printers are prone?

Based on the study made by Ruhr University Bochum researchers, printer brands such as Hewlett Packard (HP), Brother, Dell, Samsung, and several others are prone to different types of cyber attacks. Online printers from these brands could serve as cyber criminals’ path in which to steal credentials, corrupt a printer, or leak sensitive data from printed documents obtained through a printer’s memory.

Printers serve the basic purpose of turning computer documents into paper and have never been a typical entry-point of hackers’ attacks. Government and corporate offices, business establishments, non-profit organizations, and homes own one, and when you think about the fact that most printers are linked to computer owners’ internal networks, this expansion of cyber theft to printers begin to make even more sense.

How can attacks be made?

Researchers identified security vulnerabilities that would enable hackers to corrupt common printer languages such as PostScript and PJL, which they could then use to launch Distributed Denial-of-Service attacks or reset the corrupted printer to its factory defaults, also termed as ‘protection bypass.’ Other ways in which hackers could exploit their access are through print job manipulations, which could lead to minor cases of printing corruptions or persistent printing distortions, and information disclosure, the leaking of sensitive information.

What safety measures are being developed?

The researchers who discovered the vulnerabilities developed the PRinter Exploitation Toolkit (PRET), a program designed to determine if a printing device is a likely target. This toolkit ‘connects to a device via network or USB and exploits the features of a given printer language, and is complemented by a wiki page that documents attacks made. It’s worth noting that more printer models and brands haven’t been tested due to the team’s lack of resources. But with this open-source toolkit, vulnerabilities of many brands and models may soon be identified.

Stealing information online is far from being a novelty in cyber security. But to do so through printers requires a special set of skills. It’s too soon to tell whether this form of cyber thievery is going to pose serious threats in the future, but regardless of how further studies progress, failing to implement security protocols for your network can cost you dearly. Get ready for any security threat by contacting our security experts at Simpatico Systems!

Published with permission from TechAdvisory.org. Source.

What exactly is preventive cyber-security?

By | Security

There has been a movement among technology providers to promise “proactive” cyber security consulting. Small- and medium-sized businesses love the idea of preventing cyber-attacks and data breaches before they happen, and service providers would much rather brainstorm safeguards than troubleshoot time-sensitive downtime events. But it’s not always clear what proactive cyber-security means, so let’s take a minute to go over it.

Understand the threats you’re facing

Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cyber-security field, alongside an audit of your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measure versus your reactive measures.

Before you can start improving your cyber-security approach, you need to know where the baseline is. Create a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint strengths and weaknesses in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategies need to be. With an experienced technology consultant onboard for the entire process, you can easily parse the results of your simulation into a multi-pronged approach to becoming more proactive:

  • Security awareness seminars that coach everyone — from receptionists to CEOs — about password management and mobile device usage.
  • “Front-line” defenses like intrusion prevention systems and hardware firewalls that scrutinize everything trying to sneak its way in through the front door or your network.
  • Routine checkups for software updates, licenses, and patches to minimize the chance of leaving a backdoor to your network open.
  • Web-filtering services that blacklist dangerous and inappropriate sites for anyone on your network.
  • Antivirus software that specializes in the threats most common to your industry.

As soon as you focus on preventing downtime events instead of reacting to them, your technology will begin to increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cyber-security by clicking contact us. Or call 855-476-6347.

Published with permission from TechAdvisory.org. Source.

Free Google apps worth exploring

By | Google

Google Play has a wealth of applications that you can wyopend a whole day exploring. But with numerous categories and hundreds of apps available on Google’s App Store, looking for productivity-increasing tools may be too time-consuming. Sifting through dozens of potentially helpful apps amidst a bunch of barely useful ones might not be the best use of your time, so we did the choosing for you. And since they’re free, there’s no need to add them to your wishlist.

Chrome Remote Desktop

This cross-platform app provides a tremendous benefit in terms of support. If you need remote assistance, you can grant someone temporary access to your desktop and revoke access once the issue has been resolved. The other benefit is being able to access your own desktop from any of your mobile devices (smartphone, tablet, Chromebook) to work on files or use programs. Simply install the Google Chrome extension, assign a pin for remote access, and start sharing.

Trusted Contacts

It’s a dangerous world out there, which is why location-sharing apps such as Trusted Contacts are heaven sent. With Trusted Contacts, you can request a location from, or share yours with, a contact who’s also using the app. Location sharing has long been part of most apps with a GPS functionality, but what sets Trusted Contacts apart is its ability to send a person’s location even when offline. In instances when a person’s location is requested and there’s no answer within 5 minutes, the app automatically sends the contact’s last known location.

Google Handwriting Input

Typing on smartphones isn’t easy for everyone, and that’s why enhancements such as Swype are a welcome feature to touchscreen keyboards. Google Handwriting Input works like Swype, but is more flexible and doesn’t require precise strokes. You can ‘handwrite’ your IMs and text messages, perform searches, and even create emojis, using your finger or a stylus. This app may not seem like much, but it can be quite useful for those who communicate in languages with special characters.

Google Trips

Organizing business or leisure travel is taxing, and having to use multiple apps just adds to the chaos. Google Trips reduces your travel hassles by putting all data — such as itinerary, hotel location, available transportation, and other trip-related info — into one app and letting you access it online or offline. It also provides recommendations on popular attractions, day trips, and things to do based on the itineraries and other travel-related information you’ve stored in your Gmail.

The answer to some of your business’s most pressing needs may be hidden in plain sight in the App Store. We’re constantly on the lookout for process-enhancing apps and tools, so we know which solutions are best for you. For advice, click Contact US, or call 855-476-6347 today.

Published with permission from TechAdvisory.org. Source.

Internet Technology – The Misunderstood Managed Service

By | Hardware, Managed Service, Managed Technology, MSP, Security, Virtualization, VoIP, Web & Cloud

Written By:  Fabienne McGeever

Where clients pay a fixed monthly rate to manage their entire IT infrastructure/Network. NOT!

That is the first of many misunderstood statements the IT Managed Services Provider, known by the acronym “MSP,” industry faces today.  I remember the days when anything computer related, I would call up my sister and ask her for help.  We would spend hours trying to figure something out and she would ask me a barrage of questions that I didn’t know the answers to.  I would say, but you work with computers!  Enough said.  There is hardware, software, networks, VPN’s, domains, servers, data centers, storage, versions and levels and then there are third party vendors and partners with all kinds of areas that are a specialization unto themselves.

There are other times when an MSP misrepresents or avoids speaking directly to what they will actually be doing for you.  For example, they may offer a back-up solution but fail to explain what is indeed being backed up and where. You are thinking “I’m covered”.  Not always the case as there are different levels of backup solutions from local to external to off site.  Different devices and storage capacity.  You need to know what data is being backed up, where and how often. All businesses should have a disaster recovery solution in place so that should something catastrophic happen, the business can easily recover and get “back to business” with minimal data loss.

Typically the client and the MSP are bound by a contractual, service-level agreement(s) that states the performance and quality metrics of their relationship.  The agreement should address a range of issues related to cost, quality and timeliness of service, remote and/or on-site support and the recovery risks.  An in-touch business person will understand completely what is being accomplished and how much they are paying for the level of service being provided.  A good estimate for this is 4% of the business revenue costs yearly, so make sure this is in the budget.

A well-intended MSP offers many services including communication i.e.: email, VoIP phones, workstation support, backup solutions, security solutions, and facilitation with third party applications.  An MSP assumes responsibility for providing a defined set of activities and tasks for its clients either proactively or, as the MSP, for a certain product.  The services configure in many variations based on the client’s needs and budget.

Hiring an MSP facilitates streamlining of processes, outsourcing services and redesigning systems so a business owner worries less about IT and focuses on running/growing their business.  The decision to hire a MSP that can remotely monitor and manage your computer network is a no-brainier. The managed service provider improves efficiency, reliability, security, and maintenance — all while lowering costs.  The slogan “pay now or pay later” comes to mind.  What will you do?  Give Simpatico Systems a call.  We are here to help!  855.476.6347 Read more about us at Why Simpatico Systems. 

About the Author: Fabienne McGeever is a middle child/twin in a family of ten children.  She gained the unique perspective to see both sides and get along with most. She loves snow skiing, the beach “in any form,” and glamping. Fabienne lives in Santa Clarita, CA and serves as a Corporate Admin/Client Relations Liaison for Simpatico Systems.  Contact her directly:  fabienne.mcgeever@simpat.co

Ransomware demands more victims for freedom

By | Business, Security

Popcorn Time is taking ransomware to a new level of devilish trickery by asking victims to give up two of their friends for a chance to rid their own computers of the virus. In cyber security this level of diabolical blackmail represents a new and scary trend for hackers. For more information on how Popcorn Time works and what you can do to keep it off your system, keep reading.

Ransomware is nothing new. Cybersecurity miscreants have been taking advantage of online users for years by requiring payment to “unlock” a victim’s computer. What Popcorn Time does differently is give users the option to spread the virus to two other victims in the hopes that they will pay the ransom — a tactic that promises to double their money at the expense of your sense of morality (and at the expense of your friendships as well).

The Cost of Popcorn

When you inadvertently download this ransomware, you will be met with a screen that explains that your files have been hijacked/encrypted, and that to get them back you will need to pay one Bitcoin for a decryption key that they keep stored remotely. The Bitcoin fee is usually more than $700, a hefty price to pay during any season but particularly difficult for those infected during the holiday season.

Spread the “Holiday Cheer” and Hope they Bite

What makes Popcorn Time unique is the option victims have to take their cost away by allowing the ransomware to affect two of their friends for a chance to get a free decryption code. Of course, it works only if both friends pay the ransom, which leaves you looking (and feeling) like the Grinch.

Avoiding Popcorn Time this Season

The easiest way to avoid downloading ransomware is to stay off of sites that might contain questionable files. However, this is nearly impossible for modern users, and many hackers are getting good at making their files look legitimate. Limit your exposure to potential ransomware by keeping your software up-to-date and your computer protected with a security program from a reputable company (for example Norton or Symantec). If you need to learn more about how to avoid running into ransomware while you’re online, give our professional cybersecurity consultants a call. We’ll keep you away from the popcorn this season.

Published with permission from TechAdvisory.org. Source.

Go for the GOAL winner is…

By | Business, Uncategorized

JIM SHAWVER!

During the 4th Quarter of 2016, Simpatico Systems held a contest for Operations, Finance and Field Services team members to help spread the word about the company. Nearly all of the teams qualified everybody.  A qualified person received a gift, plus an entry for the grand prize:  Stuff a private plane with family or friends for a round trip where ever they choose. Congrats to Jim for qualifying and to all that participated. (Pictured L-R, Nathan Hasse – VP Sales, Logan McLean – Dir of BizDev, Jim Shawver – Field Services, Greg Bazar – President/CEO)

Microsoft ending support for Office 2013

By | Office

To make sure enterprises get the most out of their Office 365 package, Microsoft announced it will no longer support Office 2013 by the end of February. Instead, the tech giant will push enterprises to upgrade to Office 2016. If your business is still using the 2013 version, here are some things you need to know right away.

Effective February 28, Office 2013 client applications and language packs will no longer be available from the Office 365 self-service portal and Admin Center. On top of that, Microsoft will no longer release feature updates for Office 2013 and will focus solely on upgrading the recent 2016 version. And because Office 2016 doesn’t support Microsoft Exchange Servers 2007 or earlier, you’ll need to upgrade your mail server as well.

The end-of-support changes apply to Office 365 Pro Plus, Small Business Premium, Business, Project Pro, and Visio Pro subscriptions. Although critical security updates for 2013 products extend to April 10, 2018, businesses should really consider making the move to Office 2016 to take advantage of the latest productivity features.

With Office 2016 versions of Word, Excel, and PowerPoint, users can look up web information right from the document interface. What’s more, employees have access to advanced, collaborative features like Skype integration, Office 365 Planner, and Delve.

If your business plans to migrate to Office 2016, don’t forget to consider the minimum system requirements:

  • 1 GHz processor
  • 2GB RAM
  • 3 GB of available disk space
  • 1280 x 800 screen resolution
  • Windows 7 OS, or above

To make the transition process smoother, Microsoft is offering FastTrack migration, a service providing organizations with the tools to help them make the move from one Office version to another.

However, if you need more advice on moving to Office 2016, contact us today. We’ll make sure your Office 365 is always up-to-date.  Click “Contact Us” at the top of the page or call toll free 855-476-6347.

Published with permission from TechAdvisory.org. Source.