Security experts and IT managers have long warned against using the same password on multiple sites, yet many users continue to do just that. And while it’s easy to dismiss this practice as mere habit, there is more to it than that.
The sheer complexity of managing so many passwords and keeping track of multiple usernames is enough to make even the most dedicated techie swear off the internet forever, but there’s a better way to secure your data and keep the bad guys at bay.
If the benefits of convenience outweigh security for you, the recent Facebook breach, which exposed the data of an untold number of users, should serve as a wake-up call – and one more reason to use a password manager program.
Password managers are designed to keep your data secure in an innovative way. By seamlessly keeping track of usernames and passwords, these valuable pieces of software make it possible to mix things up, all without sacrificing your safety or convenience.
But which password managers are worth the price? Here are four of the best and most secure password managers on the market today.
LastPass is one of the most popular, secure, and widely used password managers on the market today. The creators of LastPass bring more than three decades of relevant experience to the table, offering millions of customers in over 100 countries extra confidence in the product.
Key advantages of LastPass:
- Data remains on the device – no data is sent to the LastPass servers, providing an extra layer of security.
- Built-in two-factor authentication – the gold standard in security.
- Includes an automatic password generator – If you don’t feel like creating your own secure passwords, LastPass can do it for you.
- Works on mobile devices – LastPass works on both mobile devices and traditional laptop and desktop computers.
- Past security vulnerabilities – As one of the most popular password managers, LastPass is no doubt a target for hackers. LastPass suffered from well publicized security vulnerability as recently as March of 2017. While those issues have been addressed, it’s something to keep in mind.
- Refund issues – Some LastPass users have complained that getting a refund has been difficult.
Keepass is another popular and widely used password manager to consider. Keepass is free to use, but it’s also open source and resource light, giving it a leg up on several other password managers. This award winning password manager has been a hit with both individuals and business users, and its security is well known in the industry.
Key advantages of Keepass:
- Exceptional design and usability – Keepass users can create master passwords that are unique, secure, and accessible only to themselves.
- Credibility in the industry – The creators of Keepass are widely respected throughout the computer industry.
- Open source and totally free – the fact that it is free and open source makes it flexible and easy to use.
- Antiquated website – The design of the Keepass website is anything but modern, and many would-be users may be turned off by its dated appearance.
Dashlane is one of the most popular password managers for business use, and one of the most versatile on our list. Dashlane keeps your passwords available online, so you can log on from any device while keeping your credentials safe and secure.
Key advantages of Dashlane:
- Exceptional security – Dashlane meets or exceeds not one but many security standards, making it one of the most secure in the industry.
- Automatically generates strong passwords – You don’t have to make up your own high-security passwords; Dashlane does it for you.
- Security alerts – Dashlane users are automatically notified of data breaches and other issues on websites where they have accounts.
- Easy payments – When you use Dashlane, online shopping is a snap; users can pay online in a matter of seconds, speeding the checkout process and enhancing the convenience of those late-night shopping sprees.
- Some features only work with Android – If you are an iPhone or Apple user, be aware that some key features, including auto filling forms, may not work with your devices.
- Designed for business use – Dashlane is a popular choice for business use, and some users feel the software is not geared toward personal users.
1Password includes a number of unique features not found in other password managers, earning it a spot on our list.
Key advantages of 1Password:
- Automatic password generation – 1Password will create strong passwords for you.
- Security checks – Known as Watchtower, these automatic security checks are one of the biggest advantages of 1Password. This popular password manager automatically scans for known security vulnerabilities, giving you a heads up on any issues.
- Multiple platform support – Provided that you don’t use a Windows Phone or Blackberry, chances are 1Password is compatible with it. With support for Windows, Mac and Android, 1Password is one of the most versatile password management programs around.
- No Windows Phone or Blackberry support – If you are using a Blackberry or Windows Phone, this solution is not for you.
- No multi-factor authentication – This could be a serious drawback in terms of usability and security.
Bonus Tip – How to Password Protect Your Word Documents
Using a password manager is a good first step, but encrypting Microsoft Word documents allows you to take things one step further.
Whether you’re using Microsoft Word for business or pleasure, encrypting your documents is the best way to protect them from prying eyes. Here are the step-by-step instructions you need to secure your Word documents.
- Click on the Review tab.
- Choose the Protect Document option.
- Wait for Protect Document to be highlighted.
- Choose the appropriate security options, i.e. password needed to open and/or modify the document.
Keep in mind that Microsoft will not be able to help you if you forget the password you assign to the document, so be sure to record your password in a safe place.
In addition to general password protection, there are additional security features when sharing documents with colleagues and coworkers. Here’s how it works:
- Click the Review tab.
- Choose Protect Document.
- Click Tracked Changes to keep tracked changes on during the review process.
- Click Comments to prevent others from making changes to your document.
- Click Read Only to allow readers to review the document but not make changes.
- Click OK when done.
Protecting yourself and your data has never been more important. Password managers allow you to create your own secure passwords, keep track of passwords, and even get notified of security breaches.
No matter what type of devices you use, we encourage you to review each of these password manager programs in greater detail and select the one that best fits your needs. If you need assistance, we can help you select the best password manager for your business, so feel free to contact Ontech’s support team at 262-522-8560.
If you use a computer for work or business, you’re constantly at risk.
Cyber-attacks are coming faster than ever, and hackers have learned from their past mistakes. Modern phishing attempts are more sophisticated, and therefore more dangerous than those just a few years back.
Why are phishing attacks so prevalent?
Consider this statistic; according to a recent cyber security report by Verizon, a hacker who sends out 10 phishing emails has a 90% chance that at least one person will fall for it.
Cyber criminals are playing the odds, and the odds are very much in their favor.
So how do you protect yourself now that phishing attempts have become ubiquitous and increasingly successful?
While some phishing attempts are painfully obvious – we all know a Nigerian prince does not have millions of dollars with your name on it – others are more difficult to spot.
You’ve likely received a phishing attempt from PayPal, your banking institution or even Microsoft and had to give it a second look to confirm whether it was legit. If you have a PayPal account or use Office 365, you are a prime target for this type of sophisticated phishing attack.
How to Spot a Phishing Email
In the old days, spotting a phishing email required nothing more than a basic grasp of the English language. Back then, emails were filled with broken English, spelling errors and grammatical mistakes, but modern attempts are more sophisticated, and far more difficult to spot.
If you want to avoid becoming the next victim, you need to stay vigilant. Here are some key things to look for as you work your way through your inbox. If you spot any of these warning signs, the email in question definitely warrants a second look.
- The email is unexpected and unsolicited. Did you receive a confirmation email for a shipping notice, an order you did not place, or a notice from the bank you were not expecting. If so, proceed with caution.
- Your name is not included. Hackers send out bulk messages in hopes of scoring a few hits. They do not have the time, nor the inclination, to personalize their messages. Red flags should start flying if the sender does not address you by name.
- The sender makes veiled (or open) threats. That threatening tone has become a hallmark of modern phishing attempts. From IRS threats to imminent arrests by the FBI, hackers are pulling out all the stops to scare people out of their hard-earned money.
- The email includes links. Infected links are the prime source of danger from phishing emails, so think before you click. If you have any doubts at all about the legitimacy of the email or sender, call for verification before clicking on any link.
Test Your Skills
You might think you have what it takes to avoid a phishing attack, but how can you really be sure?
With a 90% success rate, those hackers are catching new victims every day.
Each time you receive an unexpected email, ask yourself the following questions.
Or better yet, take this handy quiz and pass it along to family members, friends, and co-workers.
- Did you check the sender’s email address? If the phishing email is coming from a hacked personal account, the address may not match the purported sender. (i.e. @mazon.com vs @amazon.com)
- Did you verify the link? Clicking on an infected link could have devastating consequences. To see where a link goes, just hover your mouse over it, or right click and paste the link into a plain text document (not your browser). A mismatch between the purported sender and the link should be a dead giveaway.
- Is there a strong sense of urgency? As mentioned earlier, many phishing emails use threats or an impending deadline to urge victims to take action quickly.
- Does the email include complete contact information? If the email is vague on contact details and instead includes a general sign-off such as “Regards, IT Help Desk”, definitely give it a second look.
Above all else, engage in phishing attack prevention techniques, stay vigilant, and always err on the side of caution.
If you believe you have already fallen for a phishing attack, just give Ontech Systems a call at 262-522-8560. We can help you recover from the attack and provide you with the information you need to guard against phishing attacks in the future.
From the smallest businesses to the largest enterprise-level companies, no one is immune to the threat of cyberattacks.
A quick glance at the popular news headlines reveals that cyber threats are rampant and they’re not going away anytime soon.
Ransomware attacks have been on the rise for quite some time now, wreaking havoc on municipalities, small businesses and large companies alike.
In this today’s cyber environment, no business is too big or small to fall victim to cybercrime. According to a recent report by CNBC1, more than 14 million businesses are at risk of a hacker threat, and that number is only expected to rise.
As if the threat of hackers was not enough, the Department of Homeland Security warned of future cyberattack plots emerging from Russia. If you are not taking proactive steps to protect your business from intruders, your business network is at risk of a cyber-attack.
Cyber security is no longer something to be taken for granted and addressed “down the road”. Studies show there is currently a workforce gap of more than two million cyber security professionals, and the best workers are often snapped up by the largest businesses and governmental agencies.
But thankfully, a new type of cyber security has emerged. You may be familiar with the Software-as-a-Service, or SaaS, concept. CYBERShark introduces top-notch security to the business world for an affordable price. With a host of benefits available, CYBERShark has created a scalable SaaS solution for all your business security needs.
What is CYBERShark?
The CYBERShark concept could not be simpler. By focusing not only on prevention, but detection and response as well, this innovative product turns the tables on hackers – creating a robust defense that had previously been all but impossible to achieve.
If you doubt the importance of a fast response, consider this statistic – without CYBERShark protection in place, it could take an average of eight months to discover a data breach – that is eight months of waiting, and eight months of exposed data and customers.
With CYBERShark in place, that discovery time drops to just eight seconds. Instead of waiting around for the other shoe to drop, you can start implementing a proactive response – all in less than 10 seconds.
This turnkey Security-as-a-Service solution is the perfect choice for businesses of all sizes, from the smallest startups to the largest enterprise-level companies.
The power of CYBERShark is in its features. By introducing the Security-as-a-Service concept, CYBERShark allows businesses to protect their networks and data, detect intrusions, and respond with lightning speed.
CYBERShark is easy to use, simple to implement and robust enough to grow with your business. A few benefits of CYBERShark security include:
- No hardware or software requirements
- Zero footprint delivery
- No maintenance requirements
- No patching needed
- No agents on your endpoints
- Low noise to signal ratio
- Places emphasis on defending, not just detecting cyber threats
A Growing Threat
The threat of cybercrime is growing rapidly, and as more and more connected devices come online, the danger will only grow. Security experts have already warned of the danger posed by Internet-of-Things devices, and this growing threat must be addressed in a proactive way. By harnessing the power of detection, CYBERShark is taking down cyber threats where they live.
From protection against ransomware and real-time detection of rogue sites, to safeguards against the misuse of employee login credentials, CYBERShark has it all. By combining disparate types of protection and bringing it all under one roof, CYBERShark is changing the face of network security for the better.
Protection for Small and Medium-Sized Businesses
While data breaches at large corporations take up a disproportionate share of the news, it is actually small and medium-sized businesses that are most at risk. Hackers are always looking for the easiest targets, and in many cases that means targeting small and mid-sized businesses.
If you’re tired of taking a wait-and-see approach to cybersecurity, the time to take action is now. Contact Ontech Systems today to get pricing details on this innovative new product and find out of CYBERShark is right for your business.
We can assist with everything from security assessments, to system testing, licensing upgrades and beyond. Just give us a call at (262) 522-8560 or email us to begin your security assessment today.
There have been many online security threats throughout the years, but few have been as frightening as ransomware.
Ransomware does more than spy on your web surfing or read your emails – it encrypts the files on your computer, locking you out of your data and putting your entire business at risk.
The threat posed by ransomware is growing rapidly, and it has already snagged some high profile targets.
The entire city of Atlanta was plunged into the digital dark ages when its servers were hit with a ransomware attack, and Atlanta is not the first municipality to have fallen victim to this new type of crime.
Where Is the Threat Coming From?
Every Office 365 user should be aware of the threat posed by ransomware, along with the various ways an attack can be initiated. Ransomware attacks are growing in sophistication, and businesses need to constantly be on guard.
Infected emails are still a frequent source of ransomware attacks and recently, Office 365 users have been targeted. When unknowing users click on an infected email, ransomware quickly spreads throughout the network, targeting unprotected desktops, laptops, servers and mobile devices.
Other ransomware attacks take the form of highly targeted emails seeking out company executives through seemingly legitimate messages. But no matter what form it takes or who it targets, ransomware is a serious threat to businesses of all sizes.
Microsoft Office 365 and Ransomware Protection
As a result of the targeted attack and massive threat that ransomware poses to businesses, Microsoft has taken action by building ransomware defenses into their products.
If you’re already using Microsoft Office 365 in your business, you should begin to see this ransomware protection soon. If you are not an Office 365 customer, the new ransomware protection is one more reason to make the switch.
The Next Level of Security in Office 365
These new advanced security features break down into four categories, each designed to coincide with one another.
- Advanced link checking: Since so many ransomware attacks begin with infected attachments, it makes sense that Microsoft would address this threat first. As part of its ransomware protection, Office 365 will now include sophisticated link checking for all Word, Excel and PowerPoint files.
- Password protection for forwarded links: This new feature allows users to specify a password for the links they share, preventing unauthorized access even if the file is later forwarded to the wrong recipient.
- Email encryption: Email continues to be a weak spot in many cyber security platforms, so Office 365 is addressing that vulnerability. The new email encryption feature allows users send and receive encrypted Outlook messages via a secure connection, enhancing security and making unauthorized access more difficult.
- Forwarding prevention: Erroneous forwarding of confidential files and proprietary information is a real threat to businesses, but a new Office 365 feature aims to reduce this risk. This new feature allows users to restrict forwarding of emailed files, preventing unauthorized access and unintentional disclosure. Most importantly, the protection remains in place even when the file has been downloaded and saved.
When Will These Features Become Available?
Some new Office 365 features, like advanced link checking, are already available, while others are still rolling out. All of the enhanced security features, from forwarding protection to email encryption, should be available to users by the second half of 2018.
Security is a constant challenge for businesses, with hackers growing in sophistication and software providers struggling to keep up. With the addition of these new security features, Microsoft has demonstrated its commitment to ransomware protection, so you have one less thing to worry about.
If you’re currently an Office 365 user, it is important to understand exactly how these new features work in order to utilize them effectively. While the new ransomware protection is a step in the right direction, it is no substitute for user training.
Whether you’re a current Microsoft Office 365 customer or you want to learn more about the new security enhancements, our cybersecurity experts are standing by to support your efforts to secure and stabilize your network. We invite you to give our support team a call today at 262-522-8560 or contact us online.
With winter behind us, it’s time to think about doing some spring cleaning. Not in a traditional sense, but in your business network. Spring is a great time to evaluate your equipment, boost security protocols and enhance the protection of your sensitive company data.
Follow these simple steps to keep your business network running at peak performance.
Test Your Backups
You’re off to a great start if you already have a data backup system in place, but are you confident your backup is functioning properly? In other words, are you sure your backups are complete? Are you confident you can fully restore your data?
Without a solid, functional backup system in place, a single keystroke could put your entire business at risk. Even if you have been diligent about backing up data, without consistent testing, you backup might be incomplete.
Whether you’re backing up data to the cloud, using network attached storage and removable hard drives or taking a hybrid approach, regular data backup testing can provide you with the peace of mind of knowing you’re covered in the event of a disaster or cyber-attack.
Start testing by selecting a few files to restore. Be sure to open those files, read through them and compare file sizes to the originals. If your backed-up data is incomplete, it’s time to revamp your entire backup strategy.
Evaluate User Accounts
New user accounts are a key part of the onboarding process. As employees come and go, it’s common for user accounts to become obsolete, which presents a security risk. Take a few moments as your next spring cleaning task to review all user accounts and remove any old accounts as necessary.
Remember, regardless of role, employees should be given the least amount of access necessary to do their jobs. Providing staff with too much access can be a big security risk, so it’s better to err on the side of caution.
Remove Dirt and Debris from Equipment
Not all network spring cleaning is digital. In order to protect your equipment, some physical cleaning is necessary as well. Over time, dust and dirt build up, especially around the fans that cool your equipment. If you don’t take the time to remove this debris, it can block the fans, causing your equipment to overheat and eventually break down.
All you need to remove this buildup is a can of compressed air and a little patience. Be sure to check all the electronic equipment in your office and don’t hesitate to remove a wall panel or two to ensure you’re not just blowing debris deeper into the equipment.
Schedule a Security Assessment
When it comes to network security, spring is the perfect time to schedule a security assessment to identify weak spots in your network.
It’s difficult to truly know how secure your network is without actual testing. When you schedule your security assessment, Ontech Systems will carefully evaluate each part of your security process, from user creation and data access to software updates.
Implement Layered Security
Data security is not just one step – it is a multilayered process. If you want to protect your data, a layered security process is necessary so that if one layer of security is penetrated, another layer is there to prevent the vulnerability from infiltrating your network.
Review Firewall Rules
Even with a robust firewall in place, without the right rules, your network may not be fully protected. Spring cleaning your network should include a review of your firewall security rules – from determining which ports are active to evaluating which exceptions are acceptable.
Check Equipment Warranty Support Expiration Dates
Computer equipment can increase the efficiency of your business, but when the support window ends, it presents a security risk. Your spring cleaning protocol should include a thorough review of support expiration dates, along with an analysis of extension options.
In addition, be sure to conduct a software review since support for several popular operating systems like Windows XP has already come to an end.
Create/Update IT Security Training for Staff
Your employees are your first line of defense, and many security experts agree – they’re also your biggest security risk. Take the time to ensure your staff is fully trained and updated on the latest in cyber security by creating and/or updating a robust IT security training program.
Replace Outdated Equipment and Software
If your warranty expiration review reveals outdated equipment and software, now is the time to replace it. Running outdated software puts your business at risk, and with today’s sophisticated cyber-attacks, it’s not a matter of if, but when your network will be attacked by cyber criminals.
Save Space by Moving to the Cloud
If your hard drives and servers are bursting at the seams, moving to the cloud can solve your storage problems. Spring cleaning is the perfect time to free up physical and digital space (and IT budget) by moving to the cloud.
If you need assistance with any of these spring cleaning steps, just contact our sales department today to discuss your needs and see how we can help.
Ontech Systems can assist with everything from security assessments, to system testing, licensing upgrades and beyond. We will do everything we can to ensure these steps are as simple and straightforward as possible.
Just give us a call at (262) 522-8560 or email us to begin your security assessment or Free Network Discovery today.
VMWare is the leading provider of virtualization products. This software allows businesses to reduce downtime and add additional virtual servers without purchasing additional hardware. Virtualization is a highly technical subject, but it plays a vital role in the modern IT network.
It’s a fact of corporate life that software, no matter how critical, has a limited lifespan. Even more importantly, each piece of software has a limited window of support. When that support window closes, updates end, patches cease and vulnerabilities increase.
If your business relies on vSphere and vCenter 5.5, take notice. Support is ending for both of these products, and soon, VMWare will no longer provide critical updates for either of these popular products.
Support Ending September 2018
As of September 2018, VMWare will no longer be supporting vSphere and vCenter 5.5. This September deadline is an important one to keep in mind, especially if your company relies heavily on these two pieces of software.
When this deadline arrives, VMWare will no longer provide support for either of these two products. This means there will be no support for security, no support for functionality and no further updates for these or earlier products.
For starters, we encourage you to check out the following resources:
Well before VMWare announced an end for vSphere and vCenter 5.5 support, there were compelling reasons to upgrade. The latest version of these products are designed to be more robust, more scalable and more secure than the earlier versions they replaced. Upgrading can give your organization a whole host of benefits.
Now that support is coming to an end, the need to upgrade is critical. While your current software may still be functioning, the end of support and lack of future security patches can put your company data at risk.
Virtualization is widely used in the corporate world and the reality is this – a single piece of outdated software could jeopardize your entire network.
Cyber security threats have never been greater and there has never been a more compelling reason to upgrade your VMWare products. If your business uses vSphere or vCenter 5.5 software, contact Ontech Systems at 262-522-8560 for assistance upgrading your software before September 2018.
Upgrading to the latest version of your VMWare products may seem like a daunting task, but it all starts with a plan. Ontech Systems can help you create that upgrade path, so you can achieve greater security and consistency moving forward.
If you have been putting off your VMWare upgrades due to inertia or worry about how long the process will take, the expert staff at Ontech Systems can set your mind at ease. The amount of time and effort required for your upgrade is dependent on a number of factors like the number of software licenses your company owns and your own time horizon.
Ontech Systems is your upgrade partner and we can assist with everything from system testing to licensing upgrades. Rest assured, we will do everything we can to ensure your upgrade path is as simple and straightforward as possible.
Just give us a call at (262) 522-8560 or email us to begin your customized VMWare upgrade path today.