Is your Anti-Virus software a Leader or a Laggard?

Each year, The Gartner Group, Inc. an IT industry research leader, evaluates IT technology by segment and ranks the top performers in each market.  I thought you'd like to see how the major anti-virus/security vendors ranked in their latest 2013 evaluation. 

Below is what is referred to as the "Magic Quadrant" and the goal of each vendor is to be ranked in the upper right box of the chart (designated as the Leaders for that segment).  Is your A/V provider there? 


No one wants to be in either of the two bottom boxes and being ranked in the lower left box is a real slap in the face to any company listed there. 

What gets you into the Leaders box?  Providers have to show leading edge capabilities to deal with the constantly changing world of virus and malware detection and remediation.  They also have to be able to prove their ability to deliver on what they promise.  This is one of the most critical segments in the entire IT industry.

There are 5 companies listed in the Leaders Category.  Which one is best?  That's a little tricky because some of the companies address different segments of the IT market.  For example, Sophos is listed here but it specializes in large enterprise environments and may not be the best fit in smaller environments when compared with another Leader that plays in the smaller SMB market.

There are also subtle differences in the feature sets offered by each vendor listed.  For example, one vendor may really excel in list-based anti-virus detection but may not perform as well in Holistic malware detection which is the ability to detect previously un-recognized malware.  Since the flood of Zero Day malware (previously undetected malware) is one of the major concerns in the industry, we at ACT regard Holistic detection particularly high in our priorities of features importance in the SMB marketplace where we specialize. 

Suffice it to say that your goal should be to shoot for the Leaders in any IT category and then enlist the help of a professional experienced in dealing with sophisticated malware/virus threat remediation to pick the "best of the best" for your needs. 

If your vendor doesn't appear in the Gartner Magic Quandrant, take the hint.  If Gartner didn't list them, there was a reason. 

For more information on how products are evaluated by The Gratner Group check the following: http://www.gartner.com/technology/research/methodologies/research_mq.jsp

For assistance on selecting the most appropriate security and A/V solutions for your organization call us at ACT Network Solutions at (847) 639-7000 or e-mail us at security@act4networks.com.

Read More

Wireless Networking Is Due For A Big Jump In Performance

Just when we were getting comfortable with the 802.11n wireless standard, here comes a newer and better wireless solution - 802.11ac.  It will probably become the new standard in late 2013.



802.11ac is a brand new, soon-to-be-ratified wireless networking standard under the IEEE 802.11 protocol. It is the latest in a long line of protocols dating back to 1999.  Here's a brief recap of the previous wireless standards.

• 802.11b performed at up to 11 Mb/s per radio (1999)
• 802.11a jumped to 54 Mb/s per radio but wouldn't talk to the "b" standard and is generally not used anymore (1999)
• 802.11g provided up to 54 Mb/s per radio with the same range of 802.11b.  It's still used a lot!
• 802.11n kicked up throughput speeds to 600 Mb/s per radio and is the current standard.  It will talk to older standards devices but at their slower speeds.
• 802.11ac improves transport speed significantly to up to 1000 Mb/s

(Slide courtesy of Meru Networks)

What does this mean to your business?
The improvements of the new devices using this standard include better software, better radios and better antenna technology.  The improvement that has everyone excited is the huge increase in data throughput. Theoretically, it puts Wi-Fi on par with gigabit wired connections.

Another improvement is a feature call Multi-User MIMO. Before, radios could only talk to one client at a time. Now, two or more conversations can happen concurrently, reducing latency(lag).

If you're installing wireless in your business or upgrading you should be aware of the capabilities of this impending standard and plan your purchases accordingly.

Will you be compatible?
Relax, the new wireless standard will support older technology devices for the most part.  You just won't be able to perform at the better speeds if you're got a notebook that has an older adapter in it.  Keep in mind that mixing new and old equipment will give you mixed results as the systems will dumb themselves down to the lower standard when talking to each other.

However, if you're thinking of building a new wireless network or planning a major upgrade, this upcoming technology is something that should be on your radar.

A Word of Caution
While new wireless access points have begun to appear on the market, there aren't a lot of manufacturers putting the newer standard network adapters into their notebooks and other portable devices yet.  Plan your implementations of this new standard carefully.

Need help designing your new wireless network, call 847-639-7000 or e-mail security@act4networks.com to talk to an ACT Network Solutions advisor today.

If you'd like another article to read on the subject go to:
http://www.techradar.com/us/news/networking/wi-fi/802-11ac-what-you-need-to-know-1059194

Read More

Using Gmail - Are you violating a federal law?

I'm always surprised at how casually some business leaders treat their e-mail security.  In this era of security regulations and privacy concerns it's stunning to hear that they still use providers like Googles gmail.  Apparently the appeal of "free" e-mail service outweighs the need for confidentiality even in organizations that are required by law to protect confidential communications.

Did you realize that G-mail scans the content of EVERY e-mail that passes through their service?  If you're a HIPAA regulated organization or regulated by one of the other federal or state privacy statutes that's a clear violation and is subject to AT LEAST a serious fine and maybe more.

When asked about Google searching through the content of client e-mails, Googles Executive Chairman Eric Schmidt replied that they have what they term as "the creepy line" when examining client emails but endeavor not to cross it.  He never really defined where intrusive ends and "creepy" begins, unfortunately. 

The bottom line is - reading other peoples communications is NEVER appropriate and in most cases it's illegal except apparently at Google.

Here's some guidance on e-mail for you:

• If you have confidentiality concerns don't use gmail, Yahoo Mail or any other public e-mail service. 
• Don't let your employees use it for company communications either!  The penalties will still fall to you, if caught.
• Remember, if you're HIPAA regulated, ALL communication containing personal health information must be encrypted in-transit so you must encrypt it.
• All PHI communications and documents at rest (stored on a server) must also be encrypted which eliminates these providers from consideration.

The penalty for violating someones privacy can be up to $50,000 per e-mail event so beware.

Retention of all communication is also regulated now.  Personal Health Information (PHI)  in e-mail and documents must be held AT LEAST for the life of the person or persons mentioned in that document.  Sarbanes-Oxley, e-discovery rules and other federal and state regulations have similar constraints.  You can't just delete old e-mails and documents anymore when confidential information is potentially involved.  Keeping it in a public forum that is easily accessible by individuals like services like gmail that are outside of your control just compounds your problems.

Confused by all of the security problems with e-mail?  Give one of our Security Specialists at ACT Network Solutions a call at (847) 639-7000 or contact us via e-mail at security@act4networks.com.

Read More

Security Apps For Android Smart Phones

In a previous post, I made some suggestions for inexpensive security apps for our friends who have iPhones.  Now it's time to help all of you people with Android-based SmartPhones.  Very little attention is being paid to the fact that the new #1 targets for Malware developers are portables and SmartPhones.  The reason portables are number one is precisely because they have been so badly neglected in the area of security.  Don't get caught with your apps down!

McAfee WaveSecure by McAfee          Price: Free

McAfee's WaveSecure app doesn't have any of the virus scans or firewall protection that the company is famous for, but it does have some important features such as the ability to remotely lock your phone and to wipe key data from it, the ability to back up and restore wiped data after a device has been secured, and the ability to track and map your device using GPS.  There is a professional version that has more features available at a reasonable price as well.

mSecure! Password Manager by MSeven Software          Price: $4.99

This app specializes in encrypting and storing important information and passwords, including bank account numbers, Social Security numbers, e-mail log-in passwords and more. The app utilizes 256-bit Blowfish encryption and has a password protection "hint" feature that asks you questions to help remember passwords. The app also features an automatic password generator that will help you create strong and secure passwords.

AppScan Beta byAegislab           Price: Free

 Aegislab's AppScan Beta is designed to stop you from ever downloading malware.  The app scans other apps on the Android Market and identifies any spyware or malware they may have on them by flagging them as "suspicious." It can also scan apps for any unwanted advertisements.

Antivirus Free byCreative Apps           Price: Free

This is a popular antivirus application that has been downloaded more than 500,000 times.  It received an average rating of four-and-a-half stars from more than 12,000 users. which is pretty good.   It scans applications that you've already installed on your device and checks them with its own list of known malicious apps.

Titanium Backup PRO Key byMatrixrewriter           Price: $6.16

Titanium Backup aims to back up data for just about every application you have. You'll also be able to use this app for encryption, batch verification and application freezing. There's even an experimental "Bloatware Melter" that's designed to cut down programs that take up too much space and memory.

Avast! Mobile Security           Price: Free

As a genuinely free app for the Android platform, Avast! Mobile Security offers an impressive range of tools. It has antivirus protection, it scans your apps to provide details on what they are doing, and it has a Web shield that scans URLs for malware.

There are various additional tools in the package and the best of the bunch is the anti-theft component. An anti-theft feature is hidden and allows you to remotely control your smartphone using SMS. So if you lose your phone, you can remotely lock it, locate it, or wipe it. You can make it play a siren sound, lock down the SIM card, and prevent USB debugging as well.

Lookout Security & Antivirus           Price: Free

As one of the earliest entries into the Android security field Lookout has an impressive user base. There is a completely free version which offers antivirus and scheduled scanning. There is also a locate function for lost or stolen devices, the ability to activate an alarm, and the option to track your phone online via the Lookout website.  Another handy feature that Lookout provides is the ability to backup contacts online and restore them to your existing device or a new one.

TrustGo Antivirus & Mobile Security           Price: Free

Here’s a really comprehensive Android security solution that’s available for free. It has a standard security scanner for on-demand or scheduled scans to uncover and remove malware. It also supports secure Web browsing to protect you from dodgy downloads and phishing scams. The list goes on with a system manager to help you manage data, memory, and battery usage, so you can improve your device’s performance.

One of the most innovative features is the secure app search. The vast majority of malware problems are related to users downloading and installing dubious apps or updates. The secure app search protects against this, even if you do go outside the Play Store to find apps. There’s also a privacy guard, a backup option, and anti-theft tools for locating a missing phone and remotely wiping it.

As in past reviews, there are many other apps available but I’ve tried to highlight free or very inexpensive alternatives.  For a full list of quality apps regardless of price, I recommend reading Laptop Magazines latest app reviews for 2013. http://blog.laptopmag.com/best-android-security-apps?slide=4

Sources for some of these security recommendations:  DIGITALTRENDS.COM and CIO.COM and Laptopmag.com

 

If you're a business leader in the need of a good portable devices security plan or need help securing your employee-owned devices that connect to your network contact one of our security specialists at ACT.  Call 847-639-7000 or e-mail security@act4networks.com

Read More

Security Apps For Your iPhone

Recently I was discussing workplace security for portable devices with a friend and I realized that I hadn't really given you any suggestions on ways to secure your portable devices.  Since both my friend and I use our iPhones for business and it is the #1 smartphone, I thought this would be a good place to start.  Doing a little research, I started by putting together a list of different security apps available for the iPhone.  I believe all of these are available on iTunes.  Please note that I skipped over some more expensive apps that different experts recommended for no other reason that to provide some free or "close to free" security options.

Two other things that should be added to everybodys security checklist.  In the settings area of your iPhone, you should turn off Bluetooth when you’re not using it to avoid possible intrusion by "drive-by sneak thieves" and also turn on passwording for your iPhone if you’re at all concerned about security (and you should be).  And for Pete's sake, use a little creativity when creating your passwords.  For fun, check to see if the password you just thought of using is on the list of most commonly guessed passwords: Commonly Guessed Passwords

 

Please keep in mind that Apple keeps pretty tight control on what they allow to run on the iOS so some of these apps aren't as pro-active as I'd like (see the anti-malware app for an example) but they are better than going totally without protection.

Anti-Malware (sorta) -
Intego VirusBarrier iOS (99 cents)

It isn’t a fully functional real-time anti-virus app for the iPhone, but it is able to scan files, including e-mail attachments and other files accessible from your iPhone, for Mac and Windows malware. The company’s website notes, “Due to the secure design of iOS, it is not possible to scan files automatically or to run scheduled scans. VirusBarrier iOS is an ‘on-demand’ detection system that lets you scan files when you want to.”

Encrypting your conversations - Kryptos (free)
If you frequently use your iPhone to discuss sensitive information during calls, this software offers secure voice communications using 256 bit AES encryption. The solution works over 3G, 4G and Wi-Fi networks. Apps for Android and BlackBerry devices are also available.

Avoiding infected web sites - Webroot SecureWeb (free)
This app offers an advanced mobile browser with URL filtering to protect users from malicious websites. The app automatically syncs with the company’s URL reputation database for real-time protection, and search results are annotated to note both safe and risky sites.

Reduce Incoming Spam - Spam Arrest (free)
Accessing e-mail on an iPhone can be incredibly frustrating if your inbox is constantly being flooded with spam. SpamArrest offers a challenge/response solution – rather than filtering for spam and malware, it requires everyone who sends you an e-mail to respond to a query to confirm their identity. The iPhone app offers the ability to create an account, manage unverified mail and edit an approved senders list.

Mask Your IP address on Public Access Hot Sports - 

Hotspot Shield VPN(Free)  

This free app can actually help you save money while protecting you when using WiFi hotspots. The VPN encrypts all traffic to protect your identity, IP address and to stop unwanted tracking while your wallet breathes a sigh of relief as data usage is reduced with the Hotspot Shield's Bandwidth Compression. You are also notified and blocked from spam, phishing and rogue websites with Malware protection, but you have the freedom to unblock any blocked content and services.

Protect or Encrypt Data On Your iPhone -

WISE ID (Free)

WISE ID provides convenience, ease of use and encrypted storage for all your iPhone data. Safely store encrypted data such as passwords, PIN numbers, credit and loyalty cards, notes, photos, websites and other data, on your iPhone only so your data is always available...right at your fingertips! Plus, it gives you the option of face recognition, dot pattern and password authentication sure to make you feel like a security ninja.

Secure FolderPRO($1.99)

Pattern lock or keypad code-lock your photos, text, videos, credit cards and passwords. Identify intruders with photo AND GPS tracking! And, you even get a secret website, bookmarks and a private navigation system…without history track from Incognito

Track your lost iPhone - Find My iPhone by Apple(Free)

Here's a free way to find your lost iPhone, using another iOS device! Simply download this onto your iPad, iPod Touch or Mac, open it and sign in with your Apple ID. Find My iPhone will help you locate your missing device on a map, play a sound, display a message, remotely lock your iPhone or erase all your iPhone's data.

 

When creating a corporate policy for using employee-owned devices on the network, it's important to cover all eventualities (and platforms).  For example, the most common employee company-related use is e-mail access and if you let employees access their company mailbox from their smartphone, you risk exposure of confidential company correspondence on their device.  If that's the case, you should mandate file encryption on those devices to protect YOUR assets.  Remember, you'd better be prepared to require certain security apps on their devices for all platforms - iPhone iOS, Android, Blackberry etc.

 

This can be a daunting task particularly if you don't have a dedicated IT staff on-site.  As IT professionals with over 25 years in the PC, server, data protection and security business, ACT can provide that guidance you need for protecting your network and devices both stationary and portable.  You can reach one of our professionals at (847) 639-7000 or e-mail us at support@act4networks.com. 

Read More

What to do with Windows XP

Well, it had a good long run.  Windows XP is now 13 years old.  In less than 10 months Microsoft is pulling the plug on our old friend XP.  Adios, my friend.  You had a good long run (thanks to Vista).

Are you still running Windows XP on your office computers?  You're not alone, industry experts estimate that about 44% of PC's in the U.S. are still running it.  Microsoft has set April 8, 2014 as its official end of life.

What does that mean to you?  That means that 10 months from now, Microsoft will stop publishing updates and patches for the software that runs your PC.  If new vulunerabilities, malware exploits or errors are found in the code, you're on your own!  No more updates.  Your Windows Update program will stop updating the O/S.

That might not sound serious to non-professionals but that is a BIG problem.  Trust me!  After April 8, your exposure to malware and hackers goes up dramatically if you don't update your Windows version.

Ok, you're thinking to yourself, I'll just go get an upgrade kit to Windows 7.  Uh, No!  You can't do that because when Microsoft introduces a new operating system (Windows 8) it cuts off all upgrade kits to previous versions.  You can only upgrade to Windows 8 and the quantum leap in hardware requirements for 8 make that a very bad idea for older computers. If you have a computer designed for Windows XP, it probably won't have adequate resources to run Windows 8 (or Windows 7 for that matter) adequately which wants a newer multi-core CPU, more RAM and better video performance.

Bottom line?  It's time to start looking for a new computer.  If you're concerned about the change in the look and feel of the Windows 8 desktop, the sooner you buy, the better.  Some manufacturers (HP in particular) are still making some models of notebooks and desktops that have Windows 7 Pro installed.  That's going to change, though, the longer you wait.  Microsoft is pushing hard to get all new computers loaded with Windows 8 only.

What about down grading your new Windows 8 Pro computer to Windows 7 Pro?  Yes, that is legal but it is a hassle unless it's installed by the manufacturer as a built-in downgrade option.  If you're feeling Geeky, it can be done but you'll have to call Microsoft, provide a proof of purchase for Windows 8 and get the software and a valid product key.  Then set aside a couple of hours for the migration.

If you're a business with a number of Windows XP computers installed and haven't allowed for replacements in your budget, it's time to revisit that budget  At the very least, you're going to have to increase your maintenance budget to allow for the increased support costs that will be required to keep those XP antiques running with an unpatched O/S.

At ACT, we provide our clients an annual hardware life cycle plan identifying devices that have hit the end of their useful life so that they can adequately budget for new technology.  Some follow our guidance and some don't.  For every year a computer stays in service beyond the end of it's useful life business you should add about 20% to the cost of ongoing maintenance.  With the end of life for it's operating system, that number should probably double. Sadly, some businesses have the philosophy "let's run 'em 'til they break."  Those people will eventually realize that it's cheaper to replace a computer than it is to keep fixing and disinfecting them.  Usually, it takes a catestrophic loss to bring the point home, however.

One final thought for your budget.  Support for Microsoft Office 2003 stops on April 8, 2014 too. Any of you out there still running that too?  Yes?  I thought so!

Read More

Data Backup - Are you Pennywise or Pound Foolish?

Even after 42 years in the IT business, I'm still amazed at the way some reasonably intelligent business people treat the idea of data backups.

Too many people look at data backup as an overhead expense to be kept to a minimum at all costs.  You can't imagine the number of times a conversation about backing up business data starts with "I don't want to pay very much!"  or "Can you keep me under $20 per month?"  Sometimes I just say to them "Is that all you think your business is worth?"

Look, Data Backup is a straight forward proposition.  Either your data is valuable and protecting it should be your #1 priority or you're backing up information that isn't valuable and then the question becomes "Why the heck are you holding onto it in the first place?"

Let's face it, not all the data on your hard drive is critical or even valuable.  Unfortunately, computer hard drives have turned into digital dumping grounds.  Once a file hits the file server, very few organizations make any attempt to ever clean if off.  Data Taxonomy - the organization and retention of data in an orderly fashion is virtually non-existant in many organizations.  The attitude seems to be: "Hey, drive space is cheap!  Rather than bother trying to organize this stuff and clean up the server, it's just cheaper to buy another hard drive."

The amount of data stored in the world doubles every 3 years.  Are you contributing to the digitial clutter or doing something about it?  The cost of running a backup has more to do with how much you're backing up than the cost per GB of backing it up.  If I told you that to back up the entire Encyclopedia Britannica would cost less than 50 cents on most services, would you be surprised?  Not a lot is it?  A backup isn't expensive IF you manage what you back up.

If you want want to hold down the cost of your backups, trying controlling what you're backing up in the first place!  Figure out what you absolutely need to keep your business operating and skip the rest.  You'll probably be amazed at how much useless baggage you can skip over because it's not business critical. 

Keep in mind that the first backup question for any business leader should be "What do we need to keep operating?" 

The next question is "How long could we operate without it?"  

The third is "How fast can I get my backup copies back if something goes wrong?" 

There are a few more but "What's it cost?" should be way down on your list. 

Anyone who reverses that order is just asking for trouble.

Read More

Using Personal Computers In the Workplace

At ACT, we support a great many organizations that allow employees to use their own computers at work.  Sadly, I've noticed that some of these companies don't set many rules for use of personal devices.  This can be a problem for both sides of the keyboard.

Companies SHOULD have rules regarding what can and cannot be accessed on the network.  This accomplishes two goals.  It enforces necessary security rules for the safely of the network assets.  For example, one of the key problems with personal devices is the ability of employees to carry critical and potentially confidential information beyond the limits of the in-house security system.  If any employee from HR, for example, copies personnel records on their notebook to work on from home that confidential information is vulnerable to theft or loss despite the best intentions of that employee.  If he or she stops at the store on the way home and the notebook is stolen off the front seat of the car, the company now has a serious exposure to penalties, litigation or financial loss.

From the employee side of the equation, the issue is more pragmatic.  They want to know what kind of device to buy so that they can access the right assets at work and do their job better. 

Here's a real life example of the hassle that can ensue with there aren't good policy guidelines for use of personal computers.  Employee A wanted to use her own tablet at her job.  She needed to access data on the move at work and her desktop limited her ability to do that.  Her employer had no rules regarding what could or could not be accessed.  She knew that she needed access to the company web site for part of her job but she also wanted to access data on the company file server as well.   She got a vague "OK" from her boss who wasn't particularly computer savy and headed off to her local Super Store where the salesperson there talked her into a Microsoft Surface with Windows RT.  Here's where her problems began.   Because there were no company guidelines on what kind of devices were allowed on the network she would up with a device that would only do half of what she wanted.  She COULD access the web site but Windows RT isn't intended to be run on a network like the one at the office so accessing server assets became a problem.  I'm not picking on Microsoft or Windows RT.  The tablet could just as well have been an Ipad or an Android tablet and the hassles would have been similar.  She would up with a solution that hold solved half of her goals.  Of course, there are technical workarounds that a good IT department can implement to resolve some things but wouldn't it have just been easier for the company to think ahead and publish some guidelines so she could get it right without the extra hassles?  She really needed a tablet with Windows 8 Pro instead of RT to do everything she wanted. 

Here's a very simple Personal Computer Use Policy example. 

1. Employees are allowed to use their personal computers in the office but only for the following tasks X, Y and Z. (This lays out what they can and can't do) 
2. These computers must have the following programs installed prior to connecting to our network - Trend Micro anti-virus, Bitlocker file encryption software and A, B and C security related programs.  (This protects company assets stored on their computers)
3. Computers must be registered with and inspected  by the IT department prior to connecting.  (For security purposes the company must know who is accessing their assets and that the devices are secure.)
4. No company confidential information may be copied to personal devices unless it is encrypted and the company knows the encryption keys and password.  ('nuf said!)
5. If an employee desires to access our network, we require XYZ operating system and Acrobat version xx.x, FlashPlayer version xx.x, MS Office 2013 etc. 
   (Now they know what to buy)
6. Computer with the following operating systems are NOT allowed on the company network. (and what NOT to buy)
7. Every employee desiring to use personal computers on the company network must sign a confidentiality agreement , an appropriate use agreement and must present their computer for inspection by the company in the event of any suspected security breach.  (they have to acknowledge they will follow company rules)

This kind a policy establishes some basic rules for the employee to work within but also gives them some guidelines for what to buy if they intend to use their personal computer at work.

One final thought, don't think that personal use policies only apply to notebooks and tablets.  They apply to things like smartphones, PDAs, flash drives and any other device that can hold data.  Remember that e-mail is considered a company communication asset too and if your managers or staff use their personal devices for receiving email there should be provisions for that too in your personal device use policy!

Read More

Almost 700,000 Notebooks Lost in Airports Annually

A new study revealed that almost 14, 000 portable computers are lost every week in airports across the United States.  That's about 700,000 per year just in airports!!!
Another interesting tidbit of information showed that 53 percent of surveyed Mobile Professionals carry confidential information on their devices and 65% of those who carry confidential information don’t take any steps to protect It.

Mobile professionals have to realize that if you take ANY kind of confidential information outside of your offices, it should be encrypted and if you're a healthcare professional you MUST encrypt it.

A recent analysis of recent HIPAA compliance violations shows a very high percentage of PHI exposures are the result of lost or stolen notebooks or other personal devices like thunb drives that were not properly protected.  If you don't, the potential penalty is up to $50,000 per incident and REMEMBER - Every individual PHI record you expose is a separate incident!  Do the math - 100 patient records unprotected/unencrypted that are lost (even temporarily) = 100 times potentially $50K each in fines not to mention potential jail time.

The cost of adding software to each portable device that will encypt and password protect is incidental compared to the exposure to penalties you could face.

How much?  There are tons of vendors of encryption software that will charge anywhere from $25 to $150 to encypt your notebook devices.  Some A/V vendors also have alternatives too but if you have either Windows 7 or Windows 8 on your notebook, you already have access to a feature called BitLocker which will encrypt and protect your valuable confidential information to a level that satisfies regulatory requirements.

Read More