You are here: Home / Archives for Business Tools / Maintenance

Is your wireless naked? Last Post.

March 30, 2011 By Leave a Comment

You can never be too serious about network security whether it is a wired or wireless network. Brian Posey makes a case in his last wireless security article that wired networks can be more vulnerable than secured wireless networks unless some form of network access control is employed.

On a wired network anyone who plugs into a network jack can have access not only to the internet but also open access to your network. With the ready availability of mobile storage devices (flash drives and pocket hard drives) not only is the copying of sensitive data easy but malware can also be introduced into your system. Initially, this seems like a digression regarding our discussion about wireless security but this is really only a different side of the same coin.

The question is what are you doing to secure your wireless networks? I generally discourage businesses that have high visitor traffic from setting up wireless network or, if visitors need to have wireless access, I set up a separate non-domain (separate addressing scheme and DHCP server) router/access point. On the other hand the accountant or compliance auditor expects to plug into your network as a mere sign of courtesy.

In his final post regarding general wireless network security, Brian Posey outlines some basic concerns regarding wired versus wireless security: http://www.windowsnetworking.com/articles_tutorials/Securing-Wireless-Network-Traffic-Part5.html?printversion.

Filed Under: Maintenance, Network Maintenance, Network Security Tagged With: ,

Brian Posey’s Wireless Security Continued

February 4, 2011 By Leave a Comment

Brian Posey’s fourth wireless security article touches on the more technical aspects of routers and security.

Encryption is a standard for any SOHO deployment of a wireless access point, a fact which Posey explains. Furthermore, he briefly touches on UTM routers (Unified Threat Management) which have the capacity to provide additional security features such as gateway virus protection, gateway spam filtering, content blocking, website blocking, and RBL (Real-time Black Lists) for blocking unsecure email sites. I like the idea of UTM routers but I’m not clear on how effective these devices are for anti-virus and spam protection. (I prefer third party inbound email filtering.) More to the point, I would  prefer that Brian or someone else to provide us with a clear picture of UTM routers.

From a small office/home office point of view, we should note that not only are these routers more expensive but many of the additional security features are enabled only on a subscription basis; thus, adding to the overall budget picture. While we wait for Mr. Posey’s final article on wireless security, I will look for a more comprehensive discussion of UTM routers. Again, part of our focus is to familiarize business owners with sites that increase our overall knowledge on the issues of office networking.

Filed Under: Blog, Business Tools, Maintenance Tagged With: ,

What is your Pain Quotient?

January 13, 2011 By Leave a Comment

Several months ago I was approached about how to determine when a business owner should outsource their technology needs. Originally I wrote almost 900 words but decided it was pontifical and still hadn’t gotten closer to a true guideline. I’ve tried several other times to write this article but was challenged by my content editor that I sounded too much like a sales person.  During the post-Thanksgiving and pre-Christmas period I re-read Rework by Jason Fried & David Heinemeier Hansson of 37 Signals. I was reminded that businesses should hire to alleviate pain.

When you started your business you knew everything about the business and you wore many hats from product/service development, delivery of service, network administrator, and janitor. This not only saved you money but “it’s your baby”; you want to nourish every aspect of growth because it is YOURS. As a “solopreneur” some of these roles never change but whether you are a one person CEO or master of a 30 person company, as a small business owner there are several aspects of network administration that we think you should know or at least have documented at your site:

  • Know your passwords
  • Know how to properly start and restart your server
  • Know how to add or disable a network user
  • Know how to change a password
  • Know how to check to make sure your backup is running
  • Know how to restore a file from backup
  • Know how to check if your antivirus is up to date
  • Know how to run and schedule a virus scan.
  • Are your system security patches up to date? Are you only relying on MS/Apple updates?
  • Do you have a recovery plan? Could you start over again if you had to?
  • (See more…)

In the beginning, computer/networking was easy and you had time to learn not only about computers but you also learned about printers, routers, firewalls, Office software, QuickBooks, etc. Besides, how much trouble can one computer be? Yet as time marched on and things changed, you probably focused more and more on your marketing and providing good customer service.

You save money by being your own janitor or network administrator and this is a good practice as long as everything is housed in your second bedroom or garage. But when you move to an office suite the trash is sometimes forgotten and the office manager only vacuums the reception area and conference room. In short, it is no longer convenient and control has been relinquished. The same applies to your network; if you or someone isn’t checking on your daily/weekly backups, taking care of the printer that requires constant restarting, applying the security or product updates for your workstations, or monitoring your client/ inventory/business software then it’s time to seek assistance. In short, what is your pain quotient?

Many of us view our pain in a “break fix” fashion or better yet all problems are approached from the “If it ain’t broke don’t fix it” position.  For the occasional break down this is a workable philosophy, i.e., printer, router, or hard drive failure. On the other hand, how much time does a reoccurring problem cost you? How much is your time worth? Did you interrupt your business call to crawl on the floor because you lost your connection to the internet again? How long can you afford to be offline? If you no longer have time to maintain your list of network “should’s” and you’re still crawling around on the floor pulling wires instead of making a sales calls, then you’ve reached your network pain apex. Is it time to outsource your IT network support?

Filed Under: Blog, Business Tools, Maintenance Tagged With: , ,

Is your wireless still naked? #2

October 29, 2010 By Leave a Comment

In my last wireless post I mentioned that Brian Posey was writing a series on wireless security and rather than duplicate effort I direct you to his latest blog postings on wireless security. Brian reiterates what we discussed in our article about simple security, i.e., most wireless appliances are configured through your web browser and the default user name and passwords are well known and used by everyone. Changing the default password is a simple security step which many techs either don’t configure or forget to configure. The excuses that access to the access point is infrequent and over time passwords may be forgotten only means that the network hasn’t been documented. As to default passwords, as Brian covers in his article,  the following chart is a case in point.

Common Wireless Device Browser Access Defaults
Device

Access Address

User-name

Password
Linksys

http://192.168.1.1/

“blank” or admin

admin
Netgear

http://192.168.0.1 or http://192.168.1

admin

password or 1234
Trendnet

http://192.168.1.1

admin

admin
DLink

http://192.168.0.1

admin

“blank” or admin

Now before you get upset that I’ve given up the farm, just think are you using the default passwords with your wireless access points; are you using the default IP address; did you know that this information is readily available from the manufacturers support site? Take a little time, read Brian’s article, and think about it. Are you going to make any changes?

Filed Under: Backup and Security, Blog, Business Tools, Maintenance, Network Maintenance, Network Security Tagged With: , , , , ,

Is your wireless naked?

October 14, 2010 By Leave a Comment

Over the years I have always been reluctant to endorse or install wireless networks for clients, but who am I fooling as I set in my neighborhood coffee shop and begin this post? Wireless networking is fact of life for all of us, so let’s be clear that the primary issue with wireless networks is always security. Wireless network security has two major points of vulnerability: 1. Laptop vulnerability in open networks and 2. Securing wireless access points (wireless routers).

Whether your workstation is wired or wireless it can always be a target for hackers or malicious malware (viruses, Trojans, worms, etc.). All networks should have a physical/hardware firewall separating the network computers from the Internet. Depending on the level of sophistication, the firewall can not only provide separate private addresses for the local network, thus separating the local network from internet, but more sophisticated firewalls can also control or limit the type of inbound and outbound traffic. In many coffee shops and open networks there is no access control except network address translation (NAT) to provide private addresses for multiple machines which allows them to access the internet using one internet connection. This is done to accommodate all wireless users that may come in wanting to use the wireless internet.  Some “hot spots” require a web interface logon which may require an additional paid access or some kind of acknowledgment (room number or agreement) which may mean that remote access is better controlled with increased security. In addition, some of these locations may limit remote access Virtual Private Networking (VPN) or remote desktop access (RDP) allowing only web based email or Remote Web Workplace connections. In that case, however, the security is increased.

On the other hand, you are at the local neighborhood coffee shop and what do you do?

Install a personal firewall! The following links provide a list of current personal firewalls including several that are free: http://www.firewallguide.com/software.htm#Top_Picks and http://personal-firewall-software-review.toptenreviews.com/. I don’t make any recommendations because other than intrusion defense the various models work differently. Some are configured automatically (my favorite) while others are more technical; if you don’t know what SMB or ICMP means, work with the more easily managed applications.

As stated earlier, I believe all sites whether office or home should always have a physical firewall in place and wireless routers can also serve that purpose. Note that the range can be varied both in function and cost; recently one of the professional magazines to which I subscribe gave a list of 5 quality WLAN (Wireless Local Access Network) adapters: http://www.channelpro-digital.com/channelpro/201009?folio=20#pg22. Take time to do a little research about the appliance you want to buy; besides being rated for bandwidth speed, I recommend that the appliance have a web interface that you can understand and if you are using virtual private networking to access a site make sure that its firewall can be configurable and that it allows VPN pass through. When I encounter a router that I’m not familiar with, I go to the manufacturer site and look at the user manual and view not only technical specs but also how to configure the router for my clients.

Finding the right wireless adapter/access point is only part of the issue when setting up a wireless network. Almost all of the consumer grade products come ready to go, just plug it in and you can reach the internet. Although this can make life simple, an open network is an invitation to trouble; therefore the next step, configure encrypted wireless access. Did you look at how to configure wireless security when you reviewed the user manual? Use WPA (Wi-Fi Protected Access) encrypted security. We aren’t a how to site but take a look at Brian Posey’s evolving discussion regarding Wi-Fi vulnerabilities and how to secure your home or office network: http://www.windowsnetworking.com/articles_tutorials/Securing-Wireless-Network-Traffic-Part1.html. Wireless networks are a fact of all of our lives but there are risks; please play heads up ball.

Filed Under: Backup and Security, Blog, BNS Services, Maintenance, Network Maintenance, Network Security Tagged With: , , , , ,

Simple Security

September 8, 2010 By 1 Comment

Last month, shortly after finishing a telephone call with my friend “Lucy” I got an email from her saying that she was stranded in London, her suit cases and passport had been stolen and although she had found refuge at the US consulate she needed some money to tide her over until problems could be resolved there. I know spam when I see it so I deleted the message.

Later that day I got a panicked call from Lucy relating how her Hotmail account had been hacked, her account password had been changed, and the problems she encountered with Hotmail trying to regain control of her account to change her password and eventually delete the account. Lucy uses this account as one of her business email accounts and she was much chagrined when a spam/solicitation email was sent to all of the addresses in her email address book. Besides of the embarrassment, Lucy had to contact all of the people on her list to explain and apologize for some criminal’s actions.

I tell this story not to point a finger at Lucy but to illustrate that crooks and thieves use any method possible to gain control of your personal information though hacking, viruses, spam, and other malware. My message is to be careful. I’m often angered when I talk with clients who don’t get that point. Although nothing is fool proof, may I make the following suggestions?

  1. Change your user passwords several times a year (ideally change passwords every 90 days). More often than I’d like I’m confronted by a client who finds that passwords are too much of an inconvenience. Even if you only have one computer at least put a password on it to keep the kids out.
  2. Not using your computer? Log out or shut it down. Before we became so environmentally conscious it was customary to always leave business computers on to allow for operating system updates and remote access but in today’s world if your aren’t going to remote into your workstation over the weekend shut it down. If you are going to use the machine at least log out to break the direct link to the server and your user profile.
  3. When was the last time you updated and ran your antivirus or antimalware software? Yes I know that these applications are automated but other than just a maintenance check are they running properly?
  4. Do you have a personal software firewall installed on your computer? Many of us laptop users are at home sitting at the neighborhood coffee shop. Although the major coffee vendors include some sort of authentication and have monitored systems most local coffee houses do not; which gives rise to a concern for added hacking security. Most major personal antivirus and personal firewall vendors now offer Internet security products which include anti-virus, anti-spam, and firewall protection. I like the additional firewall protection but it requires that you learn how to use it as to not block you favorite programs. I’ll discuss this more next month.

With the convenience of the Internet comes added responsibility; quite often the most secure thing you can do is turn off your computer or change your passwords every several months.

Filed Under: Blog, CyberCrime, Maintenance, Network Security Tagged With: , , , , ,

The Excitement of Uninterrupted Power Supplies: UPS

June 30, 2010 By Leave a Comment

Summer is a time for lots of construction and road maintenance and my neighborhood is no exception. We were notified that there would be occasional power outages during the times they work on our street and initially, I blew this notice off and quipped, “No problem as long as they give advanced notice of specified times.”

Later a client called and wanted to know what to do when the power in their building was shut off briefly during a construction phase. My answer:  Shut down the server, computers, and other related devices during the power outage. I also noted that if this was to be for an extended period time it is a good idea to inform regular clients of the situation. Last weekend I received UPS, or uninterrupted power supply, failure notices via alerting software from a client with a notice that the server was to be shut down; the server stayed down the rest of the weekend. I informed my client and he went in early Monday morning and restarted the server with no problem and we continued business with no further incidents. Power outages and surges can play havoc with your server, computers and other office devices. This is why I always insist on a UPS (uninterrupted power supply) to provide surge protection and an orderly shutdown of the machine if needed.

Power outages, buildings with inadequate wiring, and lightning can result in significant power surges which can not only damage machines but can cause loss of data. Some people assume that a surge protector with a lot of Joules will suffice. There could be a discussion of how many Joules is adequate but the true advantage of surge protectors is that they are inexpensive. A UPS not only provides surge protection but in the event of a power loss  it also shuts down the computer in an orderly fashion, preventing damage not only to the machine but also the operating system. Many people forget to install the UPS software and connect the UPS to the computer, which doesn’t allow the UPS to perform its alerting or shutdown functions. The significance is to use the UPS for more than just surge protection.

APC, Tripp-Lite and Belkin (surge protection wizard) are major manufacturers of UPS batteries and surge protectors with a variety of 800+ Joules surge protectors for less than $50+. APC also offers a UPS selection tool to assist in determining the right backup battery for your office. APC will also take used batteries as a trade-in toward the purchase of a new battery or UPS.

I know talking about surge protectors and backup batteries is not as exciting as your new 4G smart phone but your computer/server should last longer than your smart phone.

Filed Under: Maintenance, Network Maintenance Tagged With: , , , ,

Has your antivirus subscription expired?

June 26, 2010 By Leave a Comment

Security for computer networks comes in many forms.Often the most troublesome and frequently encountered are malware infections (viruses, worms, Trojans, spyware, etc.). Unfortunately, during my initial meetings with prospective clients I still find workstations with expired antivirus software or no protection at all. Malware, like hard drive failures, can make workstations inoperable but all data can also be lost. Many techs will only work so long on resolving infections before they suggest reformatting the hard drive and reinstalling the operating system. Maybe they are just giving up but if you are being paid by the hour, it is the better part of valor to start from scratch rather than keep charging your customer for a server when you don’t have or know the solution. On the other hand, there are technology firms that focus solely on virus eradication (at all costs) and data recovery, but be prepared to pay the price if you absolutely need your workstation and data intact. This might be a time to lecture about hard drive backups or imaging but that is not a good method for establishing a good working relationship.

In this day and age of growing security needs, the list of old and new malware removal companies is never ending so there is never a reason for a person to be without virus protection. Professionally, I don’t recommend free antivirus solutions (I don’t scold my mother-in-law for using AVG Free Edition) because most free versions of software offer no support or are only limited (restricted) versions. The most popular free antivirus programs are AVG Free Edition, Comodo Internet Security, and Avast Free AntiVirus. One exception to the premise, that free software provides no support or is a restricted version of the paid client, is Microsoft’s Security Essentials, http://www.microsoft.com/security_essentials/. Microsoft offers this antivirus client for standalone computers with support and the promise of offering a good stable product; if you are looking for an antivirus client this might be worth a try. If you are looking for these and other free or trial antivirus and other downloadable utilities, I suggest becoming familiar with CNET’s Download.com which offers a vast array of spyware free/trial utilities to try. In addition, CNET offers several good spyware removal tools including: Malwarebytes Anti-Malware, Spybot Search & Destroy, Ad-Aware Free Anti-Malware, and SuperAntispyware Free Edition.

Last note: Often, I’m asked to define the difference from viruses, spyware, Trojans, and other malware. I don’t always make a true distinction between the various types of malware other than, “Do I have a tool to remove it quickly to minimize client down time?” Sophos has published a paper, “A to Z of Computer Security Threats”, which gives a good definition of the various malware types which you may find interesting. For your convenience, we have posted the PDF file on our SkyDrive site for you to download. In addition, I’ve also included Trend Micro’s white paper on understanding and protecting against Fake (hoax) Antivirus infections.

Filed Under: Anti Virus, Maintenance, Network Maintenance Tagged With: , , , , ,

Security: When was the last time you updated your software?

June 21, 2010 By Leave a Comment

As SMB network system administrators we tend to focus on client “pain points”, i.e., “When did you realize that you needed help?” Was it when your hard drive failed and all data was lost? Did a workstation become infected with a virus or malware which prevented your staff from using the Internet? Or maybe you couldn’t get the computers in your office to talk to each other. We promote network maintenance because it is the best approach to avoid many common small business pain points. We try to seriously to talk business owners out of the “break fix” mode of thinking about their networks because in the long run it is more costly and is not an economical means for planning for the future. Besides, if I have to brow-beat clients about the most critical backbone of their business neither of us are winners. Trying to get by on the cheap is just another quick sale; which is not the basis for a lasting relationship. I want to be the trusted adviser for the technical issues related to your business network. For me trust is the first step in developing a secure computer network.

The next step for maintaining a secure network is keeping the operating system and all installed software up to date. Yes, even MACs need to get updated periodically. I know this sounds like a simple no brainer, especially since both Windows and MACs can update critical security patches automatically. Do you know how to manually update your operating system? I periodically manually update workstations (and always manually update servers) because there are always other types of updates available besides security updates; specifically, hardware drivers or additional product functionality can be included in basic system updates. Most of us have several other programs installed on our workstations, including web browsers (Firefox, Chrome, Safari, Opera, etc.); image/photo editing software (Photoshop, Fireworks, Gimp, Pixelmator, etc.); accounting  software (such as QuickBooks, Quicken, PeachTree, etc.); database software (FileMaker and Access); and customer/donor management software (Maximizer, ACT, Goldmine, and Microsoft CRM) and of course antivirus software (Norton, TrendMicro, McAfee, Sophos, Panda, etc.) that are useless if not weekly updated and renewed. Most of today’s software has some form of automated process for updates (either periodic updating or user notice to complete update); you should make yourself familiar with this process for all of your critical software. I was recently made aware of an Adobe Flash security flaw, http://news.cnet.com/8301-1009_3-20006893-83.html and http://www.adobe.com/support/security/advisories/apsa10-01.html: the primary issue about this update is that it affects all major operating systems, Windows, MAC, and Linux. How many times have you blown off that annoying Adobe Flash update notice? To me this drives home the point that we are all vulnerable to some degree. I don’t expect you to become a security expert but timely updating can help increase the security of your workstation and network.

Filed Under: Maintenance, Maintenance Plans, Network Maintenance, Network Security Tagged With: , , ,

Create a Password You Can Remember

December 21, 2009 By Leave a Comment

Say you have the most secure system in the world. How do you keep it that way? Passwords not only keep your system secure, but can limit access to certain people, be it employees, technical support, or a specific member of your team, such as the accountant. Do you remember the passwords to your server, Quickbooks, etc? Do you change them regularly with secure passwords? While we all can relate to dreading the 30-60 day password change, there are techniques out there to help make the burden lighter. Wikihow gives helpful techniques on not only creating a secure password, but one you can remember too:

Wikihow – Create a Password you can Remember

Filed Under: Backup and Security, Maintenance, Network Maintenance, Network Security Tagged With: , , , , , ,
« Older Posts