Two new viruses have been discovered to infiltrate systems through removable drives. USB flash drives have become indispensable to almost everyone who uses a computer. It’s a quick and easy way to immediately transfer and share information and other data, especially files that are too large to send through email. Unfortunately, some malware take advantage of this convenience by attaching themselves to files on the drive to infect any other system it comes into contact with. Two such malware have recently been discovered. Chymine is a Trojan application with keylogging capabilities, designed to copy passwords and other sensitive data, and Dulkis-A is a Visual Basic worm designed to copy and allow malware to infiltrate the system. Both exploit a vulnerability in Windows Shell. Microsoft has yet to directly address the issue and provide a patch that fixes the problem. In the meantime, they have issued directions for a workaround that prevents both malware from manipulating the Windows Shell susceptibility. The workaround is effective for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server R2, but it comes with a cost – you lose all your icon graphics. Success in removing the virus has been marginal at best, with current fixes including a warning that removing these malware might result in unwanted changes to your system because of the way the virus embeds itself. The best way to avoid being infected, be careful not to run any suspicious programs and files, especially when taken from USB drives and any other removable storage, even from a Blackberry or an iPhone. It’s also best to avoid automatically enabling USB devices to autorun once they’re plugged into your computer. If you have any concerns or want to make sure your systems are protected, give us a call and we’ll work with you to ensure the security of your systems and data.

Before you entrust your sensitive data to a “cloud” service provider, make sure you weigh the risks with the benefits. “ Cloud computing ,” largely synonymous with Internet-based computing, has become a hot topic of discussion among many in the business community, with its promise of radically simplifying the access to, and use of, computing resources on demand. It’s no wonder then that it’s been small businesses, often without full-time IT resources of their own, that have been the first to adopt the concept. As a business owner, however, before you start moving critical data to the “cloud,” you’ll do well to bear in mind the risks that come with the computing model. First is security and privacy—ask how the service provider ensures the confidentiality and integrity of your data while in their care. Do they provide backups? Can you back up your data yourself? Are their security processes and procedures reviewed and vetted by a third party? Next is availability. Do they guarantee the uptime of their services—7 days a week, 24 hours a day? Do they provide a service level guarantee? Do they have processes in place to handle exceptional circumstances that can disrupt services, such as a natural disaster? Is support readily available to help in case you encounter any issues? Finally, there’s cost. While pay-as-you go can be attractive, the total cost over time can add up. It’s worth thinking two to three years out and considering the total cost versus alternatives. Asking these basic questions can go a long way in giving you peace of mind before you entrust your valuable data and core business systems to the care of others. If you’d like some help sorting all this out and making the best decision for your unique needs, give us a call.

Despite the clear trend towards greater adoption of mobile devices by businesses and consumers, a new study finds that many businesses are not taking full advantage of the opportunities created by this trend—especially in sales and marketing. Global smartphone shipments continue to rise, driven by operator subsidies, lower barriers to adoption with the introduction of lower-cost models, and greater choices afforded by vigorous competition from companies such as Apple, RIM, Microsoft, and Google. Not far behind is the rising interest and adoption of other mobile devices, such as tablets with the success of Apple’s iPad. Despite this trend, a new study by eROI , an online marketing agency, finds that many businesses are not taking full advantage of the opportunities it creates—especially in sales and marketing. The company surveyed 500 businesses, and the majority cited lack of resources and little understanding of what needs to be done as the major barriers to capitalizing on the trend. This, despite findings which show 91 percent of the population use mobile devices, with 23 percent using smartphones that make extensive use of online services. Companies would benefit from looking at how these trends can be leveraged for building a strategy toward reaching new customers, engaging current customers, and creating rich experiences for both. Some examples from early pioneers in this area: building versions of their website that can be viewed comfortably on mobile devices, using services that make extensive use of social networks and location-based services such as Facebook and FourSquare that work well with mobile devices, and even building custom applications to provide a new channel for reaching and serving customers. Companies can start small with pilot projects then work from there to see which work best for their businesses.

Mozilla implements new initiatives to ensure the security of its browser to fix the main security holes, and this brings Firefox’s latest version to 3.6.7 The Mozilla foundation, the organization behind the Firefox browser, announced recently that it has released a patch to fix many major security holes found in its software, as well as the pull out of malicious add-ons in its extensions gallery. A new update brings Firefox’s latest version to 3.6.7, and includes fixes for nine critical issues that could potentially be exploited by hackers to launch attacks on vulnerable systems. This comes after recently pulling out a password stealing add-on called the “Mozilla Sniffer” in the Firefox extensions gallery. As a preventive measure, the Mozilla foundation has announced a US $3,000 security bounty program that for anyone who finds an eligible security bug. It has also announced that it will implement a source code review of add-ons to catch potential malware that could be injected into otherwise patched Firefox browsers. As always, users are advised to be constantly on guard and to make sure they are using the latest updated versions of their software. Customers under our Managed Security program benefit by letting us do the worrying and updating for them, so they can focus on their business instead of their security. Not on our Managed Security program? Contact us today.

The recent fever over the FIFA World Cup made unsuspecting victims an easy target for malware makers, spammes, and scammers using the sport as a means to spread nefarious software or lure users into money-making scams. It seems the entire world was in the grip of the 2010 FIFA World Cup fever as several countries vied for football supremacy in South Africa. Unfortunately, malware makers, spammers, and scammers capitalized on the fever as well, using references to the event as a means to spread nefarious software or lure unsuspecting users into money-making scams. Some of the threats included 419-style scams , lures selling fake tickets, even fake products and business opportunities related to the World Cup. One particular ploy involved a couple of websites selling a bogus filter to cancel out the sound of noisy “Vuvuzela” trumpets in TV broadcasts. Scammers had even used legitimate websites to sell them—such as eBay and other auction sites. Several spammers used sophisticated techniques to confuse SPAM filters by using tools to automatically scrape the text from hundreds of websites (including news sites) and using them to spray random bits of this text into their messages. Another new development that was seen were targeted attacks on top executives of international manufacturing companies and government agencies. With the 2010 World Cup behind us, what does this mean to us now? Everyone should always be on guard against websites, links, or messages that seem too good to be true (because most likely they are), but understanding that scammers and spammers especially thrive during popular events helps everyone to be on extra high alert.

Implementing a client-server network and maintaining it with Managed Services can help small to medium-sized businesses prevent data loss events, which lead 43 percent of such businesses to close within two years. According to DriveSavers data recovery service, 43 percent of companies that lose data in a disaster never reopen, and 90 percent are out of business within two years. How can you prevent data loss—without the hassle and expense of staying on top of the latest technology and continually monitoring backups? Consider a client-server network combined with Managed Services. With client-server networks, computers and other devices called clients are connected to a centralized computer called a server. The server stores information in a central location, and shares it with the clients on the network. Why is this a better setup for data loss prevention than the traditional peer-to-peer network, in which computers are connected directly to other computers? First, because peer-to-peer networks have no centralized security safeguards, anyone connected to the network can gain access to all of the devices on the network, making it easy to lose data through malicious acts by hackers and viruses. Second, because peer-to-peer networks don’t share information in a centralized loca­tion, if one device on the network fails, all the data stored on that device is lost. This makes it easy to lose data through hardware and software failures. With a client-server network, you address both of these potential problems. Security software can be installed centrally, ensuring that everyone on the network has the most up-to-date protection. At the same time, access to data that might be lost through malicious acts can be controlled, with different access levels given to different users. It’s also easy to back up (and retrieve, if necessary) data because it’s stored in a centralized location. The only remaining problem is that maintaining a client-server network requires you to stay on top of the latest technology, monitor backups, and troubleshoot problems—and that can take the resources of a dedicated IT staff. If you don’t have such an IT staff, or if you’d prefer your IT staff to work on revenue-producing projects, you may want to consider Managed Services. With Managed Services, an IT company monitors your network to ensure security is high and data is backed up regularly. If a problem occurs, it’s addressed quickly, with data retored almost before you know it’s missing. The best news: Your support costs should be approximately the same as if you were paying to address problems as they arise—but your network’s safety will be significantly higher.

Work no longer has to be a place your employees go at a certain time. Learn what technologies can enable your employees to get more done from any location, any time. Lately there has been a trend among companies, no matter what size and maturity, toward the use of so-called “virtual” teams. Driven perhaps by rising office and energy costs, maturity of computing and network technologies, talent scarcity, or simply the opportunity to realize increased efficiency,  this has resulted in the adoption of flexible work arrangements for some employees including flexible time and working from home – or even from remote locations in different time zones. Along with this trend has come the need to support this new way of working. A wealth of options exists—from virtual team spaces and online collaborative tools to more advanced communication devices such as smartphones and tablets. Here are a few examples. For teams working at the same time but from different locations: Conferencing applications—via telephone or video Shared workspaces and whiteboards Instant messaging Wireless communication devices For teams working at different times but in the same place: Team rooms Intranets For teams working at different times and from different places: Extranets Virtual Private Networks E-mail/Groupware Message boards Blogs and knowledgebase tools With the right tools, work can happen any time and from any place. Interested? Get in touch with us and find out more.

Client-server networks can help employees perform 20 percent more revenue-producing tasks. For small to medium businesses that may not be able to afford a dedicated IT staff, outsourcing may be the most cost-effective means of installing and maintaining such a network. You’re probably aware of the benefits of a client-server network—but are you prepared to handle the maintenance? If not, you may want to consider Managed Services. According to a Forbes study, client-server networks help small businesses extend their geographic reach, find new customers, and increase revenues while maintaining or decreasing costs—and as a result, employees at small businesses using client-server networks perform 20 percent more revenue-producing tasks. However, installing and maintaining such a network isn’t easy. It requires you to stay on top of the latest technology, monitor backups, and troubleshoot problems. The traditional method of installing and maintaining a client-server network is to hire a staff of IT professionals to do the work, but this may not be realistic for small or even mid-sized businesses not be able to afford a dedicated IT staff. Outsourcing may be a cost-effective way to solve this problem. If you want to outsource, you could hire an IT company to set up your client-server network, then wait for the network to break down before calling the IT company to perform the repair. Or, you could consider Managed Services. With Managed Services, an IT company monitors your network to ensure performance and troubleshoot problems before they get out of hand. And in the unlikely event that something goes wrong, you’ll have qualified professionals on call to come to the rescue. Moreover, your support costs should be approximately the same as if you were paying for reactive support—but your network’s performance and reliability will be significantly higher. So why spend time and money running a network when both can be better spent running your business? Consider Managed Services for you client-server network maintenance.

A critical vulnerability in Windows XP has been revealed that involves the Windows and Help support center, a Web-based feature providing technical support information to end users. The vulnerability can potentially allow a remote hacker to take complete control of a victim’s machine. Systems running Windows XP and Windows Server 2003 using many major browsers, including Internet Explorer 8, are affected. A few days after the advisory, security firm Sophos warned users of a website using the vulnerability to install malicious software on victims’ machines, and of possibly more exploits coming out soon. Users of Windows XP and Windows Server 2003 are advised to disable features within Help Center that allow administrators to remotely log onto their machines. For individual users, Microsoft has released a patch for the flaw. Don’t know how to install the patch? Need help? Let us know! Of course our customers with Managed Services are automatically advised of these vulnerabilities, and patches are applied as soon as they are available. Contact us today to find our more.

A recent report , released by Osterman Research and sponsored by software vendor Commtouch, reports that the incidents of outbound spam is getting worse. The research firm interviewed 266 end users of internet service providers and 100 web hosting companies. Almost 40% of respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone – and the number could be far greater considering those who may not be aware that they have been listed. RBLs tag machines or networks of machines as being sources of SPAM, causing their emails to be filtered out by many mail servers. This can result in legitimate emails not reaching their intended destination, and can victims’ reputations. In addition, having an infected machine or network of machines can waste bandwidth and slow down outbound connections. The cause of outbound spam varies, but can including everything from compromised email accounts to “zombie” machines – machines infected with malware sending out spam unbeknownst to the user. There are multiple ways of protecting computers and networks against the risk of outbound spam, and our Managed Services clients benefit from our proactive protection and filtering. Contact us to find out more.