Keep your business out of the headlines

Security Breaches: bad news for your small business.While you may spend a lot of your time making the world more familiar with your business, there is one kind of publicity that really is bad publicity – being the target of a security breach that puts your customer’s information at risk. Rarely a week goes by without another high-profile incident of hacking; compromised customer information costs big businesses millions and could certainly spell doom for a small one.

There are a lot of important policy decisions that go a long way towards limiting your business’ exposure to security breaches:

  • Physical security: Limit access to the places where your information is stored and used –  your office, warehouse, outsourced facilities, and even employee’s homes if they must keep business information there (they shouldn’t). Keep track of visitors and vendors who come on-site.
  • Make sure the minimum number of people necessary to do the work have access to business information. This covers both physical aspects and things like shared file and data resources.
  • Good password practices: passwords are always the last line of defense so make sure they are not guessable, and are changed regularly. When someone leaves your employ, make sure passwords get changed as a matter of course immediately.

These are just a few of the ideas that are crucial to the physical and social-engineering aspects of security. On the technology side, a well-designed strategy for protecting against attacks is just as important. This side of the equation also protects your business against lost productivity caused by annoying malware infections.

trendmicrologoFor ‘endpoint security’ (today’s industry buzzword) I recommend and use Trend Micro products. Trend has excellent offerings sized from one or two office PCs and a smartphone, all the way to a multi-national enterprise with hundreds of locations and thousands of employees.

For my customers, Worry-Free Business Security is the right fit. It has a good balance of cloud-based and on-premises resources for good performance and great protection against viruses, trojans spam and malicious websites. It supports Windows PCs, Macs and both Android and Apple iOS devices.

The best feature of WFBS is its management interface – a simple-to-use web GUI that gives a great view of the security status of all your PCs and devices. The agent deployment process is mostly transparent to end users, and you can easily enforce rules on your network to ensure all devices are protected.

Once configured, updates are deployed automatically and seamlessly. Trend’s Smart Protection Network  collects (anonymous) data about threats around the world from millions of Trend Micro installations and uses the information to deliver detection and removal of new threats more quickly.

If you’re migrating from another anti-malware solution, the agent install process will smoothly remove the existing agent for many popular competing packages. In most cases, employees won’t even know the process is happening (a reboot is usually needed to complete the process, end users are notified to do this at their convenience).

Worry Free Business Security Advanced also includes anti-malware and anti-spam protection for Exchange servers, and inbound email filtering using Hosted Email Security. This is another productivity booster – inbound spam drops dramatically with this product. It also saves resources like bandwidth and Exchange server resources, because spam emails never reach your site. EHS offers a simple web interface so each user can control his or her Approved senders and deliver any legitimate emails that get intercepted (usually a very rare occurrence).

I can also manage and monitor your WFBS system remotely, and provide support when malware is detected.

Ready to get started? Contact me today!

Windows XP: Going but not forgotten

Windows XP: The (mostly) reliable old dump truck among operating systems.

Windows XP: The (mostly) reliable old dump truck among operating systems. Photo by Darron Birgenheier

The venerable Windows XP operating system entered immortality (so far as an OS can I suppose) on April 8, 2014.

This is Microsoft’s End-of-support date, meaning it will no longer fix issues found in Windows XP after this date. Microsoft always provides a good long tail for operating systems – 12 years in this case.

Now brace yourself: Extended support for Windows Vista ends on 4/11/2017 (the horror!).

Vista seems to be virtually nonexistent in the SMB space, so there’s not much worry about that one. Windows XP is far more common in the workplaces I visit, for good reason: it is generally very stable (especially with all its updates applied) and its performance is generally acceptable on the older hardware still in use. This is especially true in lab and industrial environments where the PC may have a single (albeit important) function. These of systems are often difficult to upgrade because of the required downtime and because expensive proprietary or custom-developed software would need to be upgraded at the same time.

So what to do about Windows XP?

In the office environment: It is really high time to be off XP and onto (at least) Windows 7 for this kind of system. Office workers constantly use the ‘net and so the threat from malware is just too great to continue using an outdated OS. The cost and complexity of an upgrade (either with an OS upgrade or a new PC) is minimal.

In lab, production and manufacturing environments: There is certainly risk here too, and a plan for upgrades and possibly special security measures is indicated. I know of one large organization which banned XP machines from their LANs in all locations as of the end-of-support date. I think this is too drastic for most companies, but if you can operate with your XP systems off the net or isolated from the public internet, do it. (This may have a side benefit of keeping operators focused on work instead of Facebook!)

It’s important to get all of the XP machines updated to the final set of updates. The best way to do this is by using Windows Update for home and very small offices, or a Windows Server Update Services server for larger groups.

For situations where Windows XP needs to be re-installed (such as a hard drive failure in one of those critical lab PCs) I maintain a bootable USB drive with all  XP updates integrated.  The unofficial SP4 for XP created by harkaz provides a convenient way to do this and is available at ryanvm.net . You can also install this package directly onto an existing Windows XP installation.

When you need help planning your Windows 8.1 rollout contact me.

If you need support for your well-loved XP systems, contact me (no teasing I promise!).