alt tag

Posts from July, 2017


Is Your Office Router Secure?

Tuesday, July 25th, 2017

network-connection-414415_1920

In June 2017, WikiLeaks released secret documents that exposed the tools the CIA uses to infiltrate public and private networks through routers.

These documents have shined a light on how easy it is for someone to hack a router. This begs the question, are your business’ IT security practices keeping your data safe? There’s plenty your business can do to protect your routers, which are often loaded with security holes from nefarious individuals.

Change the Default Admin Name and Password

It’s very common for routers to ship with manufacturer-specific default admin credentials – these are often as simple as using the name “admin” for the admin name and having a blank password. Changing these to a unique name and secure password will go a very long way in protecting your network. To put the severity of this issue into perspective: hackers took advantage of default credentials on IoT devices to launch a massive attack on important Internet infrastructure servers in late 2016.

The information is easily accessible. There are websites like routerpasswords.com that store the default credential settings for just about any router on the market. However, these sites themselves can be helpful for individuals who reset a device to factory settings and forget the default credentials.

Change the SSID

LifeHacker recommends changing your network’s broadcast name, or SSID, because the default names usually give away the router’s manufacturer and may give hints as to the model number. Knowing the brand makes it much easier to break into a router because manufacturers tend to leave the same security holes across many models.

Change the Firmware

If the router supports its alternative firmware like DD-WRT or Tomato, installing either will give the router a security edge. In addition to changing the firmware to something other than what the manufacturer uses, which will render brand-specific firmware exploits useless, these alternative firmware implementations are more secure than what comes stock. If you can’t change the firmware, just make sure your IT staff keeps the router running the latest official version.

Disable Unused Features

Improve router security by turning off any feature your company isn’t using. Disabling features can also disable the security exploits that existing within the features themselves. Unused features can include things like remote administration, Telnet access, WPS, and UPnP.

How to Tell If You’ve Been Hacked (and What to do Next)

A good hack is an invisible hack, so your business should periodically check to see if your network security has been compromised. Hackers can try to accumulate a massive network of hacked routers to perform IoT botnet-style attacks, which may only show occasional performance drops as symptoms.

Checking the router is pretty straightforward. Technology expert Kim Komando recommends using the online tool F-Secure Router Checker to scan for issues. If the test identifies a hacked router, the fastest way to resolve the problem is to run a factory reset on the router, update the firmware, set secure credentials, and reconfigure the network.

The router is just one part of your company’s network; the experts at MPA provide network management services that address both performance and security.  Contact us today to learn more!

Avoiding Hardware Overkill: IT Consulting to the Rescue

Tuesday, July 18th, 2017

Spending far too much money on excessively overpowered computer hardware can quickly deplete your company’s IT budget, taking funding away from other important expenses. Two exciting products released in June 2017, Apple’s new iMac Pro ($4999) and Intel’s Core i9 CPU family (starting at $999), are poised to put an incredible amount of computer power in reach of professional-level users with a matching high price tag. However tantalizing these new devices seem, they are power overkill for employees outside of niche roles. IT consulting services can help with matching device power to employee usage to increase productivity.

cyber-2377718_1920

“Pro” is More than Marketing

While “pro” and “high-end” products are inherently better devices based on power, they are niche products targeted to specifically high-end users. In many cases, they’re less like a better interior package or more powerful engine for a sedan and more like a different class of vehicle like a fully-loaded pickup truck.

A power overload is an unnecessary expense, but it’s still preferable to err on the side of more power than what is needed than wasting money on underpowered devices that hurt productivity. In the case of the iMac Pro and the Intel Core i9, the higher-end base iMac and the Core i7 are the devices suited for most high power users.

“Pro” is only Better if you Need it

A Core i9 won’t offer much of a difference in performance for the average user running word processing and web browsers over a three-year-old Core i5. Other parts of the computer are much slower, like the hard drive and the Internet connection, which create a performance bottleneck. The faster CPU won’t do a thing to alleviate these problems.

More Power Delays Obsolescence with Diminishing Returns

A computer is obsolete when it no longer supports the software employees need and hinders productivity through poor performance, and not because there’s a faster model on the shelf. It’s common to delay obsolescence for as long as possible by spending as much money as the budget allows to get the most powerful hardware; unfortunately, the law of diminishing returns hits hard.

Enough Power to Last the Replacement Cycle

The big question is, “how much hardware power do computers need for employees in specific roles?” The device needs to offer sufficient capabilities to last the user through the next replacement, which is a question for IT consulting. Needs vary wildly between roles:

  • A minimal-needs salesperson who mostly uses email and PowerPoint could get away with a lower-powered laptop with a longer battery life.
  • A power-user video editor needs lots of CPU power and a capable GPU for smooth work and fast video processing.
  • A mid-to-power-level accountant who works in massive spreadsheets needs lots of system memory, but won’t see any benefit from a beefier GPU.

According to a PC World article, the average computer replacement cycle has shifted from a three-to-four year interval to a five-to-six year interval. The Core i9 and iMac Pro devices are both designed to meet the needs of employees who work with graphic design, video editing, financial modeling, and programming through the longer replacement cycle.

The IT consulting experts at MPA Networks are ready to help your company determine the ideal computers and devices for your office needs. Expert desktop and workstation management services can keep those devices running in top form so that your company can get the most out of its technology investment. Contact us today!

Flaws in 2-Factor Authentication Methods Could Leave You Vulnerable

Tuesday, July 11th, 2017

If your business is using 2-factor authentication, or 2FA, methods to secure your important accounts, you may need to investigate better ways to implement the practice. Security experts widely recommend using 2FA, a system which utilizes a second security level of authorization in addition to a password to keep hackers out of accounts even when they have the password. However, not all delivery methods for transmitting that second code, token, or credential are equal.

According to Mashable, hackers have found a way to exploit the SMS text message-based delivery code method popular with services like Twitter.

technology-1940695_640

The SMS Flaw

SMS messaging proved itself as a viable solution for getting a device capable of receiving 2FA authentication codes into the hands of the average person because most people already own a compatible device. Using text messaging is very practical because SMS-compatible cellular phones are so widely used that it’s almost expected that a user already has a compatible device; it doesn’t even need to be a smartphone to utilize this method.

However, a 2017 bank account draining heist is shining a light on how hackers can exploit SMS-based code delivery by re-routing or intercepting text messages. Instead of manipulating the account or security platform, the hackers hit the vulnerable text messaging system instead. According to Ars Technica, hackers were able to exploit the widely used Signaling System No. 7 telephony system to redirect 2FA token messages from banks to bypass security. This method can work on any platform using SS7.

Should My Business Stop 2-Factor through SMS?

Your business should not abandon 2FA just because hackers found one way to break through it. Using 2-Factor is still more secure than not using it: it still creates an additional step for the hacker to get through. However, it does mean that your business should consider switching over to alternative code delivery methods whenever applicable.

  • Look for applications like the Google Authenticator app for enabling account access, which uses secure HTTP communication to send the validation code instead of SMS.
  • While they include an additional expense, 2FA security key fobs offer far more secure options over SMS.
  • Services typically send an email alert whenever a new device is used to access the account: pay attention to these because they can alert you immediately if your account has been hijacked. You can change the password at this time to minimize any damage.

If your business is looking to plug its potential security leaks, the IT consulting experts at MPA Networks can help. Finding the right tools for your business’s unique needs is an important part of any security strategy. Find out more and contact us today!

Spare Parts: Which Ones To Keep For Disaster Recovery

Wednesday, July 5th, 2017

computer-2049019_640

It happens in every office eventually: an employee is going about their workday and suddenly their computer or monitor won’t turn on. Fortunately, there’s gold in those unused desktops and laptops stuck in the storage closet. Aside from the computers having literal gold in some components, your business can reuse spare, compatible parts from storage as a quick disaster recovery fix. With a little know-how of modular computer parts, a quick swapping can get your staff back to work right away.

Advance Planning Necessary

The replacement part storage strategy is particularly helpful for businesses that replace devices on an as-needed or staggered basis as opposed to all at once. Do not spend money on parts you may or may not need in advance: instead, take from computers that are no longer in use. If a laptop’s motherboard fails, its SSD can be used to fix another device with a broken storage device and the RAM can be used to upgrade another laptop.

Your IT staff will need to know which parts to keep around, how many of those parts to keep, and how long to keep them around for. The average computer replacement cycle has grown to five-to-six years, which created a longer part compatibility time frame. If a device breaks after four years, its working parts can help fix other devices for at least another two years. Realistically, your IT staff should only keep two or three of each replacement part on hand to manage repairs. After all, this is a disaster recovery strategy, not a repair shop.

Parts to Keep

  • Hard Disk Drives and Solid State Drives: Both laptops and desktops can use replacement storage devices to restore failing ones or increase total storage space. Storage device failure rates can be fairly high in comparison to the rest of the system. Remember to properly dispose of unused storage devices to avoid data theft.
  • RAM: Keeping a few RAM modules on hand works well for replacing broken parts and upgrading aging computers. However, these parts come in laptop and desktop variations and lose compatibility across generations.
  • Laptop Batteries: Battery storage capacity degrades through subsequent charges, so if your business has several laptops of the same model, keep the batteries from the first few that fail in order to replace batteries for the working ones down the line.
  • Power Supply Unit: Keep one or two desktop power supply units in storage to replace failing ones. These devices usually have limited compatibility issues, except with high-performance machines.
  • Video Card: Desktop video cards tend to produce substantial heat and are consequently prone to failure. While swapping one may require a bit of legwork to adjust the drivers, it is much faster than ordering a replacement.
  • Cables: Since cables bend, they may wear down over time. Hold on to a few extra SATA, USB, and Lightning cables to avoid having to buy new ones. For proper storage, tie up all cables.
  • Peripherals: While these devices tend to last a long time, they seem to break at random. Keep a handful of spare keyboards, mice, and monitors around just in case.

Any parts your business doesn’t intend to keep should be recycled or otherwise properly disposed of. If your business is looking to improve its strategies with disaster recovery and desktop managementcontact the experts at MPA Networks today!