alt tag

IT Management Posts


Screen Mirroring Mini-Guide

Tuesday, September 19th, 2017

Setting up your conference room for wireless screen mirroring is the answer to employees sharing in a collective groan when it’s time to connect a computer or mobile device to show a presentation. While setting up the conference room television or projector doesn’t have the same level of disdain as the office printer, it can still be a major source of frustration when half of your staff is in the conference room waiting for the technology to cooperate.

Screen mirroring allows any presenter, even a guest, to take a BYOD approach to giving a presentation with minimal effort. Not having to fiddle around with running cables and sorting through a “junk drawer” collection of video converters not only saves time but also increases productivity.

What is Screen Mirroring?

Screen mirroring, or screen casting, is when you duplicate the content on a computer or smart device on either a television screen or projector. In the past, someone would connect a computer to a TV or a projector through a cable which the device would treat just like a monitor. However, screen mirroring is different because it replicates the content on the device’s screen instead of treating the presentation device as a second screen. Modern smart devices and computers support screen mirroring, but the main problem arises when trying to find a setup that will support all of the common standards.

The Platforms:

  • Windows & Android Devices
    • While Windows and Android devices aren’t running software from the same companies, if a screen mirroring device supports one it more than likely supports the other. If your office has a smart TV or a smart projector, it might support screen mirroring out of the box for Windows and Android devices. However, if the TV or projector doesn’t have smart functionality, you can add support with a relatively inexpensive streaming device like MiracastRoku or WiDi adapters.
  • Mac Computers & iOS Devices
    • Supporting screen mirroring is very straight-forward, but there’s only one headache-free way to ensure support: connect an Apple TV device to the TV or projector. We’ve previously discussed setting up AirPlay through Apple TV. If you’re not going to use Apple TV, you’re stuck relying on finding a third-party receiver or app that supports AirPlay or messing with network settings every time you want to connect a device.

Device Checklist for Full Support

What your business should do is create a checklist for each of the four main device types and run a test of each to ensure compatibility. First, see which device types you can connect with your existing configuration. Next, determine which additional devices you’ll need to purchase for full support. An example setup could be a Samsung Smart TV paired with Apple TV or a standard LG TV with a Roku and Apple TV.

Streamlining your conference room screen mirroring setup is just one way the IT consulting experts at MPA Networks can help your business increase productivity. Contact us today!

The System Is Down: How To Stay Online When Your Service Provider Is Offline

Tuesday, September 12th, 2017

It’s easy to take a functional Internet connection for granted until it’s no longer working. When that Internet connection inevitably goes down, your business could be left scrambling to figure out how to keep working until service is restored. The best solution your business can utilize is to develop an advance plan for business continuity in the event of an Internet outage.

Purchase a Secondary Service

The safest and most reliable strategy your business can rely upon to work around Internet outages is to purchase a secondary Internet service. This service doesn’t need to be as high-speed as your main connection and it should be viewed as a safety net. The transition process can be as straight-forward as switching which modem connects to the office router.

Additionally, your business should invest in a different backup connection technology than your main connection; if your main connection comes from cable, try considering a DSL or T-line. If your business runs on a fiber service, your secondary platform can be from a cable provider. However, the secondary provider option may not be the most cost-effective solution for businesses with fewer than two-dozen employees.

Go Mobile (Internet)

Mobile Internet connections are another viable continuity option for smaller businesses: a tethered smartphone or mobile hotspot can work as a backup. The mobile option works well for smaller businesses and remote-employees. After all, mobile connections aren’t as fast and can lead to substantial data charges for businesses moving large amounts of data, so it’s not a good option if your business needs to move large files. Your corporation can also look outside of the cellular service providers for dedicated 3G/4G/LTE-based ISPs as an alternative secondary service option.

Nearby ISP Hotspots

If your company works out of a large office building with many nearby businesses you may be able to lean on your neighbors for some extra backup. Some ISPs offer Wi-Fi hotspots over all their rented modems. Then, if your business is on Verizon DSL and experiences an outage, you can use your home subscription to connect to a nearby Xfinity hotspot.

Hit the Street

If your employees need to get back online to handle immediate work, your company’s last line of defense is to lean on public Wi-Fi. You can find these hotspots at local libraries, cafés, coffee shops, and other storefronts. However, this comes with some major potential security risks; your employees shouldn’t come to rely on it with extremely confidential information.

One such risk is that it’s very common for hackers to set up “spoof” hotspots that resemble business hotspots, but are actually designed to steal your information. In other words, you have to make sure local hotspots are legitimate before using them. Keep a list of nearby secure Wi-Fi hotspots your employees can use in the event of an Internet outage. It’s of the utmost importance that this list is devised in advance because there are inherent risks in using another business’s Internet connection.

Never let an Internet outage keep your company from working: formulate an advanced backup plan so that your vital staff can keep working. If your company is looking for help developing an outage plan, the IT consulting experts at MPA Networks can help. Contact us today!

3 Lessons SMBs Can Learn From Retailers On Thanksgiving Weekend

Wednesday, September 6th, 2017

Online retailers are already working on business strategies for the Thanksgiving, Black Friday, and Cyber Monday online shopping weekend months in advance. These three days are the busiest online shopping days for retailers, bringing in nearly $6 billion in revenue combined. An online retailer’s worst nightmare on these days, in particular, is to lose business by overloading their platforms and losing customers because of long load times or crashes. SMBs can look at how retailers prepare and manage massive traffic influxes for insight into running a better online presence.

1. Do not launch a new service or platform when you expect to be busy

A robust testing and QA process is a business’s best tool to releasing features like a website update, a new software implementation, or a new hardware system as seamlessly as possible. However, some problems don’t reveal themselves until your business has pushed changes into the wild; in other words, your business doesn’t want to introduce new features that could expose problems at a busy time.

Therefore, it’s better to go with a “soft launch” for new implementations than try to run a high-traffic promotion to show off something new. Introduce new features and sweeping changes at a time when your company expects business to be slow.

2. Sometimes “bells and whistles” need to be dropped to stop from damaging functions

People tend to love “bells and whistles” features because they can take a boring product and turn it into an exciting experience. The more improved visual experience is great until it becomes detrimental to the performance. For example, retailers like Amazon will actually disable some of the rich content features on their product pages over the Thanksgiving shopping weekend, which simultaneously reduces the amount of work the servers complete when generating pages. This allows customers to load pages with minimal delay.

Retailers have to keep in mind the “user experience,” which includes the process of using a service as opposed to focusing on how it looks. SMBs can take this philosophy to heart when approaching technology: provide the best “form” as possible as long as it doesn’t impede “functionality.” A visually striking product preview page won’t do your business any good if customers refuse to sit through a long load time.

3. Don’t be a victim of your own success

Website overloads on Cyber Monday are a particularly great example of how a business can become a victim of its own success, which SMBs should keep in mind when running promotions. Unless a website’s hosting infrastructure is built with scaling potential or uses a CDN, a huge traffic spike can bring the site offline which translates to lost potential business and a negative brand impression.

Retailers typically use performance testing and monitoring strategies to prepare their platforms for massive traffic influxes. SMBs should keep a “ready-to-grow” philosophy in mind concerning their web presence because opportunity can strike at any time. Bracing for traffic spikes is particularly important when running social media promotion campaigns: if your business goes viral, you don’t want to miss out because your website is overloaded.

Whether your business is looking for opportunities to keep up with growth in cloud computing or seeing if new software would increase productivity, the IT consulting experts at MPA Networks are ready to help. Contact us today!

Adobe Flash: The Rumors of My Death Have Been Greatly Exaggerated…Until 2020

Tuesday, August 29th, 2017

Adobe Flash, the web content standard the Internet loves to hate, will soon meet its ultimate demise: Adobe will finish phasing out the platform in 2020. Flash, first introduced in the early 2000s, has been on a gradual decline for almost as long as it was on the rise. Fortunately for your company’s IT security, this shift will make your computers safer at the expense of losing support for older web content.

Trends in Design

While Flash provides rich content for desktop and laptop computer users, the multimedia software platform received its terminal diagnosis when trends shifted towards the mobile web. Flash’s relevance continued to decline as web sites moved away from running separated desktop and mobile sites by adopting a singular “responsive design which requires Flash-free content.

The Slow Death

Late Apple Co-Founder Steve Jobs, who played a major role in creating much of the popular computer technology in use today, is credited with signaling the beginning of the end with his public letter, “Thoughts on Flash.” Instead of weening iOS devices off of Flash content, Apple opted to avoid supporting the standard altogether on iPhones and iPads in favor of HTML5 and H.264.

While mobile devices were the first to abandon Flash, desktop devices kept it on life-support for a few more years. Google followed suit with dropping Flash from Android devices in 2012 and YouTube switched to HTML 5 as the default video player for all devices in 2015. The standard took more hits in 2016: both Chrome and Firefox started blocking Flash by default, forcing users to “opt-in” to enable any Flash content.

Performance Issues

Flash isn’t great for device battery life or SEO-friendly web design. Flash content is typically CPU intensive and inefficient, so it forces the device to do a lot of work even after downloading content. For example, Flash video can eat through a device’s battery life twice as fast as the same content encoded in H.264. Flash content is also notoriously poor for SEO because search engine crawlers can’t properly examine the content. Additionally, Flash-content can take several times longer to load which translates into a large share of the audience abandoning the page due to speed.

Security Issues

Unfortunately for Flash, security issues create a situation where leaving the plug-ins installed on a computer to continue supporting content leaves the device vulnerable to attack. Flash is riddled with security holes. Even after Steve Jobs called out Adobe for the security problems back in 2010, Adobe’s vulnerability patches continue to be met with newly discovered vulnerabilities. Symantec observed and reported Flash vulnerabilities in 20142015, and 2016. Hackers frequently exploit Flash’s security shortcomings to upload malware onto devices.

Is your business ready to operate in a Flash-free world? MPA Networks can help through IT Managed Services and desktop management by helping your business phase out lingering Flash-required software and removing Flash installations on your devices. Contact us today to learn more!

When Windows 10 Support Stops

Tuesday, August 22nd, 2017

In July of 2017, some Windows 10 users received an error message when trying to install the Creators Update, stating, “Windows 10 is no longer supported on this PC.” This first-of-its-kind problem stems from an incompatibility with a handful of Intel’s Clover Trail CPUs found in some of the earliest laptop, tablet, and 2-in-1 devices that shipped with Windows 8.1. While the issue affects a relatively small number of devices, it stands as a reminder that aging devices may not always be able to support the latest Windows 10 feature updates. The issue won’t create a security headache for users, but it could block new features your employees would otherwise use in order to increase productivity.

macbook-606763_1920

There’s No Windows 11

Up until now, PC users have generally expected that devices working with a given version of Windows will continue to work on that version indefinitely; replacement time comes when the device can no longer run a newer Windows iteration. However, Windows 10 changes that because there won’t be a Windows 11; instead, Microsoft will continue to update Windows 10. Therefore, the system requirements for Windows 10 can’t be expected to stay the same as Microsoft updates the operating system so that devices running on today’s most recent version of Windows may not run all of Windows 10’s future features.

The Case of the Clover Trail Atom CPU:

As of July 2017, the Creators Update compatibility issue only affects the Atom Z2760, Z2520, Z2560, and Z2580 CPU models. As previously stated these CPUs belong to the Clover Trail family which was first released in Q3 2013. The issue has less to do with the processing power of the device and more to do with a compatibility problem with the CPU’s hardware drivers being incompatible with features in the Creators Update.

Windows 10 Support: Problems Down the Road

Hypothetically speaking, there are a number of issues that Windows 10 feature updates could add to the operating system that will render older devices incompatible or unable to run at a smooth speed. Lower-end devices that run inexpensive and weaker hardware are the most prone to being unable to support future updates. Some possible compatibility issues could include:

  • Insufficient RAM
  • Unsupported hardware drivers
  • CPU too slow
  • Not enough storage

What Next?

The good news here is that the devices are still compatible with the Windows 10 Anniversary Update, which will continue to receive security updates throughout the original Windows 8.1 device lifetime support window. The devices will still receive security updates, making it safe to continue using the devices. This isn’t like running a Windows XP computer on the modern Internet; if the device user doesn’t need the new Windows 10 features from the update, this really isn’t a big deal. However, after 2023, affected devices should be replaced.

Make sure your company’s computers and other devices are secure and able to perform to their highest ability. The IT consulting experts at MPA Networks are ready to help in San Mateo County and throughout the San Francisco Bay Area to keep your hardware and software up-to-date. Contact us today!

The Internal SMB IT Security Threat: Overconfidence In Cyber Security Preparedness

Tuesday, August 15th, 2017

According to a 2017 published study by Advisen and Experian, one of the biggest threats facing small businesses comes from within, such as overconfidence in the organization’s ability to protect itself and recover from cyber security attacks. While businesses in the survey aren’t claiming to have exceptional cyber security plans and policies in place, there is a disconnection on how well prepared companies  believe they are compared to third-party security experts. Modesty is an often overlooked virtue in business cyber security; knowing that your business needs to continually evolve and improve practices is a defense mechanism of its own.

The People Problem

email-1903444_1920

Hackers are shifting their attention to a different part of the system when trying to break in: the human aspect. Hackers are using increasingly sophisticated phishing scams through email, web-linking, and phone calls to trick humans into handing over information instead of dealing with strong technical security implementations.

According to the Experian survey, “80 percent of legal experts and 68 percent of brokers were concerned, versus just 61 percent of risk managers”, pertaining to employees able to successfully identify and avoid phishing and social engineering attacks. Businesses, then, need to emphasize employee education on avoiding phishing and social engineering attacks.

Internal Vs. External Perspectives

According to the Experian survey, on a preparedness scale of 1-to-5, business risk managers rated their employee education programs 3.36. However, legal experts and data brokers gave those same programs 2.91 and 2.57 scores respectively. This disconnect is important because it shows that businesses tend to realize that they have a lot of room for improvement but they undershoot how far their practices need to grow.

Fortunately, firms aren’t as off-base when it comes to assessing preparedness versus other businesses: 54 percent of companies report that their IT security preparedness is better than their competition. Employees further removed from the metaphorical front-lines may be more confident. According to a Deloitte study, 76 percent of business executives are “highly confident” in their firm’s ability to respond to a cyber security attack.

Looking Ahead

Different businesses face different challenges. According to a FICO survey, telecommunications businesses were the most confident whereas healthcare organizations were the least confident in their company’s cyber security protection. However, the healthcare industry perspective could stem from hackers narrowing-in on the hospitals and healthcare providers as the top target. The legal industry and financial service industry businesses are also major targets for cyber attacks.

The silver-lining in the Experian survey is that businesses and security experts are in agreement on what their biggest security concerns should be: phishing for personal/financial information, ransomware attacks, and IoT vulnerabilities. Is your business looking to improve its cybersecurity practices? The IT consulting experts at MPA Networks can help. Whether it’s through desktop support and management or disaster recovery solutions, your company can always work to improve cyber security. Contact us today!

Looking at USB/NFC Keys for Extra Account Security

Tuesday, August 1st, 2017

Hijacked accounts are an IT security nightmare, so it makes sense for your company to look at new technology for better ways to keep your digital assets safe. While security professionals are working out new ways to look at what account credentials are, sometimes with mixed results like with Samsung’s iris-scanner:  it’s clear that the username/password system alone isn’t enough anymore. According to PC World, a new device-based authentication key called “YubiKey” plugs countless security holes by requiring the connecting of a physical device to a computer or smartphone to access accounts.

hacker-1944688_1280

Increased Security, Tougher to Crack with YubiKey

The authentication device solution owes its lineage to the 2-step verification system, which forces the user trying to access the account to enter a time-sensitive key sent to the user through a secondary device to access an account. Usually, to save effort, these systems flag a device as allowed after a one-time authentication. The YubiKey changes that requirement so that the access key device needs to be physically connected to the device accessing the account: disconnecting the device means logging out of the account. This offers increased security because it prevents people from accessing accounts on stolen, authenticated devices and prevents anyone else from being able to use the account at the same time as the key holder.

Avoiding the SMS Pitfall

Physical authentication devices do not need to transmit a key to the user, only send the key to the site hosting the account which makes them much more secure. In 2016, hackers found a way to intercept 2-Factor authentication system messages sent over SMS text-messaging, which put a huge dent in the method’s dependability. Hackers strike businesses incredibly frequently, so any way that your company can stay ahead of them helps.

USB is the Standard-Bearer, NFC is Forward-Thinking

The biggest problem many new security methods face stems from cross-device compatibility. If the authentication device won’t work with a person’s computer, phone, or other devices, it’s not going to be widely used. However, the YubiKey works around this problem by being compatible with both the USB ports devices have been using since 1994 and NFC found in many newer devices that may lack a USB port. Supporting standards like USB and NFC eliminates the most substantial barrier between the authentication device and the end-user.

However helpful devices like the YubiKey are, progress doesn’t stop there. A similar device called “Token,” which is a biometric token ring acts as an authentication device and can also require a fingerprint scan for additional protection. If your business is looking to take a step forward in IT securitycontact the experts at MPA Networks today!

You might also want to read:

Addressing the Unique Ransomware IT Security Issues in Healthcare

Is Your Office Router Secure? 

Is Your Office Router Secure?

Tuesday, July 25th, 2017

network-connection-414415_1920

In June 2017, WikiLeaks released secret documents that exposed the tools the CIA uses to infiltrate public and private networks through routers. These documents have shined a light on how easy it is for someone to hack a router.

This begs the question, are your business’ IT security practices keeping your data safe? Is your office router secure? There’s plenty your business can do to protect your routers, which are often loaded with security holes from nefarious individuals. Here are some tips to help keep your router secure.

How to Secure Office Router: Change the Default Admin Name and Password

It’s very common for routers to ship with manufacturer-specific default admin credentials – these are often as simple as using the name “admin” for the admin name and having a blank password. Changing these to a unique name and secure password will go a very long way in protecting your network. To put the severity of this issue into perspective: hackers took advantage of default credentials on IoT devices to launch a massive attack on important Internet infrastructure servers in late 2016.

The information is easily accessible. There are websites like routerpasswords.com that store the default credential settings for just about any router on the market. However, these sites themselves can be helpful for individuals who reset a device to factory settings and forget the default credentials.

Change the SSID

LifeHacker recommends changing your network’s broadcast name, or SSID, because the default names usually give away the router’s manufacturer and may give hints as to the model number. Knowing the brand makes it much easier to break into a router because manufacturers tend to leave the same security holes across many models.

Change the Firmware

If the router supports its alternative firmware like DD-WRT or Tomato, installing either will give the router a security edge. In addition to changing the firmware to something other than what the manufacturer uses, which will render brand-specific firmware exploits useless, these alternative firmware implementations are more secure than what comes stock. If you can’t change the firmware, just make sure your IT staff keeps the router running the latest official version.

Disable Unused Features

Improve router security by turning off any feature your company isn’t using. Disabling features can also disable the security exploits that existing within the features themselves. Unused features can include things like remote administration, Telnet access, WPS, and UPnP.

How to Tell If You’ve Been Hacked (and What to do Next)

A good hack is an invisible hack, so your business should periodically check to see if your network security has been compromised. Hackers can try to accumulate a massive network of hacked routers to perform IoT botnet-style attacks, which may only show occasional performance drops as symptoms.

Checking the router is pretty straightforward. Technology expert Kim Komando recommends using the online tool F-Secure Router Checker to scan for issues. If the test identifies a hacked router, the fastest way to resolve the problem is to run a factory reset on the router, update the firmware, set secure credentials, and reconfigure the network.

The router is just one part of your company’s network; the experts at MPA provide network management services that address both performance and security.  Contact us today to learn more!

Avoiding Hardware Overkill: IT Consulting to the Rescue

Tuesday, July 18th, 2017

Spending far too much money on excessively overpowered computer hardware can quickly deplete your company’s IT budget, taking funding away from other important expenses. Two exciting products released in June 2017, Apple’s new iMac Pro ($4999) and Intel’s Core i9 CPU family (starting at $999), are poised to put an incredible amount of computer power in reach of professional-level users with a matching high price tag. However tantalizing these new devices seem, they are power overkill for employees outside of niche roles. IT consulting services can help with matching device power to employee usage to increase productivity.

cyber-2377718_1920

“Pro” is More than Marketing

While “pro” and “high-end” products are inherently better devices based on power, they are niche products targeted to specifically high-end users. In many cases, they’re less like a better interior package or more powerful engine for a sedan and more like a different class of vehicle like a fully-loaded pickup truck.

A power overload is an unnecessary expense, but it’s still preferable to err on the side of more power than what is needed than wasting money on underpowered devices that hurt productivity. In the case of the iMac Pro and the Intel Core i9, the higher-end base iMac and the Core i7 are the devices suited for most high power users.

“Pro” is only Better if you Need it

A Core i9 won’t offer much of a difference in performance for the average user running word processing and web browsers over a three-year-old Core i5. Other parts of the computer are much slower, like the hard drive and the Internet connection, which create a performance bottleneck. The faster CPU won’t do a thing to alleviate these problems.

More Power Delays Obsolescence with Diminishing Returns

A computer is obsolete when it no longer supports the software employees need and hinders productivity through poor performance, and not because there’s a faster model on the shelf. It’s common to delay obsolescence for as long as possible by spending as much money as the budget allows to get the most powerful hardware; unfortunately, the law of diminishing returns hits hard.

Enough Power to Last the Replacement Cycle

The big question is, “how much hardware power do computers need for employees in specific roles?” The device needs to offer sufficient capabilities to last the user through the next replacement, which is a question for IT consulting. Needs vary wildly between roles:

  • A minimal-needs salesperson who mostly uses email and PowerPoint could get away with a lower-powered laptop with a longer battery life.
  • A power-user video editor needs lots of CPU power and a capable GPU for smooth work and fast video processing.
  • A mid-to-power-level accountant who works in massive spreadsheets needs lots of system memory, but won’t see any benefit from a beefier GPU.

According to a PC World article, the average computer replacement cycle has shifted from a three-to-four year interval to a five-to-six year interval. The Core i9 and iMac Pro devices are both designed to meet the needs of employees who work with graphic design, video editing, financial modeling, and programming through the longer replacement cycle.

The IT consulting experts at MPA Networks are ready to help your company determine the ideal computers and devices for your office needs. Expert desktop and workstation management services can keep those devices running in top form so that your company can get the most out of its technology investment. Contact us today!

Flaws in 2-Factor Authentication Methods Could Leave You Vulnerable

Tuesday, July 11th, 2017

If your business is using 2-factor authentication, or 2FA, methods to secure your important accounts, you may need to investigate better ways to implement the practice. Security experts widely recommend using 2FA, a system which utilizes a second security level of authorization in addition to a password to keep hackers out of accounts even when they have the password. However, not all delivery methods for transmitting that second code, token, or credential are equal.

According to Mashable, hackers have found a way to exploit the SMS text message-based delivery code method popular with services like Twitter.

technology-1940695_640

The SMS Flaw

SMS messaging proved itself as a viable solution for getting a device capable of receiving 2FA authentication codes into the hands of the average person because most people already own a compatible device. Using text messaging is very practical because SMS-compatible cellular phones are so widely used that it’s almost expected that a user already has a compatible device; it doesn’t even need to be a smartphone to utilize this method.

However, a 2017 bank account draining heist is shining a light on how hackers can exploit SMS-based code delivery by re-routing or intercepting text messages. Instead of manipulating the account or security platform, the hackers hit the vulnerable text messaging system instead. According to Ars Technica, hackers were able to exploit the widely used Signaling System No. 7 telephony system to redirect 2FA token messages from banks to bypass security. This method can work on any platform using SS7.

Should My Business Stop 2-Factor through SMS?

Your business should not abandon 2FA just because hackers found one way to break through it. Using 2-Factor is still more secure than not using it: it still creates an additional step for the hacker to get through. However, it does mean that your business should consider switching over to alternative code delivery methods whenever applicable.

  • Look for applications like the Google Authenticator app for enabling account access, which uses secure HTTP communication to send the validation code instead of SMS.
  • While they include an additional expense, 2FA security key fobs offer far more secure options over SMS.
  • Services typically send an email alert whenever a new device is used to access the account: pay attention to these because they can alert you immediately if your account has been hijacked. You can change the password at this time to minimize any damage.

If your business is looking to plug its potential security leaks, the IT consulting experts at MPA Networks can help. Finding the right tools for your business’s unique needs is an important part of any security strategy. Find out more and contact us today!