alt tag

Flaws in 2-Factor Authentication Methods Could Leave You Vulnerable


July 11th, 2017


If your business is using 2-factor authentication, or 2FA, methods to secure your important accounts, you may need to investigate better ways to implement the practice. Security experts widely recommend using 2FA, a system which utilizes a second security level of authorization in addition to a password to keep hackers out of accounts even when they have the password. However, not all delivery methods for transmitting that second code, token, or credential are equal.

According to Mashable, hackers have found a way to exploit the SMS text message-based delivery code method popular with services like Twitter.

technology-1940695_640

The SMS Flaw

SMS messaging proved itself as a viable solution for getting a device capable of receiving 2FA authentication codes into the hands of the average person because most people already own a compatible device. Using text messaging is very practical because SMS-compatible cellular phones are so widely used that it’s almost expected that a user already has a compatible device; it doesn’t even need to be a smartphone to utilize this method.

However, a 2017 bank account draining heist is shining a light on how hackers can exploit SMS-based code delivery by re-routing or intercepting text messages. Instead of manipulating the account or security platform, the hackers hit the vulnerable text messaging system instead. According to Ars Technica, hackers were able to exploit the widely used Signaling System No. 7 telephony system to redirect 2FA token messages from banks to bypass security. This method can work on any platform using SS7.

Should My Business Stop 2-Factor through SMS?

Your business should not abandon 2FA just because hackers found one way to break through it. Using 2-Factor is still more secure than not using it: it still creates an additional step for the hacker to get through. However, it does mean that your business should consider switching over to alternative code delivery methods whenever applicable.

  • Look for applications like the Google Authenticator app for enabling account access, which uses secure HTTP communication to send the validation code instead of SMS.
  • While they include an additional expense, 2FA security key fobs offer far more secure options over SMS.
  • Services typically send an email alert whenever a new device is used to access the account: pay attention to these because they can alert you immediately if your account has been hijacked. You can change the password at this time to minimize any damage.

If your business is looking to plug its potential security leaks, the IT consulting experts at MPA Networks can help. Finding the right tools for your business’s unique needs is an important part of any security strategy. Find out more and contact us today!

 

 

Spare Computer Parts: Which Ones To Keep For Disaster Recovery


July 5th, 2017


computer-2049019_640

It happens in every office eventually: an employee is going about their workday and suddenly their computer or monitor won’t turn on. Fortunately, there’s gold in those unused desktops and laptops stuck in the storage closet. Aside from the computers having literal gold in some components, your business can reuse spare, compatible parts from storage as a quick disaster recovery fix. With a little know-how of modular computer parts, a quick swapping can get your staff back to work right away.

Plan Ahead for Reusing Computer Parts

The replacement part storage strategy is particularly helpful for businesses that replace devices on an as-needed or staggered basis as opposed to all at once. Do not spend money on parts you may or may not need in advance: instead, take from computers that are no longer in use. If a laptop’s motherboard fails, its SSD can be used to fix another device with a broken storage device and the RAM can be used to upgrade another laptop.

Your IT staff will need to know which parts to keep around, how many of those parts to keep, and how long to keep them around for. The average computer replacement cycle has grown to five-to-six years, which created a longer part compatibility time frame. If a device breaks after four years, its working parts can help fix other devices for at least another two years. Realistically, your IT staff should only keep two or three of each replacement part on hand to manage repairs. After all, this is a disaster recovery strategy, not a repair shop.

Computer Parts to Keep

  • Hard Disk Drives and Solid State Drives: Both laptops and desktops can use replacement storage devices to restore failing ones or increase total storage space. Storage device failure rates can be fairly high in comparison to the rest of the system. Remember to properly dispose of unused storage devices to avoid data theft.
  • RAM: Keeping a few RAM modules on hand works well for replacing broken parts and upgrading aging computers. However, these parts come in laptop and desktop variations and lose compatibility across generations.
  • Laptop Batteries: Battery storage capacity degrades through subsequent charges, so if your business has several laptops of the same model, keep the batteries from the first few that fail in order to replace batteries for the working ones down the line.
  • Power Supply Unit: Keep one or two desktop power supply units in storage to replace failing ones. These devices usually have limited compatibility issues, except with high-performance machines.
  • Video Card: Desktop video cards tend to produce substantial heat and are consequently prone to failure. While swapping one may require a bit of legwork to adjust the drivers, it is much faster than ordering a replacement.
  • Cables: Since cables bend, they may wear down over time. Hold on to a few extra SATA, USB, and Lightning cables to avoid having to buy new ones. For proper storage, tie up all cables.
  • Peripherals: While these devices tend to last a long time, they seem to break at random. Keep a handful of spare keyboards, mice, and monitors around just in case.

Any parts your business doesn’t intend to keep should be recycled or otherwise properly disposed of. If your business is looking to improve its strategies with disaster recovery and desktop managementcontact the experts at MPA Networks today!

 

 

79% of Businesses Were Hacked in 2016. Was Yours One of Them?


June 27th, 2017


broken-business-2237920_640

Getting caught off-guard in a cyber security attack is a disaster for any business, large or small—and the frequency of attacks is only getting worse.

According to the CyberEdge 2017 Cyberthreat Defense Report, hackers successfully compromised security at least once for 79.2 percent of businesses over the last 12 months.

These figures may be alarming, but keep in mind that all businesses can (and should) be taking proactive steps to prevent attacks, and to make a quick recovery from any breaches. Here’s how you can protect yourself, with help from a Managed Service Provider.

Increase in data breaches

Even if your business has not been attacked in the past year, the odds of staying under the radar aren’t in your favor. In 2016, businesses experienced a 40 percent increase in data breaches over 2015. The situation is especially bad for smaller businesses: 60 percent of small companies that suffer a major cyber attack go under within six months.

Less severe incidents are more common, but businesses are typically ill-prepared for them. A staggering 63 percent of small business owners report their websites have come under attack by hackers or spammers; of those attacked, 79 percent say they have no plan for what to do if it happens again. Most businesses find that mobile devices and social media services are the weakest links in their online security.

Protective Measures against Cyber Attack

The best protective measures against digital security threats are to secure networks, websites, applications, and social media platforms, and to implement a reliable backup system. The following tips provide a baseline to help your business minimize its security risks:

  • Use unique, secure passwords for all accounts including internal services, external services, email, and connected social media to prevent data breaches.
  • Activate “2-Step Verification” for applicable services.
  • Use Secure HTTP for websites and applications that pass personal information.
  • Take advantage of desktop management services; make sure computers are running up-to-date software to minimize exposure to known security holes.
  • Keep antivirus and anti-malware software updated; run scans on a frequent basis to protect from malware infections.
  • Program internally developed services to prevent SQL injection.
  • Secure the Wi-Fi/Internet and manage employee credentials.
  • Secure mobile devices, tablets, and laptops so they can be disabled if lost or stolen.

In Case of Emergency: Disaster Recovery

Ransomware is major concern for businesses these days: 61 percent of businesses say they were compromised at least once by malware demanding payment to return data. Unfortunately, some companies that decide to pay the ransom still don’t get their data back. The best thing your company can do to protect itself from ransomware is to limit the amount of damage an attack can do through backup and disaster recovery. Using the “3-2-1 backup rule” and running frequent backups can be the difference between losing all of your data permanently, and losing a single day’s work.

Digital security should never take a break. If your business is looking to build a better defense against cyber threats, the experts at MPA Networks can help with both desktop and server management. Contact us today to learn more.

 

 

Amazon Alexa in the Workplace: What Could You Do With a Virtual Assistant?


June 20th, 2017


communicate-2028004_640

Amazon Alexa, the voice-based intelligent personal assistant you may have seen an early adopter friend use at home, has surprising business use potential to increase productivity in the workplace. Like Apple’s Siri, Google Assistant, and Microsoft’s Cortana, Alexa is able to perform tasks for the user via voice commands. However, Alexa’s decentralized nature makes the system well-adapted for shared use in the workplace.

Amazon Alexa Increases Workplace Productivity

The virtual assistant is especially helpful at keeping employees focused on their primary tasks by simplifying interruptions—from adjusting a meeting time to looking up an address—into a simple voice request. In short, Alexa is a powerful tool for automating and streamlining common work procedures.

Amazon Echo

Amazon Echo is a hands-free, smart speaker that serves as a gateway interface to the Alexa Voice Service. Echo is the most practical way to use the assistant, featuring a different style of interactivity compared with similar services (which are primarily run on phones and tablets). For those who prefer a device-based option, Alexa also runs on Amazon Fire tablets.

As of January 2017, Amazon has sold over eight million Echo units.

Alexa Simplifies Workplace Tasks

Alexa is very good at automating and simplifying mundane, simple tasks in the workplace. While the real power lies in programming Alexa to perform unique tasks, the assistant is already powerful out of the box. For example, businesses can put an Echo at the conference table during meetings and ask it questions that come up instead of opening a phone or computer and performing a Google search. Alexa is also helpful for tasks like announcing the weather forecast, adjusting background music, and controlling smart lights—all through voice commands.

For more advanced users, Alexa is compatible with Microsoft’s Office365 and can be put to work on tasks like calendar collaboration. Requesting a day off or adjusting meeting times is as simple as asking Alexa. Some businesses may find the assistant helpful for streamlining office supply orders; Alexa allows employees to add items to a shopping wish list. (Gone are the days of endless email chains and formal paper requests.) If someone discovers that paper towels are running out in the break room, or the stock closet is low on staples, they can say “Alexa, add X to my shopping wish list.”

Alexa’s Custom Programming

Good ideas don’t always come at the right time. Imagine one of your staff members thinks up a great idea for an upcoming project while they are working on a more urgent one. Writing down or recording those ideas while trying to stay focused on the task at hand can be difficult and disruptive. With custom programming, that employee could tell Alexa to attach a note to the upcoming project and then get back to work. Alexa’s custom-programmed “skills” can work as standalone features or be integrated with existing applications and services to serve your business’s unique needs.

Back in the conference room, Alexa could be used on the fly to gather custom analytics like “what was our total profit last week” or “how many products did we ship in February and March” for fast responses. Programming is pretty straightforward, but the downside is that Alexa needs to recognize a range of specific phrases to work correctly.

If your company is looking into new ways to increase productivity with new technology, the IT consulting experts at MPA Networks, serving businesses throughout the San Francisco Bay Area, and nationwide, are ready to help. Contact us today.

 

 

Intranets and Small-To-Medium Business Productivity


June 13th, 2017


finger-769300_640

Many small-to-medium businesses (SMBs) have taken to hosting their own intranet to increase productivity in the workplace. For those unfamiliar with the term, “intranet” is not a typo, but rather an internal network that behaves like a private Internet. At their core, intranets help businesses improve communication, boost collaboration, and organize important information in an secure, easy-to-access location.

Intranets are considered an inexpensive solution for providing streamlined access to information and services.

Ways to Use an Intranet

A versatile tool with no specific use, an intranet can be adapted to the jobs it needs to perform. Think of it less like a 10mm socket wrench, and more like a Swiss Army Knife.

An intranet often serves as a hub where businesses can: 

More advanced intranets can host complex applications like ticketing systems, customer relationship management systems, payroll management, time clock services, and benefits enrollment.

Designing Your Intranet

According to the Worcester Business Journal, businesses should determine who will be using the intranet, what purposes the intranet will serve, and what the security needs of the system are at the beginning of the design process. From there, your business should look at all necessary applications and hardware for the platform.

Security needs can vary greatly between intranet implementations: An outward-facing intranet that holds confidential information and can be accessed online will need a login system, data encryption, and user privilege controls. On the other hand, an intranet that is used exclusively for internal reference, and is only accessible in the office, won’t require much protection beyond a Wi-Fi password.

How to Test Drive an Intranet

Your business may not want to start big with an intranet and all its accoutrements. In this case, it’s possible to test drive the concept at low cost by building an internal reference website accessible only from your in-building network. Your business can re-purpose a recently replaced or unused desktop computer to act as a makeshift server for the site.

Install the free web server software Apache on the computer, and host a website. Your company can start with hosting basic HTML pages that have links to all the important documents, policies, and contacts employees need to access, and then move on to a more robust content management system like CMS Made Simple or WordPress. Employees can access the internal site through the web browser of any computer connected to the office network.

The experts at MPA Networks, in the San Francisco Bay Area, can help your business maintain and secure your intranet and network via our IT managed services. As your intranet grows, so may your server management needs. Contact us today to learn how MPA Networks can help your business increase productivity and improve IT security.

 

 

The Cost of Memory: Trends to Impact Your Upgrade Cycle


June 6th, 2017


memory-1761599_640

Computer memory market trends could play a role in your business’s decision on when to upgrade or replace employee computers. According to PC World, the technology research experts at Gartner predict that prices for both RAM and Solid State Drives (SSDs) will start to decline in 2018—and then crash in 2019.

Unlike the typical technology price trends that drop as devices age, memory components have more volatile prices that rise and fall for the same productsIT consulting services can help your business take advantage of trends to replace or upgrade devices when the market bottoms out.

What Memory Means for Productivity

Computer RAM and storage devices like SSDs increase productivity by making computers complete tasks in as little time as possible. Having more of either than the user actually needs won’t make them more productive, but having too little can dramatically slow the work process.

  1. RAM: The computer’s main memory determines how many active applications the device can run simultaneously. When there’s enough memory, the user can quickly switch between programs with minimal load time. If the computer is low on memory, it will have to use the Hard Disk Drive (HDD) or SSD to augment the main memory, which limits the number of active applications and increases the time it takes to switch between them.
  2. SSD: SSDs offer significantly faster performance than HDDs. A computer running an SSD will boot faster and load programs much more quickly than one with an HDD. The major barrier of entry for SSDs to replace HDDs is the cost-per-gigabyte of storage, with SSDs of similar capacity costing up to four times as much.

Taking Advantage of Memory Pricing: Upgrading Old and Buying New

There are two main ways your business can take advantage of the forecasted memory price drops:

  1. Plan your upgrade cycle to coincide with the 2019 price drops.
  2. Plan to upgrade existing system RAM and SSD storage in 2019 to extend device lifespan.

Hypothetically speaking, if a small business has 12 computers coming in to an upgrade cycle in 2018 that are still performing adequately, it is probably worth waiting to see how memory prices fluctuate in 2019. If the SSD and RAM prices drop as expected, your business will get much better devices at the same price point.

Alternatively, your business can take advantage of the lower price points by upgrading in-use devices in 2019. Switching to an SSD and upgrading the RAM are two of the most cost-effective ways to breathe new life into an aging system. Well-timed upgrades can extend a computer’s viable lifespan and push back the upgrade cycle by a year or more.

Other Devices and Price Points

While dropping memory costs mean less expensive computers and cheaper upgrades, other device classes used in business probably won’t see a drop. The tablet and smartphone markets cater to specific price points, as opposed to offering the same devices at decreasing prices. If those devices are going to receive a boost, it’s going to come in the form of more storage at the same cost. However, the industry is showing signs of lowering price points, with the new iPad listed at $329 instead of $500.

If your business is looking to upgrade its computers at ideal intervals to balance productivity and cost, MPA Networks’ desktop management services can help. Contact us today to find out more.

 

 

Android and IOS: Is the Device Just Old, or Is It Obsolete?


May 23rd, 2017


clocks-33832_640

When trying to determine if a piece of technology is simply old or completely obsolete, keep in mind that there are different criteria for Android and iOS devices than for desktop and laptop computers. An employee stuck using an obsolete device is likely, after all, to argue that replacing it would increase their productivity.

On the flip side, replacing functional devices too often can spiral out of control into unnecessary expenses.

An IT consulting firm can help your business understand how long a device should remain in use, a safe time range for buying older models, and how to plan upgrade cycles.

When Does A Device Become Obsolete?

The general rule is that a device becomes obsolete about four years after its release. This means that trying to save money by purchasing older devices on the cheap may not work out well, as they are unlikely to receive updates as long as a newer device. Usually you can buy only the most recent and second most recent smartphone devices new, but older refurbished devices are readily available.

Performance Issues with Old Devices

Determining if a device is aging vs. obsolete is pretty straightforward: If the employee can still complete all necessary work with the device, it is not yet obsolete.

However, older devices often have performance issues; notably, they may operate slower than the latest models. Older devices using Android often receive updates late, too, so users won’t receive security and interface improvement patches as soon as they’re available.

When Does a Smartphone Become Obsolete?

Forbes paints a pretty grim picture of aging devices, declaring that smartphones have about two years before they’re obsolete. Still, users can typically continue on without any major problems for an additional year or two.

Once obsolete, however, many devices are prone to disruptive conditions:

  • Security updates are no longer provided.
  • Vital applications are no longer compatible with the operating system.
  • The web browser ceases to display web pages correctly.

When Does Apple Consider Devices Obsolete?

Officially, Apple considers any product more than five years old obsolete, meaning the company tends to support their devices for a little longer than Android distributors. Apple usually supports iOS devices with the latest operating system for about four years. At this point the device will not receive updates, but it will still likely work for a while longer.

The device typically hits the obsolete category when it no longer runs the most recent version of iOS. If you buy an iOS device that’s already been on the market for two years, you’ll have to plan to replace it in another two years. A one-year-old device will be good for at least three years.

How Long Can Android Users Expect Operating Upgrades?

Android devices have a two-tier obsolescence system in which system updates stop coming and applications stop working. Android is a much more difficult case to gauge because updates need to come through Google, go to the manufacturer, and then reach the phone provider.

Android users can expect operating upgrades for two years after the phone is released, and a few additional months of security updates; both are soft obsolescence moments. What finally ends an Android device’s life (or, at least, its usefulness) is application incompatibility after about four years, which is dependent on the developer. Most try to support the oldest version possible, but this is not always the case.

If you want to make sure your employees are using up-to-date devices that increase productivity, MPA Networks can provide an IT and productivity assessment. Contact us today.

 

 

7 Ways VoIP Increases SMB Productivity


May 16th, 2017


telephone-23249_640

Voice over Internet Protocol (VoIP) solutions can help small and medium businesses  increase productivity by enhancing your communication potential. VoIP isn’t just a simple digital upgrade over your existing office analog phone service: It opens the doors for new ways to look at customer management and employee communication. A managed service provider can help your business implement numerous best practices to reap the technological benefits of VoIP.

The following list covers just some of the ways VoIP can increase productivity:

1. Share a Phone System in Multiple Locations

If your business is looking to expand to additional locations or already operates from more than one building, VoIP can help consolidate many phone-based services. VoIP can share a singular phone system across multiple geographical locations. This means your business does not need to operate things like customer support and appointment scheduling at more than one location.

2. VoIP Allows Employees to Work Remotely

If your business receives just a handful of support calls on weekends, it’s wasteful to pay an employee to sit around and do nothing for most of the day. VoIP allows employees to connect to the service anywhere there’s an Internet connection. This way, you can allow on-call employees to work from home, meaning your business only has to pay for the time you need them.

3. Voicemail-to-Email Transcription

Employees often find themselves wasting time navigating voicemail systems in search of a specific recording, and then burn through more time sitting through entire messages full of unimportant information. VoIP services open the door for voice-to-text transcription capabilities so employees can quickly locate and read a message summary. This is a much more efficient way to handle voicemail, allowing employees to respond more accurately to more messages in less time.

4. Facilitates Employee Response to Issues

VoIP is a digital system you can integrate with your customer relationship management system so your staff will immediately have information about a customer or client on hand when they call. For example, if a customer has an outstanding service ticket, the representative answering the phone will have all that information on-hand.

5. Scales to Grows with your Business

Unlike the analog systems of old, VoIP is very easy to scale with your business’s needs. Adding an extra line for an additional employee isn’t necessary, as the system can accommodate capacity as needed.

6. Video Conference for Better Collaboration

Employees aren’t limited to audio-only conversations with VoIP: It supports video conferencing. Video calls can be very effective at increasing productivity in the workplace when employees who aren’t located together collaborate on projects.

7. VoIP Cost Savings

VoIP can also help your business bottom line. According to Forbes, Utah State was able to save six figures by switching their phone system from analog to VoIP. VoIP is also easier to maintain, with fewer technical problems when implemented: Utah State saved around $120,000 annually on labor by eliminating most of the trouble tickets.

The experts at MPA Networks are ready to help your business manage your VoIP services. Make sure you are properly configured and your network is built to handle the extra traffic without slowing down other services. Contact us today.

 

 

Scheduling Security: Take Control of Your OS Updates


May 10th, 2017


update-1672385_640

It happens to everyone: You turn your computer back on after you intended to leave the office, or come in early to get a head start on a new project, only to be greeted by a 20-minute operating system (OS) update session. This common workplace frustration turns what should have been a four-minute job into a half-hour ordeal, forcing you to stay behind or defeating any time gains from starting early.

OS updates provide essential security fixes that keep your business safe, but the platforms have a knack for pushing updates at what feels like “the worst possible time.”

Here’s what you can do to remain one step ahead of your updates at all times.

Change the Default Settings

Don’t leave operating system updates on their default settings, because they’re likely to interfere with work when you need the devices. The solution to this productivity- and attitude-killing problem is to adjust the system settings to force the updates at a specified time when your team won’t need them. Other software, like Office, Photoshop, and web browsers, tend to be less of a problem, since their update sessions are usually much quicker.

Updates Are a Security Issue

The worst solution to update inconvenience is to disable automatic updates. While updates that don’t add any new features may seem irrelevant, they’re actually doing lots of work keeping you safe behind the scenes in areas like IT security and virus/malware prevention.

According to TrendMictro, malware and other security exploits tend to target known security holes that have already been closed through updates and patches. Instead of finding new exploits, it’s easier for hackers to continue to exploit the old ones and take advantage of users who do not update their computer software.

Schedule Around Work to Increase Productivity

Microsoft usually posts their updates on the second Tuesday of every month, which is commonly known as “Patch Tuesday.” However, this may not work well with your business if it disables employee computers Tuesday night or Wednesday morning. The ideal time for updates will differ depending on your business, but for the typical Monday-to-Friday 9-to-5 office, you will be best served by installing updates around 2 a.m. on Sunday morning. Devices can even be individually customized for each employee based on their personal schedule.

The IT Consulting experts at MPA Networks, serving San Francisco, San Mateo County, San Jose, and other San Francisco Bay Area cities, are ready to help your business make technology work for you, not against you. Scheduling updates is a desktop management and support issue, which IT Managed Services can deliver. Contact us today to find out how we can help you better manage your office computers.

 

 

The Three Copies Rule: Why You Need Two Backups


May 3rd, 2017


usb-932180_640

Anyone who has ever lost years of work due to computer failure will tell you that backing up your devices can save you considerable heartache and frustration. Reliable, redundant, and regular data backups are your business’s best strategy for disaster recovery—but two copies of your data may not be enough.

IT pros across the world have developed the “3-2-1” backup philosophy to maximize your restoration capacity following a data disaster.

The “3-2-1” Concept

The “3-2-1” approach is simple:

  1. Store three copies of your data.
  2. Utilize multiple storage formats.
  3. Keep one copy off-location.

TrendLabs says that having two backups of your data (meaning three copies total) is all about redundancy. IT professionals have nightmares about experiencing computer or server failure and preparing to restore the backup, only to find that the backup has failed as well. Your business can prevent this situation only by keeping two backup copies of all your important data.

We can’t stress often enough that three copies means three separate devices. Backing up data to a second hard drive in the same computer, or a connected SD card, does not count. This will only protect your data in the event that one of the hard drives breaks.

Some useful backup devices include:

  • External hard drives
  • NAS
  • Cloud storage
  • DVD/Blu-Ray discs
  • Flash drives
  • SD cards

Two Formats: Diversify Storage Media

Using different types of storage for backup improves reliability: It not only diversifies the factors that could cause the backup to fail, but also acts as an extra layer of protection. For example, if both backups are on external hard drives and exposed to a large magnet, both would be destroyed. However, a second copy stored on optical media or a flash drive would survive.

The two backup locations could include a backup external hard drive and cloud storage, or a DVD archive and an onsite NAS server. According to PC & Tech Authority, NAS servers are a great backup option for offices with several networked computers. We’ve discussed storage format longevity in previous blog posts if you need help deciding which one is right for you.

Keep at Least One Copy Offsite for “Catastrophe Recovery”

Catastrophe recovery is another way to describe a worst-case disaster recovery scenario: for instance, the hard drive didn’t fail, but a flood leveled your office, or someone stole both the computer and the backup in a burglary. In order to prevent an outright catastrophe, it’s not safe to keep every copy of your important data under the same roof.

This means, of course, that one of your backup copies should be stored in a secondary locationthe farther the better. The offsite backup could be, for example, a cloud backup, or an external hard drive stored in a bank deposit box. When working with a non-cloud, off-site solution, it helps to swap out two storage devices on a weekly basis.

If your company is looking to streamline its disaster recovery practices with IT Managed Services, contact the experts at MPA Networks today.