alt tag

Posts Tagged ‘security’

Spectre and Meltdown: Valuable Lessons for Your IT Security Team

Monday, February 12th, 2018

At the end of 2017, the world learned about Spectre and Meltdown: two far-reaching security threats that exploit how CPUs work to expose protected information on nearly every recent PC, server and smartphone. Hackers can use these exploits to do things like steal passwords and other protected private information stored in a computer’s memory through programs such as a web browser.

These vulnerabilities essentially affect every computer, including Macs, iOS devices and Chromebooks.

Hardware and software manufacturers are hard at work fixing the vulnerabilities, but it is up to the end users to make sure the fixes go through.

How the Exploits Work

Spectre seizes the ultra-fast memory on the CPU itself, known as the CPU cache. CPUs use processes called “Branch Prediction” and “Speculative Execution” to guess the most likely upcoming instructions from branches in a program to speed up performance. Spectre attacks manipulate those processes to push data from protected memory into the cache then load that pushed data from unprotected memory. The exploit identifies protected information because it loads faster from the cache.

Meltdown exploits a flaw in processor privilege escalation that allows executed code to get access to protected memory. Essentially, Meltdown breaks the isolation between the application and the operating system. Meltdown is the easier to exploit, but the easier to fix of the two.

What It Means for IT Security

IT security staff needs to make sure that all devices impacted by Spectre and Meltdown are properly updated to mitigate the threat. For the most part, this means staff needs to take some key steps: apply the operating system patches, install firmware updates, update web browsers and update other software that works with secure data, all while keeping the antivirus active.

In many cases, it means just staying out of the way, as Windows and MacOS devices will automatically install the updates. According to Microsoft, end users mostly just need to make sure Windows Update is active. However, some anti-virus programs may block patches and others aren’t compatible with the updates, so IT staff will need to find an alternative option to update those devices.

The Damage Done

Fortunately, Spectre and Meltdown haven’t led to any major security breaches, but researchers have identified more than 130 instances of malware designed around related exploits. So far, related malware seems to be proof-of-concept attempts rather than attacks.

At this point, most of the damage comes from performance degradation associated with the security updates. Both Spectre and Meltdown exploit techniques used to improve CPU performance, so closing those vulnerabilities often involves disabling those techniques. In particular, Windows-based systems running 2015-era Intel Haswell or older CPUs may experience performance drops, with older operating systems being more likely to show symptoms.

However, the performance loss isn’t consistent and can vary between 2 and 14 percent depending on the task. Some processes are affected more than others, with “privileged” processes seeing the most slowdown. Your IT staff should be concerned about this if your business is running virtual machine clusters. The performance loss may mean a hardware update is in order.

MPA Networks offers valuable services such as desktop management that can help your business avoid the pitfalls of Spectre and Meltdown by keeping your computers updated and secure. Contact us today to learn more.

Do You Have a Crisis Management Plan for a Cyberattack?

Thursday, February 8th, 2018

A cyberattack crisis management plan is your business’s best defense for minimizing cyberattack damage after technology-based preventative measures have failed. Unfortunately for most businesses, cyberattacks are not a matter of if, but a matter of when. Establishing a crisis management plan can help your business minimize data compromise, limit attack scope, decrease recovery time and reduce harm to your reputation. Having a plan in advance means your operation can immediately get to work on containing the attack when it occurs rather than allow it to incur further damage while you scramble to develop a plan during the breach.

What Threats Do Cybersecurity Attacks Pose?

Cybersecurity attacks aren’t going away. According to CBS, as of 2015, criminals contributed to 1.5 million annual cyberattacks. These attacks can have major repercussions for a business.

According to IBM, the average breach costs a business $3.6 million.

Some attacks can lead to massive fallout that can put a business in financial trouble. In 2016, there were 15 breaches that exposed more than 10 million identities, Symantec reports.

The technical side of preventing cyber-attacks is an ongoing cat-and-mouse game. The tech industry pushes to close security holes as soon as — if not before — hackers find and exploit them. Hackers like to take advantage of businesses that haven’t applied software patches to close established security holes.

Malware, ransomware, botnets, IoT vulnerabilities and email phishing were all major threat sources in 2017. In particular, ransomware is a growing problem because businesses are paying more than $1,000 on average to recover “locked” data. Many of these payouts could have been avoided by implementing proper crisis management and disaster recovery plans in advance. While big businesses offer big targets, SMBs still need to protect themselves from attacks.

What Your Plan Should Contain

A cyberattack crisis management plan revolves around three main elements: preparation, response and recovery. Every step is crucial, because a poor response can actually make the situation worse. According to WIRED, Equifax’s management response could have stopped the problem before it started in their major 2017 breach, if they had not done such a poor job. Here’s what to consider:

  • Prepare: Your business should prepare for extreme-level attacks in advance. Part of this process involves creating a response team with key players from all necessary departments. The plan should include what each group needs to do in the event of an attack. The crisis response team should take action to plug major known security holes as they are discovered to prevent a breach.
  • Respond: The response team should identify the attack, secure the compromised systems, and investigate the cause of the breach in that order. Next, the team should take action to prevent further attacks that exploit the same or similar security holes.
  • Recover: The cycle continues after your business contains the threat. The response team should next work to minimize public damage and repair customer trust. According to a 2011 Ponemon Institute study, larger businesses say they averaged $332 million in diminished business value following a customer data breach.

The disaster recovery experts at MPA Networks can be a vital part of your business’s crisis management plan. Our experts can help your staff gets back to business as usual as quickly as possible. Contact us today to find out how we can help.

Does Fintech Pose a Threat to Cybersecurity at Financial Services Companies?

Monday, January 29th, 2018

Financial services companies should embrace a healthy dose of caution when implementing new fintech in their business. Fintech, or any technological innovation in the financial sector, is not inherently more or less secure than any other new technology, but because it works with substantial sums of money, it is a common target for hackers and would-be criminals. Financial services companies need to keep up with innovations in how people transact business including cryptocurrency, digital cash, blockchain technology, smart contracts and open banking in order to remain competitive. Therefore, it’s vital that companies working with fintech pay close attention to risk mitigation and security.

Fintech Is Growing

Bitcoin is likely the best-known and most publicly discussed story in fintech today. It’s an excellent topic for discussion because it’s well known outside of the financial industry for both its potential and problems. Bitcoin shows its potential with its fluctuating value, starting at just pennies a coin and reaching a peak value of over $15,000 USD as of early 2018. However, Bitcoin also has a high-profile case of the risk associated with new technology: the 2014 MtGox theft, which resulted in more than $800,000 in stolen Bitcoins.

As of early 2018, fintech startups continue to proliferate and innovate. Fintech startup funding reached $17.4 billion in 2016 and was on track to surpass that for 2017.

According to CB Insights, there were 26 venture-capitalist backed fintech firms with a combined value of $83.8 billion in Q2 of 2017.

Fintech is chipping away at the traditional financial institution, so the traditional businesses need to embrace it in order to remain competitive. Consumer demand drives financial services companies to use these new technologies; however, it’s the businesses that shoulder security risks.

Security Vulnerabilities Thrive in Fast-Growth Environments

Fintech’s incredible level of success is the very reason it’s a cybersecurity threat at financial services companies. With such a large number of innovations being adopted in the financial services industry, it’s inevitable that some technology won’t have sufficient security in place. If the vulnerabilities exist, it’s only a matter of time before hackers will find and exploit them. Because there are so many players with so much money on the line, it could lead innovators to push technology to the market as fast as possible at the expense of proper security development. Enterprise Innovation cites a survey respondent who expresses concern that the financial services industry can’t keep pace with how quickly fintech is evolving.

Unfortunately, there’s no easy way to cover all the possible threats that can come from new fintech — because those threats don’t exist until the technology exists. However, financial services companies must ensure they employ proper security practices. Firms need to use fintech platforms securely and ensure devices are always running the latest versions of software for security purposes. Additionally, businesses should be prepared for problems outside of their control with insurance. The 2017 Equifax hack is a warning sign for any business that wants to skimp on security, because it shows exactly how destructive the financial hacks that exploit poor security can be.

MPA Networks offers extensive experience and incredible expertise in providing IT service and support to financial services. If your business is expanding into fintech use, contact us today to learn more about how we can enhance the safety of your information and your customers.

Four Security Threats Your Company Could Face in 2018

Tuesday, January 16th, 2018

Hot off the tail of the massive 2017 Equifax breach that exposed personal information of 143 million customers, businesses are on high alert concerning IT security in 2018. While the IT security industry has been successful in mitigating and cracking down on many common threats, hackers are finding new ways to exploit devices that haven’t received as much attention and protection as PCs and servers have. Trends indicate that your company could be looking at security threats from previously ignored devices and sources in 2018. Be on the lookout for the following threats this year.

1. Missing Windows Updates Over Incompatible Antivirus Software and the Meltdown-Spectre Fix

This is one security threat your company could already be facing: There’s an inherent flaw in the way modern CPUs by Intel, AMD and ARM handle data that can be exploited to leak information. This is a substantial problem because it stems from the hardware as opposed to the software, and fixing it can negatively impact device performance. To make matters worse, some types of antivirus software conflict with Microsoft’s fix. If your business is using one of those incompatible programs, you need to switch to a compatible option to continue receiving Windows Updates as of January 2018. Those Windows Update patches are vital to keeping your company’s computers safe.

2. Internet of Things Devices Become a Bigger Threat

As of 2017, there were 17.68 billion IoT-connected devices, and that number is expected to grow to 23.14 billion in 2018.

Your office may interact with devices like an Amazon Echo, a smart thermostat and dozens of smartwatches. These are all IoT devices that could be the targets of security attacks.

These devices can be used to piggyback onto your office network. Additionally, DDoS attacks from hijacked IoT device botnets could be an even bigger threat in 2018.

3. New Devices Are Targeted

Ransomware is for more than just computers now. In 2018, IoT devices could be the next major target for hackers using ransomware to get your business to fork over payment to regain control. A workplace that’s lost control of the thermostat because of ransomware might be highly motivated to pay. Hackers may also be looking to exploit security holes in your office router and modem, as these devices are often neglected when IT staff applies regular security updates. Hackers often exploit the fact that many users don’t change the default password on these devices.

4. Watch out for Mobile Malware

The growing mobile device user base is making the Android and iOS platforms much more attractive targets for hackers over the traditional PC targets. According to Kaspersky, Android devices are more vulnerable to malware, but attacks are easier to identify and fix. While iOS devices are more secure, it’s much harder to tell if a device has been compromised.

Keeping up with IT security in your workplace is your best bet to avoid disastrous breaches and downtime. Our IT consulting experts can help your company identify and protect its security weak points. Contact us today.

HTTPS: Securely Sending Personal And Private Information

Thursday, December 28th, 2017

Avoid costly data security breaches by training your staff to check for secure connections when handling private information on the Internet. Secure Hyper Text Transfer Protocol, or HTTPS, is a technology legalhealthcare, and financial businesses use to protect confidential client information safe on the Internet. Hackers do not have to go to much trouble to intercept non-encrypted website communications, especially when a target is using public Wi-Fi networks. Therefore, it’s essential employees make sure they’re using encrypted HTTPS instead of HTTP when working with confidential information like uploading patient information to a website or sending a record of financial information to a client.

Defining HTTP and HTTPS

HTTP is a data transmission method web browsers and website servers use to communicate with each other; HTTPS is a version of the protocol that encrypts communication for extra protection. Simply put, HTTP and HTTPS are the communication protocols Internet-connected devices use to “talk” to websites.

Checking for Protection

Websites and browsers make determining if a connection is secure straight-forward. HTTPS applies to individual connections, so every open tab has its own security configuration. The easiest way to check if a page is running an HTTPS connection is to look at the address bar:

  • if the URL starts with HTTPS:// it is a secure connection
  • if the address reads HTTP:// the page is not running a secure connection

However, manually checking can be tedious, so modern web browsers are built to make confirming if a page is secure easy.

For example, Google Chrome and Mozilla Firefox will display a green padlock icon at the start of the address bar when HTTPS is present; both browsers will display warning icons if the connection’s security is in question or the website is a known danger.

Plugins like HTTPS Everywhere provide additional security by forcing HTTPS connections whenever possible.

When HTTPS is Necessary (and when it isn’t)

Train employees to recognize that HTTPS is necessary whenever they are using a service with login credentials, are uploading confidential files, or are filling out forms with private information. However, HTTPS can actually make web browsing worse when it’s being used unnecessarily.

With HTTPS providing a seemingly simple fix for a large share of security woes on the Internet, it might seem negligent for sites to continue using regular HTTP. Unfortunately, HTTPS comes with several caveats including increasing connection latency and disabling caching which contribute to longer load times. If someone is just browsing a news site or reading a public blog, there’s no confidential information being sent so HTTPS increases the load time to protect nothing. By eliminating caching, people accessing the site need to go through the original hosting server instead of a possible closer-located CDN server which could substantially increase loading times for users outside of the hosting region. Additionally, HTTPS hosting costs more than HTTP hosting.

If your business is looking to improve its Internet security practices, the IT Consulting experts at MPA Networks can help. Contact us today!

Android and IOS: Is the Device Just Old, or Is It Obsolete?

Tuesday, May 23rd, 2017


When trying to determine if a piece of technology is simply old or completely obsolete, keep in mind that there are different criteria for Android and iOS devices than for desktop and laptop computers. An employee stuck using an obsolete device is likely, after all, to argue that replacing it would increase their productivity.

On the flip side, replacing functional devices too often can spiral out of control into unnecessary expenses.

An IT consulting firm can help your business understand how long a device should remain in use, a safe time range for buying older models, and how to plan upgrade cycles.

When Does A Device Become Obsolete?

The general rule is that a device becomes obsolete about four years after its release. This means that trying to save money by purchasing older devices on the cheap may not work out well, as they are unlikely to receive updates as long as a newer device. Usually you can buy only the most recent and second most recent smartphone devices new, but older refurbished devices are readily available.

Performance Issues with Old Devices

Determining if a device is aging vs. obsolete is pretty straightforward: If the employee can still complete all necessary work with the device, it is not yet obsolete.

However, older devices often have performance issues; notably, they may operate slower than the latest models. Older devices using Android often receive updates late, too, so users won’t receive security and interface improvement patches as soon as they’re available.

When Does a Smartphone Become Obsolete?

Forbes paints a pretty grim picture of aging devices, declaring that smartphones have about two years before they’re obsolete. Still, users can typically continue on without any major problems for an additional year or two.

Once obsolete, however, many devices are prone to disruptive conditions:

  • Security updates are no longer provided.
  • Vital applications are no longer compatible with the operating system.
  • The web browser ceases to display web pages correctly.

When Does Apple Consider Devices Obsolete?

Officially, Apple considers any product more than five years old obsolete, meaning the company tends to support their devices for a little longer than Android distributors. Apple usually supports iOS devices with the latest operating system for about four years. At this point the device will not receive updates, but it will still likely work for a while longer.

The device typically hits the obsolete category when it no longer runs the most recent version of iOS. If you buy an iOS device that’s already been on the market for two years, you’ll have to plan to replace it in another two years. A one-year-old device will be good for at least three years.

How Long Can Android Users Expect Operating Upgrades?

Android devices have a two-tier obsolescence system in which system updates stop coming and applications stop working. Android is a much more difficult case to gauge because updates need to come through Google, go to the manufacturer, and then reach the phone provider.

Android users can expect operating upgrades for two years after the phone is released, and a few additional months of security updates; both are soft obsolescence moments. What finally ends an Android device’s life (or, at least, its usefulness) is application incompatibility after about four years, which is dependent on the developer. Most try to support the oldest version possible, but this is not always the case.

If you want to make sure your employees are using up-to-date devices that increase productivity, MPA Networks can provide an IT and productivity assessment. Contact us today.

The Three Copies Rule: Why You Need Two Backups

Wednesday, May 3rd, 2017


Anyone who has ever lost years of work due to computer failure will tell you that backing up your devices can save you considerable heartache and frustration. Reliable, redundant, and regular data backups are your business’s best strategy for disaster recovery—but two copies of your data may not be enough.

IT pros across the world have developed the “3-2-1” backup philosophy to maximize your restoration capacity following a data disaster.

The “3-2-1” Concept

The “3-2-1” approach is simple:

  1. Store three copies of your data.
  2. Utilize multiple storage formats.
  3. Keep one copy off-location.

TrendLabs says that having two backups of your data (meaning three copies total) is all about redundancy. IT professionals have nightmares about experiencing computer or server failure and preparing to restore the backup, only to find that the backup has failed as well. Your business can prevent this situation only by keeping two backup copies of all your important data.

We can’t stress often enough that three copies means three separate devices. Backing up data to a second hard drive in the same computer, or a connected SD card, does not count. This will only protect your data in the event that one of the hard drives breaks.

Some useful backup devices include:

  • External hard drives
  • NAS
  • Cloud storage
  • DVD/Blu-Ray discs
  • Flash drives
  • SD cards

Two Formats: Diversify Storage Media

Using different types of storage for backup improves reliability: It not only diversifies the factors that could cause the backup to fail, but also acts as an extra layer of protection. For example, if both backups are on external hard drives and exposed to a large magnet, both would be destroyed. However, a second copy stored on optical media or a flash drive would survive.

The two backup locations could include a backup external hard drive and cloud storage, or a DVD archive and an onsite NAS server. According to PC & Tech Authority, NAS servers are a great backup option for offices with several networked computers. We’ve discussed storage format longevity in previous blog posts if you need help deciding which one is right for you.

Keep at Least One Copy Offsite for “Catastrophe Recovery”

Catastrophe recovery is another way to describe a worst-case disaster recovery scenario: for instance, the hard drive didn’t fail, but a flood leveled your office, or someone stole both the computer and the backup in a burglary. In order to prevent an outright catastrophe, it’s not safe to keep every copy of your important data under the same roof.

This means, of course, that one of your backup copies should be stored in a secondary locationthe farther the better. The offsite backup could be, for example, a cloud backup, or an external hard drive stored in a bank deposit box. When working with a non-cloud, off-site solution, it helps to swap out two storage devices on a weekly basis.

If your company is looking to streamline its disaster recovery practices with IT Managed Services, contact the experts at MPA Networks today.

This Is the End: Microsoft Takes a Hard Stance on Phasing Out Older Windows Versions

Tuesday, April 11th, 2017


If your business hasn’t already made the switch from Windows 10’s predecessors to a new operating system, it’s time to make the initiative a priority. While your IT staff doesn’t need to upgrade every computer in your office, it’s necessary to make sure all vital software is compatible with Windows 10 because new replacement devices won’t fully support older Windows versions.

According to ZDNet,

computers running Intel’s 7th-generation Core CPUs and AMD’s Ryzen CPUs will no longer receive operating system updates for Windows 7 and 8.

Without updates, you are likely to experience IT security issues.

The Writing Is on the Wall

The change does not affect computers built and purchased before the last few months of 2016, but it matters for any new computer running new hardware. Back in January of 2016, Microsoft announced that new CPUs will only be compatible with Windows 10, so anyone looking to buy new hardware and put an older version of Windows on it is out of luck. However, Microsoft will continue to support Windows 7 and 8, with extended support for security updates through 2020 and 2023 respectively.

Plan Your Transition: Business Continuity Concerns

This change in policy means that moving over to Windows 10 will eventually be the only option. Your business should begin to develop a migration strategy with the help of IT consulting services to phase in Windows 10 devices as you replace older systems running incompatible hardware. Also, if your business plans to look into other options like Macs and Chromebooks, this is the perfect time to do it.

Make sure to consider these issues in your transition away from older versions of Windows:

  • Run a pilot Windows 10 system to ensure continuity for your existing work environment. Test your employees’ daily workflow on this system.
  • Install all the software your business uses on this system and see if it works with Windows 10. Your tests may identify legacy software that’s no longer supported but that you’re currently using for important operations. This can lead to expensive, painful transitions to replacement software.
  • Adjust your upgrade strategy to accommodate your findings. This could involve changing the schedule to allow more time for employees that run incompatible software to work out a solution. It’s most efficient to plan to upgrade to Windows 10 upon device replacement; however, if your tests don’t find any problems, you may opt to upgrade existing systems early. Note that the Windows 10 free upgrade period ended in July 2016.

Legacy Software Concerns

Your company may find that some of the software you’ve been using for the past 15 years without any problems will not work under Windows 10, which puts your business in a difficult position. Replacing software that’s vital to day-to-day operations can be a very disruptive process. Managed services providers can help your business devise a contingency plan to keep the old software running, but it’s a best practice to migrate to a contemporary solution eventually. There are a few options your company has to keep those older systems running so you can keep using the old software, including upgrading/repairing the old systems and running older versions of Windows through a virtual machine.

The experts at MPA Networks are ready to help your business find its best OS solution to balance productivity with security. Contact us today.

Mac- and Linux-Based Malware Targets Biomedical Industry

Tuesday, March 14th, 2017


The malware infection, discovered in late January, that’s been hiding out on Mac and Linux devices for more than two years doesn’t mean the security floodgates are open, but it is a reminder that these devices aren’t invincible. Apple is calling this new malware “Fruitfly,” and it’s being used to target biomedical research. While not targeted for Linux devices, the malware code will run on them.

This attack may hit a little too close to home for those industries MPA Networks specializes in protecting, including healthcare and biotech. That makes this a good time to reexamine security best practices for devices that aren’t commonly targeted for attacks.

Attacks Are Rare, But Not Impossible

Broadly speaking, any device that isn’t running Windows has benefited from a concept called “security through obscurity,” which means hackers don’t bother going after these devices because of a smaller market share.

Mac OS X and Linux provide more secure options than Windows for various reasons, but neither is an invincible platform.

Every so often, hackers strike the Mac community with malware—and when the attacks are successful, it’s typically because users don’t see them coming. The lesson here, of course, is to never let your guard down.

You may not need an active anti-virus program on a Mac, but occasional anti-malware scans can be beneficialAccording to Ars Technica, “Fruitfly” uses dated code for creating JPG images last updated in 1998 and can be identified by malware scanners. Anti-malware programs like Malwarebytes and Norton are available for Mac devices. MPA Networks’ desktop support and management can also improve user experiences on non-Windows devices.

Keep Your Macs and Linux Machines Updated

The old IT adage that says “keeping your programs updated is the best defense against security exploits” is still true when it comes to Mac OS X. While Mac OS X upgrades have been free or low-cost for years, not everyone jumps on to the latest version right away. For example, less than half of Macs were running the latest version of the OS in December of 2014. This means all the desktop and laptop devices running older versions of Mac OS X are exposed to security holes Apple patched with updates.

Typically, Apple only supports the three most recent versions of their operating system, which usually come in annual releases. Your workplace computers should, at the very least, be running a version still supported by Apple. The good news is that Apple quickly issued a security fix to address Fruitfly. The bad news? This isn’t the first Mac OS vulnerability malware has managed to exploit, and it won’t be the last.

The IT consulting experts at MPA Networks are ready to help your company find the right tools to increase productivity and improve security on all your office devices. Contact us today to get started.

8 Spring Cleaning Tips for Your Office Computers

Wednesday, March 1st, 2017


When it comes to your office computers, a little bit of spring cleaning goes a long way. Sure, cleaning office computers can seem tedious. But think of it like preventative maintenance on a vehicle: In the best-case scenario, you’ll never know all the breakdowns you avoided.

Keeping your office computers clean and healthy minimizes your risk of downtime and increases productivity.

Here are 8 tips for your next round of spring cleaning:

1. Update All Software

Run updates and patches for the operating system, commonly used programs, and security software on every system. Program and operating system updates don’t just add features; they’re loaded with security updates that keep your devices safe. Most problems with computer security exploits stem from outdated software that allows hackers to break through established breaches that the developer already closed, so running updates and patches is your best line of defense.

2. Run a Full Anti-Virus Scan

After updating all the software on the computer, run a full anti-virus scan to catch any malicious software hanging out on the device. Active anti-virus protection does a good job of safeguarding the system against infections, but sometimes malware slips through the cracks.

3. Run a Full Anti-Malware Scan

Anti-virus programs go after specific, high-risk malware infections, meaning lower-level malware can still find its way onto your computers. Anti-malware programs including Malwarebytes and Spybot are better equipped to identify and remove malware that the anti-virus misses.

4. Defragment the HDD

Older PCs with traditional Hard Disk Drives (HDDs) may experience load time improvements from an annual drive defragmentation. However, newer Windows systems—and all currently supported Mac OS versions—handle this process in the background, so you don’t need to worry about it. If the computer is running a Solid State Drive (SSD), do not bother with the defragmentation process.

5. Remove Unnecessary Launch Programs

It may seem like every program installed on your computer wants to launch itself at startup—even those you rarely use. Removing unnecessary programs from the system startup can help improve performance and reduce login times. Windows 10 features a handy “Startup” tab on the Task Manager that lets users quickly toggle which programs launch with the system.

6. Check and Create Restore Points

Restore points can be a major time saver in returning a compromised computer to full operation. Restore points reverse most of the damage caused by malware and bad configurations, all with minimal effort. Check whether the computer is already using them, and create one if it isn’t.

7. Run a Full Backup

Backups are like restore points for when very bad things happen to a computer. It’s best practice to make at least two backups of a given computer’s files, and store them in different physical locations. This ensures that in the event of catastrophic loss, all the data saved on the computer up until the backup point is preserved. Mashable recommends verifying if automated backup services like Time Machine and Windows Backup and Restore are actually working.

8. Bust Dust on Desktops

This part of the spring cleaning process is literal. As we’ve previously discussed, excessive dust inside a computer obstructs airflow, which can cause crashes due to overheating and even damage components. CNET has a helpful guide on how to go about the dustbusting process.

A little spring cleaning makes for a more efficient office and stronger disaster recovery. The expert desktop support and management staff at MPA Networks is ready to help your workplace in San Mateo, San Francisco, the South Bay, and other Bay Area cities implement better practices. Contact us today for more information.