Before you entrust your sensitive data to a “cloud” service provider, make sure you weigh the risks with the benefits.

“Cloud computing,” largely synonymous with Internet-based computing, has become a hot topic of discussion among many in the business community, with its promise of radically simplifying the access to, and use of, computing resources on demand. It’s no wonder then that it’s been small businesses, often without full-time IT resources of their own, that have been the first to adopt the concept. As a business owner, however, before you start moving critical data to the “cloud,” you’ll do well to bear in mind the risks that come with the computing model.

First is security and privacy—ask how the service provider ensures the confidentiality and integrity of your data while in their care. Do they provide backups? Can you back up your data yourself? Are their security processes and procedures reviewed and vetted by a third party?

Next is availability. Do they guarantee the uptime of their services—7 days a week, 24 hours a day? Do they provide a service level guarantee? Do they have processes in place to handle exceptional circumstances that can disrupt services, such as a natural disaster? Is support readily available to help in case you encounter any issues?

Finally, there’s cost. While pay-as-you go can be attractive, the total cost over time can add up. It’s worth thinking two to three years out and considering the total cost versus alternatives.

Asking these basic questions can go a long way in giving you peace of mind before you entrust your valuable data and core business systems to the care of others. If you’d like some help sorting all this out and making the best decision for your unique needs, give us a call.

The continued exploit of many vulnerable applications that have been fixed by vendors for over a year highlight the need to keep software updated with the latest versions and patches.

A new report released by security firm M86 Security reveals a trend toward more sophisticated forms of malware in taking advantage of vulnerabilities in common software applications and developing techniques to avoid detection.

In M86’s report, among the applications commonly exploited are Microsoft’s Internet Explorer and Adobe Reader. Another vector for malware that hackers have been using recently is Java and Adobe’s Flash—which are installed on many PCs, often as plug-ins to most browsers.

Although the vulnerabilities in these applications have been identified and patched for over a year, failure to keep up with the latest updates have made many systems still vulnerable to attack. Our customers taking advantage of our Managed Security need not worry, since we make sure our customers’ systems are patched as soon as updates become available. Find out more about our Security Offerings today.

Mozilla implements new initiatives to ensure the security of its browser to fix the main security holes, and this brings Firefox’s latest version to 3.6.7

The Mozilla foundation, the organization behind the Firefox browser, announced recently that it has released a patch to fix many major security holes found in its software, as well as the pull out of malicious add-ons in its extensions gallery.

A new update brings Firefox’s latest version to 3.6.7, and includes fixes for nine critical issues that could potentially be exploited by hackers to launch attacks on vulnerable systems. This comes after recently pulling out a password stealing add-on called the “Mozilla Sniffer” in the Firefox extensions gallery. As a preventive measure, the Mozilla foundation has announced a US $3,000 security bounty program that for anyone who finds an eligible security bug. It has also announced that it will implement a source code review of add-ons to catch potential malware that could be injected into otherwise patched Firefox browsers.

As always, users are advised to be constantly on guard and to make sure they are using the latest updated versions of their software. Customers under our Managed Security program benefit by letting us do the worrying and updating for them, so they can focus on their business instead of their security. Not on our Managed Security program? Contact us today.

Barely a month after a Google engineer disclosed a critical vulnerability in Windows XP, hackers have taken launched an attack on vulnerable machines.

On June 10, a Google engineer disclosed a security flaw in Windows XP’s Help Center, which can potentially allow hackers to search and retrieve sensitive information from vulnerable PCs, and even turn them into “zombies:”machines that follow the commands of a remote master to perhaps download more malware or send out spam.

Recently, reports have come out that the first real exploit has emerged, with Microsoft reporting that over 10,000 Windows XP systems have already been subjected to attack. The systems attacked are based not only in the US, but also in Russia, Portugal, Germany, and Brazil.

A patch from Microsoft was released on July 13, and workarounds also exist to contain the threat, such as disabling the HCP protocol. Customers of our Managed Security services running Windows XP are assured of immediate support once the patch is rolled out, but in the meantime can take advantage of our assistance to secure systems through other means.

If you’re on one of our Managed Services plans don’t worry – you’re protected. If you’re not sure contact us to find out how we can protect your systems and network from this and other dangerous attacks.

The near ubiquity of WiFi hotspots nowadays has led to great advances in access and convenience for many. It’s also a great boon for “road warriors” who do most of their work from the field.

However, few people understand the risks of using wireless hotspots. When you go online in open networks that don’t use a password or encryption, potentially everything you send out from your computer can be seen by anyone with adequate technical knowledge. Therefore, whenever possible it’s best to connect in places where some encryption—either WEP or WPA—is employed. If that’s not available, using a VPN (Virtual Private Network) can help, which allows you to establish a secure channel of communication to your office network over the public Internet. How you use certain software is also something you should be aware of—some browsers, instant messengers, and email clients are more secure than others.

Wireless hotspots can be great when travelling on business or working on the road. Being proactive about security issues will go a long way in ensuring your safety and privacy, and we’re here to help. We can set up your machines for secure access by implementing a network VPN, consulting on software security, and much more. Contact us today to learn more.

A critical vulnerability in Windows XP has been revealed that involves the Windows and Help support center, a Web-based feature providing technical support information to end users. The vulnerability can potentially allow a remote hacker to take complete control of a victim’s machine. Systems running Windows XP and Windows Server 2003 using many major browsers, including Internet Explorer 8, are affected.

A few days after the advisory, security firm Sophos warned users of a website using the vulnerability to install malicious software on victims’ machines, and of possibly more exploits coming out soon. Users of Windows XP and Windows Server 2003 are advised to disable features within Help Center that allow administrators to remotely log onto their machines. For individual users, Microsoft has released a patch for the flaw.

Don’t know how to install the patch? Need help? Let us know! Of course our customers with Managed Services are automatically advised of these vulnerabilities, and patches are applied as soon as they are available. Contact us today to find our more.

A recent report, released by Osterman Research and sponsored by software vendor Commtouch, reports that the incidents of outbound spam is getting worse. The research firm interviewed 266 end users of internet service providers and 100 web hosting companies. Almost 40% of respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone – and the number could be far greater considering those who may not be aware that they have been listed.

RBLs tag machines or networks of machines as being sources of SPAM, causing their emails to be filtered out by many mail servers. This can result in legitimate emails not reaching their intended destination, and can victims’ reputations. In addition, having an infected machine or network of machines can waste bandwidth and slow down outbound connections.

The cause of outbound spam varies, but can including everything from compromised email accounts to “zombie” machines – machines infected with malware sending out spam unbeknownst to the user.

There are multiple ways of protecting computers and networks against the risk of outbound spam, and our Managed Services clients benefit from our proactive protection and filtering. Contact us to find out more.

The average computer and Internet user manages over a dozen passwords for various websites. You probably have passwords for your computer, your company email, your personal online email accounts, your favorite social networking websites, your twitter feed, your online bank account, your favorite online store, and more. Using the same password for everything is not very secure, but keeping track of unique passwords for each can be a pain. Here are some quick tips to help you not only create secure passwords, but also easily manage them:

Do not use real words. Words such as “password”, “god”, “love” or some other common phrase can easily be guessed at by hackers. In addition, hackers use tools that automate guessing – randomly trying words from a dictionary one at a time until it gets it right.

Hackers are employing increasingly sophisticated techniques to scam users into downloading malicious software. For instance, today’s hackers and malware authors have begun using so-called “doorway pages” – web pages optimized to rank highly in results for common search engine queries.

These pages often feature trending or hot topics to show up favorably in search results, and may contain content that has been copied from other websites. Some even employ sophisticated technology techniques to customize the page based on each individual visitor’s location, browser, and operating system – and may include a referring page to entice users further into the scam.

Internet users should be aware of these techniques, and think twice before following search results links. Fortunately there are equally sophisticated tools and techniques designed to block malicious search results. Contact us to find out how you can combat this particularly devious threat.

Related articles:

• Cyber-criminals pounce on McAfee crash story (v3.co.uk)
• The Importance Of Using Proper SEO Techniques (ronmedlin.com)

Viruses and other forms of malware can wreak untold havoc in your computer systems, which causes productivity loss and problems that affect the service you deliver to your customers. This is why subscribing to a service that maintains and prevents the spread of viruses in your system and network can go a long way in ensuring that your IT-based operations continue smoothly and efficiently.

However, viruses account for only a fraction of the problems your computer system can suffer. With many businesses such as yours relying greatly on the capabilities of their IT systems, it stands to reason that all steps must be taken to ensure that it is properly maintained and functions as effectively as possible.

One very efficient way to do this that’s getting much attention these days is Managed Services. This is an affordable and cost-effective means of making sure that your IT continues to function at optimum levels at all times.

Here’s how it works: Companies routinely experience IT-related problems that they have difficulty solving. Managed Services provides 24