January 2010

 

Greetings from “Your IT Department”!

 

Thinking of those New Year’s resolutions again? How about resolving to tighten up your network security? OurTech can help you improve your network security through automated network maintenance plans, freeing time for your key systems engineers to complete those strategic technology tasks and assisting with network access control and information security policy development. To help you further we are dedicating this month's news articles to a focus on network and information security.  Call us at 402.778.7999 for more information.

  

 

 

Adware:  Are Your Business' Computers Secure?
 Cindy Troyer, Vice President, OurTech Solutions™

 

Adware, software dedicated to displaying advertising, can really slow down any business that depends on computers. Adware promoters use some cunning tricks to get you to install their software on your machine. Here's what to look out for.
Adware is, by definition, something reasonable people don't want on their computers. That's why adware can't just come out and ask people to install it. Often, the computer owner is completely unaware of it being installed.
When adware doesn't want to sneak in through an open window, it will try to trick you into letting it in through the front door. Don't think you could be tricked? Don't be so sure until you've checked out these most common ways people have been tricked into allowing malware to be installed on their machines.

Adware Installation Trick 1: Piggybacking
How it works: malware may come bundled with a legitimate piece of software the user actually wants, such as a game or emoticon. The malware is merely labeled "companion software," without any indication of what it will do.
 
How to fight it: the fact that adware so often comes bundled with "entertainment" software is a very good reason to separate business from personal when it comes to computing. But adware can sometimes comes bundled with non-entertainment software, such as search tools or cracks of legitimate business software. Be very suspicious of any software that comes bundled with other software. Don't install software that comes bundled with other software unless you know everything that the bundled software does. After all, if the bundled program has anything to do with the program you actually want, why couldn't the software developer just get both programs' functionalities into a single piece of software? Software developers are now very sensitive to malware concerns and will provide a lengthy explanation of just why the bundled software is necessary in the cases when they actually do need to use bundled software.

 

Adware Installation Trick 2: Bait and Switch
How it works: since people are getting more and more suspicious of bundled software, the program's developers may simply label it as valuable software, for instance, a browser plugin that supposedly accelerates web browsing (but in reality only shows ads).

How to fight it: again, a suspicious mind is useful in avoiding malware. Ask yourself some questions:

What will this software actually do? Adware and adware-bundled software often come with very fuzzy claims attached. Sure, it says it will improve your browsing experience, but how? Often, this improved browsing experience just means a browsing experience with more advertising.

If the software is so great, why is it being given away free? Most commonly, software is only given out free in two cases: if it's OpenSource or simply a come-on for a fuller-featured version of the software. If neither case is true, there's a real chance the software is financed by adware.

Adware Installation Trick 3: Outright Lying
How it works: adware may even be labeled as something else entirely, such as a well-known piece of software or a crucial component of the computer operating system.

How to fight it: this is the trickiest adware of all, and requires extreme caution. You don't want to start deleting any of your program files, much less your system registry entries, unless you're absolutely sure it's malware. Plenty of overzealous parasite hunters have shot their own machines to bits this way. This is one case where you want to be using an anti-spyware program, and preferably a second anti-spyware program to provide a second opinion.

Getting Rid of Adware
Adware is so tricky that trying to uninstall it by yourself could be like a trip into the Matrix. Luckily, there are good anti-spyware programs that tackle adware as well–after all many adware programs are also spyware since they monitor your internet usage.

True, it may feel like adding insult to injury to have to install more software to get rid of software you never meant to install in the first place. But keeping your computer free of adware is just one new cost of doing business.


OurTech Solutions™ can help you with all of your proactive maintenance needs. Contact us for more information on how we can help keep your network in optimum shape at 402-778-7999 or info@ourtechsolutions.com.


Securing Your Wireless Network
 Nick Troyer, Systems Engineer, OurTech Solutions™

 

There are more and more individuals opting to work from home than ever before. The advantages to this are many including avoiding the morning and evening rush hours, being able to spend time with your kids and spouse, and doing everything on your own time. If you happen to have a wireless network in your home, it is very important that this network is secure. Somewhere out there is someone with a receiver waiting to pick up on an unsuspecting person’s wireless local area network. Their hope is to obtain sensitive information that may lead to identity theft or the theft of proprietary business information.

Most people are not technically inclined, and Internet security may not be something they are concerned about in their day to day operations. This makes most wireless LANs a great target for information predators.

Here are some general guidelines to follow in setting up your wireless network:

1. Always change the factory setting password to something difficult for someone to guess.
2. Enable 128-bit Wired Equivalency Privacy (WEP) encryption on both your router. From time to time change the WEP key entries. If your hardware does not support a minimal of 128 bit WEP encryption, then it may be time to replace it.
3. Enable client firewalls for each computer in the network.
4. Install router firmware updates as they become available.
5. Make sure the physical router is hidden so that an unauthorized person can’t reset the settings.
6. Position the physical router near the middle of the establishment as opposed to near windows to prevent others outside from receiving the signals.

7. Make sure every computer on the network has an up-to-date antivirus application installed.  Installing n anti-spyware program, such as Malwarebytes, is a good practice as well.
3. P2P programs, such as LimeWire or Kazaa, should be avoided at all costs.
These steps will help prevent any unwanted intrusions on your private data.  OurTech Solutions™ can help you with all of your proactive security needs. Contact us for more information on how we can help keep your network secure at 402-778-7999 or info@ourtechsolutions.com.

 

 

Developing An Effective Intrusion Response Plan
 Robert Troyer, CEO, OurTech Solutions™

 

Intrusions are a terrible thing to think about but they do happen, and almost daily. While a lot of small businesses don’t feel like their data is very confidential, under the laws of most states even basic corporate or personal information can be considered confidential and require a company to notify entities whose data was or has been suspected to have been compromised. However, regardless of how much personal confidential information you maintain about your customers on your servers, almost every company should have an Intrusion Response Plan. To help get you started OurTech has outlined some basic action steps in the event you suspect that your network has been compromised:

• Stop, think, remain calm and start a log summarizing the incident, describing who, what, where, why, and how.
• DO NOT contact the perpetrator.
• Use the telephone, encrypted email or other secure communications since the attacker may be monitoring email and system usage.
• Respond quickly and notify your corporate Network Administrator. Quickly engaging technical expertise is crucial in preventing further damage and protecting potential evidence.
• Contact your organization’s incident response team, your supervisor and the organization compliance officer. If not available, contact Senior Management.
• Establishing points of contact with General Counsel, emergency response staff and law enforcement are important to drive a quick, effective response.
• On compromised systems, confirm event logging is enabled. Activate and verify all diagnostic tools.
• If a malicious attack requires removal of a compromised system from the network, continue system processes to the extent possible to preserve forensic evidence.
• For suspected attacks on non-production and non-business critical systems, immediately remove the system from the network but continue system processes to preserve forensic evidence.
• Make copies of files an intruder may have altered or left using new back-up media; make a bit-by-bit back-up of the compromised system.
• Keep THREE original copies for: law enforcement, legal and technical forensic team.
• Verify the back-up!
• Initial, date and time-stamp the back-up.
• Secure the back-up in a locked, limited access environment to preserve chain of evidence control.
• Perform any analysis using a copy of the backup. Always preserve the original back-up to be used as evidence in any legal action.
• Identify a primary point of contact to handle potential evidence and protect all systems and data according to “Rules of Evidence”.
• Do not restore services to a compromised system until incident impact is understood and associated risks mitigated.
• Make a clean install and apply all patches.
• Harden each system by disabling all nonessential services.
• Limit access to systems on a “need to know” basis
• Enable event logging and establish monitoring / reporting processes to identify new attacks.

After completing the incident response program, assemble the incident team and carefully consider adjustments to your information security program. This program should include a comprehensive risk assessment and cost justified prioritization of remediation activities. OurTech can assist you with addressing a more fully developed incident response plan or other information security and acceptable use policies. For more information, please contact us at: 402-778-7999 or info@ourtechsolutions.com.

Newsletter Archive