Blog

December 11th, 2014

VoIP_Dec11_AIt's the holiday season, and regardless of the industry you work in, or where you are located, there is a good chance that during this busy time your phone systems will see an increased load. It seems that as the year comes to a close people want to communicate more, and so you need to ensure that your VoIP systems can handle the increased volume.

Establish VoIP system monitoring

Before you know whether your systems are ready for an increased call volume, you should establish monitoring tools that allow you to keep track of call volumes and how the systems hosting your VoIP solution are faring. If you notice that a spike in call volume during peak hours leads to decreased call quality, or perhaps an increased load on systems, then it may be a good idea to invest in a new solution that can help carry this extra burden.

Because this is the holiday season, and your staff and even IT providers may be away on leave, a monitoring solution can be helpful in predicting when issues may arise. You and your IT team can then help prepare for an increase in call volume and any problems that may crop up when they are away from work. This ensures that your systems won't go down when you need them most.

Check your VoIP equipment

Sometimes, problems with VoIP don't have anything to do with your service provider or even the underlying servers that host the solution, but the physical VoIP lines and phones themselves. One common issue with VoIP is that if equipment is too close to other VoIP equipment, you may see a degradation in call quality.

Therefore, you should take care to ask your employees if they have noticed lower call quality lately, especially if two VoIP devices are close to one another. If there have been issues, moving them further apart should clear this up.

Beyond this, take the time to inspect all cables and connections to ensure they are in good condition and able to deal with the increased wear and tear the holiday season can bring. If equipment is looking a little past it, now may be the time to look for new devices and solutions that can help boost your communications.

Set data priorities on your router

Most modern business routers have an important feature called QoS, or Quality of Service. This allows users to set bandwidth limits for different activities and even create priority lists. Because you will likely be getting more calls during the holiday season, it is a good idea to ensure that the extra bandwidth will be there when you need it.

Because your router is also in charge of assigning bandwidth to your VoIP solution, using the QoS feature is a good way to ensure that calls are receiving the bandwidth they need to remain clear. Take a look at the way data and bandwidth is being used in your network and set limits on non-essential activities that may be using higher amounts. For example, it may be a good idea to reduce the bandwidth assigned to streaming services and apply the extra percentage to your VoIP solution.

Work with an IT partner

These tweaks and updates can be time consuming and a bit of a chore to carry out, especially if you are not a tech expert. What we recommend is contacting us, so our VoIP experts can work with you to ensure your network is configured for the higher call volume, equipment is working, and servers are ready. We can even offer suggestions on better systems that can improve communications while reducing costs. Be prepared for the holiday season, contact us today.
Published with permission from TechAdvisory.org. Source.

Topic VoIP General
December 10th, 2014

iPhone_Dec08_AIf you have an iPhone that you use for business it can be tempting to be constantly connected, after all, the device and various apps are designed to give users the ability to do almost anything. While this is great for business, it may not be ideal for a healthy work-life balance or if you really need to concentrate on a specific task. Luckily, if you have iOS 8 installed on your device there is a useful feature, called Do Not Disturb, that could help promote a break from your phone.

What is Do Not Disturb?

Do Not Disturb is a handy iOS 8 feature that when enabled, silences all notifications, calls, and alerts that you usually get coming through when the device is locked. You can either turn it on and off manually, or schedule a time for when it is to be activated. If your device is unlocked, e.g., you are using it, notifications will usually still trigger.

Turning Do Not Disturb on

To turn this feature on simply:
  1. Slide up from any screen on the device to open the Control Center.
  2. Tap on the crescent moon icon at the top of the Control Center.
This will turn on the Do Not Disturb feature. You should see a crescent moon icon appear in the menu bar at the top of your device's screen indicating the feature is activated. To turn it off, open the Control Center and tap the crescent moon icon again so that it disappears from your screen.

Setting a Do Not Disturb schedule

If you would like to schedule a time where your device automatically puts itself into Do Not Disturb mode, simply:
  1. Open the Settings app on your iPhone.
  2. Tap on Do Not Disturb.
  3. Slide the radio beside Scheduled to On (green).
  4. Set a time to enable this feature.
As with the manual triggering of this feature, you will see a crescent moon icon in the top menu bar of your device when it is active.

Changing feature settings

If you tap on Settings and then select Do Not Disturb you will also be able to tinker with the settings related to this feature. The options you will see include:
  • Manual - Allows this feature to be manually enacted via the Control Center.
  • Scheduled - Schedule a time when this feature will be automatically enacted.
  • Allow Calls From - Pick which contacts to allow calls and notifications from so that these sound even when Do Not Disturb is active.
  • Repeated Calls - Set whether multiple calls in a short amount of time will ring when the feature is active. If enabled, two calls from the same person in less than three minutes will cause the device to ring.
If you would like to learn more about using the iPhone for business, please contact us today to see what difference we can bring to your business.
Published with permission from TechAdvisory.org. Source.

Topic iPhone
December 3rd, 2014

iPad_Dec2_AAs we enter the holiday season, there is a good chance that many iPads will be given as gifts from loved ones and even from companies. While these devices do make great presents, if you receive one but already have your own device, then you will need to know how to authorize it on iTunes. So, if you receive a new iPad to replace an old one this festive season, here's what you need to do.

First, understand what authorizing your device is

When people and Apple experts talk about "authorizing your device", what they really mean is linking it with iTunes and the account you use for this on your computer. Once you do this, you can download already-purchased media and apps onto a new device without having to pay for the content again.

The way iTunes works is that there is usually a limit on how many devices you can download apps and media onto at the same time. Any purchases can be installed on 10 devices or five computers via iTunes at the same time. If, for example, you have an existing iPad for which you have already purchased apps via iTunes, and you receive a new device, you will need to authorize the existing iPad before you are able to download apps onto this new one.

If you have more than 10 devices or five computers authorized and want to add another, you will need to first deauthorize one device. Similarly, if you are giving an iPad away, it is a good idea to make sure it is deauthorized before you give it away or the new user may have access to your iTunes account.

Second, how do you deauthorize an existing device?

This process is actually fairly easy, but you will need to do it from the PC or Mac you use to sync your iPad with iTunes. To do this:
  1. Launch iTunes on a computer that it is installed on and log into the account you use to purchase apps for your devices.
  2. Click on your name. This is located at the top-right of the window. If you see Sign In, click that and log into the account you use on your iPad.
  3. Select Account info from the drop-down menu.
  4. Enter the password for your account.
  5. Scroll down and click on Manage Devices which is under iTunes in the Cloud.
  6. Click Remove beside the device you would like to deauthorize.
  7. Press Done.
When you do this, the apps you've paid for should either be deleted automatically from the device, or become inaccessible the next time the device syncs with iCloud (which is responsible for linking devices in iTunes).

How do you authorize your new device?

If you receive a new device this holiday season, authorizing it is as simple as logging into your Apple account using the username and password you have used in the past to purchase apps and media.

Once this is done, go into the App Store on your new device, log in, if you haven't already done so, and tap on Purchased. You should be taken to a list of all apps and media that you have purchased and which are still available on the App Store. Tapping on any of the apps and then hitting Download will install the selected app on your new device. If you are above the limit of devices on your account, you will see an error message telling you there are too many devices with the app installed. You will then need to deauthorize an older device before proceeding.

If you would like to learn more about your new iPad, or how Apple products can be used in your business, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic iPad
December 3rd, 2014

Security_Dec01_ASpend even a small amount of time looking at the various massive malware threats out there and you will find that security experts are usually able to figure out who developed it, the intended targets, and where it is most prevalent. In early November, news broke about a mystery security threat called Regin that has been around for years, but which experts seem to know comparatively little about. Many business owners are worried about Regin, but should they be?

What exactly is Regin?

What is most interesting about Regin is that a number of security experts seem to not really fully understand it. They know that it exists, they know it is complex, and they know it is one of the most advanced pieces of malware ever created. But, they don't know what exactly it does, or where it comes from.

What we do know is that Internet security firm Symantec is credited with first bringing Regin to public attention, and that it has been around since at least 2008. So far, the company has said it is similar to the Stuxnet virus that was supposedly developed in (or by) the US and used to attack and subvert the Iranian nuclear program.

Regin is known to infect Windows-based computers and at its core is a backdoor trojan style of infection. From detected infections it is looks like the purpose of the malware is not to steal information but to gather intelligence and facilitate other types of attacks.

What makes this malware so powerful and disturbing is that it is much more advanced than other infections. Using various encryption methods it can hide itself extremely well, making it difficult to detect. It can also communicate with the hacker who deployed it in a number of different ways, thus making it a challenge to block or stop. As a result, it is far from easy to actually figure out what exactly this malware is doing and why.

Who has been infected?

According to various security experts we have been able to compile a list of companies and organizations that have been targeted to date. These include:
  • Telecommunications companies
  • Government institutions
  • Financial companies
  • Research companies
  • Individuals and companies involved in crypto-graphical and mathematical research
At the time of this article, no known attacks have been carried out against companies in the US, Canada, or the UK. The main countries targeted so far have been Russia and Saudi Arabia, along with a smaller number of infections in Malaysia, Indonesia, Ireland, and Iran. A total of 10-15 countries have been targeted since the malware was first discovered in 2008.

Is this a big deal for my company?

Just because your company is operating in a country that hasn't been affected thus far, doesn't mean that you aren't at risk of being attacked by this malware in the future. If you operate in any of the industries or sectors listed above, you could still be at risk, especially if you do business with clients in infected regions.

For now, however, it appears that Regin is only infecting larger government bodies and large companies outside of North America and much of Europe, so the chances of you being infected are relatively low. Although as with any threat, this can change at any moment.

What we recommend is that you ensure your antivirus and antimalware solutions are kept up to date and always switched on. You can rest assured that eventually experts will learn more and block this malware from infecting systems. Beyond this, working with an IT partner, like us, who can ensure that your valuable data and systems are secure, is also be a good idea. The same goes with watching what you download and any emails you open. If you don't know or trust the source, don't download any program, open an attachment, or read an email connected to it.

Looking to learn more about the security of your systems? Contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
December 3rd, 2014

AndroidTab_Dec01_AWith the festive season in full swing, this year, as in recent years, one of the most popular gifts will be the tablet. If you are considering giving a tablet as a present this season, and more specifically an Android tablet, you will quickly find that the selection is overwhelming. Here are some tips that can help you zero in on the right one.

Consider your budget

The great thing about Android is that there are tablets available for a wide budget range; from the ridiculously affordable, yet highly praised, Amazon Fire HD 6 (USD 99 on Amazon.com), to the top-of-the-line Samsung Galaxy Tab S (USD 350-400 in stores). You firstly need to set your budget.

Look at reviews online

There are a ton of websites dedicated to reviewing tablets and other mobile devices. Take for example the well known Engadget, or Trusted Reviews. Sites like these generally give a good overview of the new and most popular devices out there. Pay close attention to the criteria used though, as some review sites tend to only look at basics such as battery life and design, without going too deep into the actual usability.

It is also important to look at actual user reviews. The best place for this is Amazon.com, as almost all reviews of devices on the site are submitted by users. While some reviews may be overly positive or negative without actually revealing reasons, generally speaking they provide an accurate real-life picture.

What will the tablet will be used for?

Many tablets offer special features and functions aimed at different types of users. For example, some offer increased security and encryption that is ideal for the business user, while others may offer features such as pen support which turns the tablet into a drawing pad. If the recipient is likely to be using the tablet for work, then your search should focus on specific, business-oriented devices.

Who will be using the tablet?

Tablets running Android 4.4 (KitKat) and Android 5.0 have the ability to establish different profiles for different users. So, if you know that the tablet will be used by a variety of people then it would be best to purchase a tablet incorporating either of these versions.

If you know that children will be using the tablet, there are a number of apps with features that set the tablet up for children. For example, some will block the Google Play store, and any apps that are deemed unsuitable for children. It might be a big help if you install this beforehand.

What is the technical ability of the user?

It's true that almost every tablet is designed to make it simple to pick up and figure out. But some tablets are aimed more at specific users than others. Take for example Google's Nexus line, which is aimed at users who want a simple tablet experience and the most up-to-date software. Users with more tech experience generally find the Nexus line more preferable.

Other tablets come with super simple setups and many popular apps pre-installed, which could make them more suited to users who may not know much about Android, or simply just want to pick up their tablet and go.

Look at durability and features

As with most tech-related purchases, you generally get what you pay for. So, if you want a tablet with top-of-the-line features like a great display, fast processing speeds, and LTE/Data connections, you are likely going to have to pay more.

A good starting point is to look at the questions you answered above about who will be using the device and what they will be using it for, then look for a tablet with features that support or enable this and that has positive reviews. While it may be tempting to stick with brand new tablets only, be sure to look at those released in the past year to year and a half as well. For example, the terrific Nexus 7 tablet (2013 version) is still a great option for many users, not to mention the fact that it is available at an affordable price. Manufacturers like Samsung also have a number of great tablets available with a wide variety of features.

Almost above all else, the overall durability of the device is important. If you purchase a tablet with flimsy construction, there is a good chance it will soon break or fall apart easily. Again, online reviews often focus on the build quality, so these could be a good starting point. Also going to the store and physically trying the devices out could go a long way in helping you pick the best one.

If you are struggling to find the perfect tech gift or Android tablet this holiday season, contact us today to see how our experts can help you find what you need.

Published with permission from TechAdvisory.org. Source.

November 25th, 2014

BCP_Nov24_AAs a business owner you must be constantly aware of threats to your business. One of the best ways to mitigate many of these dangers is to develop and implement a Disaster Recovery Plan. In order to help ensure that your business is ready to recover from any disaster, here are five real-world tips that can help see you through.

1. Have a full copy of your data backed up outside of your operating region

Almost every company, regardless of size, has backup measures in place. These backups can be either physical or digital, and are supposed to be carried out on a regular basis. If a disaster strikes, having access to your data can help ensure that you can recover your systems and resume operations in the minimal amount of time.

While backups are great, if you keep your backups in the same area as your main systems, or even if your offsite backups are in the same region, there is a chance that a large disaster, like a flood, or power outage, could also affect these backups too. One of the best solutions is to keep a current backup offsite, and outside of your operating region, with most experts recommending at least 150 miles (250 km) away from your main business area.

How do you achieve this? The best option is to use cloud-backup. Many providers host their backup service at a number of different data centers in various locations, so that should a disaster strike both your business and a nearby data center, your data is still safe at other centers.

2. Realistically test your plan

It can be tempting to simply develop a plan and then test it in a closed environment once or twice a year, make some changes where necessary and then sit back and hope it works. In truth, for any plan to really be effective it needs to be tested in a realistic environment. If this is not carried out then there is a possibility that the plan could fail when activated.

Because disasters come in almost any form and size, you are going to want to first identify as many potential problems as possible. From here, test your recovery plans based on these scenarios and see how effective they are. Be sure to also involve your colleagues and employees, as they too will need to know what to do when disaster strikes and what their role in the recovery of data is.

A good way to look at these tests is to think of them more as practice runs. As with anything, the more your practice the easier and more effective it becomes. In this case, good practice could literally save your business.

3. Update your plan as you update your systems

When you develop a recovery plan, you need to base it on the systems and technology you currently have in your business. However, these systems and devices may not be in use six months, to a year from now, or you may introduce new systems and improvements.

As soon as you make any changes, your existing recovery plan could become obsolete. Therefore, you need to ensure that when you introduce new systems or technology you are also updating the recovery plan to cover and fit with these changes.

4. Create an accessible plan

Many experts agree that having a physical plan that employees can see and access during a disaster is one of the best ways of ensuring that it is actually implemented properly. Therefore, when you develop a Disaster Recovery Plan make sure that all of your employees can access it at any time. This includes during and immediately following a disaster.

Beyond this, you need to make sure that the plan is consistent. If you update the master plan, but fail to update the copies you store in say a public cloud, or at different worksites, this will lead to confusion and even an increased recovery time or complete recovery failure. When you do update your plan, let all parties involved know that it has been updated and remind them where they can find copies of the plan.

5. Don't be the only fully-trained disaster recovery expert in your company

As a business owner or manager it can be easy to try and run everything yourself. Afterall, it is your business and you know exactly how to look after everything, right?. The problem is that if you are the only fully-trained disaster recovery person you are making yourself the weakest link in the plan.
Published with permission from TechAdvisory.org. Source.

November 21st, 2014

Security_Nov17_AIn many western countries we are blessed with a free and open Internet, but in the US there is a battle currently raging over the idea of Net Neutrality. Chances are high that you will have heard this term thrown around by various experts and media outlets. In November, President Obama took a stance on this issue. Here is an overview of Net Neutrality, the stance from The White House, and what this could mean for your company.

What is Net Neutrality?

In order to define Net Neutrality, we should first look at the main idea behind what the Internet is: a free and open medium where individuals can express and house thoughts, ideas, and more. It was founded on one principal, and one principal alone: All information and Internet traffic MUST be treated equally.

This free, open, and fair principle is what we call Net Neutrality. In practice, this idea prevents Internet providers, and even governments, from blocking legal sites with messages they disagree with, and restricting access to services and sites that don't meet their business needs.

What exactly is the issue?

At this time, major telecommunications companies providing Internet access are trying to push legislation through the US court systems that will essentially make it legal for them to throttle Internet speeds; asking other providers to pay fees in order to speed up access to sites and to even block some sites.

There are laws currently in place, set by the FCC (Federal Communications Commission), that prohibit providers from collecting, analyzing, and manipulating user traffic. In other words, according to the FCC, the role of the Internet providers should be to simply ensure traffic and data gets from one end of the network to the other.

Last year, it was uncovered that US telecommunications giant, and Internet Service Provider, Comcast demanded that Netflix pay them millions of dollars or they would limit the Internet speed of Comcast users trying to access the streaming service. Netflix tried to negotiate but the result was that Comcast did indeed cut user speeds. Netflix paid to avoid this from happening again. This act is an obvious breach of the main tenet of Net Neutrality: Equal access for everyone.

Combine this with the January 2014 ruling that the FCC had overstepped its bounds in regards to this topic and the increased lobbying by telecommunications giants against Net Neutrality, and you can quickly come to realize that the Internet as we know it is under threat.

How will this affect my business?

If nothing is done, there is a very high chance that you will be paying higher rates for Internet-based services (because the providers will be asking other companies to pay to guarantee speedy access which will then be passed along to you via higher rates). You may even be forced to use services you don't want to use because they offer better access speeds on your network.

Beyond this, because so many businesses rely on websites and the hosting companies that enable us to access them, there is a very real risk that these hosts may have access speeds cut. This in turn could mean that it will take more time for some users to access your website and services. Think of how you react when you can't access a website, you probably just search for another similar site which loads easily - now imagine this happening to your site. In other words, you could see a decrease in overall traffic and therefore profits.

What can I do about this?

First off, we highly recommend you visit The White House's site on Net Neutrality, and read the message that President Obama has recently posted there. To sum it up, he believes that Net Neutrality should be protected and the Internet should remain open and free. He has even laid out a plan with four rules that the FCC should enact and enforce:
  • No blocking - Internet providers are not to block access to any legal content.
  • No throttling - Internet providers cannot slow or speed up access speeds based on their preferences.
  • Increased transparency - The FCC is to be more transparent and push providers to follow the Net Neutrality rules.
  • No paid prioritization - There is to be a ban on providers insisting other companies pay to have equal access speeds.
You can bet that this plan will be met by stiff resistance both in government and by the telecommunications companies themselves. The FCC is an independent organization and it is up to them to select whether or not they want to enact President Obama's plan. One thing you can do is to publicly submit your comments to the FCC via this website. Any comments made will be seen by the FCC and are are publicly viewable. In the past, enough public pressure has been able to sway FCC decisions, so share this article and the links in it with everyone you know, asking them to take action as well.

What about other countries?

For now, the Net Neutrality battle is largely US based. The vast majority of Internet traffic starts or at least passes through the US. This means that if the telecommunications providers (many of whom own international subsidiary providers) can limit access to sites in the US it could very quickly become a world issue. Beyond this, other countries often follow laws that the US enacts, so it could only be a matter of time before we see similar bills passed in other countries.

In short, this is a major issue that could see the end of the Internet as we know it. If you would like to learn more about Net Neutrality and how you can help ensure the Internet remains free and open, contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Security
November 20th, 2014

Windows_Nov18_AOne of the biggest IT expenses for many small businesses is software. Some companies require thousands of dollars of software, which can quickly compound when you hire new employees. Businesses who have purchased Microsoft software may soon be receiving a letter from the tech giant asking for a systems audit. Here is a quick overview of this letter and what you should do if you receive one.

The Microsoft Software Asset Management Review

Earlier this year, Microsoft announced that they will be sending out over 30,000 letters to small businesses who have purchased Microsoft software licenses. These letters or emails are focused on checking that you have the right number of licenses for your systems.

This program actually has three audit elements, or emails, that are being sent out to businesses.

  1. Internal self-audit email - This is the most common letter businesses have been receiving. It asks them to verify that they are compliant with Microsoft's licenses, which is usually done by sending Microsoft the software keys for each license or product purchased. They then compare this to their records.
  2. Software Asset Management (SAM) Engagement - This is a voluntary process where Microsoft sends a Software Asset Management partner to your business to audit your systems and see if you are over or under licensed. For companies who do agree to this, the audit is paid for by Microsoft. The downside is, if you are found to be non-compliant, you will likely face a fairly large bill.
  3. Legal Contract Compliance (LCC) audit email - This audit can be enacted by Microsoft if you put off a SAM or self-audit for an extended period of time. Essentially, this is a legal audit that you must comply with. If you are found to be non-compliant under this audit, you could face stiff legal penalties.

What happens if I receive one of these emails?

Should you receive one of these emails you will be asked to carry out the audit by a set date. Most of the emails contain a spreadsheet that you will need to put your license information into. This can take time because you will likely need to physically check every machine using Microsoft software for relevant information.

Auditors who come to your business will ask you for network and server access and any other form of information they think they can ask for.

Should you be found to be non-compliant or under-licensed, you will likely then be presented with a bill for the extra licenses. If you happen to be highly under-licensed, this bill could be quite large.

What should I do if I am worried about this audit?

An audit like this could be time consuming, costly, and above all is frustrating for any business owner. What we recommend is working with us. We can help ensure that your business is using appropriate licenses and, should you face a request to do an audit, we can help you through the process.

So, contact us today to ensure that your business is compliant.

Published with permission from TechAdvisory.org. Source.

November 20th, 2014

AndroidPhone_Nov17_AFor many business owners with Android devices, Google's Calendar app is one of the most useful to have installed. With the update to Android 5.0, the company has also been updating their apps to make them not only look better, but more useful too. This has led to a new version of Calendar being launched with some great new features.

The idea behind the new Google Calendar

According to Google, the new Calendar app has been designed to truly help make lives easier. With the older version of Calendar, you have to take time to copy and paste information like location, phone numbers, and details into each event. This leads many users to simply skip adding important information when they create new events on their mobile devices.

With the latest version of Google Calendar, Google aims to make the creation of events and addition of information far easier. To do this, the new app has some useful features including:

Events pulled from Gmail

These days, when you book a flight or confirm a meeting, etc. you usually receive an email with a confirmation number and some contact information. In the new Calendar, events like this will be pulled automatically from Gmail emails and added to Calendar, along with relevant information.

For example, if you book a flight to attend a conference, you will see a new Calendar entry added with the flight information. Beyond this, events will be updated in real time, so if there is a delay with the event or you are sent an email update, Calendar will update this information on your calendar.

Assists

This new feature allows you to quickly and easily create group events. Now, when you create a new event and begin to type in information Calendar will make suggestions based on what you are typing.

For example, if you want to set a meeting with John at Starbucks around the corner you can start typing: 'Meet' and Google will come up with a list of suggested events. Tap Meeting from the drop-down menu and this will pop up in the text box. The drop-down menu changes to allow you to select more options, such as With. Tap this and enter the first letter of a name, and then select who to invite. The drop-down menu will change again and allow you to select a location by simply typing a few letters.

From the demo we have seen, this works quite well and definitely speeds up the creation of events.

Schedule View

This is a new view that has been designed to provide you with an in-depth view of the events you have scheduled. According to the Google blog, this view, "includes photos and maps of the places you’re going, cityscapes of travel destinations, and illustrations of everyday events like dinner, drinks, and yoga."

Essentially, this view makes it easier for you to see what is going on at a quick glance. Many mobile users find Schedule View particularly useful as they don't have to navigate their main calendar which can be tricky to read when you have a wealth of events planned.

How do I get the latest Google Calendar?

As of the writing of this article, the app is available on the Google Play store for all Android devices running Android 4.1. You should be able to get the app by updating the existing Google Calendar app. If you don't have the app, you can find it by searching for Google Calendar from the Google Play Store app.

If you are interested in learning more about Android, contact us today to see how our systems and experts can benefit your business too.

Published with permission from TechAdvisory.org. Source.

November 19th, 2014

Windows_Nov17_AEarlier this year, the SSL (Secure Sockets Layer) bug Heartbleed caused quite a stir when it was discovered. While the majority of systems affected by this bug have been patched, and are now secure from it, news has recently broke of a similar bug affecting Microsoft Windows Servers. If you use Microsoft Servers in your office, this is something you need to be aware of.

The new security problem

On November 11, 2014 Microsoft released a patch for nearly all versions of Microsoft Server, along with patch notes that included the reason why the patch was released. In short, it was released to plug a security gap that the company calls Schannel Remote Code Execution Vulnerability.

This cryptically-named vulnerability essentially allows hackers remote code access by sending specific packets of data to a server. Data packets are made up of basic units of data communication combined in order to send data over a network.

Hackers can structure certain data into packets then breach a bug in Microsoft Server software, potentially allowing a hacker full remote access to that server and the ability to execute whatever code they so choose, including giving themselves full access to the systems and data hosted on your server.

This bug is particularly destructive because it affects the Schannel library on servers, which is responsible for encryption and authentication in Windows.

What versions of Windows server are affected by this bug?

This bug can potentially be found on nearly every version of Windows and Windows Server currently in use by companies, including:
  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows 8/8.1
  • Windows Server 2012/2012 R2
  • Windows RT/RT 8.1
In other words, pretty much any business using Windows and Windows Server is at risk.

What should we do?

While this appears to be a big issue, and in truth it is, Microsoft has noted that they are unaware of anyone actually exploiting this bug as of the writing of this article. The company has also released a patch - MS14-066 that is supposed to fix the problem.

Therefore, the best action you can take is to update all of your systems running Windows. While it primarily affects servers, this could become a widespread issue if systems are not updated. What we recommend is contacting us as soon as possible. We can help ensure that all of your systems are updated and protected from this bug.

If you would like to learn more about Windows and how you can keep your systems secure, please do call us today.

Published with permission from TechAdvisory.org. Source.