Here’s a very insightful article outlining the benefits of business blogging. People frequently ask me why I write a blog, and Karin does a good job of summarizing how your business can benefit. Take a look and let me know your thoughts:
Here’s a very insightful article outlining the benefits of business blogging. People frequently ask me why I write a blog, and Karin does a good job of summarizing how your business can benefit. Take a look and let me know your thoughts:
Microsoft announced in April 2012 that it will end support for Windows XP and Office 2003 in April 2014. This is certainly no surprise since the operating system will celebrate its eleventh birthday this October. By the time Microsoft ends support, it will have been on the market for almost 12.5 years — 2.5 years longer than the company typically supports an operating system (“OS”).
So what’s the big deal? No one really uses XP anymore, do they? As a matter of fact, XP has maintained strong market share despite the popularity and stability of Windows 7. According to StatCounter.com, Windows 7 finally overtook XP in the fall of 2011 – a full 2 years after Windows 7’s October, 2009 release. This is a pretty remarkable stat for a ten year old operating system that is 2 generations removed from Windows 7. Windows 7 now holds a firm lead at 49% of the OS market with XP now trailing at about 31%, Vista at 8%, and Mac OSX at 7.5% .
Is it time to run out and spend $100+ for Windows 7? Probably not, unless you have other compelling reasons (like Vista) to upgrade. You still have some time and there’s a good chance that you will decide to replace your aging computer between now and XP’s scheduled sunset in April, 2014. After all, XP has not sold on retail shelves since late 2010, so your PC will be at least 4 years old by then.
For most people, migrating to a new operating system is a big hassle, but can be done over the course of a weekend. An enterprise, however, can take 18 months or more to migrate to a new OS. About six months ago, an international law firm replaced all of their laptops and desktops across the firm. Surprisingly, the IT staff decided to wipe Windows 7 from all of these new machines and replace it with Windows XP – quite a surprising move in light of XP’s advanced age.
In a world where online threats are constantly plaguing systems, and where hackers have successfully defeated Windows Updates digital certificates, it is critical to run an operating system that still receives updates – especially when that software company has a history of releasing operating systems with gaping security holes. You know those Windows Update notifications you receive several times a month? Some of those make the system run a little better or tweak instability issues. Most of the updates, though, patch security vulnerabilities that Microsoft has identified or that hackers have already exploited. Thus, it’s pretty critical to abandon an operating system that is no longer supported.
If you decide to upgrade, should you wait for Windows 8, or choose Windows 7? As much as Microsoft wants Win8 to set the new standard the way Windows 95 did, their track record is not so great. Most in the IT field will agree that every other major Microsoft OS release has been junk (Windows 95 [sure, it turned out to be decent after a challenging start], Windows ME, and Windows Vista were all stinkers). Will Windows 8 break Microsoft’s trend of substandard operating systems? I have a theory that they release bad operating systems to build demand for subsequent releases. Plus, they buy time for hardware manufacturers to develop drivers for the new release and software developers to build compatible apps.
Think about Vista: I have seen plenty of Vista machines that became so corrupt or slow that it made more sense to simply erase the OS and reload. In the likely event that the user lost their system installation disks or simply decided to pull the plug on a bad OS, they shelled out $100+ to purchase Windows 7. Thus, Microsoft got paid when Dell, HP, and others sold the new computer, and MS got paid again when users became fed up with [insert crappy Windows release] and purchased a new retail copy.
Back to Windows 8, one major factor in Microsoft’s corner is their push to make a consistent user interface (UI) for desktop/laptop computers, tablets and phones the way that Apple has done. One of Apple’s strengths is that the UI is consistent from their desktops/laptops to iPhones to iPads to iPods. No one else has mastered this yet: Android’s UI on phones and tablets is consistent, but they don’t have significant market share in their ChromeBook category. I don’t know if Microsoft’s UI is consistent from PCs to mobile devices because no one is buying them yet... MS has only grabbed up about 2% of the U.S. smartphone market. They’re not winning any fans either, following recent announcements that the new Windows Phone 8 OS cannot be installed on existing Windows 7 phones… GASP!
If you listen to the Apple fanboys, the desktop/laptop era is dead and PCs will give way to tablets and handheld devices. While reports on the death of the PC are greatly exaggerated, most industry experts believe that mobility is where the biggest innovations (and profitability) will be for the foreseeable future. Thus, Windows needs to get it right NOW with their mobile platform or cut bait. But I digress.
The bottom line on XP is that it’s time to start thinking about upgrading your business systems, especially if you have a large number of users still on XP. It’s probably safe to hang on another year or two with your personal XP system(s) since you will likely replace those systems anyway. I certainly will! To avoid major security issues, though, it’s critical to jump the XP ship when Microsoft pulls the plug in 2014.
I have no intentions of rushing out and upgrading to Windows 8 when it is released in late 2012. If history teaches us anything, Windows 8 will be buggy out of the box and will emerge as yet another problematic OS that will ultimately be fixed by its successor, presumably Windows 9. Windows 7 will become the new XP in that its solid performance, security and stability will make it a market leader for the next decade.
Share your thoughts and stories on XP or other Windows releases. I would also like to know your predictions for Windows 8.
As always, if PartnerTechs can help you with your small business technology needs, please contact Ken Carmack.
This just in: 6.5 Million LinkedIn Passwords Were Breached
You may be thinking “what’s the risk?” Big deal if some Russian hacker adds a Ph.D. to my name or a NASA internship to my resume.
But there might just be a big risk. If you’re one of those people that uses the same password for everything from online banking to your email account, then now is a great time to change your LinkedIn passwords. If you haven’t changed passwords for other accounts containing sensitive data, there’s no time like the present to do so.
Take a look at the following article for details on the breach as well as some best practices for creating and managing passwords.
For more information on passwords, you can also take a look at my article on the topic.
I frequently chastise people for ignoring Windows Update messages and prompts to apply patches to other applications such as Adobe products and Java. The response I frequently hear is “How do I know if the updates are real?” or “Yeah, I keep putting that off”.
I’ve always assumed that when Windows Update pops up in the system tray (the bottom right corner of your screen) that the messages are legitimate and safe since digital certificates are used by the operating system to verify authenticity.
You may not have heard about the newly publicized Flame malware since it has not made a splash in the U.S… yet. However it’s all the rage in tech articles and blogs lately. The Flame malware has created counterfeit security certificates that fool Microsoft Windows into thinking that bogus updates are real. If these “updates” are applied, your computer is infected.
Fortunately, security companies and Microsoft have jumped up and issued (or will issue) updates to protect against these attacks. However, they’re fearful that the malware may have other exploits that they have not yet discovered.
What to do? Unplug your computers from the internet!
HA! That’s not really an option. However, it’s now more important than ever to make sure all operating system updates and patches are applied, that your antivirus software and definitions are updated, you’re running approved firewall software, and that you apply all updates and security patches to applications such as Microsoft Office, Adobe products and Java. If you’re not running antivirus software, find one. There are plenty of free (and very effective) options out there.
For more information, take a look at this article from PCWorld:
Stay safe out there!
P.S. If you want to “geek out” and read more, take a look at the next articles. While security firms are still wrestling with the code, so far they have found that Flame can monitor email inboxes, take screen shots of what you’re working on and even record conversations you’re having near your computer. It also exploits BlueTooth to spread to other devices. What’s really interesting is that this malware does not appear to be the work of bored teen geeks or crime syndicates from the former Soviet Union. Instead, because it has to date targeted computers in Iran, security experts believe it was created as a cyber weapon by a nation-state. Enjoy!
Dedicated pastors, staff and volunteers have little time to spare and none to waste. Partner Technology Solutions was honored to help FPC regain precious hours previously squandered on a patchwork of inefficient technology.
We sat down with them, listened to how they use their technology resources, identified where the gaps and inefficiencies were and heard their frustrations with a mismatched system. The solution we designed for them involved migrating to Google Apps, which revolutionized their communications: Email, Scheduling, Document Sharing and more required no new hardware or software and is accessible from virtually any device with an Internet connection.
Challenges faced by the pastors, staff and members:
Staff accessed email through a patchwork of solutions including Microsoft Outlook, Mozilla Thunderbird, web mail and personal email accounts. Using “POP3” clients on the former system, once messages were downloaded in the office, they were no longer available remotely, causing difficulty for pastors and administrators working out of the office.
As is standard with ISP-based email systems, mailbox limits were small, frequently forcing users to clean out their mailboxes to avoid rejected messages (called “bounces”). During a group training session, I asked if anyone had ever cleaned out their full mail box to stop bounces. The room resonated with “Yesses” and exasperated sighs. Under the old system each user mailbox had a maximum capacity of 100MB. That’s about 20-25 photos of your newborn niece.
Staff and members were even more frustrated because incoming emails were frequently lost or never delivered to their intended recipients. The most daunting issue was spam; because staff email addresses are available on the web, most staff members had been inundated with junk mail. Redundant spam filters made the problem worse. With filters at the ISP level, as well as through Postini and desktop mail applications such as Outlook and Thunderbird, every day staff had to:
These filters flagged many legitimate emails as spam and delayed delivery of time-sensitive communications. Lack of confidence in this cumbersome system led staff members to sometimes use their personal email addresses for church business, further compounding the confusion.
Additionally, multiple committees and groups such as Deacons, Session (Elders), youth, choirs and others lacked effective group email tools. In order to communicate with a group, members and staff either created groups within their contacts or searched for a recent email to the group and hit “reply all.” The latter method frequently included contents of earlier unrelated emails and the absence of “master” group lists meant new group members often didn’t get the message.
The switch to Google Apps provided each user with a 25GB mailbox – a box they will NEVER fill. That’s 250 times the size of most ISP mailboxes. I hope I don’t have to eat my words, but I publicly offered to eat a Sunday bulletin if anyone fills their mailbox.
The migration to Google Apps eliminated the 5-10 minutes per day that staff spent searching spam folders for “real” messages. Google Apps employs excellent spam filtering and the spam folder is conveniently located on the left of your mailbox. When it contains spam, the folder is bold. Otherwise, it blends in. No more logging into web mail, Postini and other places to review spam.
Remote users are enthusiastic about migration results. The old “POP3” email system deleted emails from the server once downloaded. Now an email is accessible from anywhere until the recipient deletes it, crucial to pastoral staff who spend much of their time out tending the flocks.
Because Google Apps is web-based, users may access their email (and all Google Apps!) through any web-connected machine with a browser, whether on a PC, Mac or Linux box. When they log in remotely, they now see a screen identical to what they see in the office. Google Apps is tailor made for Android devices including mobile phones and tablets and works well on iPhones and iPads. Windows Mobile 7 and 8? Dunno. No one in the U.S. has bought one yet!
We have created several Google Groups for emailing various committees, boards and groups and their usage has taken off. To address an email to an entire group, one simply enters the group name in front of the domain name: Deacons@xyzchurch.org or Staff@xyzchurch.org. This is a much more efficient way to communicate with the various groups in the church. Plus, administrators can log into the “Groups Control Panel” to determine whether any addresses are bouncing, as well as maintain “master” group lists, accessible to anyone authorized to communicate with the group.
A valuable feature of Google’s mail app is that it accommodates existing domain names and email addresses. Thus, no one endured the hassle of changing and communicating a new email address. Additionally, Partner Tech’s migration included importing all email archives, folders, contacts and contact groups, giving users the ability to search years of email archives using the power of Google Search in their inbox.
Challenges faced by the pastors, staff and members:
The church’s master calendar had been maintained on an Excel spreadsheet for years by the office administrator. Maintenance of the calendar was time-consuming and the schedule could not be easily shared, especially with remote users. A critical component of church communication and management, the weekly bulletin and newsletter both rely on the information to be complete and accurate.
Located in downtown Raleigh and focused on multiple missions, FPC’s campus hosts a variety of classes, meetings and gatherings most days of every week. This presents a resource scheduling problem. One example of a scheduling embarrassment occurred when the Deacons arrived for their April meeting and found their meeting room occupied by about 50 visitors attending a jobs workshop.
We created multiple shared calendars for the organization including the “master,” which will be embedded into the church’s new website once the new site is completed. We also created calendars for the Children’s Ministry, Middle School Youth, High School Youth, Choir and Staff Vacations. Everyone in the domain can view each of these shared calendars. Only designated individuals may add / delete / modify events. No one can view personal calendars of other staff members unless the staff member specifically grants permission. Personnel responsible for specific activities will be responsible for the content of the sub-calendars.
The quality and accuracy of content is improving, the office administrator’s burden of maintaining and distributing multiple calendars has been alleviated, and parents are delighted that the calendars of their children’s activities can now be automatically shared with them.
My presentation starts in 10 minutes. The projector was supposed to be here! | Why are the Deacons meeting in the kindergarten classroom in those tiny chairs? | I’ve got 400 pounds of ice melting in the parking lot! Where’s the church van?
All of these issues are resolved by a new feature recently rolled out in Google Apps: Resource Allocation. On the Administrative Control Panel we created various shared resources, such as meeting rooms, church vehicles and projectors. When someone creates a new appointment on any calendar in the domain, they are able to reserve a resource and immediately confirm its availability.
With email, calendars and documents on the same platform and sharing similar icons and keystrokes, new users are quickly learning to transition among different Google Apps. Also, administration and support is simplified. Remote support is easier and staff may assist one another because all users are looking at identical screens, regardless of location. And imagine how excited that staff and new member users are to have one Google user name and password across the platform.
Challenges faced by the pastors, staff and members:
Documents such as the Preaching Schedule, Pastor-on-Call Schedule and Speakers for Recurring Events List were emailed among staff and maintained in a 3-ring binder. The Pastoral Care List summarizing crucial information such as births, deaths and sick and hospitalized members was maintained on a white board in a secretary’s office.
Building maintenance requests for the sprawling campus were submitted by phone, email or paper message to the church administrator. A group of volunteers (mostly retirees) was ready, willing and able to assist with addressing minor maintenance requests. However, there was no readily available punch-list from which to work.
The staff had long shared documents on a file server, a solution with several shortcomings:
The staff and members are embracing document sharing via Google Docs: word-processing, spreadsheets, presentations and more. Because this suite of apps is web-based and imports files from many other programs, one doesn’t need to be on a computer with a particular software to create, review and share documents. Further, several users utilize Macs at home and the file compatibility issue disappears on Google Docs.
Now they are uploading frequently-shared documents, such as the Preaching Schedule, Pastor-on-Call Schedule, and Pastoral Concerns List into Google Docs. Once these items are shared with the domain, they are available on any browser to anyone in the domain. Thus, if Reverend Bob visits someone in the hospital on Saturday night, he can immediately log the results into the Pastoral Concerns spreadsheet from his laptop or smart phone and Reverend Ed will be up-to-date when he announces Pastoral concerns in Sunday morning services. Further, when preparing the newsletters and bulletins, no one has to visit the white board, or pray that it’s up-to-date. FPC is just scratching the surface with this powerful tool and they’re finding new ways to use it everyday.
To address campus maintenance concerns, we utilized the Google Docs Forms tool. When campus users encounter maintenance issues, they follow a link to an online form to report the issue, producing an alert to the office manager and Property and Insurance Committee. When new items are submitted through the form, a cloud-based spreadsheet is updated and notifications are sent to the office manager and members of the handyman group. The form includes columns to report each task’s current status, resolution or needed follow-up.
Although not the most important factor, initial and ongoing investments are crucial factors for all decision makers. For non-profits, funding challenges are forcing many to reassess their operating budgets to ensure that they can keep their missions on track.
Google Apps charges businesses $50 per user per year, a cost easily recouped through gained efficiencies. Thus, with 14 users the cost of Google Apps for FPC would have been $700 per year. However, Google provides Apps for nonprofits meeting certain criteria (including 501(c)3 tax status) for free. Organizations must apply, provide proof of their tax status and make a handful of statements to be approved for the program http://www.google.com/nonprofits/eligibility.html.
Unlike a Microsoft Exchange deployment, migration to Google Apps required no new servers, hardware upgrades or networking equipment. The only implementation cost was labor.
Further, there are no software licensing agreement fees to pay year after year, no security patches to apply and no weekly updates to install. All of the software interface and back-end technology is hosted on Google’s servers and managed by them. Further, Google’s Service Level Agreement promises a 99.9% up-time guaranty. While I do recall Gmail outages in the past, it has been a very long time since the last one.
As a small business owner and former CPA, Ken knows that every dollar matters to small businesses and non-profits. He works with them to find affordable hourly or package price solutions that meet their budget restrictions.
The Federal Information Security Management Act of 2002 (“FISMA”) is a U.S. federal law that covers the information security of federal agencies’ information systems. Google Apps has received the authority to operate at the FISMA-Moderate level (the standard level for federal email systems) from the U.S. Government. Accordingly, the U.S. General Services Administration (“GSA”) moved email to the Google cloud in 2011 citing cost savings and efficiencies.
Data security is a very important consideration when moving sensitive information to the cloud. Google has received an unqualified SAS70 Type II certification from their independent third party auditor. This provides administrators and users peace of mind knowing that their data is secure in the cloud.
Google Apps provides the ability to connect to their servers using encrypted connections (look for https:// ) when connecting to Google. This assures users that login credentials, passwords and any sensitive information sent across the web is encrypted for the trip so that hackers cannot eavesdrop on transmissions – if you’re currently using a POP3 connection, you’re probably not using a secure connection. The organization’s administrator can configure the requirement that all users connect using a secure connection. Further, all data is securely stored on Google’s servers which include backups and redundant storage throughout their network of data centers. Thus, the days of losing all your emails, contacts and calendars in a hard drive crash are behind you.
If you think this sounds too good to be true, unfurrow your skeptical brow. Google Apps currently hosts 40 million users in 4 million businesses – that looks ideal for small organizations, right? In addition to small businesses, Google has many major accounts such as Motorola, Land Rover, Genentech, the City of Los Angeles, and McClatchy Newspapers. In North Carolina, Wake Forest University and NC State University have migrated all of their users from self-hosted platforms to Google Apps.
Are we finished? Not a chance! We’re just scratching the surface of what Google Apps can accomplish at First Presbyterian Church. Yet to come:
Will First Presbyterian’s office become paperless? Absolutely not! However, it will reduce its reliance on hand distributed schedules, 3-ring binders and white boards hanging on the wall.
We will post follow-ups on Partner Tech’s Blog as the organization climbs up the learning curve with core Apps and we start deploying new features.
Check out this photography blog from Karl Greeson, one of my best friends from Wake Forest University.
After graduation, every time I saw Karl he had a camera in his hand. Where I have become a decent point-and-shoot “hack” over the years, Karl has developed a keen eye for capturing great shots. Plus, I really enjoy his commentary on the site.
Take a look and share your thoughts.
I realize that people like discussing computer backups about as much as they enjoy preparing for a colonoscopy (hey, at my age that’s a reality of life!). Stay with me on this one because it’s a lot easier than it used to be and might even be free!
I frequently work with home users and small businesses that either have no backup policy or an ineffective one. Thus, their important photos, music and business documents are at risk in the event of a severe virus, hard drive crash or natural catastrophe.
I recently assisted the parents of a high school student whose PC had been infected by a nasty virus. The infection’s bark was far worse than its bite: To a casual user it appeared that all files and most programs had been deleted. A look at the Start menu showed virtually no programs listed. When the aspiring law student looked in her documents folders, years of academic writing were gone as were a variety of photos and other media. In a desperate attempt to rid the computer of malware, they restored the computer to factory settings. In other words, the operating system was reinstalled and all user files were deleted.
The good news: The malware was eliminated.
The bad news: None of her data was backed up.
Fortunately, I was able to recover a majority of her documents and media files using a file recovery utility. However, due to the destructive nature of a factory reset, many of her files were either overwritten or corrupted… A loss which could have been avoided by an automated backup.
Power supplies and hard drives are the two most common PC components to fail and are relatively inexpensive to replace: A power supply runs about $30. A hard drive costs about $65. The photos, music, tax returns and other important documents on that same hard drive are often priceless. Many users often don’t think about backing up until it’s too late.
Businesses have a lot more at stake. According to a DTI/PriceWaterhouseCoopers study, 7 of 10 small businesses that suffer a major data loss go belly-up within one year of the crash. This is a sobering reminder of the need for some sort of backup strategy. That could be an automated tape or hard drive backup, a cloud-based backup or an employee that brings an external drive or tape into the office on a weekly basis.
The right backup solution for you or your organization depends on the amount of data you need to protect, the frequency of backups (how much data loss your home or business can tolerate) and how long you can be without your information following a meltdown.
For smaller data needs, my favorite solution is Dropbox. Designed as a way to sync data across multiple computers, tablets and mobile devices, this app is a great solution for backing up your data. Once you create your DropBox folder and get in the habit of saving your files and folders there, you really don’t have to think about it. Plus, if you regularly access your information on multiple devices (say, a home PC + a work PC) your Dropbox folder will automatically sync your files & folders on multiple machines, eliminating the need to email files to yourself. This last point was a life changer for me. During the normal course of a day, I might work on one of about 3 computers. I often grab one of two laptops as I run out the door to meetings. Before Dropbox, I always had to pause for a second to make sure this particular laptop had all the files I needed. With Dropbox installed on all three PCs, the important files are always synced across all 3 machines. Plus, those files are accessible on other computers via Dropbox’s web interface. There are also Android and iPhone apps so that you can access your files on smart phones and tablets.
What about security? Dropbox uses the same encryption and security techniques used by banks. All data is encrypted for transit across the web and it is also encrypted while parked on their servers. However, it’s up to you to make sure your password is complex and difficult to guess. Accordingly, you should go to great links to come up with a long password or pass phrase that includes all of the elements discussed in my blog about passwords.
The entry-level Dropbox account provides 2GB of free storage. Not enough? Invite your friends through the website. For every friend that accepts your invitation you each get an additional 500MB of space, up to a max of 16GB – that’s not too shabby! If your storage needs are greater than a free account offers, you can purchase 50GB of cloud storage for $100/year or 100GB for $200/year.
So if you have not set up a backup strategy yet because it’s too much trouble, give Dropbox a try. If it’s remote file access you want, you get that too. Dropbox brings you the best of both worlds in an easy-to-use application. For most users it’s free too!
If you want to start off with an extra 500MB of storage space, leave a message here and I will send you an invite.
Need a little help understanding how it works? Check out the tutorial videos on the Dropbox website. If you need even more assistance, drop me a note and I will help you set it up, create your folders and launch your space in the cloud.
Are businesses really making money on Facebook or is it simply a platform for keeping up with friends and family? Matt Ferraguto discusses the staggering amount of time that we spend on Facebook and suggests that it is a powerful tool for generating business.
Somebody’s Watching Me
If you listen to the 80s station on Sirius/XM, you’re undoubtedly getting tired of Rockwell’s sole hit, Somebody’s Watching Me. Since Al Gore was still working out the kinks of the internet, I imagine that Rockwell was not singing about online security. Instead, he was probably more worried about paying off Michael Jackson for backup vocals on the song’s chorus, since there were no other hits on his debut album.
On a completely different note, I recently attended a very informative presentation on social media in which the speaker discussed the risks and rewards of social media. Since the audience consisted of parents of middle- and high school students, he focused on the risks facing children and teens and how to keep them safe online.
I walked away comforted that everyone in the room knew a little more about online risks and were better prepared to watch over their kids as they navigated the world of social media. However, I couldn’t help wondering who might be watching over the parents and their technology. In other words, are folks taking appropriate precautions to protect their computers and networks? So, I compiled a quick and dirty list of a few things you can do to stay safe on the world wide web. Rather than going into detail on how to configure all of these options, I have tried to keep it brief. Feel free to post follow-up questions if you need further guidance. Look for follow-up articles in the future that address some of these options.
Secure your wireless network:
Without a secure wireless network, anyone within shouting distance of your house can access the internet using your connection to download whatever they want on *your* network IP address. Further, with the right tools (which are widely available on the internet) they can “listen” in on your connection, and may even be able to access files on your computer(s).
Securing your wireless network is much easier than it used to be. Where it once required careful review of the Owners Manual, newer wireless routers can have you surfing securely with the push of a button. Always select the highest security offered by your router. WEP can be quickly cracked by a determined intruder, so use WPA or WPA2 if your wireless router supports it.
Avoid Using Public Computers to Login to Your Secure Accounts:
Sure, we’ve all been in a pinch before and logged into email on a public computer. However, that was before I knew what I know now. There’s absolutely no way to tell if a public computer is infected with malware, has keyloggers installed or other methods which can steal your credentials. Malware can grab user names & passwords and beam your information to the mother ship. Likewise, keyloggers can track every keystroke you make and report back to a hacker. Thus, browse online news and weather on the hotel’s business center computer. Save online shopping, banking, and even email until you get back to a safe connection.
Use Antivirus Software and Keep it Updated
This one is a no-brainer. If you have not been affected by viruses/malware in the past, you will eventually. Fortunately, you don’t have to pull out your wallet to stay safe, as discussed in my post on free antivirus options. Use one of the packages that I recommend or choose one you like by reviewing AV-Test’s ratings.
Online Banking, Shopping and Secure Sites:
Ever notice how your address bar turns green, shows a padlock and/or the address changes from http:// to https:// when you login to your bank or shopping site? This assures you that your connection is encrypted, that the identity of the website has been verified by a third party and that it’s safe to send sensitive information such as your username, password and credit card information over the internet. In fact, if you click on the green portion in the address bar or the padlock, you will see that the website’s identity has been verified by VeriSign, Thawte or another certificate authority (“CA”). So while it seems like you’re just connecting to a remote website, there’s actually a lot of stuff going on in the background to verify to your browser that the website is authentic, that your transmissions across the internet are encrypted and that it’s safe to do business.
But what if you attempt to log into a shopping or banking site that should be secure and it is not, in fact, safe? If you don’t get the https://, the green bar/padlock or you receive warnings that the site’s certificate has problems, check the address that you typed. If it’s correct, get out and try again later. It may be a temporary glitch with the site’s certificate or the CA. It’s not worth compromising your security and identity to buy ABBA’s Greatest Hits on an unsafe connection.
Free wireless offered by coffee shops and other retailers helps offset Starbucks’ exorbitant coffee prices, but be cautious with your browsing on public networks. This may seem a bit paranoid, but I never do online banking or shopping on a public wireless network, even from my own laptop. Yeah, I know that the connection to the bank or Amazon is encrypted, but I have no control over the coffee shop’s wireless security so I would rather be safe than sorry.
The kid in the corner booth with the AlienWare laptop may be listening in on your connection using a packet sniffer, which is freely available on the internet. Further, if your firewall is turned off, you have shared folders turned on, or your operating system has not been patched, a determined hacker can easily access the files on your PC.
Windows 7 and Vista both make it easier to stay safe on public networks than XP. When you connect to a new wireless network, the Set Network Location provides 3 choices of network location types: Home, Work and Public. Always choose Public when out and about. This sets your firewall at its highest security settings, turns off Network Discovery and file sharing options, providing higher security when on a public network.
As a follow-up, make sure your mail connection is encrypted (see https:// discussion above). Many webmail systems are not encrypted by default, but offer this option. If your email provider offers secure browser connections (thanks, Gmail!) always turn it on. If you trust the network you’re using, it may be safe to disable.
This one is extremely important and super easy to do. Probably 75% of the computers I sit down with have pending security updates for Windows, Adobe, Java, etc. Hackers are constantly identifying and exploiting security vulnerabilities in a variety of popular applications. In some cases, they are able to exploit these holes and take control of your computer. Make sure that Windows Update is enabled and that you’re applying the critical and important updates on a regular basis. Also, be sure to apply updates to other programs that notify you in the system tray. Adobe and Java have been particularly susceptible to security issues over the last few years, so make sure you’re keeping the patches applied.
Use Strong Passwords
This one warrants its own post, so take a look at my discussion on passwords.
There are plenty of other precautions you can take to stay safe, such as demoting your user account to Standard instead of Administrator, avoiding suspicious links in emails and Facebook, and periodically backing up your data. However, all this talk about security is making me hungry. Think I’ll grab a double latte and a scone. Can someone watch my laptop while I wash up?
Stay safe out there!