PHISHING: Know Your Technology!

I received a call today from a bot reporting itself as Amazon and alerting me that a $1,000+ charge had been made on my Amazon account for a new iPhone 11 and to press “1” for a rep to discuss this charge. Naturally, I pressed “1” to play along and see where this went.  I was transferred to an agent purporting to be an Amazon customer service rep.  He asked me if I wanted to receive the phone and was surprised when I answered “hell yeah” since they’re expecting you to be shocked by this order and to scare you into giving up personal information or remote access to your computer.

When I answered yes, he proceeded with shipping information.  Is this going to “Ken Carmack?”

ME:  “Yes”.

REP:  “ Is the address 167…”

ME:  “No, that should be 167 Main Street”

REP:  “OK, is that going to Raleigh?”

ME:  “No, it should be Wilkesboro”

By then, he knew that he was being played and disconnected.

The bottom line here is that phishers are constantly whipping up new schemes such as this one, to scare you into thinking that you’ve been charged for a TV, iPhone, Norton antivirus or similar. In your panic, they hope that you will divulge personal information or provide access to your computer which they can then exploit.

A common tactic that I’m seeing lately are emails with an invoice or payment confirmation stating that your account has been debited $389.99 for McAfee or Norton renewals and to call their 800 number if you need assistance or have questions. One client of mine was scared into action by this, dialed the 800 number and provided remote access to his computer to an “agent”. BOOM! A win for the attacker!

Another common tactic is an email from “Microsoft” warning that the password to your Microsoft account is expiring in short order. The goal here is for you to click on the link, proceed to a page that looks like Microsoft where you enter user credentials which they can then use to login in to your actual Microsoft account. These emails sometimes look like they originated from Microsoft but are often sent from an email account or domain that bears no resemblance to Microsoft, such as billy@wescammedyou.com.

So how to spot/avoid phishing  tactics? There are several red flags or rules of thumb to keep in mind:

  1. KNOW YOUR TECHNOLOGY! Are you using McAfee or Norton, such that a renewal is in order? If not, don’t take the bait.  Most of my clients use BitDefender so be aware of your security suite.  I never use McAfee or Norton unless a client has purchased that on their own. Nevertheless, you should be aware of what is protecting your computer, not only to ensure you’re protected, but also as a defense against phishing.
  2. Does the sender’s email address resemble the soliciting company? For example, one McAfee renewal that I reviewed came from an @gmail.com account which raised a red flag. If the sender’s address is hidden, hover over the sender name/address to see the underlying sender’s account. If the sender presents as Microsoft, see if the underlying email address is actually @microsoft.com.  While this is not foolproof, you can quickly rule out many bogus emails that arrive in your inbox.
  3. Does the invoice address you by name or company name? If the renewal is addressed to “Dear Customer”, then they probably never had the original subscription.
  4. Is your address or last 4 digits of your credit card referenced? Once again, vague invoices/confirmations with scant specific details are a red flag.
  5. When in doubt, send the items to your IT department to verify for legitimacy.
  6. Under no circumstances should you reply to the email or call their 800 number. If you’re legitimately concerned that you’ve been charged, then log in to your banking or credit card account and scan for pending or completed charges. If the caller or email claims that the purchase was made in your Amazon account, log into that account and review your orders. When accessing financial or online accounts NEVER, EVER click a link in an email. Always open your web browser and navigate to your accounts as you normally do. Links in emails can send you to web pages that look like the real website but are designed to collect your user credentials. Also, enable 2 factor/multifactor authentication on accounts that contain financial or sensitive information.

One more phishing story and I will get back to work.  A few months ago a client called and stated that their company’s president’s (let’s call him “Fred”) phone had been hacked. A young employee (call him “Jimmy”) in the company received texts from the president asking him to run an errand and buy 15 @ $100 Apple gift cards to distribute to the staff as performance awards.  Oh, and don’t bother calling Fred because he’s in meetings and using someone else’s mobile phone since his battery is dead. Long story long, Jimmy followed the instructions to the tee, purchased the cards, scratched off the backing, shot photos and texted the images to “Fred’s” phone.  BOOM!

Bottom line, Fred’s phone was never hacked.  It was probably a burner phone that got trashed immediately after the successful caper. Further, my client contacted Apple to deactivate the gift cards.  I suppose that’s possible, but the hacker knew that time was on his side and wasted no time spending them. Jimmy was out $1,500 at the end of the day.

A few key rules of thumb that could have prevented this hack:

  1. Verify the sender using a different communication method. Don’t text Fred back to ask if it’s really him since the attacker will respond affirmatively. Call Fred on his landline or send an email. I have seen successful attacks where the hacker emailed the victim, the victim verified via the same email channel and the attacker confirmed “yeah, this is legit!”
  2. Run a smell test: Does this make sense for the president to reach out to a new employee for an errand like this?  If you don’t have the experience/context to answer that question, check with your peers.  If Fred is really in a meeting, what’s a few minutes to ask around to confirm that. Remember, these hackers use fear to kick you into quick action, which always works in their favor.
  3. Avoid mobile numbers on your company website. If you want to post phone numbers, add landlines that cannot receive texts. You can config most landlines to forward to a mobile phone so that you don’t miss calls. Many phishing attacks are via text message, so posting your mobile number on the web provides a very easy target.
  4. When in doubt: DON’T!

Over the years, we’ve all learned to ignore and delete emails from Egyptian pharaohs, lottery winnings, and all the other too-good-to-be-true trickery.  However, scammers are getting more clever, so it pays to be cautious and dial up your BS detector.

Be careful out there!

Additional resources on phishing methods, prevention and remediation:

Federal Trade Commission:  How to Recognize and Avoid Phishing Scams

PC Mag:  How to Avoid Phishing Scams

NC Department of Justice:  Phishing

Windows 11 is Here! Should I Upgrade Yet?

After much fanfare, Microsoft started rolling out the Windows 11 upgrade on October 5, 2021. The upgrade will be free to Windows 10 users and will be rolled out over the next few weeks.  When you visit Windows Update on your computer you may see a prompt offering the upgrade to you now or a message stating that “This PC doesn’t currently meet all the system requirements for Windows 11”.  Thankfully, unlike the Windows 10 upgrade, Microsoft is not planning to create chaos as they did with the forced Windows 10 upgrade on all Win7 and Win8 users. That rollout was extremely disruptive and resulted in many hours of lost productivity. This free upgrade is elective/optional.

Should you upgrade?

The quick answer is “Not yet”.  As with any update/upgrade, it’s always best to wait a few weeks and allow Microsoft to work out the bugs.  At that time some users desiring a refresh of their operating system may move forward with the upgrade.  If your computer is used mostly for web surfing, checking email and watching cat videos, the upgrade is pretty low risk. Just make sure that all of your important files/folders are backed up somewhere.

For business users, I recommend the “wait and see” approach.  Many routine updates sent out by the software giant have created problems, such as breaking printing to network printers, disabling the Start menu or frying network adapters.  Thus, for mission critical computers that are used to run your business, your home finances or your social life, wait a few weeks for the first few patches. There’s no need to worry about losing support for Windows 10 as that is good until October 2025.

What’s in the new Operating System?

I went ahead and installed the upgrade on one of my laptops on October 5 just to get a feel for the new version. So far, the changes are fairly subtle. The download/installation process took about an hour. A few reboots later and I was running Win11. A handful of initial observations:

  1. Hardware requirements:  Win11 is instituting some fairly rigid hardware requirements which will rule out the upgrade for many users with old or budget computers. Specifically, there are requirements for modern processors, BIOS/firmware and the TPM chip which is not available on many consumer-grade computers.
  2. The Start Menu and Taskbar are now centered on the bottom of the screen which is kind of annoying.  However, it is possible to left-justify both as they have been for decades. The Start Menu is a bit different but it seems mostly cosmetic and not functional.
  3. Android Apps will eventually run on Win11, but not in its current form. Expect the ability to run Android apps in Win11 in 2022.
  4. Widgets:  There’s now a widgets icon on the Taskbar that pops up a customizable grouping of widgets including weather, stock market performance, MLB, news, etc.
  5. Microsoft Teams Integration is now built in to Win10 making it easier for all Windows users to participate in Teams meetings.

Many other new features are available in the Win11 refresh and are covered in more detail in the articles below.

CNET:  Windows 11 review: Microsoft’s OS upgrade is subtle, but we like that

PC World:  You Shouldn’t upgrade to Windows 11 yet

PC World:  Windows 11 Review:  An Unnecessary Replacement for Windows 10

As always, please reach out if you have questions or need technical assistance.

Ken

Windows 7 End of Support

As we kick off the second half of 2019, it’s time to look ahead at emerging trends in the technology world.  More specifically, there is an important deadline on the horizon faced by many companies across the country. You are probably aware that the product lifecycle for Windows 7 comes to a close on January 14, 2020. Microsoft has been beating this drum for quite some time and many Windows 7 users have received pop-ups reminding of this impending deadline.

What this means for users is that Windows 7 computers will no longer receive security updates, patches, etc after January 14, 2020.  While the operating system will continue to function, users that remain on Windows 7 after the 14th of January are surfing the internet at their own risk.  

What many managers/users may not be aware of is that other major operating systems and product platforms are reaching end-of-life in 2020 as well, including:

  • Windows Server 2008 and 2008 R2 — January 14, 2020
  • Microsoft Office 2010 — October 13, 2020

Am I Running Windows 7 or 10?

Many people are unaware of their operating system version, but it’s pretty easy to determine.  The quickest way is to look at your start button in the bottom left corner of the screen. If you have a rectangular start button, then you’re probably running Win10. If it’s the round “orb”  then, most likely Windows 7. If you’re still unsure, click on the Start button and type System. You will get a System Information screen that shows the operating system version and edition at the very top. 

What Are Your Options?

Fortunately, there are several options, including a budget option:

  1. In-Place Upgrade:  Microsoft quietly kept the in-place upgrade option open, even after  supposedly closing the door on the free upgrades, back in the summer of 2016. While this is the “budget” option, users should proceed with care.  As with any Microsoft update/upgrade, it is not foolproof and may even fail – some users have reported inability to activate the Windows 10 license.  There’s also the possibility that the procedure will completely break your machine. Thus, it’s best to make sure you have a complete backup of your data as well as any software product keys needed to make sure you lose no data or software licenses if you decide to rely on this option. 
  2. Fresh Install of Windows 10: this is my favorite approach since you start with a clean install of Win10 rather than upgrading a Win7 installation that may have config problems.  If you really want to do it right and turbo charge your performance, pull that old hard drive out and replace it with a solid state drive (SSD). SSDs will dramatically improve your computer’s runtime performance and provide lightning-fast boot times.
  3. Replacement of your machine: Frequently, the most expensive option is the best. If you need high confidence performance to keep your business running, this is your best bet.  You’ll get a fresh warranty and may even find that the cost of a new machine is only nominally higher than upgrading.

Now, before proceeding with options 1 or 2, it’s important to evaluate the hardware that you’re upgrading. If you’re upgrading a newer Win7 or Win8 machine that’s just a few years old, you’re probably OK.  However, if you’re upgrading a machine that’s 5+ years old or considering an upgrade on a budget computer, it’s probably best to replace the machine. Take a look at this Lifewire article that weighs some of the factors to consider in this decision.  Another consideration on older hardware is that some of your internal components may not have updated drivers that are compatible with Win10.  Thus, proceed with caution when upgrading older hardware. 

I maintain an inventory of my clients’ computers and will review those over the coming days. Please be on the lookout for communications from me about devices in your fleet that need to be replaced or upgraded.  

Finally, if you decide to replace your machine, please make sure your old computer doesn’t end up in a landfill.  All computers contain harmful materials that should be properly disposed of.  Further, the components in a computer will likely remain in the landfill for decades or centuries, which is why I always make sure retired hardware ends up at the city recycling facility or at a commercial recycler such as Anything with a Plug in Raleigh, NC.

Seeking Yardi Contractor for 16 Week Project

I have a commercial real estate client that is onboarding to Yardi from Quickbooks and has asked me to manage the process. As such, I am looking for a contractor who has experience in Yardi, specifically in the accounting function, to assist with the process.  This is a fairly small development and property management company with a portfolio of about 10 properties, 5 of which are single tenant.  They have roughly 25-30 leases, all of which are abstracted but I expect that we will need to review and verify the abstracts.

The project will include:

  – Review Chart of accounts for all properties for consistency and make adjustments as necessary
  – Prepare ~10 Quickbooks company files for migration to Yardi
  – Setup vendors, customers, ownership structure, properties, units, bank accounts, leases, mortgages, etc.
  – Migrate security deposits, outstanding A/R, A/P, delinquencies, etc.
  – Prep for “Go Live”, first month billings, first month closing
  – Create account trees
Long-term (post migration) work may include:
  – Assistance creating expense pools for TICAM recons
  – TICAM recon assistance at the beginning of the year

 

Ideally, the contractor has significant experience with Yardi‘s accounting function.  The perfect contractor is someone who is seeking part time work and a fairly flexible schedule. I expect that much of the work can be completed remotely, but some time onsite (Triangle location) will be required.
Please let me know if you are aware of potential contractors and I will reach out to them with project specifics.

CryptoLocker

If you saw me right now, you would probably ask if I had just seen a ghost.  After reading several articles about a new extremely dangerous and destructive form of ransomware, I feel like I’m facing Freddy Krueger!

This is the kind of attack that keeps IT professionals up at night.

Most viruses, rootkits, and malware are annoyances and can be removed by tools that are readily available on the internet.  While some can be removed pretty quickly with killer apps like MalwareBytes, others may be more tenacious and require a recovery of your files and reinstallation of your operating system, a process that will take hours or days and cost a pretty penny. However, at the end of the day, all of your files can be safely restored either from your hard drive or a recent backup (you ARE backing up right?)  

This one is different.  It’s called CryptoLocker and it will ruin your day.  Here’s what it does:

CryptoLocker is a ransomware program that was released around the beginning of September 2013. This infection will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted. (thanks to Lawrence Abrams on BleepingComputer.com for this summary)

How do you become infected with CrptoLocker:

Currently, the infection is spread through emails pretending to be customer support notices from Fedex, UPS, DHL, etc. and the attachment is typically named Form_102213.pdf or Form_102213.pdf.exe (or some variant of these), but might also be disguised as a ZIP or other file type.

What if you get infected:

The first thing to do is disconnect your computer from the internet – this will prevent encryption of additional files.  If you’re working wirelessly, disable wireless on your PC.  If connected via Ethernet cable, pull the plug. Next call your IT pro and start deciding how important your encrypted files are to you. Also, figure out where your most recent backup is and how recently it was completed.  Most cloud-based backup services provide file versioning for a period of time.  For example, Carbonite saves previous versions of files for 3 months which could be your saving grace.

Removal of the malware seems to be straightforward according to the articles.  However, without the decryption keys it is absolutely impossible to decrypt your files. Thus, if you cannot recover the files from a recent backup and need them restored, your only option is to act quickly and send the ransom money. There is currently no tool available (or IT Pro) that can decrypt your files.

How to protect yourself:

1.      Be vigilant about opening email attachments – never open an attachment originating from unknown/unexpected sources (i.e. if you’re not traveling anywhere, don’t open a travel itinerary from Delta!).  Also, be careful when opening unusual attachments from trusted sources as their email may have been hacked.

2.      Be very careful about free software you download from the internet.

3.      Backup to an external hard drive ($85 for 1TB) and disconnect it from your computer or use an online service that provides versioning.

4.      Keep all programs updated and Windows Updates applied.

5.      Make sure you’re running System Restore on your PC.  This can help recover previous versions of files that have been encrypted.

6.      Apply the Software Restriction Policies outlined in this article using Local Security Policy or Group Policy (domain computers) to disable the malware’s ability to execute on your system.  This is fairly advanced, so please let me know if you want assistance applying these policies to your PC.  Also, keep in mind that these policies will block the malware in its current form. If the hackers modify the code to install from another location on your computer, these policies will not protect you.

The above tips can help mitigate the risk but the best tip is not to open suspicious files.  Tip #6 is the best available protection in the event that you accidentally open a file and obtain the infection in its current form.

One last comment on updates:  Don’t forget that Microsoft is ending support for Windows XP in April, 2014.  Expect threats like this on XP machines to heat up following the support sunset.

If you want to geek out on more technical details about the threat, take a look at these articles posted on BleepingComputer.com, MalwareBytes and Microsoft.

Stay safe out there!

 

Shop Safely This Holiday Season!

BREAKING NEWS FLASH:  Microsoft’s Internet Explorer Has a Security Flaw! 

As Yogi Berra famously said, “It’s déjà vu all over again”.

This is not the first time and certainly will not be the last that Microsoft issues critical security bulletins and patches. This warning is particularly timely in light of the upcoming holiday shopping season.  According to comScore, online purchases during the 2011 holiday season topped $37 billion, a 15% increase over the previous year.  Forecasters are projecting growth of 12% or more in 2012.

One of the security bulletins released on November’s Patch Tuesday addressed multiple vulnerabilities in Internet Explorer (IE). For those of you who have not followed my recommendation to dump IE in favor of Google’s Chrome browser, it is absolutely critical to apply this update as soon as possible.   This is even more urgent if you plan to shop online next week and enter your credit card information.

To make sure that Windows (and IE) is completely up to date, take a look at my September post.  It outlines the steps to verify whether Windows Updates are current and how to ensure they are installed automatically going forward.

While you’re at it, take a look at my March 2012 blog post about staying safe online. There I touch on public wireless networks, antivirus software, applying Windows Updates and utilizing strong passwords.  I also discuss the importance of ensuring that a website is secure (https://) before entering credit card information.

If you want more details on the current batch of Microsoft Updates (or simply need help sleeping), take a look at the article in PC World or Microsoft’s Security Bulletins.

Stay safe out there.  Please contact me if you need assistance securing your system.

The Problems with Free Email

You finally made the jump from DSL to your cable internet service provider (ISP) and they offered a pile of “free” email addresses.  Awesome, right? Not so fast!

Before changing your address to billybob@coyotecable.com, there are a few things you should consider.

I work and communicate with a lot of people who took advantage of free email addresses provided by their ISP.  I always wonder what they will do when they decide to switch ISPs again to save a few bucks, improve their TV channel line up or escape a bad customer service situation.

Most of the free addresses in my area are with Time Warner Cable (TWC) or Bellsouth / AT&T.  In the last few years, AT&T’s U-Verse (TV/Internet/phone) has made a big splash in our market and lured away many long time cable and DSL customers.  So what happens with your Roadrunner email address when you jump ship?  I called the cable company to find out.  Unfortunately for cable customers, the email address goes away when you cancel cable.  Suddenly those free email addresses don’t look so free anymore!

Here are a few good reasons that using your provider’s free addresses is a bad idea:

  1. Portablility – as mentioned above, you frequently cannot take your email address with you when you leave the cable company for a new ISP.  A buddy of mine has moved from Chicago to New Orleans to California.  Each time he moves, his email address changes to the local cable company. I never know where to find him.
  2. POP – most cable companies offer very basic POP3 services.  In its most basic setup, any messages downloaded to Outlook or Outlook Express are removed from the email server.  Thus, if you want to look at your messages from another computer (at work) then you’re out of luck.
  3. Lack of features – many cable services offer email only.  While they have limited contact management features on their webmail portal, contacts don’t sync up well with Outlook or other mail clients. In the unlikely event that an online calendar is offered, it’s not very robust.
  4. SPAM – keep your email address long enough and you will eventually get so much spam that it’s tempting to abandon the account.
  5. Capacity – while some ISPs now offer larger email boxes, they have traditionally not provided a whole lot of capacity.  I recently looked at a business-class client whose ISP only allocated 100 MB to each mailbox.  That’s only about 20-25 photos of your newborn niece.
  6. Cost – “free” addresses are included in your monthly internet service bill.  However, if you jump ship to another company, be prepared to pay a monthly fee to maintain your old email address so friends, family and online retailers can find you. This, of course, assumes that you can keep your address at all. This happened to me when I left Mindspring a few years back.  I was able to keep the address for a monthly fee.
  7. Relay – Have you ever taken your laptop to a coffee shop or hotel and tried using Outlook or Windows Live Mail to answer your emails?  Incoming messages work fine. However, outgoing messages get stuck in your outbox and cannot send until you’re back at home.  This is because many POP3 accounts require authentication when a user is connected to a network outside of their home network.  This can be fixed with the right configuration.  Good luck setting it up so that it works right every time.

Back in the early days of the internet and email, I signed up for new dial up services every few months depending on who sent me floppy disks and a free trial.  I jumped from AOL to Prodigy to Infinet to CompuServe to WorldCom… It wasn’t a big deal because no one used email for important correspondence – just for forwarding jokes.

Changing your email address is not so easy today.  When you change your address, you not only have to notify friends and family, but also your customer accounts with Amazon, iTunes, ABC Bank, etc.  Changing addresses and logins tied to an email address can be a monumental hassle. As such, plan to transition to a new address over the course of several months.

What to use?

There are a variety of web-based email providers that are not tied to your physical connection.  Players include Gmail, Hotmail (now Outlook.com), Yahoo!, Netscape, AOL, Netzero, MSN, etc., etc., etc.  These are all free and will not change when you jump internet providers.

 Folks that know me and my love for all things Google will not be surprised to hear me recommend Gmail. There are a variety of reasons that I recommend Gmail including:

  1. Portability – since Gmail is web-based and not tied to your physical connection, there’s no need to change if you move your internet service.
  2. Web/cloud based – while it is possible to use an email client such as Outlook or Outlook Express, there’s no compelling reason to install anything onto your PC. Simply launch your browser and navigate to Gmail.com. If your hard drive crashes, there’s no need to worry about losing years of email, hundreds of contacts or your calendar. All of this information is stored safely in the cloud.
  3. Features – Gmail includes your email platform (complete with folder capabilities), a robust calendar system (allows multiple calendars and shared calendars) and a good contact manager. Additionally, Google Docs provides a web-based alternative to costly MS Office applications (Word & Excel).
  4. SPAM Filters – Google’s SPAM filters are phenomenal.  I have seen Yahoo accounts that receive SPAM 5:1 over legitimate messages.  On the rare occasion that SPAM gets through Google’s filters, I can flag it as SPAM and Google learns and prevents it in the future.
  5. Large capacity – the standard free account now offers 10GB of space – FREE.  That’s tremendous capacity.  I have used my Gmail account for almost 5 years and have only filled 31% of their generous allocation.  If that’s not enough space, purchase Google Apps for $50/year. They give you 25GB of space and a few other bells & whistles.
  6. FREE – yes, that’s correct.  It costs nothing.
  7. Relay – since Gmail is web-based you never have to worry about outgoing messages getting stuck in your outbox when you’re away from your home network.
  8. Mobile Sync – if you’re using an Android phone or tablet, simply link your device to your Google account and your email, calendar, contacts, cloud documents, etc. all seamlessly sync between Google’s cloud and your device. Apple’s devices sync well with your Google account too, once you configure the account properly.  Plus, when you delete or file messages on your portable device, they are synced with your inbox back at the computer and vice versa.  Blackberry?  Maybe.  Google has cooled to the BB platform, so support may be lean going forward.
One last thing to consider: Several free providers, including Yahoo and AOL, are tired of losing accounts to Gmail and have made it difficult to walk away from your account.  The most notable methods they use is to disable forwarding to another address and disable POP3 access.  This removes your safety net, since many people would simply keep the old account and forward it to the new account indefinitely. Yahoo will enable forwarding and POP3 if you pay them $20/year for a Premium account.

If you have an existing ISP email address and are thinking about jumping to another internet provider, it’s probably a good time to begin the process of closing your existing account and migrating to a new online account. I usually advise 3 months.

If your business is seeking branded email, we can help set that up as well.

Ready to make the jump but unsure where to start? Contact PartnerTechs for guidance and we will launch you painlessly into the 21st century.

 

Ready for Big Time Productivity?

In the past month, I have set up dual monitors for several clients.  A couple of these users had seen multiple monitors used by others and were ready to make the jump.  One user did not know it was possible, but has been blown away by his increased productivity.  In most cases, the users were non-technical and thought that multiple monitors were either costly to purchase and setup, beyond the capabilities of their existing equipment, or too difficult to use.  After experiencing their expanded screen real estate for a few days, they’re hooked for life.  

I have used dual monitors for almost a decade.  Not only does it reduce constant toggling between open applications (Alt+Tab), it also saves on paper usage.  Just think of all the times you have printed a document simply to transfer information from one page into a spreadsheet or document.  Imagine eliminating the printed page(s) and transcribing (or copying/pasting) from one screen to another.  I typically keep email/calendar open on the left (smaller) screen and spreadsheets or web sessions on the right (wide) screen.

Researchers are divided on whether productivity actually increases with extra monitors. A New York Times article cites several studies and academic opinions on the topic. Some academics think that multitasking kills productivity, while others laud the benefits of extra screens. At the end of the day it comes down to the type of work you’re doing, your work habits and your ability to efficiently juggle multiple tasks.

VGA and DVI PortsMost desktop computers include dual video ports – an analog VGA (blue) and digital DVI (white).  Laptops generally have a video port that supports an external monitor, although some Ultrabooks do not include external video ports.  Be sure you look at the ports available on your PC to make sure the display that you select matches up. Some monitors have both VGA and DVI connections, although the cheaper models will have only one.  Before you carry it out of the store make sure the box contains the appropriate video cable, otherwise you will have to make another trip.

Also, be aware that installing a second monitor can adversely affect your PC’s performance, especially if the graphics adapter is embedded on your motherboard.  When this is the case, the computer’s processor and system memory have to carry the load of two displays, so less memory is available for the operating system and programs to use.  You can avoid this performance hit by installing a graphics card with its own processor and memory.

Installing an extra monitor is usually as simple as connecting to the appropriate port on your computer.  Once the monitor is connected, you will need to enable multiple monitors in Windows, tweak the resolution settings for the new monitor and turn on Clear Type in order to smooth the fonts.  Instructions for these tasks are beyond the scope of this article but can be found here.   Installing a graphics card is a bit more complicated and beyond the scope of this article. Windows 7 display settings

Computer monitor costs have plummeted dramatically over the last few years.  Once a high cost item, a 20” monitor can now be had for about $100. In fact, CompUSA is currently advertising a 20” monitor for $79.97.  Larger 21” – 23” displays are available for $100 – $125.  When displays were expensive I used to get caught up on name brands.  At today’s prices who cares if you buy a monitor manufactured by Joe’s Computers and Hair Products?  If you cruise the monitor aisle at Best Buy, CompUSA, or Amazon you will notice that the big names like Samsung command premium prices.  However, to save money, look at brands you’ve never heard of such as AOC, Planar, and Hannspree.  At $99 for a 22” device, it’s not too painful if you only get 3 years out of it. And don’t waste your money on an extended warranty.  This is just a ploy for retailers to squeeze out a little more profit margin.

If you’re ready to make the jump but concerned about fouling something up, give us a call.  In most cases this add-on can be setup and configured in less than an hour.

Once you’ve installed the desktop expansion and had a few weeks to play with it, post a reply and tell us what you’re doing with all your new found spare time!

Microsoft Issues Critical Update for Internet Explorer

In case you missed my Facebook and LinkedIn posts over the weekend, Microsoft issued a Critical Security Bulletin on Friday to address vulnerabilities in Internet Explorer.  The security hole may allow remote hackers to access your computer and execute code on it. In other words: NOT GOOD.

If you regularly use Internet Explorer (IE) you should install the Microsoft patch without delay. If you don’t use IE you should update anyway. Either way, you should always make sure you apply all Windows Updates as well as updates for troublesome apps such as Adobe and Java.

If your computer is set to automatically install updates, you’re probably fine.  However, it’s worthwhile to check your system tray (bottom right hand corner of the screen) to make sure you don’t have any pending Windows Updates.

For more geeky details and analysis, take a look at this article in Information Week.

ADD ON:

After sending out this post, I received several responses asking how to verify that Windows Updates are up to date.  Here’s the easiest way to check and also set them to install automatically so you won’t have to worry:

Windows 7:

1. Start>All programs>Windows Update

2. At the top left of the Windows Update page click on Check for Updates

(this will take a few minutes)

 

 3. Once it’s complete, look for ‘Important Updates’.  If any are listed, click the ‘Install Updates’ button.  If there are none, you’re fine.  It will probably list Optional Updates, but I would not install those.

To make sure your updates are applied automatically in the future:

1. On the same page as above, click on ‘Change Settings’.

2. Under Important Updates, change to ‘Install Updates Automatically’.

 

Windows XP:

1. Start>All Programs>Windows Update

2. A web browser will open and navigate to the following page:

3. Click on Express and Windows will check for updates.  Once the scan is complete, choose Install Updates.  Once this is complete, the machine will likely require a restart.

4. To make sure that Updates are applied automatically going forward:

Start > Control Panel > Security Center > Windows Updates (select Automatic)

That’s it.

Stay safe out there!

Ken