free wifi zone

Internet Security on the Go . . . Going, Gone

free wifi zoneCarrying a laptop, notebook, or other mobile device wherever one goes is so commonplace now that even kids in the backseat have Wi-Fi access to the internet over the river and through the woods to Grandmother’s house. Before you point a finger at the kids, just remember, you started it – and you are carrying your device wherever you go, too.

Because you do, because you need to guard your technology, and because we care, here are a few tips for ensuring your internet security when you are on the go, before your personal information is going, going, gone.

Avoid Public Charging Stations

But, they are so-o-o convenient! Exactly – and therein lies the rub. They are so convenient that they are an attractive, ubiquitous, and convenient tool for hackers. As soon as you plug into the USB port your device and all the data on it is conveniently accessible. For hackers, the practice of Juice Jacking is like taking candy from a baby. Carrying your own portable charger if you expect to need to juice up on the go.

Create and Use a Virtual Private Network

The operative word here is “private.” Your VPN virtually guards your technology while using publicly shared networks. Think of your network as a wire insulated to keep it protected from all of the other wires in the same conduit.

Disable Shared Settings

Don’t leave home without doing this: turn off all sharing enabled on each device accompanying you on the trip. You probably locked the doors to your house when you departed, unless you like to keep them open just in case anyone wants to use it while you are gone. Lock the doors; turn off sharing.

Ethernet as a Business Essential

Your business data and technology is too valuable to expose it to public Wi-Fi access. Avoid Wi-Fi by having a business ethernet, ethernet-enabled mobile devices, and traveling with an ethernet port.

Beware of Bluetooth

You don’t need to worry about Blackbeard pirating your information via Bluetooth, but there are plenty of others who are ready and willing to grab the bounty on your business devices when you least expect it. It’s Bluetooth. It must be secure. Not.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

BYOD bring your own device

Why BYOD Makes a Case for Whitelisting

BYOD bring your own deviceTwenty years ago, no one would have imagined employees bringing their computers to work. In fact, twenty years ago, having a company-owned PC on an employee’s desk was considered a status symbol in some companies.

Today, the average person’s cell phone has more technology inside that NASA used to land our astronauts on the moon. What is more, 98% of mobile device users keep their devices within reach 100% of the time – from the bathroom to the boardroom. That’s a lot of technology in the hands of people who are not rocket scientists.

BYOD Makes a Strong Case for Whitelisting

While, on the one hand, employees and companies alike embrace the concept of Bring Your Own Device, it is not without its inherent dangers.

When people bring their own device, any amount a company saves in CapEx for computer hardware, as a result, may potentially be lost by a failure to manage those devices in the workplace.

Advice from INFOSEC

As far back as 2012, the INFOSEC Institute warned businesses about the rising tide of changes that a BYOD culture would generate related to guarding the businesses’ technology. Among their recommendations was:

  • Know who can access your company network and data remotely.
  • Know how your employees’ devices are configured.
  • Clearly communicate your BYOD policies.
  • Audit BYOD activities on a regular basis.
  • Ensure that employee devices are compliant with your IT security policies and government regulations.
  • Control the apps.

Control the Apps

Managing the apps is where whitelisting comes into play. Several of our recent blog posts have addressed the wisdom of whitelisting, including the most recent, “From Whitelisting to Dynamic Whitelisting,” so we do not need to cover that ground again. However, we want to raise your awareness of the efficacy of implementing whitelisting if your business allows a BYOD practice.

We recommend whitelisting to protect both your system, if accessible by employee devices, and to protect their devices as well. You know what they say, “One bad app can spoil the whole bunch.”

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

general data protection regulation

Do We Need General Data Protection Regulation?

general data protection regulation

On May 25, 2018, the European Union will update privacy laws for all member nations. How that will affect American businesses and individuals is pure speculation at this point.

You may be asking, “What does the European Union’s General Data Protection Regulation (GDPR) have to do with me or my business?” The answer may lie in the reality of how interconnected we have all become as rapidly-advancing technology compiles unimaginable amounts of personal data and moves it around the globe in the blink of an eye.

A more appropriate question may be, “How long will it be before the GDPR affects me?” That being the case, it is worth noting a few of the highlights of the GDPR.

  • Personally identifiable data may not be stored by any company without that individual’s “express consent.” (Expect this rule to be circumvented by statements like this: “By clicking “NEXT,” you indicate acceptance of our terms and conditions.”)

The inherent problem is that the average person does not read the fine print in the terms and conditions. It is reasonable to expect that those terms and condition will include a clause that says that “acceptance of our terms includes your permission for our company to retain your personal information.”

We Value Our Personal Information Most When It Has Been Stolen

The other inherent problem is that the individual or company on the customer end of the transaction is typically more concerned about completing the transaction than sharing their information. Sharing personally identifiable information is a secondary thought at best.

Five Rights Included in the GDPR

Technically, users/customers in the EU will have five rights of protection available.

  1. They may refuse to allow personal (or business) information to be processed.
  2. They may request access to the data a business has about them.
  3. They may request correction of inaccurate information.
  4. They may request deletion of personally identifiable information.
  5. They may transfer personally identifiable information to another entity.

Another question we ought to be asking about the security of our personally identifiable information, is “How do we know that companies are compliant and our information is protected?” The answer is that we do not. Laws are fine, but they must be enforceable to be effective.

Tech Sentries believes that the primary responsibility for guarding your technology and your data is you. However, we understand that no amount of legislation will protect your data, and we also understand that you cannot protect your data without the latest-greatest-up-to-date security measures. Ensuring your protection is our business. We are your security professionals.

Tech Sentries is as concerned about your computer system security as you are. That is why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

guard your technology

Four Simple Ways to Guard Your Technology

guard your technologyGuarding your technology is a narrower way of saying “Protect your assets.” After all, your business’ computers, software, and information are a significant, specific segment of your assets. Worrying about guarding your technology won’t get you anywhere. You have to do something.

Think with us for a minute, not about specific threats, but the fundamental need to protect your assets. Here are four simple suggestions that, if followed, will prove beneficial.

  1. Back up your data. Often.

It has been 30 years since we entered the Information Age, i.e., the era when information began to become a business’ most important asset. Yet, in 2017, many businesses still do not perform a daily backup of their data. Here’s what we recommend:

  • Back up daily. That means every
  • Back up to the cloud. If an unforeseen local disaster strikes, your data is still safe.
  • Back up to a USB drive. If an unforeseen disaster happens locally or in the cloud, your data is still safe – as long as your USB drive is kept in a separate place.
  1. Use the Principal of Least Privilege.

This principle states that “each system component or process should have the least authority necessary to perform its duties.” This may be counterintuitive. That’s a good sign. The point is that the more authority a component or process or user has, the more exposure your system and your data have to cyber threats. You might call this “minimizing your threat window.”

  1. Keep All Your Software Up-to-Date.

There are two common excuses for not keeping software up to date.

  • You don’t want to spend the money (if, in fact, the update costs anything).
  • You want to wait until “they work the bugs out.” More than likely, the update is working the bugs out.
  1. Have 24/7 Support.

You can, and should, use security software, but don’t forget point #3. You have to be committed to keeping it up to date. Perhaps more importantly, your business information is always exposed to cyber threats, whether you are there or not.

If your tech security is not operational 24/7, you may as well not have any security. That’s where Tech Sentries comes in. We collaborate with you to ensure 24/7 protection, including ensuring backups and keeping your software up to date, plus monitoring your system for aberrations that may indicate potential attacks and more.

You should be concerned about your computer system security, but you should also know that you are not alone and defenseless in the computer world. Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Tech Support Scam

This Is Tech Support. You Are About to Be Scammed.

Tech Support Scam

Internet usage continues to expand as coverage becomes more available and as users are added by the thousands. Those users include people who do not understand what goes on behind the scenes as well as others who know that they do not know.

Scam artists have been around throughout recorded history. The intent is always the same: to take advantage of innocent people, usually absconding with some of their cash. It is just that many of the methods have changed over the years. The art of catching people unaware is common to nearly all scams. The best scams work, not because the victims are oblivious, rather that they respond without thinking, often erring on the side of caution.

Here’s an example. On a recent episode of ABC-TV’s “The Catch.” a couple of con artists (who were also pickpockets) needed to get their hands on some cash. They posted legitimate looking signs near an outdoor café. The signs read, “Be careful. Pickpockets operate in this area.”

It was a perfect scam. People who saw the signs immediately put a hand on the pocket where their cash was, just to be safe. Their response to the signs made it easier for the pickpockets to pull off their scam. In fact, the signs were the scam.

Virtually the same thing is happening on the internet with tech scams. The user may receive a message by phone or on their screen, prompting the user to take action to protect their computer from some alleged issue or malware. Just like the victims of the pickpockets, people react instinctively out of an abundance of caution.

Once in contact, the tech scammer will request access to the individual’s computer in an alleged attempt to fix the non-existent problem. Presto-chango! Before the victim knows what has happened, his computer has new malware installed, his personal banking information has been stolen, or his PC is being held for ransom.

This has become particularly dangerous in the era of remote monitoring and maintenance. There are two things you can do to protect yourself from the tech service scammers.

  1. Think about what is really happening.
  2. Never respond to a tech service warning unless you know the person making contact and that person has been authorized by you to protect your computer.

Be vigilant and think before you react. Thinking first may keep you from doing something foolish. Tech Sentries is the logical source of your protection. We guard and protect your PCs, laptops, and other connected devices against the dangers that lurk in cyberspace and the scam artists who want to take you for everything they can.

Don’t wait. Contact us today (843-282-2222). Tech Sentries is always on duty helping you “Guard Your Technology” at all hours of the day or night and keeping updated on how to be better prepared for Internet scams.

Dynamic Whitelisting

From Whitelisting to Dynamic Whitelisting

Dynamic Whitelisting

“Fundamentally, we need to change the way we interact with the Internet… This whole reactive approach we’ve taken for years just doesn’t work.”

That is the opinion of Frank Dickson, the Research Director for Worldwide Security Products at International Data Corp. He was talking about the need for a more assertive, dynamic whitelisting approach to protecting personal and corporate technology.

 

One of the reasons that people – especially businesses – don’t utilize whitelisting is that it is so manual intensive. Someone has to create the whitelist and keep it up to date. We agree. It can be tedious.

However, what if there were a better way to do whitelisting?

There Is a Better Way.

It is dynamic whitelisting. Think of it as the difference between being the maître d at a restaurant or being one at an exclusive club.

A whitelist is like the maître d at a restaurant checks a list that changes daily to see if you have a reservation. Assuming that you have a reservation, the maître d will allow you to enter and arrange to have you seated. If you are not on the list, you will be politely turned away.

A dynamic whitelist is like the maître d at an exclusive club may have a reservations list, but your name is not going to be on his list unless it is first on the club’s membership list.

Dynamic Whitelisting Is Not New But Still Developing

Even some computer technicians think that dynamic whitelisting is new, but there is at least one report online that cites dynamic whitelisting as having been used in highly-regulated businesses and industries before 2009.

It is increasingly apparent that the accelerating pace of software and application development is rendering companies unable to keep pace. Dynamic whitelisting “facilitates an immediate reaction to any updates in the software world.” Dynamic whitelisting is being refined by leading technology security firms utilizing artificial intelligence, certifications, software tracking, processing, analysis, and classification.

Information is aggregated and loaded into massive databases in real time. Businesses that subscribe to what may become known as WLaaS (Whitelisting as a Service) will no longer have to manage whitelists daily. The security firm provider’s database is akin to the exclusive club’s membership list. If the software is not in the database, it will not be seated in your system.

Look for our next whitelist article, “Why BYOD Makes a Case for Whitelisting.”

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

what is whitelisting?

The Wisdom of Whitelisting

Do you remember the good old days when we were able to tell the bad guys from the good guys on TV westerns by the what is whitelisting?color of their hats?

Cyber vocabulary includes the term “black hat.” It is derived directly from those old westerns and those dirty, low-down, dastardly villains. Today, the term is used to describe internet hackers who ambush the innocent folks in white hats. Folks like you and me.

The problem is that it’s hard to tell the color of their hat when they are lurking in the shadows of cyberspace.

There’s an App for That

Yep. There seems to be an app for just about anything. Including some apps created by and for bad guys.

Until recently the most commonly used means of identifying malicious apps was “blacklisting,” or what some of the wranglers around the campfire call “The Oops Method.” In its most simplistic form, you create a blacklist of apps you already know are bad guys. The digital list blocks the bad guys from loading on your PC. The problem is that someone has to discover the evil app either by being caught unaware or by keeping up to speed with all the latest information. Except for the apps that are unknown because they are not on the list, the idea works fairly well.

There’s a Better Way than That

The better way is called “whitelisting.” This method involves creating a list of apps that we already know to be good guys. Instead of blocking the bad apps, whitelisting turns the tables and allows only the apps and software that are on your white list to have access to your computer or mobile devices. Only those who have been “deputized” on the whitelist are allowed in.

Now, that’s very technical, but it does describe the difference well enough for you to know that whitelisting is more effective than blacklisting.

We can help you get a white list started and help you keep it up to date. Tech Sentries is the logical source for your protection. We’re wearing our white hats and protecting your PCs, laptops, and other connected devices against the dangers that lurk in the shadows of cyberspace.

Don’t wait. Contact us today at (843) 282-2222. Tech Sentries is always on duty helping you “Guard Your Technology” at all hours of the day or night and keeping updated on how to be better prepared for Internet scams.

Google Phishing Scam

Don’t Take the Google Docs Phishing Scam Bait

Google Phishing Scam

When your Daddy taught you to fish, he taught you how to bait the hook. The secret is to make the bait so alluring that the fish doesn’t sense the hook. Sometimes it works. Sometimes it doesn’t. Kind of makes you wonder if some fish didn’t pay attention when they were swimming in their schools.

When it comes to phishing online, we must realize that we are the phish. We have got to be “fin”nicky about what we bite on, especially if it looks really, really good.

Online scam artists – we’ll call them “phisher”men – know that not everyone of us is going to bite. They are happy to catch a few. The objective from our point of view is to not get fooled. When we get fooled, we get caught.

The Google Docs Scam

Here’s how the scam works.

  1. You receive a message from someone you actually know, inviting you to access a Google Doc.
  2. The trick is to get you to bite by clicking on an “Open in Docs” button. It’s not that the message is too difficult to pass up; it’s that it just looks so real.
  3. Once you bite, you receive a request for access to your Gmail account. At this point, you may as well jump into the boat. You been snagged.
  4. Once you have granted access to your Gmail account, the “phisher” sends a similar message to everyone in your contact list.
  5. What really gets your gills is that all traces of the messages sent from your Gmail account are removed.

The cycle keeps repeating itself over and over.

Now What?

As far as experts have been able to determine, no information was stolen and used in any way that smelled fishy. The scam was – or is – someone’s twisted sense of fun. Willie Sutton robbed banks because they were there. Seems to be the same motivation with the Google Docs scam.

We should be concerned because any “phisher” with the capability of pulling off this scam most likely has the ability to do great and widespread damage.

Very real threats exist. Even though you may not be able to see them, they could be lurking right before your eyes. Knowing this,

  • Be vigilant.
  • Think before you act.
  • Make sure you are protected from phish bait before it hits the proverbial water.

You can be vigilant and you can think before you act, but you are going to need help protecting yourself. Tech Sentries is the logical source of your protection. We guard and protect your PCs, laptops, and other connected devices against the dangers that lurk in cyberspace.

Don’t wait to get hooked. Contact us right now. Let us show you how we can help.

Internet of things downsides

A Word of Caution About CloudPets and Other IoT Children’s Toys

Internet of things downsides

News about the popular children’s toy, CloudPets, recently served as a reminder that “not all that glitters is gold.” So it is with the Internet of Things. Although the IoT is heavily promoted by citing its many benefits, as with so many other things, there are always downsides.

The hook that makes CloudPets so appealing to parents – and especially grandparents – is that the product of parent company, Spiral Toys, allows communication via a mobile app and the internal electronics of the plush toy line.

The problem with the toy is that it was not, at least as of the end of February 2017, adequately unprotected from intrusion. It was, in effect, a microphone as a virtual snooping device inside a toy for anyone who understands how to use the internet as a spying tool.

The net results (pardon the pun) of failing to provide even minimal security measures are that millions of private conversations, both in home and across the cloud, were exposed and held for ransom by cyber thieves.

One cyber security expert told the London Daily Mail that,

“It’s an alarming leak because not only does it expose very personal information from children, but the company has also elected not to notify impacted families.

“The primary risk is the invasion of privacy it poses to families. Whilst there is still the potential for hackers to abuse the usernames and passwords stolen, it’s strangers listening to your children which worries parents the most.

“There’s little functional value to voice recordings of children, but it’s content of a very personal nature which families would obviously like to keep private.”

Yet another expert said,

“Anyone can connect to the toy, as long as it is switched on and not currently connected to anything else. Bluetooth LE typically has a range of about 10 – 30 meters, so someone standing outside your house could easily connect to the toy, upload audio recordings, and receive audio from the microphone.”

The Lessons to Learn

  1. Do not underestimate the need for security for all connected devices.
  2. Any device connected to the internet is vulnerable to attack. This includes smart house and smart car devices.
  3. Just because an object looks like a toy, if it contains internet-connected devices, only your child should think it is a toy.
  4. Be concerned. Be careful. Be cautious.

Personal privacy, identity, and even conversations, are all in danger of being accessed via the internet and the cloud. No one is exempt. Everyone needs to be sure they are protected.

phone scams

Phone Scams – Just Say Nothing

Just when you think you are above being scammed by callers to your phone, some new twist on the old scam schemes sneaks onto the scene. The latest scam may be the sneakiest since Satan got Eve to say “Yes” in the Garden of Eden.

phone scams

The new scam is so simple that many people never see it coming. After all, this is the hallmark of a scam. If we saw it coming, it wouldn’t work.
The point of this article is to help you see it coming.

The Skinny on the New Phone Scam

The objective: to get you to say “Yes.”
The method: to ask you a question to which you will answer “Yes.” The questions sound innocent enough. For example:

  • “Can you hear me clearly?”
  • “Am I speaking to (your name)?

The sting: Once the caller has a recording of your voice saying “Yes,” your response can be “spliced” into another recording in which the questions are different. In the altered recording, your “Yes” sounds like a response by which you agree to purchase something. Or worse.

The Sides of New Technology

The constant and accelerating development of new technologies is exciting. However, we need to be aware that there are people who use good technology for evil purposes. It’s okay to be excited, but it is important that we be cautious.
Both the FCC and the BBB have issued advice on how to avoid being scammed on the phone.

  1. Don’t answer calls from unknown numbers. Let them go to voicemail.
  2. If you answer and the caller (often a recording) asks you to hit a button to stop receiving calls, just hang up. Scammers often use these tricks to identify, and then target, live respondents.
  3. If you receive a scam call, write down the number and file a complaint with the FCC so it can help identify and take appropriate action to help consumers targeted by illegal callers.
  4. Make a note of the number and report it to BBB Scam Tracker to help warn others.
  5. Ask your phone service provider if it offers a robocall blocking service. If not, encourage your provider to offer one. You can also visit the FCC’s website for information and resources on available robocall blocking tools to help reduce unwanted calls.
  6. Consider registering all your telephone numbers in the National Do Not Call Registry.

Common sense used to be enough to be your guide. Now it takes education, wisdom, and forethought. Be alert. Be cautious. Be safe.

1 2 3 4