Copeland News - July, 2014
Welcome to the Summer edition of Copeland News.
Security concerns across all systems continue to be a theme, and we frequently hear in the news about the latest security breaches and failures. Now is the time to rethink your security, including email, virus activity, and any weak passwords you may be using.
That being said, if you come across anything that you would like to discuss, never hesitate to drop us a note. We are here to help and serve you in any way we can!
In this issue of Copeland News
Emails, Emails, Emails...
The business use of email is not as "tried and true" as it once was. In many ways, email use in business is less stable than ever before.
- Increased SPAM activity is driving more email, and more "virus-laden" email to your mailbox every day.
- SPAM is increased for many reasons – but one being the increased use of Ransomware – where the bandits hold your system in ransom by encrypting your files until a ransom is paid.
- When receiving email, remind your users to only open up attachments and links that they know to be trusted. SPAM bandits now write very alluring emails these days, so do not assume emails from UPS or your VOICE-MAIL system are legitimate. Educate your users on this point, as the possible resulting infections are brutal.
- Services like POSTINI are working hard to keep your inbox fit. However, the sheer amount of SPAM today makes it impossible to achieve perfection.
- Check your SPAM folders daily for any entries that are legitimate. Without this check, you could very well miss that "very important" email.
- When sending legitimate emails, be sure to properly write accurate and "full-bodied" content in the body of the email. Your recipient's email system can easily reject your email as SPAM if you are scarce in words and include only attachments or links.
- When emailing sensitive information, consider doing this using Secured Email. Secured email is becoming popular as it is recognized how insecure traditional email really is. Voltage is a leading provider in "encrypted email" solutions, and a free 30 trial can be exercised at http://copelanddata.com/vsn/.
- Do not transfer large files using email. Consider using other services, and in many cases free services to transfer files to another user. The service www.wetransfer.com is an example of this. We use this service frequently here at CDS.
In summary, email is far from perfect. As you interact with your email systems, be sure to take into account some of the points mentioned above.
Beware of Virus Activity
Ransomware is a relatively new category in the world of viruses. Unfortunately, the bad guys who write viruses have found ways to generate a lot of money from ransomware viruses.
In a nutshell, this is how ransomware typically goes down:
- A User in your organization clicks on an attachment or link from an email, or clicks on a link from a web page.
- The user clicked on what they thought was a trusted identity like Adobe or UPS. However, it soon is discovered that this is simply the lure, and the PC is now infected.
- All files of specific types (Word documents, PDF's, Excel files, etc) are encrypted with an unknown password.
- Within minutes from that point, that infected PC now traverses through the local network and encrypts any files it can find. This is where the damage is done, because now the files on your file server are typically encrypted as well.
- Within a few moments, other users will not be able to open up some or all of their documents on the file server, as these documents are encrypted as well.
- Files reached on the Linux file system are also encrypted, putting a strain on the business system as well.
- On the initially infected PC, a BANNER is sometimes displayed, showing that the PC is infected and that files on the PC and on the network are locked.
- Verbiage on the infected PC screen describes the infection and goes on to walk you through a "payment" screen, where a token of cash can unlock these files.
- The ransom amounts we have seen start at $400, and continue on up. The payment of this ransom gets you a "key", and this key will allow you to unlock each file individually.
At this point, the customer has a choice to make: Do you pay the ransom or do you restore from backup. Each situation is different, and only at that time can the correct choice be decided.
What can you do about minimizing this type of infection at your organization?
- Continue to remind your users weekly on only drilling down on emails and web from trusted and expected content.
- The moment you suspect an infection, disconnect the network cable from the suspected device immediately. The sooner you disconnect access to the network, the better you can protect your entire network form being ransomed.
Please let us know if you want to discuss your situation more thoroughly as it relates to this topic, or anything else for that matter.
CDS Connect App
We have been working here at CDS to make it easier for our customers to interact with us when they have a support need. We have had for quite some time now various methods of streamlined communication as follows:
CDS Online support portal where customers can log in to monitor and submit new concerns.
CDS Desktop – provides same capabilities as CDS Online, but runs as an installed Windows application that conveniently runs in the system tray for quick, easy access.
- Email – customers may send an email (with or without attachments) to firstname.lastname@example.org. This shared mailbox guarantees that the concern is viewed by many, assigned accordingly, and the concern is not sitting in a single technician's inbox or voicemail.
Over the last few months, many of our customers have been using our newest method of connecting to us via iPhone or Android phone.
- CDS Connect allows iPhone and Android users to easily communicate with us from anywhere you happen to be. CDS Connect is available in each phones corresponding stores.
We developed CDS Connect with two things in mind. Primarily, as mentioned, we want to provide you streamlined access to our resources so we can better support you as a customer. With multiple options available, each customer can use the tool(s) he or she finds most convenient.Secondly, we want to showcase what can be developed for your customers or prospects. That is, put on your customer hat and think about what useful information and functionality you can deliver to your audience. Maybe it's simply delivering information to them, or perhaps you want a tool to better seek out prospects. Whatever the case, we at CDS can bring that custom solution to you – an app with your organization's name on it, built with the exact functionality you want. Think of the possibilities!
Did You Know?
Document Management continues to be on the shortlist of what companies need to manage. The old ways of "paper" and "file cabinets" no longer work in dynamic environments, as there is a true cost in time and money by not rethinking document management through properly.
Tim Belczak and Matt Vail from our staff have recently been certified by Microsoft as Microsoft Certified Professionals (MCP) for Installing and Configuring Windows Server 2012. Tim and Matt each have additional certifications, and the Windows Server 2012 is latest in the server arena.
Windows 9, the upgrade from Windows 8, is in the works and will likely be released in early 2015. Early reports are saying that Windows 9 will be a gentler upgrade for Windows 7 users, while still providing the functionality that Windows 8 brought to the table. We will have more information on this as this becomes more real.
Running an unsupported operating system like Windows XP is risky. Virus activity rises, putting the whole network environment in harm's way. Rethink any Windows XP installations that are still running today.
Consider using strong passwords in accessing all of your systems. Strong passwords include an uppercase, a lowercase, a number, and a special character. For example, the password of "barney" is very weak, but a password of "!B@rNey61" is much stronger, and can be just as easily recalled.