Recent Blog posts

Secure Your Mobile Device With These Super Easy Tips

Oct 11, 2020

*This page is a checklist for you to use to secure your mobile device. Anything you check will be saved (for up to 1 year) the next time you visit this page on this same computer.

Here are some basic things in more detail that could be done to help secure your phone, but all can apply to nearly ALL your mobile devices as well:

  • Not all phones support this policy, particularly some Android phones- If your Android phone does, you'll likely find it in the Options labeled 'Security' or in 'Lock Screen', under the option 'Local Wipe'. Otherwise you may need to find an app that enables this feature.
  • Apple iOS devices can

secure your mobile device
Make your phone a fortress.

Here are some additional optional things you can do to further secure your mobile device(s):

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only. Read More...

Your Vulnerable Data During Emergencies

Sep 28, 2020

When a workplace or home evacuation happens, do you have a minimal plan for safekeeping your data? The emergencies that can cause an evacuation can be, but are not limited to:

  • Fire
  • Bomb threat
  • Weather disaster
  • Earthquakes
  • Law enforcement called
  • Broken water pipes

Sometimes an evacuation can be used to easily infiltrate a workplace because people panic and leave everything as is on the way out, leaving nearly all devices open to being stolen, bugged, or used in a malicious way.

Would the pull of a fire alarm give someone with (very) malicious intent access to precious business assets for just a few moments? For most, it probably wont ever happen and is a low risk, except when it does happen.

During an evacuation, your data may be vulnerable to being lost in an accident, disaster, or even someone unauthorized walking in and stealing what they want. Here are some things to keep in mind in your emergency evacuation plans:

During an evacuation, you or your employees could:

  • Eject and pull out data stored on USB drives or removable hard drives and bring them with you.
  • Of course, lock your machines prior to leaving your office, any time you leave your office.
  • If there are laptops everyone is working on, have everyone take them, and recollect them after you gather them back up outside of the business area.
  • Have fire&water proof safe(s) open and available to store data-holding devices or laptops in case of an evacuation. If you have the keys available on them, close and lock them immediately after placing your data in them. The theory behind fire+water proof safes is that the safe will last about 30 minutes or so in fire and the water proof-ness is for when the firemen arrive within that 30 minutes to douse your place with jets of water.
  • Have encrypted cloud backups of your data, or at least your vital data, done regularly (we have details on setting this up in a another assessment)
  • If an emergency evacuation situation prevents a chance to save your data (like a fire near your safe or you get very limited time to exit a building collapsing), then don’t save your data! Save you and your employee’s lives and evacuate.

Basically, make sure that there is no easy way for any thief to access or take your stuff while you’re away, especially if you have to leave in a hurry. These guidelines can be part of your policies you write to follow during emergencies.

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only. Read More...

How to Stop Cyber Attacks – A Simple Business Habit to Prevent Attacks.

Sep 19, 2020

Updating is of vital importance in figuring out how to stop cyber attacks!

It’s important to update all your software on your computer aside from your Operating System software. Over the years, there definitely has been software vulnerabilities that hackers have taken advantage of from some of the most used software, including web browsers, web browser extensions, office productivity software, and more.

The cost of not updating the software that you use all the time could be an entry point for a malicious hacker or malware into your business and it’s accounts.

If updating sounds like an obvious thing to do, you’re right, but many do not do this. Some of the greatest malicious hacks are because of outdated software. Think Equifax… even though this large company has the resources and money to pay people to make sure that updates are done to their technical systems, a missed update caused the most massive and damaging security breach ever, affecting hundreds of millions, maybe even you.

Another one that may be more relate-able to small businesses was the incredible macOS root vulnerability that allowed almost anyone with physical access to a low-privileged Mac to freely create a super user to do anything they want, or more dangerously, possibly anyone to gain access to the Mac remotely (through the internet) and create that super user with no obvious indication to the owner of anything happening. Then there’s Krack and Blueborn. All these immensely serious vulnerabilities discovered can allow cyber criminals to gain access to your computers or networks remotely and can generally be stopped by simply updating your devices and software. And vulnerabilities are discovered everyday!

how to stop cyber attacks
Updating software, while it can be tedious and stop you from doing work, is one of the most effective ways to prevent a cyber attack from being successful.

Make a list of all your most used programs that you use (like Office software, Accounting software, web browsers, etc.). And every week, make an effort to update these pieces of software, often done through the program’s “about” screen or a separate updater program that it comes with. Many times, these pieces of software might have automatic updating features- in this case, we recommend you to set them to automatically update when there is a new update available if not done already.

Automated updating:

We recommend that you automate the checking (and installing) of updates for all your software, to include your computer’s operating system too for some of the updaters. If you don’t automate, you may not be able to keep up with updating all the different pieces of software on your systems. Some pieces of software update all your software on the computer it’s run on, while others are more enterprise, automatically updating all other computers connected on a network all together.

  • We like to use Updapy, a simple and free notification tool that is completely online with no software to download. You pick the software you have from a comprehensive list and it notifies and gives you a link to download the newest version of that software. No automated software updates however.

Automated updates- This is really how you stop cyber attacks! If you want to have this process automated for most, if not all, of the software you have on your computers, check out these vital tools:

  • Ninite is a popular updater and can even push updates to all your other computers.
  • Sumo is another popular updater with many awards
  • Patch my PC
  • For Mac OS X, consider Mac Update

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only. Read More...

Least Privilege Principle Tip That Can Help Curb Cyber Attacks

Sep 12, 2020

The least privilege principle can certainly help in preventing a full blown cyber attack. Even just a minimal control like this can prevent the absolute worst from happening.

Your log-in to your computer allows you certain privileges on your computer. Your log-in credentials regulate what files you can open and what programs you can install or run. By default, a new computer usually has your first log-in as an administrator and unless you change it, it stays that way.

If a hacker has access or breaks into to your computer with administrator access, they can do anything to your computer systems, even your computer network. If they or their software breaks into your account in use and it’s not an administrator account (for example, you’re using a ‘standard’ user’s account), then they generally can’t do as much damage, if not very little to no damage.

Really, the only time you would want to log-in as an administrator would be to install new applications, programs, or even some new pieces of non-storage hardware.

Secure your Work & Home Computers Risk Assessment

Do not use a full fledged administrator account if you’re using your computer systems! Non-administrator accounts such as “standard user’s” won’t have full access to a system that an administrator account has, and thus some attacks may not work. An attacker or attackers method may run into software roadblocks that may not let them take full control of a machine.

least privilege principle
Lower your “attack surface” for cyber attackers by using the least privilege necessary for work on the account you use.

Keep in mind however, this is not a silver-bullet substitute for other security controls that prevent cyber attacks! In fact, just using this alone as a single security prevention method is not good. Use the principle of “Defense in Depth” and have this security control along with many other free security controls that you can find on our website.

Are you using the least privilege principle?

Here’s how to find and change any accounts that are administrator accounts to something that has less privileges, like a ‘Standard User’:

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only. Read More...

How to Find Malicious Files With This Simple Trick

Sep 5, 2020

Do you know how to find malicious files once they are on your computer?There is a simple “trick” you can do to find such files.

One way that malware proliferates on PC’s is by hiding file extensions. Most computer operating systems (Window’s and Macintosh) hide this by default. A file extension is usually a 3 or 4 character extension to a file-name that helps designate what program can open the file. For example, a file named “mydocument.docx” has the docx file extension. And Microsoft Office (Word) opens this type of file.

Not showing this extension while you’re browsing through your files can surely be an issue. What hackers do is try to get you to run a malicious program on your computer system. They do this by disguising the malicious program as another type of a file, such as an image or document file, by simply changing that file extension and the icon of the file. And if the file extension is hidden by default, then that is big trouble.

For example, if a malicious hacker somehow (through email, usb drive, other OS vulnerability, etc.) were to get you to download and open “dog.jpg”, you might never have known that it was actually called “dog.jpg.exe” because the real extension is hidden by default. And an “exe” file is actually a program, not just any file, that can damage your computer or take it over if it’s malware!

This applies to Window’s or Mac OS’s.

Secure Your Work & Home Computers Risk Assessment

We won’t spend too much time getting you instructions to setup this “trick”. Some file extensions that cyber attackers would be delighted if you ran on your computer are:

how to find malicious files
Files are the convention we use to organize data on computers. They contain human readable text, computer data, or computer executable code (programs). These programs, if malicious, can be devastate a computer system or put it under the control of a bad guy.
  • .exe
  • .bat
  • .docm
  • .xlsm
  • .com
  • .ps1
  • .app

By no means is the list above comprehensive. They are just some common file extensions that run Windows or MacOS.

How do you find malicious files on your computer in the first place?

  • Downloaded files through email
  • Downloaded files through the internet, saved from your web browser
  • Someone else using your computer(s) doing the above.

If you would like to show your file extensions, instead of us reinventing the wheel, check out these following guides:

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only. Read More...