Tech Tips& Trends

Whether you’re still trying to learn how to use your desktop computer more safely and efficiently, or you’re planning future technology advances for your organization, here are a few things the Balsam Technologies team has found helpful lately!


Archive

December 2018

QuickTime for Window’s End-of-Life

US-CERT Article concerning QuickTime for Window’s End-of-Life:
QuickTime is now a security risk!

Alternately use Windows Media Player –
Windows Media Player (Version 12) – plays .mov files
The answer to your media problems is already installed on your Windows computer!

Watch out for these holiday shopping scams

Unfortunately the holidays presents prime opportunities for scammers to take advantage of online shoppers looking for a “good deal”.   Consumers can be especially vulnerable when conducting their online shopping from smartphone devices.  Read on in the following article link to learn how you can avoid these malicious cyber criminals and have a fun, safe holiday season….

Watch out for these holiday shopping scams

 

Halloween Tips and Tricks for Safer Trick-Or-Treating

Over 41 million kids in the US will take to the streets on Halloween night for some fun and treats.  Help keep your kids safe by training them how to handle unexpected interactions with strangers.  Think about using a tracker app to keep tabs on where your kids are.  Communication, common sense, and a little bit of technology can help make sure your little ones have a fun and safe evening.  Read on in the following article link to learn more…

Halloween Tips and Tricks for Safer Trick-Or-Treating

 

Preventing and Responding to Identity Theft

Identity theft isn’t just a problem for people who submit information online over the internet.  Thieves can steal your personal information over the phone, by stealing your wallet or purse, picking up receipts at a restaurant with your account number on it, or even by rummaging through your trash for personal information and account statements.  Read on in the below article and learn how you can help avoid becoming a victim, and what to do if you do become a victim…

Preventing and Responding to Identity Theft

 

Lesson of BLU: Make the right privacy, security calls when working with service providers.

It is important to keep a watchful eye on your service providers. Your service providers often have access to personal information needed to perform their service functions.  However, they should not be sharing this information with other third parties and there are strict guidelines for how your personal information should be managed and safeguarded while in their possession.  Read on in the below article to learn more…

Make the right privacy, security calls when working with service providers.

 

Identifying Hoaxes and Urban Legends

Chain Letters are Often A Problem…not only can they be used to house and distribute viruses, but they also can consume bandwidth and can be a big time waster and drain on productivity.  There are certain things you can watch for to determine if a chain letter is a hoax or urban legend.   Below is a useful article to help explain and keep you safe on the internet…

Identifying Hoaxes and Urban Legends

Staying Secure in Tricky Times

In today’s cyber security landscape, email-born phishing, malware, and viruses are among the greatest threats to organization. Ransomware and data encryption viruses run rampant in even the most secure government environments, and identity theft and personal information security breaches are also at an all-time high.

“Spear phishing” is a term used to describe targeted, malicious email attacks; messages are addressed to a specific individual, appearing to come from a trusted source — even from someone with authority in your own company — and can expose the receiver to spyware, viruses, or other malware. A proactive approach to network security can effectively prevent your organization and your data from being a target for cybercriminals.

In response to the heightened need for security, Balsam continues to offer current, preemptive security services for avoiding security breaches.  Feel free to call us at any time to discuss the security of your organization. There is no single fool-proof way to avoid phishing attacks, but there are practices that will educate your staff and protect your assets from attack.

Also see this related article:  “What is SpearPhishing?

Technology, Compliance, and the Law

Are your technology needs growing, shrinking, or just changing?

Many organizations don’t fully realize the types of data they are storing and, as such, what precautions are necessary to ensure compliance with local, state and/or federal guidelines.

Below are three questions to consider when examining data, security and disaster recovery planning:

1:  Does your organization have accurate written policies in place to ensure you are in compliance with applicable data security laws and regulations?
2:  Has your organization ever experienced a data security breach in which critical data was accessed or stolen by an unauthorized intruder, or personnel?
3:  Which local, state, or federal mandates, laws, and/or compliance regulations are of concern to you?

If you are unsure how to answer these questions, please feel free to contact us here at Balsam, and one of our representatives can demystify these laws and mandates. We can help you make the necessary changes to achieve and maintain compliance.

Common Compliance Requirements:

i. HIPAA – Health Insurance Portability and Accountability Act
Defines policies, procedures and guidelines for maintaining the privacy and security of individually identifiable health information as well as outlining numerous offenses relating to health care and sets civil and criminal penalties for violations. HIPAA also regulates the availability and breadth of group health plans and certain individual health insurance policies.

ii. MA Data Security Laws: 201 CMR 17:00
Defines standards for the protection of personal information for the residents of MA. This regulation establishes minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records.

iii. PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. The PCI DSS applies to ANY organization, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data.
Additional References

iv. SEC Compliance – Securities and Exchange Commission
Defines requirements set forth by the Securities and Exchange Commission for financial investment companies and investment advisers registered with the Commission to adopt and implement written policies and procedures reasonably designed to prevent violation of the federal securities laws.

v. SOX (also known as Sarbox) – Sarbanes-Oxley Act
Defines responsibilities of a public corporation’s board of directors, adds criminal penalties for certain misconduct, and required the Securities and Exchange Commission to create regulations to define how public corporations are to comply with the law.

Tech Tip Of The Month

Shopping Safely & Securely

Do you see a little green lock in your browser’s address bar?

The symbol – as well as the “s” (for Secure) in “https” is a recognized sign that you are using a secure encrypted connection. And you’ll want to see that if you are planning to provide credit card or other personal information over the web. While no prevention is ever 100% foolproof, training yourself to look before you buy is a good start!

And remember: you should never use a debit card to shop online!

Technology & You

Don't Be Scammed

Don’t forget smart email skills in the rush for convenience or sales – email scammers will be doubling their efforts around the holidays hoping you’ll be too distracted to be wise!

Don’t be a victim of that fake shipping notice or reference to an order you didn’t place. Cross check and verify the sending email.
Be wary of e-greeting cards and emails from unknown addresses.
If a deal – especially one with a link you should follow – seems too good to be true, it probably is!

Read more to learn more.

Productivity

Honor your Employer on Cyber Monday!

Honor your Employer on Cyber Monday!
Did you know that US employers, on the whole, lose approximately $449.8 million for every 15 minutes of work time spent online shopping?

Here’s hoping you have a productive AND thrifty Cyber Monday!

More Tips for Safe Shopping (on your lunch break!)

Security

Public WiFi - Resist the Convenience

Public WiFi – Resist the Convenience
Have you ever been sitting in your favorite coffee shop and taken advantage of the few minutes of quiet – and the free public WiFi – in order to send a few important emails?

Consider the cost of convenience:
Open WiFi networks are often unencrypted – so anyone who may be snooping can see the unencrypted web pages you may visit.
Fake public WiFi networks often look very similar to legitimate networks. They are designed to trick you into using a monitored network where login information and passwords are at risk.
Malware can be distributed through unsecure WiFi.

You could be offering up the websites you visit, personal communication, your location, files you send – including photos, passwords, and login credentials.

Bottom line? Don’t use public WiFi to shop online, log into your financial institution, or access other sensitive sites – ever.

Why You Really Need to Stop Using Public WiFi

How to Avoid Public WiFi Security Risks

Traveling over the holidays? Read this first.

Tech Tip Of The Month

Consider Encrypting Your "Thumb" Drive

Flash drives can contain valuable sensitive information and should not be handled carelessly.

The MA Data Security Laws and sound cybersecurity policies require the encryption of all personal or sensitive data. Although there are several third-party apps available to encrypt USB flash drives connected to your PC, we recommend using Bitlocker, the built-in Windows tool.

If you’re looking for a 3rd party option that can also work with your Apple computer, PC World has some additional recommendations.

Security

Office Horror Stories

Many organizations pour hours of time into the thorough formulation of a reliable data backup and business disaster recovery plan, only to live through the horror of watching strategies fail – thanks to a lack of reliable automated technology and accurate monitoring and alerting when systems are needed most. Would your business survive a major data loss?

Here are a few things to consider as you formulate your backup and disaster recovery strategies:

Back Up vs. Disaster Recovery

Virtualization and Data Back Up

Productivity

Don't be afraid of your Inbox

Does the size of your mailbox give you the shakes?

Is the fear of losing an email giving you nightmares?

Don’t drown in your inbox. Breathe deeply; face your fears.

Innovations

Lost and Found

Have there ever been times where you lost a device and wish you had some type of GPS tracking? Or wondering if your children are safe on Halloween night and wanting to track them via GPS?

Consider these new technology solutions:

Security

The Equifax Security Breach Affects 143 Million US Consumers

We want to make you aware of a recent IT security breach at Equifax since it may affect you and your employees:

“September 7, 2017 — Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers…The information accessed primarily includes names, social security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.” – https://www.equifaxsecurity2017.com

You can visit the following Equifax website to see if your personal information has potentially been compromised. Equifax is also offering identity theft protection services for those individuals whose personal information may have been compromised. The Federal Trade Commission’s website offers additional information about how to protect yourself against fraud after a breach.

Consumers with additional questions are urged to visit Equifax’s website or contact its dedicated call center at 866-447-7559. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern Time.

Please feel free to forward this to other people who may need to be informed about this potential security risk.

Concerned about IT security for your business? Call Balsam Technologies today at 978-281-3339 or email at info@balsamtech.com.

Tech Tip Of The Month

Dollars and Sense

Not sure why your computer is soooooooooo slooooooow………?

Is it old and ready for replacement?
Maybe it just needs a little tune-up and TLC?

Here are some how-to’s for steps you can take to try and squeeze some more life out of your computer before you run to the store for a new machine:

FOR MICROSOFT WINDOWS COMPUTERS:
1. Change your power settings
2. Disable programs that run on startup
3. Disable shadows, animations, and visual effects
4. Launch the Windows troubleshooter
5. Get help from the Performance Monitor (Windows 10)
6. Kill bloatware and adware

FOR APPLE COMPUTERS:
A few more steps could be involved – some ideas appear in these articles:
https://discussions.apple.com/docs/DOC-5291
https://discussions.apple.com/thread/7198733?start=0&tstart=0

Security

Parents: Be Wise!

Concerned about protecting your children’s/student’s identities and personal information? Here are some helpful tips and guides…

Tips for Protecting Your Student’s Computer

Protecting your Personal Information

Protecting Your Child’s Privacy Online

Technology & You

Class is (soon) in Session

Thinking about what technology to buy – or avoid – for your student as you look toward the new school year? Here are some tips for navigating the labyrinth of “back-to-school” advertisements:

The Back-to-School Tech You Need (and Don’t Need)

Tech Tip Of The Month

Gone Phishing

Did you know that 91% of cyberattacks begin with a user clicking on a phishing email?
Scammers try to copy email and text messages from legitimate companies to trick you into entering personal information and passwords. Never follow links or open attachments in suspicious or unsolicited messages. If you need to change or update personal information, contact the company directly. Be suspicious if you receive the following:

The sender’s email address or phone number doesn’t match the name of the company that it claims to be from. EXAMPLE: From: FedEx [mailto:tracking@afedex.com]
The message starts with a generic greeting, like “Dear customer.” Most legitimate companies will include your specific name.
A link appears to be legitimate, but when you hover over it with your mouse, you can see it point to a URL that match the address of the company’s website. EXAMPLE: Link says, “FedEx invoice for tracking” but the link directs to http://auburnmachine.com/file.php?
The message looks significantly different from other messages that you’ve received from the company.
The message requests personal information, like a credit card number or account password.
The message is unsolicited and contains an attachment.

Still unsure? If the email came from someone in your address book, send them a new email asking if they sent the “phishy” one. Better safe than sorry!

Finally, be a smarter clicker with these helpful tips.

Security

Password PROTECTED? Choose Wisely!

What do these passwords have in common?

  • 123456
  • qwerty
  • password1
  • admin
  • football
  • 121212

Answer: They are among the worst passwords used in 2016..
Get smart with these helpful password protection strategies from one of our valued partners!

Looking for even greater protection? Consider two-factor authentication for logging into your company’s most sensitive systems.

Innovations

What is the IoT—Internet of Things?

Think your refrigerator can’t talk to your phone? What about your toothbrush? Think again.

Here’s the buzz about the “Internet of Things” and how it relates to the Cloud.

Tech Tip Of The Month

Scam Alert

Have you ever seen a pop-up message instructing you to click a link or call a number because of a virus? If this happens, stop what you are doing. Do not click a link. Do not call a number. Never grant an unknown party access to your computer.

#1 Disconnect your infected computer from the internet or turn it off.

#2 Check to see if you have a good backup of your data

#3 Notify your manager or supervisor.

What is WannaCry?

What to do if your computer is taken over by ransomware

Business Security: Best Practices

A vigilant cybersecurity-aware business culture should be continually evolving, adopting new standards and best practices for keeping computers and data safe and secure.

Layered security protection can include an up-to-date Written Information Security Policy (WISP) in compliance with industry requirements and state data security laws, as well as regularly scheduled Security Audit Scans which help to:

  • Identify “inactive” user accounts that could be exploited
  • Call out weak user passwords that could be invitations to hackers
  • Uncover unauthorized rogue devices that may have been added to your network
  • Find other threats that may be diminishing your overall network health and security
Welcome Summer!

Traveling over the summer months? Let your business associates know when to expect to hear from you by setting up an out of office auto-reply.

Not sure? Here’s how!

IT Challenge: Bored & Brilliant

A challenge to disconnect from your phone