Monthly Archives: June 2014

Jumping Into Windows 8 – The Pros and Cons

Windows_8_StartWindows 8 is the grand creation of Microsoft. It’s the attempt to take Windows into the modern era. It’s the upgrade everybody has been waiting for. The problem is not everyone is enthused about the next generation of Windows. Many people have said they aren’t interested in upgrading.

Let’s take a look at some of the main pros and cons of Windows 8 to understand why not everyone wants to use this newest version of Windows.

Pro: Working Together

The primary benefit of Windows 8 is its ability to join tablets, laptops, and PCs together. It can turn your computer into a touchscreen. This means you get all the benefits of using a tablet, and retain the benefits of using a computer. For a lot of companies, especially in design, this feature is essential.

Con: Pulling the Menu Bar

Rolling out Windows 8 in a corporate environment is even more difficult due to the removal of the key interface. The ‘Start’ button is gone and much of the old interface has been eliminated. This means companies also have to take the training costs of implementation into account. It can be prohibitively expensive to upgrade.

Pro: Windows on the Go

You can run the Windows 8 interface from anywhere with a USB stick and it can overwrite older versions of Windows on any computer. An employee using an Internet café on the way to a conference could use their USB stick to work off of a familiar Windows 8 interface, even if the computer in question normally uses Windows 7 or XP.

Con: Security Concerns

There are security concerns. The main security concern is potential malware attacks are displayed full-screen, rather than with the familiarity of a browser. In other words, hackers can convince people they’re downloading a software update, so less savvy employees might inadvertently install malware.

Despite this, Windows 8 only has a 0.08% infection rate, according to The Telegraph.

Pro: More Productivity

Windows 8 is faster than any other operating software on the market. The average boot time is eight seconds. This applies to turning it on and turning it off. Forget waiting around for everything to load up. Get going right away.

Con: Hardware Upgrade

To use the touch interface, you need additional hardware. This drives up the costs for businesses, and in many cases it isn’t worth it. Businesses will have to give serious consideration as to whether they want to spend money on new hardware for their employees.

Many businesses have already chosen not to upgrade for this reason.

The Heartbleed Bug… Are You Vulnerable?

heartbleed logoThe Heartbleed Bug made international headlines when it was discovered that this security flaw could be exploited by hackers all over the world. Even though this OpenSSL vulnerability has a solution, there are still about 318,000 servers with Heartbleed in place.

The problem is that most people and businesses don’t know if they’re still vulnerable. If you’re unsure, check to see if you are vulnerable. It’s better to be safe than sorry, especially if you’re running a business with highly sensitive information on your systems.

Here’s how to tell if you’re exposed and what you can do about it.

What is the Heartbleed Bug?

OpenSSL is the primary encryption method used by websites on the Internet. The majority of websites have this form of security in place. The bug allows hackers to exploit Secure Sockets Layer (SSL). A hacker could read the system memory and uncover passwords and communications. In other words, they could bypass the main form of security used by the majority of the Internet’s users.

In a worst case scenario a company could have its customer’s information compromised; this could include personal details and financial data. For companies under the jurisdiction of a regulatory body, they could be found to have been negligent in their security arrangements. Such a ruling could lead to massive fines. In terms of the hassle, it isn’t worth it.

Act now to make sure you don’t fall victim to Heartbleed.

Are You Exposed?

Larger websites that have been exposed may already have their name on sites like Mashable and LastPass who took the liberty of listing the most prominent websites afflicted by the bug.

Kaspersky, a security firm, recommends using their free Heartbleed test.  People are also advised to visit www.heartbleed.com. This is a free information website filled with advanced data about the bug and its current status. It’s the best place to get the latest information on what’s going on.

What Should You Do?

Since it’s the OpenSSL that’s affected it doesn’t mean you have to spend long hours on maintenance. First of all, make sure your antivirus systems are completely updated. You don’t want to allow any further security leaks.

You should aim to change every password you have. The likes of Google have claimed they have already patched their services to make them safe, but there are no guarantees and Google won’t accept any liability either way.

Change your passwords to something more secure and this should be enough to protect you from any Heartbleed flaws. If you’re using any websites marked as vulnerable, take your data away from the site. This is especially true if you’re using an online cloud portal. An unpatched Heartbleed bug will make your data potentially visible to a third-party.

Email Archiving (2 Part Series) – The Risk of Having Email Archived on a Local Workstation

email iconEmail archiving is an extremely efficient solution for dealing with large volumes of email. Even the smallest business can have thousands of emails every year they have to sift through. Think about what would happen if you had a multinational corporation.

Archiving emails is required by companies for both legal and regulatory reasons. Some information has to be stored for a certain period of time; usually about three years.

Local workstations are often used to store emails. This is a major security flaw. You’re risking everything by leaving a security loophole like this in place. To make matters even worse, only 32% of organizations have a data loss solution, according to SilverSky.

Here’s why you need to be careful about where your archive your emails.

Your Responsibility

A local workstation is vulnerable. Unless you’ve employed a team of security consultants to take care of your security, you’re vulnerable. Many corporations aren’t willing to do this, and so they hand the responsibility to a third-party specialist who can offer them a centralized location for archiving.

Taking responsibility for an archive like this reduces efficiency and increases how much you pay. And there’s still no guarantee of a hacker or other malicious virus not slipping through your nets.

Employee Security Failure

To make it even worse, a localized workstation exposes your emails to the greatest threat of all – the people already in your company. Take a look at some more startling statistics from SilverSky:

1. 78% of employees have accessed their emails from personal devices. There’s nothing stopping them from doing this because emails have been archived on localized workstations. They haven’t been hosted or stored on a large central computer.

2. 61% of employees have taken data away from their companies through emails in order to provide leverage for them to find another job. They have a real incentive to exploit security loopholes like this one, especially if you’re dealing with a disgruntled employee.

What’s the Solution?

Take email archives away from localized workstations. The fact is too many companies aren’t taking email security seriously. They automatically assume it’s a secure part of their network. Whilst they worry about antivirus systems, malicious attacks are being made through their emails.

Another factor you have to take into account is the sheer scale of email archives. Try to find a solution for reviewing the archives regularly. Instead of storing everything, store only what you’re bound to keep by law. Delete whatever you have no use for, but do it in a manner that’s secure.

In conclusion, email archiving is a great solution, but it’s also allowed for new methods of attack. Take your security seriously and ensure nobody manages to take advantage of this so often exploited security flaw.