Phishing is the most effective way hackers have nowadays to seed viruses and malware to corporate networks for the following reasons:
Can we avoid phishing emails?
In theory yes; spam filters are constantly looking for signs of phishing at the binary and heuristic level, however a good percentage of messages can still go through.
Another risk is the ability for users to review their spam folder; then phishing messages that may look "legit" can lead us to think it was sent to spam by mistake.
So here are our quick 4 things you and your employees should be trained to watch on every single email that comes across:
1. ALWAYS check full details of the sender:
The example above shows "Paypal" on the list of senders; just click on the details of the sender to reveal the real email address. In the example you can see it's not coming from Paypal at all.
2. DONT CLICK ON LINKS before you verify them:
If you are prompted to click on a link to "Verify" or "login" STOP and check that link. Simply hover the mouse on the text or button to reveal where they are trying to take you. In the example above notice how the link would take you to "service-infos.com" which is completely unrelated to Paypal.
3. DO SOME READING
Spammers take advantage of our global inability to pay attention to detail; we unconsciously validate information when we look familiar logos.
Honor your junior high grammar teacher's dream and notice language that you wouldn't expect from a professional. See the example above and watch for simple mistakes that simple don't look good with the context.
4. MIND ATTACHMENTS, scan them first
We receive attachments every day and technology give us the comfort to open them right from our email client or webmail page. Before opening the attachment ask yourself:
The most common attachment extensions are
The most common file extensions used for malicious software sent by email are:
Whether is a common file and coming from a trusted sender, always download the file, rather than opening them; then right click on it and select the option to scan with your default antivirus.
Again, any company should have a solution in place for Spam filtering and threat detection. If you don't it is time to get one. Call us to find out how easy is to implement and the many benefits your company will gain.
Thanks for staying with us so far, we hope this information is valuable. If you'd like to learn more about security for your business computers, managed antivirus and other ways we can help to prevent threats on your network, please contact us and we'll be ready to assist and provide guidance.
If you run a business with 25+ employees and your computers are over 4 years old, you are loosing productivity! and you know it when you hear things like this every day:
I had to reboot my system again
Your first thoughts circle around laziness, but deeply inside you know you are the one at fault; you need good computers for your employees and a 5+ year old pc is just not going to work; so, what can you do to improve your employees work environment without braking the bank?
As you know, replacing the entire computer fleet appears to be the only choice, specially when the market now offers high quality business workstations from the low $400's (like ieple's business computers) but if this option is still over budget, that question asked by your employee "Can I bring my own computer" may not be a bad idea at all.
Introducing iEple's BYOD equipment:
BYOD, according to Wikipedia, refers to the policy of permitting employees to bring personally owned mobile devices (laptops, tablets, and smart phones) to their workplace, and to use those devices to access privileged company information and applications.
But what about security of my data? you may ask.
Part of the success of this program, besides the immediate relief of minimizing costs, is the implementation of security; creating isolated, yet accessible virtual work spaces for employees to access their work tools and files through any device but keeping them from being able to copy company data back and forward to their own gadgets. Just like the image below but way less uncomfortable!
How do I get Started?
BYOD will work for any company that has or is willing to implement:
Hardware/Software alternatives and average costs:
In simple terms, A central computer will have a fully functional operating system that more than one user can access concurrently; all the processing power is provided by the central server so the employee devices become just an instrument to get into the system.
Once inside the system, all work is done within, No data leaks, no data exchange between the device and the office system. Even if the employee computer was infected, the enclosed work environment cannot suffer the effects of the threats.
What to do with the old computers?
You can order a recycling services provider to pick them up or they can be converted into thin-stations, a small safe piece of software gets installed on them so they can be used to access the powerful remote desktop server.
Which things won't work on BYOD
As you can see, BYOD is a great solution for your small and medium business; iEple can assist with your successful implementation, not only providing savings but actually increasing your profitability by regaining productivity and keeping your employees happier.
Visit our Store for pre-configured BYOD Servers at http://ieple.com/store
After turning on your USG Pro 4 for the first time, you navigate into it's default LAN ip address https://192.168.1.1, and under "Setup my Unifi Gateway" you clicked on "set inform URL" then added the address http://[your server]:8080/inform and then clicked OK.
You looked into your controller server and your new USG Pro 4 is not showing up on your devices to be adpoted so you go back and refresh your USG Pro configuration site https://192.168.1.1 to realize your settings didn't take.
This is a bug that as of today, even the most updated version 18.104.22.16843895 of USG Pro has not fixed yet.
Solution is quite simple, DO NOT waste your time trying to upgrade/downgrade java or your controller. You will find plenty of forums advising that. Here is the real solution:
1. Install Putty (get it quickly from https://ninite.com/putty
2. Open Putty and establish an SSH connection to your USG at https://192.168.1.1 (default user/password is ubnt/ubnt)
3. At the command line, type: set-inform http://[your server]:8080/inform and then hit enter
4. Go to your Controller and Adopt the device, then wait until the adoption process is finished. You will see the device does not come back online after adoption because the bug makes it loose the inform url again even after the adoption process, therefore, continue the guide as follows:
5. Verify the device is back up by navigating to https://192.168.1.1
6. Go back to your Putty Session and run the same command again: set-inform http://[your server]:8080/inform
7. Check on your controller to see if the device comes back online.
We hope this bug gets fixed in future firmware releases, but in the meantime, keep this guide saved to your bookmarks, you will need it each time your power-cycle your USG.
Please leave your comments, let us know how this guide is working for you but most importantly call us if you need assistance or support with other networking needs.
If you run your own Medical Practice, chances are, you spend quite some time figuring out which EHR and EMR was convenient for you, and among the options for Cloud (hosted somewhere else) or your own server; you had decided to host it in your own server for different reasons:
But how about Security?... yes, at this point you are hating this post as HIPAA, Meaningful use and all compliance nightmares may wake u up again; but let's embrace it, You need to know about this things and review it once in a while. Think of all your patients you wish they have taken the initiative to get a routine check instead of coming to your practice half dead and expecting you to bring them to their early twenties.
As I.T. Professionals with years of experience helping Medical Practices and I.T. Security, have come across several EMR and EHR plataforms hosted on premises at Medical Practices and we are sad to tell you, they are not safe out of the box; there are many loose ends that need to be covered in your network to try to stay away from data breaches that EMR and EHR developers not even consider because is not their responsibility.
We don't intend to say you will be fully protected and not liable by following this guide, but at least we try to cover the most typical areas where most common attacks are targeted.
Call us at 1-866-781-4009 for a free consultation and free no obligation on-site inspection.
Deploy dozens of computers in minutes with iEple's BioGreenPC
Enterprise I.T. Support for ALL