Windows 10 background

New Microsoft standards for highly secure Windows 10 device

Windows 10 background

Microsoft has released new guidelines for a highly secure Windows 10 device that are really quite pushing the standards and also your wallet. The setup supports the latest CPUs that are certified for Windows 10 such as 7th gen Intel Kaby Lake or AMD 7th gen processors. As you can imagine, most computers are running older generations and would be almost impossible for any company to fully comply. Interestingly enough, Microsoft’s own Surface Pro 4 comes only with 6th gen CPU. I guess you have to reach deeper and go for the latest and greatest Surface Pro.

Why such strict guidelines?

One of the reasons is memory protection and technology called IOMMU or Input Output Memory Management Unit. It sounds complicated but basically there is a memory management unit which helps with communication between devices and memory. This additional layer protects against malicious applications that attempts to access memory directly and gain unauthorised access. Direct memory access used previously could be exploited by just addressing parts of memory that normally store certain sensitive data, like credentials. With IOMMU, this is physically impossible.

Basically if you have the latest PC with enough grunt, Windows 10 Pro with enabled Bitlockler®, you should be fine.

Next one is TPM version 2.0 which has been finalised and published in September of 2016. The latest version brings security improvements, support for newer standards and UEFI only boot which rules out majority of Windows 7 systems. Interestingly, the recommendations also mention a minimum of 8GB of RAM which majority of recently purchased hardware will most likely have, mainly when even your smartphone has at least 3GB to work with.

To sum up:

  • Latest CPU
  • UEFI 2.4 and later (secure boot)
  • Enabled virtualisation (usually off by default)
  • TPM v2.0 or later
  • 8GB of RAM
  • All drivers must be HVCI compliant

Securing Windows 10 got less challenging with forced automatic updates and more options to play with as using modern technologies and solutions to protect against malicious attacks. It is still recommended to get a professional assistance to make sure the settings are not only implemented but correctly implemented.

How to sign a PDF file on your iPhone/iPad

Do you often need to sign or fill in details on PDF files? With iOS11 you can do it directly and without any additional app or subscription!

  1. Open the file
  2. Save it to Files
  3. Open the PDF file from Files
  4. Tap on the pen at the top right corner
  5. Sign and save
  6. Done!

5 easy things you can do to make your business IT more secure

More incidents than ever

There has been a spike recently in incidents, hacks or breaches of different severity focused on businesses or end users. There also have been discovered vulnerabilities that affect millions of users worldwide like KRACK which primarily affects individual users rather than access points.

All these events translated to more media coverage and exposure but many businesses still struggle with questions like ‘How can I protect my data’ or ‘Is my business sufficiently protected?’. As the answers to those depend on each individual business, based on Australian Signal Directorate, Microsoft’s best practices and over 16 years of experience, I can give you 5 things you can do to make your business IT more secure.

1. Enable automatic updates

As with anything, even security starts with the basics which in this case are automatic updates. We all know by now that no software is without issues and that all software needs to be patched for security updates at some point. Operating system is no different. Windows, Mac and Linux have all implemented some form of this process that keeps your security at its highest level without much intervention. For now, we focus on Windows as it is the most popular.

Windows 10 has automatic updates enabled and they cannot be disabled or postponed as easily as it was done with Windows 7. Microsoft realised that to keep any spread contain, it needs to force users to update automatically rather then rely on them to do it manually. A few years back Windowx XP had a flaw and no firewall(!) that would shutdown your PC almost instantly after you turn it on. As you can imagine, it was super annoying but it got fixed and Windows XP got a firewall out of the box in Service Pack 3.

Read more

Windows 10 background

File history in Windows 10 – should you use it?

If you have worked in a business with shared network drives, you have probably come across functionality where you can restore a file to previous version without your administrator’s intervention. Right click on a folder/file, choose properties and go to tab previous versions. Accidentally removed a file? Not a problem! Just hit restore! Try it on your shared drive, you most likely have it enabled!

005-shared drive previous versions

By default the snapshot or shadow copies as it is called in Windows server is taken twice a day, at 7am and then 12pm. It is safe, fast and does not take much space as it only saves the difference between the changes. How perfect, right?

So what does it have to do with Windows 10?

Starting with Windows 7, Microsoft introduced file history so you can do exactly the same on your home computer, perhaps even better as it does not save the differences in strictly given times, but by default every hour! The only requirement is that it has to be enabled on a separate drive, kind of like a backup (but not really). And to answer the question from the title – YES!

How do you set it up?

  1. Go to Windows settings (press Windows logo key + I)
  2. Type ‘history’ and choose Backup Settings
  3. Under Back up using File History, click Add a drive
  4. You can choose from your local or network drives or even USB drives or an SD card
  5. Done
  6. Optional: you can change the default settings by clicking More options

It takes a moment to transfer all your base files first but once done, you will be able to restore your files at any point in time, but locally and even without the internet. If you have a laptop, you can connect and disconnect the drive and Windows will resume File History once you plug it back in.

 

How to - SharePoint document library

How to create simple SharePoint company page to share documents

Have you thought about creating a SharePoint site but did not know how? Here are a quick steps you can follow to start your own SharePoint company page in less than 5 minutes.

Steps:

  1. Login to your Office 365 account https://login.microsoftonline.com
  2. Go to SharePoint
  3. Click ‘Create Site’
  4. Use Team Site
  5. Give it a name and description
  6. Add members or owners
  7. Edit your front page and remove the first block
  8. Add a document block via plus sign at the top
  9. Add a description above
  10. Go to Documents library and upload your first document

You can create multiple libraries for different purposes and teams rather than have just one. You can however keep them all in the same company team site.

Next time we will look how you can add a managed metadata for your documents to assist your search and document organisation.

How to quick parts in outlook feature

How to file and forward with quick steps in Outlook

Have you ever notice that little bar in the middle of your Outlook ribbon and wondered what heck is it good for? By default probably not that much for but little tweaking and you can use it for quite a few things! If you get lot of same emails that require constantly similar action, you can help yourself by creating actions that will do most of it for you. I do not aim for ‘zero email mailbox’ as I think it is a waste of time but I do like to file certain emails from clients, vendors and so on so they are all in one place. Learn how to make your life easier by creating quick part that will forward and file your email in one click!

Check the 20 seconds video tutorial below!

How to quick parts in outlook feature

Read more

How to deal with scammers?

No-one enjoys scammers. They waste your time and although you might have the street smarts not to get caught and pay for their phony fines, not everyone does and many people do end up paying thousands of dollars and in turn perpetuating this ‘business’.

After receiving a phony IRS call, this user called back as they asked him to, with a twist. He created a small script that opens up multiple lines at the time thus prevents them from scamming users.

Enjoy their frustration here

 

Why once a week backup is not enough

Backup is probably one of my favourite topics when it comes to data security. It’s relatively simple, it can save you from an unexpected disaster, it’s automated and in most cases, doesn’t require expensive or complicated setup.

Why backup?

If you own a car then you most likely have it insured because you never know what could happen due to your or someone else’s fault. You also probably have some form of health insurance in case you get sick or injured. Or not because you like living on the edge; I think you get the picture, insurance/backup is important and can save your butt without dipping into your hard-earned savings.

There are two kinds of people, “those who have had a storage failure and those who will have one in the future”.

3-2-1 strategy

What is 3-2-1 strategy you might ask? It means:

  • Having 3 copies of your data
  • On at least 2 different media
  • And 1 being offsite

This concept has been popularised thanks to Peter Krogh, a well-known photographer who wrote that there are two kinds of people, “those who have had a storage failure and those who will have one in the future”.

All-sercure-IT-Services-Data-in-cloud-joke

3 – Having three copies of your data

Many people underestimate this requirement because they think one is enough. True, one is better than none but what if it’s the one that’s connected to your PC/Server that got fried during last night’s storm and took the backup drive to the silicon heaven with it? Your data would be gone. There are dozens of other reasons why you want to have three copies, such as viruses, ransomware, malicious damage, corruption and theft among others. It’s understandable that this setup isn’t always possible but there are tools that can help you with your most important documents, such as BackBlaze, CrashPlan or Carbonite. I’ll talk about cloud backup storage in my next blog.

2 – Data saved on at least two different media

You could have your data saved one a computer and a different partition but they could be physically still stored on the same hard-drive which would exposed them to the same risk as the main drive. Good effort but not the smartest. You can pick up an external drive from Staples, Officeworks or online for less than a $100 that would cover all your data. For businesses, there are paid and far better and more efficient tools based on very precise matrix. I won’t cover them here as this is more about generic, sound backup principles.

1 – Keep one copy offsite

Off-site copy is important in case something happens at the primary site, whether it’s loss, theft, fire or aforementioned lightning that can fry your data. Literally. For home, you can use solutions like CrachPlan, BackBlaze or Carbonite that will keep your data safe and in the cloud.

One note: don’t confuse backup tools with synchronisation tools (Dropbox, Google drive, Sync and so on), they are not the same thing! If you delete file on your hard-drive, it gets removed in your cloud storage immediately. True, you can often recover it within certain period of time but what if you don’t notice or forget or accidentally remove something you might need in the future, beyond the recovery period? It certainly happened to me. Luckily, I had a backup and was able to recover however my heartrate went up when I discovered that one of my contractors removed files from our shared folder because he was running out of space.

TLDR;

By now you understand the importance of backups and why you should keep one off-site or in the cloud. In case you’re still wondering and thinking ‘nah, it won’t happen to me!’, here’s a story from a client that had recently realised the importance of backups.

One of the employees received a social engineered email and curiously clicked on the link that loaded ransomware on their computer and started encrypting files on the computer as well as remote server. Most of their files got encrypted before they realised what had happened. They disconnected it and luckily we were able to disconnect the computer, clean it from pesky ransomware and restore the data on the server without much downtime. Not having functional backups would cause them headaches beyond ‘pay or not to pay’. If they had backup done only once a week, they would have to spend working overtime to catch up with all their work they did since the last backup. That’s why once a week backup isn’t the best idea – time is valuable and storage is dirt cheap. Talk to us today about free audit of your backup solutions.

 

All Secure IT Services - Security Webinar

Webinar: Protect your Network, Data and Identity

We live in a data and technology dependent world in which protecting your business data is critical.

In the battle to defend your business data and technology, you need an edge. You need the ability to operate within your business environment and have the peace of mind knowing your data is protected in the event of user errors, security breaches, hardware failure and viruses.

What’s the risk of ignoring data security?

It’s not just malware, hacking, viruses, spam and online scams that may put your network and data at risk. A poorly secured mobile device or disgruntled employee could prove just as dangerous and allow criminals to steal private data. Furthermore, having a poorly designed and managed backup and disaster recovery plan places your entire business at risk.

Don’t wait for a Disaster!

Online security is vital to protect your businesses virtual assets (electronic data) and IT systems. Knowing about data protection and maintaining a secure online presence will result in building your customers’ trust and help you to meet legal obligations, including privacy laws.

Why watch the recording?

Prevention. The majority of security businesses operate at the point of patching rather than preventing breaches. All Secure IT Services designs and architects solutions with security in mind so as to prevent breaches, rather than simply patching them at the time of crisis.

In the current landscape, a security breach is almost certain. Engineering your IT systems to assume breach is essential to prevent disruption to business operations, minimise long-term loss of data and protect your business relationships.

This Webinar recording will provide you with the opportunity to hear first-hand from Juraj Benak, industry specialist and Founder of All Secure IT Services.

With over 20 years’ experience in the IT industry, Juraj has worked for a diverse range of industries including multinational IT companies, and financial and academic organisations. With extensive experience in the IT security landscape, Juraj is well-suited to and passionate about sharing his IT security knowledge.

Watch the Webinar recording below

 

Source: Dialog

How to secure your passwords

How to secure your passwords

Password leaks and hacks have become almost a commonplace. In 2016 alone we had breach of 117 million emails and passwords from LinkedIn, 43 million of Webly users, MySpace and of course Yahoo!. Twice. Oh and again in 2017.

Computer security is not easy and there are many challenges that providers need to face. Imagine you have a castle build on a mountain top that has millions of users running through their gates every day to do their work from within the city. There is only one legitimate entry to get to get in and you also need to know a secret phrase so the guards will let you in. But you also have guards that need to change 3 times a day and might take a nap at times. You have windows from sides that aren’t as secure as the main gate and I’m not even talking about the aerial approach. My point is that the companies need to think about security from almost every possible angle however the bad guys only need to find one tiny weakness that can expose the whole castle. That is hard.

My point is that the companies need to think about security from almost every possible angle however the bad guys only need to find one tiny weakness that can expose the whole castle. That is hard.

I am not trying to justify poor security at any of those companies and mainly not at Yahoo!, who didn’t even bother to invest in security, but I want you to understand what is going on here and that you need to play your part in order to stay secure.

Read more