Computer "Tip of the Day 09-30-09"

- IMPORTANT - IMPORTANT - IMPORTANT - IMPORTANT - IMPORTANT -

--US-CERT Warns of Spam Pretending to be From IRS (September 25 & 28, 2009) The US Computer Emergency Readiness team (US-CERT) has issued an alert warning of a spam attack in which the messages are spoofed to appear to come from the US Internal Revenue Service (IRS) regarding underreported income. The messages encourage the recipients to open an attachment or click on a link to view their tax statement, but the attachment contains malware and the link leads to a malicious website. The IRS warns people not to open attachments in emails claiming to be from the agency. The malware used in this attack is the Zeus Trojan horse program, which is difficult to detect. Zeus is used to help cyber criminals steal money from bank accounts.
http://www.computerworld.com/s/article/9138527/IRS_scam_now_world_s_biggest_e_mail_virus_problem?source=CTWNLE_nlt_dailyam_2009-09-28
http://voices.washingtonpost.com/securityfix/2009/09/irs_scam_e-mail_could_be_costl.html
http://www.us-cert.gov/current/#malicious_code_spreading_via_irs

Computer "Tip of the Day 09-29-09"

IMPORTANT - IMPORTANT - IMPORTANT - IMPORTANT

Security concerns about popup windows and other hacker tricks.

When connected to and using the Internet, do not respond to popup windows requesting that you to click "ok" for anything.

If a window pops up on your screen informing you that you have a virus or spyware and suggesting that you download an antivirus or antispyware program to take care of it, close the popup window by selecting the X in the upper right corner of the popup window. Do not respond to popup windows informing you that you have to have a new codec, driver, or special program for something in the web page you are visiting. Close the popup window by selecting the X in the upper right corner of the popup window.
Most of these popup windows are actually trying to trick you into clicking on "OK" to download and install spyware or other malicious code onto your computer.
Hackers are known to scatter infected USB drives with provocative labels in public places where their target business’s employees hang out, knowing that curious individuals will pick them up and take them back to their office system to "see what’s on them." What is on them is generally malicious code which installs a spy program or remote control program on the computer. Teach your employees to not bring USB drives into the office and plug them into your business computers (or take them home and plug into their home systems). It is a good idea to disable the "AutoRun" feature for the USB ports on your business computers to help prevent such malicious programs from installing on your systems.

Computer "Tip of the Day 09-25-09"

Limit employee access to data and information, and limit authority to install software.


Use good business practices to protect your information. Do not provide access to all data to any employee. Do not provide access to all systems (financial, personnel, inventory, manufacturing, etc) to any employee. For all employees, provide access to only those systems and only to the specific information that they need to do their jobs.

Do not allow a single individual to both initiate and approve a transaction (financial or otherwise).
The unfortunate truth is that insiders – those who work in a business – are the source of most security incidents in the business. The reason is that they already are inside, they are already trusted, and they have already been given access to important business information and systems. So, when they perform harmful actions (deliberately or otherwise), business information, systems, and networks suffer harm.

To better protect systems and information, ensure that all employees use computer accounts which do not have administrative privileges. This will stop any attempt – automated or not – by employees to install unauthorized software.

Computer "Tip of the Day" 09-23

Require individual user accounts for each employee on business computers and for business applications.

Set up a separate account for each individual and require that good passwords be used for each account. Good passwords consist of a random sequence of letters, numbers, and special characters – and are at least 8 to 10 characters long.

To better protect systems and information, ensure that all employees use computer accounts which do not have administrative privileges. This will stop any attempt – automated or not – by employees to install unauthorized software. If an employee uses a computer with an administrative user account, then any malicious code that they activate (deliberately or by deception) will be able to install itself on their computer – since the malicious code will have the same administrative rights as the user account has.

Without individual accounts for each user, you may find it difficult to hold anyone accountable for data loss or unauthorized data manipulation.

Passwords which stay the same, will, over time, be shared and become common knowledge to an individual user’s coworkers. Therefore, passwords should be changed at least every 3 months.

Computer "Tip of the Day" 09-22

Train your employees in basic security principles.

Employees who use any computer programs containing sensitive information should be told about that information and must be taught how to properly use and protect that information. On the first day that your new employees start work, they need to be taught what your information security policies are and what they are expected to do to protect your sensitive business information. They need to be taught what your policies require for their use of your computers, networks, and Internet connections.

In addition, teach them your expectations concerning limited personal use of telephones, printers, and any other business owned or provided resources. After this training, they should be requested to sign a statement that they understand these business policies, that they will follow your policies, and that they understand the penalties for not following your policies. (You will need clearly spelled-out penalties for violation of business policies.)

Set up and teach "rules of behavior" which describe how to handle and protect customer data and other business data. This may include not taking business data home or rules about doing business work on home computers.
Having your employees trained in the fundamentals of information, system, and network security is one of the most effective investments you can make to better secure your business information, systems, and networks. You want to develop a "culture of security" in your employees and in your business.

Typical providers of such security training could be your local Small Business Development Center (SBDC), community college, technical college, or commercial training vendors.

Computer "Tip of the Day" 09-21

Secure your wireless access point and networks.

If you use wireless networking, it is a good idea to set the wireless access point so that it does not broadcast its Service Set Identifier (SSID). Also, it is critical to change the default administrative password. It is important to use strong encryption so that your data being transmitted between your computers and the wireless access point cannot be easily intercepted and read by electronic eavesdroppers. The current recommended encryption is WiFi Protected Access 2 (WPA-2) – using the Advanced Encryption Standard (AES) for secure encryption. See your owner’s manual for directions on how to make the above changes. Note that WEP (Wired-Equivalent Privacy) is not considered secure; do not use it for encrypting your wireless traffic.

Computer "Tip of the Day 09-18"

Control physical access to your computers and network components.

Do not allow unauthorized persons to have physical access to or to use of any of your business computers. This includes locking up laptops when they are not in use. It is a good idea to position each computer’s display so that people walking by cannot see the information on the screen.

Controlling access to your systems and networks also involves being fully aware of anyone who has access to the systems or networks. This includes cleaning crews who come into the office space at night to clean the trash and office space. Criminals often attempt to get jobs on cleaning crews for the purpose of breaking into computers for the sensitive information that they expect to find there. Controlling access also includes being careful about having computer or network repair personnel working unsupervised in office space on systems. It is easy for them to steal many gigabytes of information and walk out the door with it without anyone noticing anything unusual.

No one should be able to walk into your office space without being challenged by an employee. This can be done in a pleasant, cordial manner, but it must be done to identify those who do not have a legitimate reason for being in your offices. "How may I help you?" is a pleasant way to challenge an unknown individual.

Computer Tip of the Day "09-16"

Make backup copies of important business data/information.

Back up your data on each computer used in your business. Your data includes (but is not limited to) word processing documents, electronic spreadsheets, databases, financial files, human resources files, accounts receivable/payable files, and other information used in or generated by your business.

It is necessary to back up your data because computers die, hard disks fail, employees make mistakes, and malicious programs can destroy data on computers. Without data backups, you can easily get into a situation where you have to recreate your business data from paper copies and other manual files.

Do this automatically if possible. Many security software suites offer automated backup functions that will do this on a regular schedule for you. Back up only your data, not the applications themselves (for which you should have distribution CDs from your vendor). This automatic backup should be done at least once a week, and stored on a separate hard disk on your computer if not off line using some form of removable media. The hard disk should have enough capacity to hold data for 52 weekly backups (500GB should be sufficient). Remember, this should be done on each of your business computers. It is important to periodically test your backed up data to ensure that you can read it reliably. There are "plug and play" products which, when connected to your computer, will automatically search for files and back them up to a removable media, such as an external USB hard disk.

It is important to make a full backup once a month and store it away from your office location in a protected place. If something happens to your office (fire, flood, tornado, theft, etc) then your data is safe in another location and you can restore your business operations using your backup data and replacement computers and other necessary hardware and software. As you test your individual computer backups to ensure they can be read, it is equally important that you test your monthly backups to ensure that you can read them. If you don’t test your backups, you have no grounds for confidence that you will be able to use them in the event of a disaster or contingency.

If you choose to do this monthly backup manually, an easy way is to purchase a form of removable media, such as DVDs if you have a DVD writer or an external USB hard drive (at least 1000 Gigabytes capacity). On the hard drive, create a separate folder for each of your computers, and create 12 folders in each computer folder – one for each month. Bring the external disk into your office on the day that you do your monthly backup. Then, complete the following steps: connect the external disk to your first computer and make your backup by copying your data into the designated monthly folder; immediately do a test restore of a file or folder into a separate folder on your computer that has been set up for this test (to ensure that you can read the restored file or folder). Repeat this process for each of your business computers and, at the end of the process, disconnect the external drive. At the end of the day, take the backup hard drive to the location where you store your monthly backups. You may, when each of the monthly folders has been used, purchase more media for the following 12 months.

It is very important to do this monthly backup on each computer used in your business.

Wow What a Month!! for Discover the Region.com

Wow What a Month.
Discover the region.com started off with our Birthday Bash, celebrating our first Birthday with many more to come. We have spent numerous hours on upgrading the DTR.com business directory listing. The new upgrades to the Global listing includes; being able to include 10 keywords, 2000 word Meta tags, 10 Meta tag words, the ability to attach your directory listing to any of the social media outlets (i.e. FaceBook, Linkedin, and Twitter). What does this mean to you? Increased branding exposure, Free SEO ( search engine optimization), social networking recognition, promotion and publicity for your business as your climate changes. Local, as well as national branding. A “Business Directory” that puts you in the driver seat to update, spotlight & promote.

This month I have also created word press blog pages that increase SEO and allows Discover the Region to maximize the internet to showcase, DTR clients, DTR resources for City and Local reference, & Discover the Region Publications in Dayton, Northeast Ohio & The West Valley –Phoenix.

I took the plunge and spent the day taking a class on social media sites. It was well worth my time and money.
Twitter facts: May 2009
Twitter had 24 million people visit (US)
60% are College educated or higher
79% make 30K or more
I have found tricks that make participating on the internet more time efficient. I will share the best one for me. Tweetlater.com allows you to spend an hour entering your tweet thoughts and schedule them for a number of days. You then have information going out consistently which builds your following. There are other tools you can use to accomplish scheduled tweets. This one is FREE.

Finally, I have spent time with entrepreneurs….. Providing counsel on the organization and creative steps necessary to transform their dreams into successful business realities. Entrepreneurs still have to put in the work, but with guidance from someone who has worked through these issues, missteps can be minimized and progress in the right direction increased.

I take a deep breath and reflect how grateful I am to be right here, right now. I can’t wait to see what is in store for this month.

Jodie Wilson
www.discovertheregion.com

Computer Tip of the Day "09-10"

Patch your operating systems and applications.
All operating system vendors provide patches and updates to their products to correct security problems and to improve functionality. Microsoft provides monthly patches on the second Tuesday of each month. From time to time, Microsoft will issue an "off schedule" patch to respond to a particularly serious threat. To update any supported version of Windows, go to "Start" and select "Windows Update" or "Microsoft Update." Follow the prompts to select and install the recommended patches. Other operating system vendors have similar functionality. Ensure that you know how to update and patch any operating system you select.
For Microsoft Windows XP, select "Start", then "Control Panel", then "System", then "Automatic Updates". After that, set the day and time to download and install updates. Select "Apply" and click "OK".
For Microsoft Windows Vista, select "Start", then "Control Panel", then "Security", then "Turn Automatic Updating on or off". If the circle is marked which says "Install updates automatically (recommended)", check to see that the day/time tabs are set to "every day" and "11:00pm" or some other convenient time. If the circle is not marked which says "Install updates automatically (recommended)", then check the circle to activate automatic updates and select "every day" on the left tab, then select an appropriate time (11:00pm is fine) for the right tab. Then, towards the bottom of the window, check "Recommended Updates" and for "Update Service" check "Use Microsoft Update". Then click on "OK" at the bottom of the window and you are all set for automatic updates for your Windows Vista system.
Office automation software products such as Microsoft Office also need to be patched & updated on a regular basis. For Microsoft products, the patch/update process is similar to that of the Microsoft Windows operating systems. Other business software products also need to be updated regularly.

Computer Tip of the Day "09-04"

Install and activate software firewalls on all your business systems.
Install, use, and keep updated a software firewall on each computer system used in your small business.
If you use the Microsoft Windows operating system, it probably has a firewall included. You have to ensure that the firewall is operating, but it should be available.

To check the software firewall provided with Microsoft Windows XP, click on "Start" then "Settings", then "Control Panel", then "Windows Firewall". Select the "General" tab on the top of the popup window. You can see if the firewall is on or off. If it is off, select "On-Recommended" in the hollow circle next to the green check-mark icon.

To check the software firewall provided with Microsoft Windows Vista, click on "Start" then "Control Panel" then "Windows Firewall." If your firewall is working, you should see a message that "Windows Firewall is helping to protect your computer." If not, click on ‘Turn Windows Firewall on or off" (in the upper left corner of the window) and select "Turn on firewall."

When using other commercial operating systems, ensure that you fully review operations manuals to discover if your system has a firewall included and how it is enabled.

There are commercial software firewalls that you can purchase at a reasonable price or free that you can use with your Windows systems or with other operating systems. Again, internet searches and using online/trade magazine reviews and references can assist in selecting a good solution.

As recommended in Section 2.1, ensure that your home systems and your employees’ home systems have firewalls installed and operational on them.

It is necessary to have software firewalls on each computer even if you have a hardware firewall protecting your network. If your hardware firewall is compromised by a hacker or by malicious code of some kind, you don’t want the intruder or malicious program to have unlimited access to your computers and the information on those computers.

ALL AMERICAN EYEGLASS REPAIR
because you need to see now!

Located on the Southwest corner of 35th Ave. and Dunlap
Tel: 602-589-0401
Have glasses that need fixing and can not find an inexpensive repair shop?
I was in and out in 5 minutes.
I was impressed by the professional service.

Computer Tip of the Day "09-01"

Provide Security for your Internet Connection.

Most businesses have broadband (high speed) access to the Internet. This may be from a local cable TV company or a local telephone company. It is important to keep in mind that this type of Internet access is always "on." Therefore, your computer - or any network your computer is attached to - is exposed to threats from the Internet on a 24 hour a day/7 day a week basis.

For broadband Internet access, it is critical to install and keep operational a hardware firewall between your internal network and the Internet. This may be a function of a wireless access point/router or may be a function of a router provided by the Internet Service Provider (ISP) of the small business. There are many hardware vendors which provide firewall wireless access points/routers, firewall routers, and firewalls.

As recommended in Section 2.1, ensure that your and your employees’ home systems are protected by a hardware firewall between your/their system(s) and the Internet.

For these devices, change the administrative password upon installation and regularly thereafter. It is a good idea to change the administrator’s name as well. The default values are easily guessed, and, if not changed, may allow hackers to control your device and thus, to monitor or record your communications (and data) to/from the Internet.

Do I Mean What I Say?

Do I say what I mean? Do I mean what I say?This month at my ABWA luncheon our business introductions were switched up. We were paired up and the goal was to introduce the other persons business, promote their unique attributes and possibly come up with a tag line. We spent 15 minutes with another member answering 5 questions. It is a wonderful learning exercise. Checking in and making sure what you are trying to convey about your business is actually coming across.My partner was ReNay Mushier, owner of The Personal Touch Massage. I thought I would share what ReNay shared about DiscoverTheRegion.com. I loved what ReNay put together for me.I'd like to introduce Jodie Wilson.She offers Resource information & Directory Ad Space at DiscoverTheRegion.com
Jodie's website was established to compliment the Ohio based publication that has taken root in our Phoenix West Valley, which promotes Economic Development, Tourism and Relocation to our beautiful area.
Her burning desire is to learn more about internet lingo, website design and anything computerized.
Jodie enjoys finding the hidden treasures and meeting people.
Jodie would enjoy being introduced to people who recognize the benefit of showcasing region’s and what they have to offer both residents and visitors, alike.
Did you know....for as little as $20 a month, Jodie can help you take “the Search out of Research” through discovertheregion.comIf you are not part of a networking group that you can practice this exercise, ask some of your colleges to answer these 5 questions and have them give you an introduction, just to check in with what message you are promoting about your business.
1. Your Name:
2. Business Name:
3. What do you want to learn this year?
4. What do you enjoy most in your business?
5. What client would you most like to meet?

Jodie Wilson
www.discovertheregion.com