Monday, April 21, 2014

Have you heard of the Heartbleed bug?


Heartbleed is the name of a major security vulnerability that may affect nearly two-thirds of websites online. It’s a severe situation potentially exposing your login information—your username and password—and other sensitive information about you.

What is Heartbleed?
It is important to understand that Heartbleed is not a virus, but rather a mistake written into OpenSSL—a security standard encrypting communications between you, the user, and the servers provided by a majority of online services. The mistake makes it possible for hackers to extract data from massive databases containing user names, passwords and other sensitive information.

What can you do?
Unfortunately, there's not much you can do about the bug itself. The only way to fix this problem is for the vulnerable sites to update OpenSSL and reissue their security certificates.

If possible, try to avoid connecting to vulnerable sites and services until they notify you of a fix. Do not change your passwords on your favorite sites until they notify you that they have fixed the bug. If and when you do get confirmation, update your passwords as usual, but make sure they are strong.

You can test the vulnerability of specific websites here: http://tif.mcafee.com/heartbleedtest.

Now is a really good time to make sure ALL of your passwords for all sites are strong, especially the ones for your financial institutions, or websites where you have accounts that maintain credit card information, client records, or proprietary or confidential intellectual property.

Read more about the Heartbleed Bug

Are you using strong passwords?

If you answered ‘No’ or ‘I’m not sure,’ check out this useful password generator tool we found. 


PASSWORD Boy is a free password generator. It allows you to create random passwords that are highly secure and extremely difficult to guess due to an optional combination of lower and upper case letters, numbers and symbols.  Their website allows you to download the utility to your desktop, or you can use the online version.  This password tool can produce all 3 types of “strong” passwords (Pass Phrase, Pronounceable/Phonetic, and Random/Strong).

Wednesday, April 9, 2014

This is the end of Windows XP



Support for Windows XP ended on April 8, 2014.
If you have PCs running XP, you will no longer receive software updates from Windows Update. This ends all security updates, hotfixes, driver updates and support. Running Windows XP in your environment after the end of support date may expose your company to potential risks, such as viruses, spyware, and other malicious software which can steal your business information. 

April 8, 2014 has come and gone, and so has your support for XP. You have three options:
1. Replace your old XP machines with PCs with newer operating systems
2. Disconnect your XP computers from your business network and internet
3. Keep your XP machines connected and hope for the best

You may be thinking, “But, Windows XP works great for us and we have no hardware issues with our computers, so why should we switch?"

Think about this… On April 8, 2014, Microsoft released the last batch of XP patches and explanations of what they fix. A few days after that, virus writers have deconstructed these patches and discovered the underlying security holes. Then, they release their viruses, ransomware, adware, etc. The next day, thousands of computers are infected by the malware, and even if it is removed and all normal precautions are taken, this virus will infect the computers again and again while the Windows XP PC is being used to access the internet.

Organizations that continue to retain a Windows XP environment not only are leaving themselves exposed to security risks and support challenges but also are wasting budget dollars that would be better used in modernizing their IT investments. Many options exist for businesses considering moving to newer PC operating systems. To understand the best options for your organization, you need a Microsoft Partner who will assess your business needs. 

Contact BizTech for more information at 419.539.6922 or go to www.gobiztech.com