Monday, October 29, 2012

Computer and Electronics Tips for a Potential Power Outage

As Hurricane Sandy headed rapidly towards the New England, I received several calls from clients asking what to do in preparation for a power outage. Every business should have a comprehensive disaster prevention and recovery plan that includes appropriate redundancies, but with the storm at hand, some basic strategies are in order.

Here are some of the last minute tips that I shared with them which hope will also prove helpful to you:
  • Unplug If power goes out, browns out (dim lights), or is flickering, unplug computers and electronics from the wall. Damaging power surges/spikes often occur when power comes back on, and during thunderstorms it's not uncommon for surges to enter through cable and phone lines. Shutting systems down is not sufficient. While surge protectors are important, they may not provide enough protection during a major storm or electrical event.
  • Keep dry -  If you're in a location prone to flooding, be sure that your computers are at least a couple of inches off of the floor. Keep in mind that floods don't only occur in basements. A leaky roof or burst pipe can bring water damage to any floor of a building.
  • Backup - Is your data thoroughly backed up? Is the backup stored somewhere safe? If the power is still stable, you may have time to do a quick backup. Think about throwing a few critical things that you may need over the next few days onto an external drive. If it’s too late fot that, let this be a strong reminder to get your backup procedures in order once the storm clears.
  • Plan B - Do you have a have a hard copy of your employee, customer and vendor contact lists? Depending upon the nature of your business, you'll want to keep the appropriate parties appraised of the situation. That can be really difficult to do if you don't know how to reach them. If you your Email system and/or website is hosted onsite, consider alternate ways to communicate. If your systems are hosted in a data center, be sure that people have access to instructions for logging in remotely. If your phone system is down, the provider may be able to either forward calls or post a recorded message.
  •  UPS - For the future, think about purchasing uninterruptible power supplies (UPS) for your most vital systems. This is basically battery backup. Security systems usually have one built in and they even have them in some garage door openers now (that was a bummer getting locked out of the garage during last year’s snow storm). You’ll want to purchase units with automatic voltage regulation (AVR); these also kick in when there’s too much or too little power. While a UPS may only keep you up and running for a short time, they do a far better job than regular surge protectors and may provide you enough time to at least save work and shut down properly. Keep in mind that without a UPS, most business phone systems will immediately go down. Batteries need to be replaced every couple of years, so be sure to test UPSs periodically.
  •  Insurance - After the storm, take the time to review your commercial or homeowner's insurance policy. There are often significant limits on computers and electronics, but most carriers offer special technology riders that may even include coverage for data recovery. This small investment may pay off sooner than you think.
If you experience a loss, feel free to give me a call. I’m happy to provide quick advice or answer a brief question. I unfortunately have a lot of experience dealing both insurance companies and bailing people out of disasters large and small. Either way, it's probably time to review your disaster plans, and if you don't have one give Winter Solutions a call ensure so you can start putting one in place for next time.
May your basements be dry, and may your electricity continue to flow!

- Dovid


Dovid Winter is Principal Consultant of Winter Solutions and has been providing hands-on IT management services to small-business, non-profit and education since 1986. In addition to website development and hosting services, Winter Solutions' offers an array of managed IT services. Whether you are looking for assistance with a single project or to outsource your entire IT department, Winter Solutions has a solution to meet your needs. Contact us at 781 821-0000.




Thursday, October 11, 2012

I'm Infected by My Antivirus

Call it a virus … call it spyware or malware … whatever you want to call it, it seems like I’ve been getting calls for years about this major nuisance.  The pop-up might tell you that your hard drive is failing or your registry is corrupted or your computer is infected with 43 viruses, and to the untrained eye it can be quite convincing, but these days, warnings like these are more often than not a hoax, what Wikipedia calls rogue security software.







So if it’s a hoax, Dovid, does that mean that I can just ignore it?

Unfortunately, you cannot.  Worst case scenario, this hoax carries some damaging payload and is a virus itself; best case, it’s a nuisance that’s just trying to steal your credit card info. (I’ve actually had clients pay to activate the fake antivirus software with hopes that this would remove it.) The important thing is to recognize that responding to any requests from this malicious software will only make things worse.

How do I know whether it’s real or a hoax?

When in doubt, call your competent local IT expert (shameless plug).

Another line of defense is knowledge – which is why  it’s a good idea to  familiarize yourself with your antivirus software before there’s a problem. Learn how to check to make sure it’s active and up to date.  Many people are sitting ducks for this kind of scam precisely  because they don’t know what their antivirus software is supposed to look like. (The truth is, it’s  easy to recognize t a hoax when it’s written in Pidgin Englis;, but thanks to all of those outsourced call centers, it may be that hackers’ English seems to be getting better all the time.)

How did I get it?

Since I’m generally a believer in holistic computing practices, I’ll always start by telling you that your computer got infected because it didn’t have a healthy immune system and was therefore vulnerable; but to be more pragmatic, more often than not, there’s an infected website involved. Either you were conned into clicking a link in a deceptive Email message, or mistyped an Email address, or were on a site that you probably shouldn’t have been on, or as mentioned in our last blog posting, visited a perfectly reputable site that was hacked or infected itself. 

Unfortunately, it can  happen even if you are “protected” by top name antivirus software and even if you’re “careful.”  I can certainly admit to being fooled before and  it can happen so quickly that you don’t know what hit you. Other times it takes getting fooled into an act of collusion by clicking through a number of steps, functionally voluntarily installing this bad-ware on your own computer. (They may even be kind enough tell you what they’re going to do to your computer in the fine print.) Even if this happens just once, it can be an expensive learning experience.

Ok. Well, I got whacked, so now what?

Save your work if you need to and shut the computer down right away; if necessary, hold the power button down for ten seconds to turn the computer off or unplug it (on a desktop computer that’s the box or CPU, not the monitor or screen).   To state the obvious, viruses can’t cause damage if the computer isn’t on. Sometimes what looks like a legitimate alert may only be a deceptive video clip from a website pop-up. If you’re lucky, you caught the problem in its tracks and the computer will be fine when you start back up.

But if there are any signs that the virus is still there when you restart, call your competent local IT expert (shameless plug #2). While sometimes these issues can be resolved with the right utilities, more often than not, if it got by some barriers to get installed in the first place, it might be require a more  complex removal process.  Of course, if you went so far as to give up credit card information, after you finish kicking yourself, call your credit card company.

What can I do to avoid these problems for my business?

There’s no question that prevention is the best medicine. Feel free to share these strategies with your office team.

  1. Educate your staff. Periodically remind them not to open an Email attachment or website link unless they know the sender and what it is that they’re opening. Computers used exclusively for appropriate business certainly tend to be less vulnerable. (That said, it’s not a fair assumption  that a staff member was doing something wrong if the computer got infected.  Unfortunately, when perfectly reputable business websites get infected they tend to share the problem with hundreds or thousands of users, not just a few dozen. )
  2. Limit administrator access. Ask your IT expert to set the computers up so that the users do not have Administrator access. If the person who is on the computer when it gets infected doesn’t have permission to install software, most malware can’t get very far. So, even if that user’s account is infected, the rest of the computer will likely be ok.
  3. Keep your systems up to date. Make sure that updates are allowed to run automatically make – and keep up with – a schedule for regular manual update checks.
  4. Make sure that you have an antivirus product installed. And ensure that you know how to keep it up to date. Money saving tip: You can pass on the  bloated feature-rich security products sold in stores. For networks with only a few computers, the free options like Microsoft Security Essentials are fine. For larger networks, you’ll want to go with a product like Trend-Micro that’s designed to be managed from a central console. You also might consider supplemental products like Malwarebytes, Spybot S&D and CCleaner  to help keep the computer clean and garbage free.
  5. Have a good firewall. This creates a level of prophylaxis between your computer and the Internet. Newer devices do a great job at screening websites and scanning network content before it gets to your computer. As referenced in our last blog posting, all the heroic policing efforts of Google and others to scan the Internet and keep it safe are great, but it’s not safe to assume that they’ll catch every site fast enough. For larger or growing sites, I definitely recommend Barracuda to do this job. (Employer bonus: Barracuda can also help ensure that your users are primarily using their computers to do their jobs, instead of shopping, playing fantasy football or hanging out on Facebook.)
  6. Protect your Email. Make sure that your Email systems are screened for spam and also well protected from viruses. We provide robust filtering on our Microsoft Exchange hosting services, but I feel very strongly that Email should be filtered long before it reaches your computers or servers. You’ll want to check with your Email providers to ensure that this is the case.
  7. Get a Mac. I can hear the outcry from here. But think about getting a Mac. There’s at least a modest premium for purchasing Apple and they’re not the best solution for larger networks or environments with specific applications which don’t run on Mac; but I haven’t seen a virus on a Mac in at least 15 years, and even then, it was in Microsoft Office. Yes, Windows has  made impressive strides toward becoming safer and there are (at least theoretically) Mac OS viruses out there, but it’s getting easier and easier for Macs and PCs to get along and everyone  I know (including myself) who has one, loves them.
  8. Backup, backup, backup.  It’s the mantra we can’t afford to ignore. Almost always, your data is far more important than your computer. Make sure that you have a robust onsite and offsite backup solution in place so that if the computer is so badly infested that it needs to be wiped out, you will make sure you don’t lose the data that your business needs to function.

Seriously?! How am I supposed to stay up to date on all of this? Shouldn’t my computers just work? I seem to get along ok. Who has time for this? Isn’t this what my IT guy (or gal as the case may be) is for?

I feel your pain. But, as I said, a modest amount  of education can go a long way, especially when it comes to appropriate computer use. When it comes to the rest, it is important to ensure that, even if you don’t know all of the details, there is someone on your team with the right expertise who does. Some pieces can be handled by a competent staff person or a decent computer consultant, but once your business is starting to grow you’ll want to engage a managed service provider to deliver  the level of experience and knowledge needed to ensure that you have a reliable platform that meets your growing business needs.

Remember: Don’t settle for computers that simply function. Technology can and should be a tool to increase productivity and drive your business forward in creative new ways.

Dovid Winter is Principal Consultant of Winter Solutions and has been providing hands-on IT management services to small-business, non-profit and education since 1986. In addition to website development and hosting services, Winter Solutions' offers an array of managed IT services. Whether you are looking for assistance with a single project or to outsource your entire IT department, Winter Solutions has a solution to meet your needs. Contact us at 781 821-0000.