24
Sep, 2019

End of Life for Windows 7 Could Mean Trouble for Some Users

Every few years Microsoft rolls out a new version of Windows. Some of those versions end up being duds (think Vista and Millenium) and some of them gain a cult-like following like XP and the quickly approaching its end of life, Windows 7. Microsoft has announced that they will stop supporting and rolling out security patches for Windows 7 as of January 2020. This means you either need to upgrade Windows 7 to Windows 10 or you need to have some serious security software on your computer.

Why You Need to Upgrade Windows 7

As the end of life for Windows 7 approaches, you might be wondering if you really need to upgrade Windows 7 to Windows 10. If you leave Windows 7 on your machine, it will still function. Microsoft, however, will not be rolling out any more security patches or updates for the operating system. This means your computer will not be as secure as it would if you upgrade.

“Hackers” make their living by creating new malware to exploit weaknesses within specific software. Windows 7 currently accounts for about ⅓ of Windows users, and many are reluctant to upgrade. This means its only a matter of time for malware that will target machines that did not upgrade Windows 7 to Windows 10. Your computer will be easily compromised once we reach the end of life for Windows 7.

End of Life for Windows 7 Doesn’t Mean the End of the World

Some machines do not have the room on their hard drive to upgrade Windows 7. You can make space on your hard drive by removing files you don’t need and moving important files to an external hard drive or cloud-based storage like Google Drive. If this doesn’t free up enough space or you do not want to upgrade windows 7, you need robust security software.

When Microsoft rolls out Windows updates, often those updates include patches for security issues that leave users vulnerable. Without these patches, malware and hackers can easily find “backdoors” into your machine. If you’re going to continue to run Windows 7, you need proactive virus protection that scans your computer in real time.

Whether or not you choose to upgrade, Justified can help you navigate the end of life for Windows 7. We can help you through making space on your hard drive, upgrading from Windows 7 to Windows 10, and install on your machine, so you know your computer is always protected, regardless of what version of Windows you choose to run. Get in touch with Justified by contacting us here. The countdown is on, its time to make your choice.

15
Feb, 2019

10 Important Cybersecurity Tips for Small Businesses

Hackers are increasingly targeting small businesses. These 10 cybersecurity tips for small businesses can be implemented to improve security, prevent successful cyber attacks, and avoid costly data breaches.

Many small business owners misguidedly think that their company is too small to be a target for hackers but cyber attacks on small businesses are common and they are increasing. A successful attack on a Fortune 500 company is likely to be far more profitable for the hacker, but also much harder. Small businesses are relatively easy targets and attacks can be highly profitable.

Small business owners cannot afford to take cybersecurity lightly. A successful cyber attack could prove catastrophic. With this in mind, we have compiled 10 cybersecurity tips for small businesses that can easily be implemented to improve security.

Top Cybersecurity Tips for Small Businesses
Implement a Robust Firewall
A firewall is a cybersecurity solution that sits between a small business network and the outside world and prevents unauthorized individuals from gaining access to the network and stored data. Not all firewalls are created equal. Extra investment in a next generation firewall is money well spent. Don’t forget to also protect remote workers. Ensure that they are also protected by a firewall.

Create and Enforce Password Policies
You should implement password policies that require all users to set strong, secure passwords. A strong, unique password should be used for all systems. Passwords should include capitals, lower-case letters, a number, and a special character, and should be at least 10 digits long. Teach employees how to create secure passwords and enforce your password policies. Consider using a password manager so passwords do not need to be remembered. Consult NIST for the latest password guidance.

Security Awareness Training
Make sure you provide the workforce with regular security awareness training. This is the only way that you can create a culture of cybersecurity. Be sure to cover the security basics, safe Internet use, how to handle sensitive data, creation of passwords, and mobile device security. You should provide training to help employees avoid phishing attacks and consider phishing simulation exercises to test the effectiveness of your training program.

Multi-Factor Authentication
Multi-factor authentication involves the use of a password and at least one other method of authentication. If login credentials are compromised, an additional factor is required to gain access to an account or the network such as an SMS message to a user’s smartphone.

Backups
It is essential to have a good backup policy. In the event of disaster, such as a ransomware attack, you need to be able to recover critical data. Backups must also be tested to make sure files can be recovered. Don’t wait until disaster strikes to test whether data can be recovered. A good strategy is the 3-2-1 approach. Three backup copies, on two different types of media, with one copy stored securely offsite.

Software and Firmware Updates
Vulnerabilities are regularly found in computer software. Patches are released to correct those vulnerabilities, including those that are being actively exploited. Make sure patches are applied promptly, software is kept 100% up to date, and the most up to date firmware has been installed. Implement automatic updates where possible and create a schedule for updates if they need to be performed manually.

Network Segmentation
It is a standard best practice to segment networks and split them into subnetworks. Not only will this improve security it can also improve performance. By preventing access between segments, if one part of the network is compromised, an attacker will not have access to all systems and data. Also make sure you limit access to sensitive data and restrict the use of admin credentials. Apply the rule of least privilege. Do not give employees access to data, networks, and software that they do not need for day to day work duties.

Implement a Spam Filter
Arguably the biggest cyber threat that small businesses face is phishing. A single phishing email could allow an attacker to bypass your perimeter defenses and obtain login credentials or install malware. An advanced spam filter will allow you to improve productivity by blocking non-malicious spam emails and prevent phishing emails from being delivered to inboxes.

Secure Wi-Fi Networks
If you have a wireless network in your workplace it needs to be protected. Ensure that it is secured, data are encrypted, and that it is hidden and does not broadcast its SSID. Use WPA2 for encryption (or WPA3 if possible). Change default passwords and ensure your wireless router cannot be accessed from outside the network.

Consider Implementing a Web Filter
A web filter provides protection against web-based attacks by preventing employees from visiting phishing websites and sites that host malware. A DNS-based web filter can protect wired and wireless networks and even remote workers. It will block malware downloads and prevent users from accessing dangerous websites and those that serve no work purpose thus improving productivity.

Should you require any help with your business to keep it well protected, please don’t hesitate to contact Justified to help you out.