Firewalls – Keepers of the Gate

In this next writing about basic internet security, we will talk a little about firewalls.

It is common that people lump firewalls and antivirus software in the same bucket, however these are two separate items with two separate functions.

To start off, lets take a quick look at the difference between the function of a firewall and of antivirus software.

Firewalls:   These are the “Guard at the gate” so to speak. Firewalls help to minimize damage from spyware by keeping it from gaining unauthorized access to files and software. Firewalls monitors network traffic into and out of a computer or network and decides whether or not to let it in.

Antivirus Software:  Antivirus software would be the “soldiers” of the computer world. Their mission is to seek out and software, files, or programs that can harm or compromise your computer. It can detect harmful programs that are being downloaded or are already downloaded and will quarantine, remove or fix. It will also look for potentially harmful files attached to emails, or being downloaded from the internet and will remove these files and notify the user of their removal.

Now that we know the difference let’s look at firewalls.

There are 2 types of firewalls:

  • Hardware firewalls – This sits between your computer and the internet.

An example of a hardware firewall would be your router. A router may not have a built- in firewall or it may not be enabled so you will want to check with the manufacturer specs to see if it does.

A hardware firewall uses packet filtering to examine the header and decides whether to allow it to move through the system to the computer. It does this by comparing the header to a set of user created or pre-defined rules. Based on this comparison, it will allow or block the incoming traffic. If your computer becomes infected it could disable a software firewall, but it will not infect a hardware firewall as the hardware firewall sits apart from the computer.

Hardware firewalls also can provide centralized network management for multiple computers preventing individual users from having to change any settings.

 

  • Software firewalls – This sits between your computer and a network

 

An example of a software firewall would be Windows Defender.  Software firewalls, which usually come pre-loaded on your computer just as other software applications will only protect the device in which they are installed. They can often be customized, allowing the user some control over the protection features.  They may also include privacy and web filtering controls as well as other options.

The software firewall will run in the background of your computer and should always be running.

So the question becomes do you need a software firewall if you have a hardware firewall?  From what I have researched, you should run both as while they both may have redundant features, a hardware firewall should stop the barbarians at the gate while the software firewall should stop anything that may get through.

While I cannot recommend any specific firewall software, I have provided a link below that reviews the top ten personal firewall software for 2018.

http://www.toptenreviews.com/software/privacy/best-personal-firewall-software/

 

For my next post, we will discuss antivirus software. In the meantime, happy internetting.

THE IMPORTANCE OF UPDATES

We all hate that annoying screen pop up about updates.
And most of the time we click out of them, thinking “We’ll update later.” (But often we don’t)
But how important are these updates? Are they something that can safely be ignored? What are the risks?

It may be helpful to have a basic understanding of what an update is.

An update is a software file that contains “fixes” for issues or vulnerabilities that have been discovered with software or application. For security updates, these are often patches which help prevent hackers from getting into your system.

Sounds important to me.
So why do we delay or ignore these? It may be that part of the problem is that warning messages pop up somewhat randomly. Usually while we are right in the middle of that important spreadsheet, or while researching information on data breaches.
A new study from BYU, in collaboration with Google Chrome engineers, finds the status quo of warning messages appearing haphazardly—while people are typing, watching a video, uploading files, etc.—results in up to 90 percent of users disregarding them.*
Now we know what an update is and why it’s important, here’s a few tips to help in making this vital process go a little more smoothly.
• Set aside time each morning to check for updates, and if possible install immediately, before beginning your day. You will probably need to restart your computer, so be prepared for that.
• Install updates as soon as possible after being notified. This should probably be read as “Update Immediately”
• If you lack the time to manually update, use the task scheduler and have the updates installed automatically.

Updating is a very simple but critical action you need to take to help ensure the safety and security of yours and your customer data.
Need more convincing? Read this:
https://www.scientificamerican.com/article/why-installing-software-updates-makes-us-wannacry/

Need help with the updates, here are a few links below which can help.
• https://support.microsoft.com/en-us/help/311047/how-to-keep-your-windows-computer-up-to-date
• https://support.microsoft.com/en-us/help/294871
Now get out there and update.

*(Read more at: https://phys.org/news/2016-08-people-software-percent.html#jCp)
*(Read more at: https://phys.org/news/2016-08-people-software-percent.html#jCp)
https://www.scientificamerican.com/article/why-installing-software-updates-makes-us-wannacry/

Password Laziness- Don’t be a victim!

 

 

We all get a little lazy with passwords. We all can relate to the frustration of trying to log into our apps, websites etc. and getting the “Invalid Password” message. And then the ritual of retyping the password only to get the same message again- ugh.

This is probably why many people do not view a strong password as a necessity, but more of an annoyance.  Quite frankly, I have changed my phone provider password on multiple occasions simply because it was faster to do that, than to try to find where I had written it down.

Passwords, at their core, are designed to ensure that only authorized individuals have access to whatever data or information that is stored on a device, or in a database. To neglect setting up a strong password leaves you vulnerable to hacks and data theft. These hacks can have a devastating impact on your business, if not just be a downright nuisance.

We now live in an age where the password is a way of life, I think it wise to revisit our attitudes regarding this safeguard, particularly in regards to your business. It is extremely important that you as the business owner protect the highly sensitive data that you acquire. A strong password is the foundation for this protection.

In researching for this blog, I found some information that is quite interesting. You can find the full article at

https://www.halock.com/blog/3/article1288

  • FACT – 66% of people online utilize only 1 or 2 passwords for all their accounts!

66% is a staggering amount of people. Especially when considering how connected we all are.

  • FACT – A Computer loaded with the latest virtualization program and high-powered graphics cards can now crack an eight -character password in 5 ½ hours.

WOW- and that was in 2013! I would imagine the technology today allows for this to be performed more rapidly.

So if you are not utilizing a strong password, we recommend that you begin immediately.

Here are a few tips to help develop a strong password.

Do:

  • Mix capital and lowercase letters
  • Include punctuation marks.
  • Include numbers
  • Change at least once a year
  • Keep a written list of all your passwords for each account. Keep the list handy, but secure.

Don’t

  • Use the same password for multiple accounts
  • Use names, birthdates or any personal information
  • Use passwords that pertain to your hobbies

These are just some basic tips to help keep your online data secure.

Have a question? Feel free to contact me at davem@callaes.com

 

Need help with PCI Compliance?

PCI Compliance is a crucial part of your ability to do business. Being out of compliance can be catastrophic to your business.

Not sure if you are compliant? Need help with compliance? We can help by ensuring the equipment you use is in line with compliance guidelines.

 

You may also visit the below link for some very useful information

PCI FAQs

 

MS Cash Drawer Supplier Demo

Automatic Equipment Service continually monitors new technology and equipment to ensure we are able to best guide our customers to the products that will help them improve their profitability and efficiency.

It’s what we do.