Tuesday, May 24, 2016

Windows laptop and desktop encryption. Is there a cost effective simple solution?

Encryption is one of the safest and most cost effective technologies available to secure data. Governing bodies mandate the usage of encryption to ensure data at rest or in transmit is secure. Some of the standards out there include HIPAA, PCI, SOX, etc. all of which have a high reliance on a proper implementation.
** PLEASE WORK WITH YOUR IT DEPARTMENT OR CONSULTANT **** GOVERNANCE NEEDS DICTATE THE TOOLS YOU WOULD NEED **
This article is to discuss some of the options available that are cost effective for small businesses and individuals that use Microsoft based operating systems such as Windows 7 Professional.
Three viable cost effective options for small businesses and individuals
1) BitLocker (FREE FEATURE WITH WINDOWS 10 UPGRADE - LIMITED TIME)
BitLocker s a built-in encryption feature that Microsoft has made available in the later versions of Windows. The software allows you to encrypt and hard drives and have them available on other systems without the need for special software programs.

If you are running Windows 7 Professional or above or Windows 8.1 Professional, you are eligible for the FREE  Windows 10 upgrade that unlocks this feature, but time is running out.
2) Disk Cryptor (http://www.diskcryptor.net/wiki/Main_Page(FREE)
Open Source Microsoft Windows Encryption software that is compatible with all the different Microsoft Based operating systems. You can force your system to prompt for a password every time the system is booted.
3) VeraCrypt (https://www.idrix.fr/(FREE)
Another open ource Microsoft Windows Encryption software that is compatible with all the different Microsoft Based operating systems. The code is based on the end of lifed TrueCrypt software. You can force your system to prompt for a password every time the system is booted.
Three viable cost effective options for mid size businesses (more than 10 computers/workstations)1) Symantec End Point Encryption (Popular product based on PGP)
2) Sophos SafeGuard Encryption
3) McAfee Complete Data Protection
Encryption methodologies when used effectively, can protect you, your organization, and your clients.
If you have any questions, please feel free to contact me directly. 

Saturday, April 16, 2016

Time to consider uninstalling QuickTime for Windows

Call to Action: Quicktime Security Issue on Windows

Are you a Microsoft Windows PC user? Do you use Apple's QuickTime video player? 
You should consider uninstalling the software. That is the advice of the Department of Homeland Security's United States Computer Emergency Readiness Team, or US-CERT, after two new bugs were discovered in the software. Click on the following link for more details: https://www.us-cert.gov/ncas/alerts/TA16-105A.
The bugs are rated as critical. They could be used to launch attacks on computers if users open a tainted file or visits a malicious Web site. 
According to BBC, Quicktime support on the Windows platform has been ended by Apple. 
Unpatched bugs put users at an increased vulnerability to viruses and malware.
"The only mitigation available is to uninstall QuickTime for Windows," the alert said, which noted that Mac computers are unaffected by the bugs.
The process to uninstall Quicktime on Windows has been provided by Apple via the following link: https://support.apple.com/en-us/HT205771

If you have any questions please reach out. Thanks.

Saturday, March 12, 2016

Phishing, one of many Cyber Security challenges

Phishing is not a favorite past time, especially for IT professionals or organizations concerned about security. 
What is "Phishing"? It's a method used by hackers to attempt to acquire sensitive information. That includes data such as usernames, passwords, and credit card details. It's often for malicious reasons, and is accomplished by pretending to be a trustworthy entity in an electronic communication.
You need to think like a hacker. There are many tools on the Internet that can assist. If you work at an organization concerned about security, employee awareness is the key.
So how do you achieve security awareness?
This is the biggest challenge for all organizations and individuals alike. Ongoing training will be the key to protecting you.
Below is a great video from SANs that you can share to help increase awareness:


How do you protect yourself against phishing?
  1. Be wary of emails asking for confidential information - especially information of a financial nature. Legitimate organisations will never request sensitive information via email.
  2. Don't get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
  3. Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them. Many phishing emails begin with "Dear Sir/Madam", and some come from a bank with which you don't even have an account.
  4. Never use links in an email to connect to a website unless you are absolutely sure they are authentic. Instead, open a new browser window and type the web address directly into the address bar. Often a phishing website will look identical to the original - look at the address bar to make sure that this is the case.
  5. Make sure you maintain effective software to combat phishing.
If you have any questions, please reach out. 

Thursday, February 18, 2016

Why you should use a Password Manager and what can you do?

Most people use very weak passwords and often reuse them on different websites. How are you supposed to use strong, different passwords on all the websites you access? 
The solution is a "Password Manager".
Password Managers is a piece of software that's installed on your computer to store your login information for all the websites you use and helps you log into them automatically. 
They typically encrypt your username and password database with a master password – you only need to remember your master password.

Don’t Reuse Passwords!

Password reuse is a serious problem. When a website has been attacked, there is a high chance that your username and password leaks out to the Internet. Malicious individuals have an email address, username, and password combination they can try on other websites. If you use the same username and password information everywhere, a leak at one website could give people access to all your accounts. If someone gains access to your email account, they could use password-reset links to access other websites, like your online banking accounts.
To reduce passwords from being so damaging, use different passwords on every website. Remember to use long passwords with random characters.
Remembering all different passwords is nearly impossible without using some sort of tool. The ideal tool is a password manager.  

A free Password Manager that works!

KeePass: KeePass is a popular desktop application for managing your passwords. KeePass stores your passwords on your computer — it’s even open-source, which means it is freely available to the world. It is also available for Macs and PCs. The downside is that you’re responsible for your passwords. Make sure to backup the database on a regular basis.
If you like this article, please remember to share and feel free to reach out to us if you have any questions.  
Email us: sales@ripeva.com
Call us: 563-213-4015

Tuesday, January 12, 2016

Microsoft will be ending Windows 8 security patches on January 12



Windows 8 is about to get a lot less secure.

After January 12, Microsoft will stop offering security patches for the three-year-old operating system. Users will have to upgrade to either Windows 8.1 or Windows 10 to keep receiving updates.
As Ed Bott notes over at ZDNet, Windows 8 is an exception to Microsoft’s typical support life cycle policy, which provides 10 years of security fixes after the initial launch date. That’s because Microsoft considers Windows 8.1—a meaty update released nearly one year after Windows 8—to be a service pack, rather than an entirely new OS. Microsoft only guarantees two years of security patches for users who don’t update to the latest service pack.


Source: PC World
Credit: PC World

Email us: sales@ripeva.com
Call us: 563-213-4015

Thursday, January 7, 2016

Chevy Bolt, the First Electric Car for the Masses

General Motors just beat Tesla Motors in the race to produce a truly affordable electric vehicle with triple-digit range.
Moments ago, GM CEO Mary Barra unveiled the all-electric Chevrolet Bolt at CES, providing the first look at what may be the most significant vehicle the automaker has built in decades. The little EV may look like just another five-door compact, but two figures make it an engineering masterstroke: 200 and 30,000.

That first number is its range: 200 miles on a fully charged battery. That’s a number exceeded only by Tesla, whose cheapest model starts north of $70,000. And that brings us to the second number. Chevy promises the Bolt will cost less than $30,000 after the $7,500 federal tax credit. Together, they make the Bolt the first EV that delivers excellent range at a great price. It is the electric car for the masses.

Monday, December 14, 2015

Less Poking Around?


Google Seeks Patent on Needle-Free Blood Drawing Tech!

Google has filed for a patent on needle-free blood-drawing technology, described in a USPTO application published last week
.

Application 20150342509 suggests four potential implementations of the technology, including its use in a device that has an evacuated negative-pressure barrel with a membrane sealing an aperture at the far end containing an accelerator barrel.

Upon activating a trigger, pressurized gas would shoot a microparticle within the accelerator barrel to subsonic speeds. The microparticle would consist of nano-sized gold particles bound with a biodegradable matrix consisting of polylactic-co-glycolic acid. That microparticle would pierce the membrane and a user's skin, drawing a drop of blood, which would be sucked up by the negative-pressure barrel.

The apparatus could be incorporated in a handheld or wearable device.

"Serving the diabetic community would be advantageous, both for Google, due to the size of the market, and for patients, for its ease of use," said Shane Walker, a medical technology analyst at IHS.


By Richard Adhikari


Email us: sales@ripeva.com
Call us: 563-213-4015

Windows laptop and desktop encryption. Is there a cost effective simple solution?

Encryption is one of the safest and most cost effective technologies available to secure data. Governing bodies mandate the usage of encryp...