How to Use an HTTPS-Encrypted Connection

Posted by admin on Oct 31, 2011

Taken from PC World Magazine, October 2011 Edition

When browsing the web, protect yourself by using HTTPS (Hypertext Transfer Protocol Secure) whenever possible. It encrypts the connection between your PC and the website you’re visiting.

Many site use HTTPS by default: When you purchase an item online or log in to a bank site, for instance, your browser will probably connect to the site via HTTPS automatically.  But you can enable HTTPS on Facebook, Gmail, and Twitter, as well.

To enable HTTPS on Facebook, log in to Facebook and click on the drop-down in the top-right corner, clock on Account Settings and then Security. Click on the Edit beside Secure Browsing and turn that feature on.

For Twitter, look for Settings.  In Gmail, click on the gear icon and select Mail Settings.

Posted in FAQ || No Comments »

What to Do After a Data Breach

Posted by admin on Oct 21, 2011

Taken from PC World Magazine, October 2011 Edition

2011 has been the year of the data breach, and data breaches are extremely common.  And once your personal information is out there, it’s exposed for good.  You can take a few steps to reduce the potential for damage, however.

1) Change your passwords: Your very first step should be to make a new password for your account on the affected site.  If you used the same login information for any other websites, be sure to change your password on those sites too.

2) Watch for phishing attempts and malicious email: If your email address is exposed in a data breach, scammers, spammers, and malware authors may try to send malicious messages to you (well, more than usual, anyway), so you might see a spike in spam.  As always, look out for any suspicious email.

3) Look for suspicious snail mail: If street addresses were compromised in a hack, cybercriminals may attempt to send you scam mail via the postal service.  Keep your guard up.  Be wary of anything you receive in the mail that asks for money or personal information.

4) Watch for financial statments: Even if your information wasn’t compromised in a major data breach, criminals can still get at your credit card and bank account information through a malware infection on your PC, a compromised ATM or credit card payment terminal, lost or improperly discarded documents that contain sensitive information, or even an unscrupulous employee at a fancy restaurant.

5) Put a fraud alert on your credit report: Here’s another must if you’re a data-breach victim.  A fraud alert tells the major credit agencies that your identity may have been stolen, and that they should be on guard for anything suspicious, such as new credit or bank accounts opened under your name.

Posted in News || No Comments »

To Update or Not To Update

Posted by admin on Oct 7, 2011

That is the question…. or at least that is a question I get a lot.  When Windows or another program bugs you to download and install an update, should you? Well, the short answer is YES!  In many cases that update is going to plug a hole that some malicious attacker might use to get in.  That update may also add a feature that you wished was included in that program.

The nice thing about most updates is that you can click the “remind me later” button and continue working.  The problem is that we keep doing that and the update never gets installed.  Then, an attacker plants a virus on our machine through one of the security holes, and we have the hassle of getting our system cleaned.  I agree that these updates seem to nag us when were are in the middle of something important, but it is necessary that they be installed.

Microsoft releases updates on the third Tuesday of the month (aka Patch Tuesday).  Most versions of Windows are set to check for those updates on the following Wednesday, or at least the next time the computer is turned on and accesses the Internet.  The updates come in three types – Critical Updates, Recommended Updates and Driver Updates.  The Critical Updates should be installed as soon as they are available because it is these updates that are plugging those security holes.  The Recommended Updates are usually upgraded versions of programs or improve the functionality of the system.  Driver Updates are for the various hardware devices that you have installed.

New to Windows 7 is what we refer to as the “forced update”.  If you have been putting off those Windows Updates for too long, your computer might just lock you out and install them anyway.  Depending on how many Critical Updates are needing to be installed, it can take several hours.  You cannot stop the install, and forcing your computer to shut down might prevent the system from restarting.  It would have been easier to install the update as they were needed.

Most programs are also set to periodically check for updates, or at least have a button that you can manually check for updates.  It is important that you update these programs as well, especially if they access the Internet or open files that you have
received by email or online.  Adobe Acrobat, for instance, is used to open PDF files.  Those files can contain a hacker’s code, and can exploit a flaw in Acrobat – unless it has been patched.  Java, Flash, .Net Framework and others can also contain the same types of security holes.

So the next time your computer bugs you to install an update, take a few moments and install it.  That might be the perfect time to stand up and stretch, go visit a co-worker, or just do nothing!