Tag Archives: IT

CyberSecurity

Introduction

Information Technology companies and departments alike have always been plagued by a stigma; that if you need to call them, there is something seriously wrong with your network. It’s a bit like getting called to the principal’s office, and this feeling of trepidation is largely caused by a fear most technology companies experience, one that is quite validated.

No. Network. Is. Safe.

In the field of technology, it is an unpleasant and an inescapable fact. Security is of the utmost importance in modern technology and it is something often ignored because nobody wants to deal with it. But it is imperative that anyone working in this field not only understand how to safeguard their own network, but to understand the function and goals of malicious software (“malware”) that are designed to do harm to your network.

How Do Malicious Programs work?

An important step in understanding the function of these programs is to know that they are simply that-programs. On a conceptual level, a virus or malware program is not much different from any other program, except that it has outcomes that you do not want. Such software is designed to either damage, control, analyze, or influence the hardware or operating system that it targets. This can range from anything to encrypting files while awaiting a ransom to transmitting all the data from the target machine to a third party. These programs have a variety of sources, including but not limited to criminal corporations operating outside the purview of the law, single programmers attempting to make a quick buck, or the always infamous extremist group. When it comes to prevention, the source is not as important; what does matter is that attacks and infections on a network can be the single most costly issue a company will face. If a network suffers, for instance, a ransomware attack, no files, accounts, or data can be accessed on that network until the ransom is payed, and even then the data may still remain encrypted depending on the whim of the attacker.

How Can Malicious Programs affect my network?

There is an abundance of malicious software variations, due to the fact that these are as previously mentioned, simply programs, and thus can be unique in function and purpose, but for brevity’s sake we will cover some of the most important types of these programs. A relatively simple and common program is a trojan. A trojan’s purpose is reflective of its’ namesake, in that it pretends to be a legitimate or crucial piece of software to trick the user into downloading it, and upon installation hides itself inside the local files of the and then unleashes its’ “troops”. That is to say, it begins to do what it was designed to. This can mean everything from copying data, to deleting it. A new(er) type of malware that’s been making rounds lately is malvertising-(you can read our previous TechBits article on malvertising to get a much more in-depth description). Suffice it to say that malvertising uses internet ads to infect the target machine. Ransomware is software that encrypts all the data on a network and holds the de-encryption key for a ransom, though on occasion even paying the ransom will not coax the attacker into providing the de-encryption key. Though it’s important to know these types of malware, there are countless variants, and the variants are increasing at an alarming rate.

What Can I Do?

When people think of malware they often feel that they are safe with a single antivirus, firewall, or (and this will make your IT cringe) having a Mac because Apple products “don’t get viruses” (yes, they do). Whereas this can be enough for personal devices on a home network, the modern business cannot afford to use only a single source of malware protection. The most secure networks have layers upon layers of security and are very difficult to break through. On a more practical level, it is typically acceptable to have two layers: one passive one active. An “active” layer of protection would be like the anti-virus you are probably familiar with, something to actively scan files in your network to locate and quarantine dangerous programs until they can be properly disposed of. Passive protection is a little different. An example of passive technology would be a web filter.  The Web Filter doesn’t necessarily actively search and root out malicious programs, but rather acts like a sieve and prevents many malicious programs from coming into contact with your network in the first place. Another source of protection that should be mentioned is Web Application Filters. Web Application Filters, or WAFs, monitor attempts from outside your network to gain access through applications that are Internet Facing (Such as web-based email, or self-hosted websites.  It is not uncommon to see thousands of attempts per day of malicious actors attempting to gain access to a protected system through a web-based application.

A question anyone with an IT background has been asked at some point (and probably more than once) is this:

“What antivirus should I get?”

It’s an excellent question, there are many, many options for anti-virus/anti-malware software, some are free some are paid. An adage to consider is that “you get what you pay for” – we like to add the codicil, “if you are lucky” at the end. One option that we at Micro Systems currently suggest is WebRoot, which is a comprehensive anti-virus software that we often  combine with the added protection of the commercial version of MalwareBytes. However, at the end of the day the choice for antivirus and malware protection will largely depend on your unique network environment.

twitterredditlinkedinmailtwitterredditlinkedinmail

Computer Memory

Introduction

To forget things you’ve learned is natural for us illogical humans, but what about computers? How exactly does a computer remember? Many people don’t realize that there are actually multiple different types of computer memory and they all play a different role in data storage and retrieval. As a consumer/business owner, it is imperative to know the difference between these two, and when they might need replaced. When it comes to computer memory, there’s no real short answer, so best to view the topic as a whole.

How Does Computer Memory Work?

Computer memory is tricky because it works less like our own memory and more like writing something down. The type of computer memory in this analogy is the material you’re writing on-sand or paper. There is two kinds of memory in a computer: volatile and nonvolatile. Volatile memory is like writing in sand; it’s there to be easily and readily accessed by your computer to make things faster, but the information is lost as soon as power is lost, like waves washing it away. Nonvolatile memory is more what people encounter when speaking of memory – it’s like writing on paper, its permanent. So if we have nonvolatile memory that never erases unless deleted, why do we have volatile memory? The purpose of volatile memory on your computer memory is to keep it readily at hand if the information is needed. It contains information like browser cookies, auto-fill, and temporary files. This decreases processing time these items would usually take up, since the computer can access its’ volatile memory to access them instead of having to download them from their original source. No doubt you’ve heard the term “RAM” in reference to computer storage, most people know that the more RAM you have-the faster the computer right? This is partially true, as RAM is the source of the volatile memory that ceases to be when your computer is turned off, so the more information your computer can temporarily hold, the faster it can potentially run. You might notice that if you leave your computer running without shutting down or losing power for extended periods of time it runs slower; this is because your available RAM is lower than it should be, since its’ been accumulating data without shutting down. It should be mentioned, however, that RAM is only half the story when it comes to the speed of your device-you should always be sure to know how much RAM your device can support at maximum.

How Can Computer Memory Affect My Company?

This is a topic many companies seem to brush to the sidelines and in reality, is something you as a business owner will want to pay close attention to. When it comes to your storage (that’s your non-volatile memory) running out of this means pretty effectively ending whatever functions your computers handle. With no space for new information, you will stop receiving email, lose the ability to save files, will be unable to download items from the internet, and you run the risk of having your main servers crash-one of the worst things that can happen to a business computer network. The importance of keeping track of your memory usage cannot be stressed enough in a business environment. It’s also important to keep an eye on RAM and volatile memory, which can cause decreased performance when low, though this is less often a problem. Luckily, there is a simple solution when it comes to remedying low memory: buy more. Memory is sold in all shapes and sizes and typically if, say, your servers are holding about all the information they can and need a memory upgrade, it’s just a matter of installing more RAM into the machine. That being said though, memory can be expensive to purchase in large quantities and many companies will want to avoid this entirely: don’t avoid this entirely. Whereas it can be expensive to upgrade a device’s memory banks, it’s more expensive to lose a server for extended periods of time because it ran out of space to write information.

Conclusion

Memory is an odd subject with computers, due to them storing information much differently than we do. As such, people often become confused when their computer develops a memory issue. Things likes low disk space are common and easily fixed, though there are some more obtuse issues that can crop up with memory, like what to do when a hard disk becomes physically damaged and writing to the disk becomes nearly impossible. Should something like this occur, you should immediately contact your IT professional.

twitterredditlinkedinmailtwitterredditlinkedinmail