Monday

8 questions about Windows 7 End of Life - #3 of 10 Cybersecurity for 2020

Frequently Asked Questions: Windows 7 End of Life (EOL)
We know it is not easy to make changes, especially to the computer that you are familiar with working on, but now that it’s about to lose vital security update support...  It’s time to move on! Windows 10 offers a significant upgrade in user productivity and security support, which will make the upgrade worth the cost for many companies.
If you’re facing an upgrade from Windows 7, here are several answers to the most common questions we get asked about and what EOL means for you.

Is there a Difference Between End of Mainstream Support & End of Extended Support?
  • Mainstream support includes feature updates, security updates, technical support and the ability to make feature requests. It is typically active for the first 5 years of a product’s lifecycle. Mainstream Support ended for Windows 7 on January 13, 2015.
  • Extended support still keeps some feature updates patching, along with those critical security updates. You lose the ability to make feature requests and some support options, but not all. Once Extended Support ends, ALL support is gone, including security updates.
Can I Keep Using Windows 7 After January 14, 2020?
Yes, but you’d be leaving your business at serious risk for a data breach.
There’s a connection between outdated software and compromised devices and networks. The famous WannaCry ransomware attack that impacted hundreds of thousands of systems in 2017 was studied, and it was found that nearly 70% of infected systems were running outdated software, Windows 7 to be exact.
Here’s what you’re facing if you keep running Windows 7 after it loses all support:
  • More significant risk of data breaches & malware infections.
  • Any new software will be less likely to work properly.
  • New printers, hardware or other devices will have a difficult time functioning.
  • Technology is always advancing and you’ll be left behind.
  • Technical support will be hard to find. Tech's don't want to be the last one to touch an old machine that is at risk of being breached.
How Do I Know If A Computer Can Upgrade to Windows 10?
If you have had that computer around the office for a long time, you may have a few problems trying to update your computers to Windows 10.  The old machine will need to meet the minimum requirements to support the new Operating System (OS).
Windows 10 requirements include:
  • It should have the latest version of either Windows 7 SP1 or Windows 8.1 Update.
  • Processor: 1 GHz or faster or SoC
  • RAM: 1 GB for 32-bit or 2GB for 64-bit
  • Hard disk space: 16 GB for 32-bit or 20 GB for 64-bit
  • Graphics card: DirectX 9 or later with WDDM 1.0 driver
  • Display: 800 x 600
What About Windows 8? Will It Go EOL?
If you are running Windows 8, then you’ll have a few more years before Microsoft support stops. The Windows 8 EOL date is January 10, 2023.

Will Internet Explorer (IE) On Windows 7 Be Supported?
No, support for Internet Explorer on Windows 7 computers will also be discontinued on January 14, 2020.

How Do I Get A Free Upgrade To Windows 10?

If you are working with 10D Tech and our Managed IT Support: Full Subscription, we include upgrades to the Windows 10Pro Operating system on approved and verified computers.  

If I Can’t Upgrade in Time, Do I Have Any Other Support Options?
Wellllll … Yes, Microsoft has created a lifeline for users of Windows 7 Professional and Windows 7 Enterprise because you are not the only one who has put off making the change. However, it will cost you! You can purchase extended security updates through January 2023, but why?  For about the cost of paying for the extended support, you can refresh your work stations to brand new. We have some really great solutions that will bring your networks up to date, refresh your technology and keep you working without the worry of your computer left alone out in the world of Bad Guys like a single antelope on the Sahara surround by a pack of Jackals. Unfortunately for the Windows 7 Home version – NO!  

Which Windows Operating System Am I Running?

Windows 7
  1. Select the Start button, type Computer in the search box, right-click on Computer, and then select Properties.
  2. Under Windows edition, you'll see the version and edition of Windows that your device is running.
Windows 8
  1. To find out which version of Windows your device is running, press the Windows logo   key + R, type winver in the Open box, and then select OK.
  2. If you're using a touch device, swipe in from the right edge of the screen, tap Settings, and then tap Change PC settings. Continue to step 3.
  3. If you're using a mouse, point to the lower-right corner of the screen, move the mouse pointer up, click Settings, and then click Change PC settings.
  4. Select PC and devices & PC info.
  5. Under Windows, you'll see which edition and version of Windows your device is running.
  6. Under PC & System type you'll see if you're running a 32-bit or 64-bit version of Windows
Windows 10
  1. To find out which version of Windows your device is running, press the Windows logo  key + R, type winver in the Open box, and then select OK.
  2. Select the Start  button & Settings  & System  > About 
  3. Under Device specifications & System type, see if you're running a 32-bit or 64-bit version of Windows
  4. Under Windows specifications, check which edition and version of Windows your device is running

Avoid these 10 CyberSecurity mistakes in 2020: Network Breach

You are NOT Exempt from Online Attacks - 2 of 10

We frequently meet with small to medium size clients that have this false opinion that their business is too small or trivial to be targeted by Bad Guys, hackers, scammers, trouble makers or just general criminals. The fact is that every business, large or small, are possible targets for these criminals. The threat has become such a concern the Federal Bureau of Investigation (FBI) issued a High Impact Cyber-Attack Warning. On October 2, 2019, Alert Number I-100219-PSA describing and warning against ransomware attacks. Read the full alert release here https://www.ic3.gov/media/2019/191002.aspx


Last year a report written by the Ponemon Institute produced a survey of 1000 IT Support providers about the state of cybersecurity in small and medium-sized businesses. It revealed that 67% of their SMBs have encountered a cyberattack while another 58% have had a data breach in the previous 12 months. Another report writes that 60% of all SMB’s that have had a breach fail within 180 days. The breach will cost SMB’s: time, money, loss of reputation, possible fines, network downtime, loss of revenue coming into the business, loss of data and maximum effort to fix what was broken or stolen.

Find out if a business that you work with has been breached …“Oregon law requires businesses and state agencies to notify any Oregon consumer whose personal information was subject to a breach of security. In the event that a breach affected more than 250 Oregon consumers, the law also requires that a sample copy of a breach notice sent to more than 250 Oregon consumers must also be provided to the Oregon Attorney General.”  https://www.doj.state.or.us/consumer-protection/id-theft-data-breaches/data-breaches/

Most of these breaches were preventable. Furthermore, companies that do not manage credit card data or any customer/client information believe that cybercriminals will not target their company network. In truth, the Bad Guys are targeting multiple computer networks to find vulnerabilities, obtain sensitive information, take control of your network, lock your data up and demand financial payment to have it restored or just to cause damage.
The simple fact is if your business/organization has an online presence, you are at risk and must adopt cybersecurity as a business strategy to guard both your stored data and network resources.

Call us, 10D Tech, if you would like to create a technology security plan that prevents the crime and recovers the network/data quickly in case of a breach.

Friday

Avoid these CyberSecurity mistakes in 2020: Passwords


It could be stolen customer data, phishing, or ransomware attacks, successful cyberattacks will affect businesses of any size and in any industry. A study last year by Juniper Research exposed that breaches in cybersecurity are likely to result in the theft of over 146 billion records by the year 2023, while identity theft has already affected over 60 million Americans.
It won’t matter if you are offering professional services (Doctor, Lawyer, Accountant), running a local or global business operation, establishing an online presence has now become necessary for recognition and, ultimately, business success. A security breach can destroy a business in a number of ways, including loss of business revenue, client trust, loss of data, fines, penalties, as well as lost income while the breach is secured. 
The continually expanding awareness by word of mouth, media advertisements, social media and direct conversations with security experts about cyber attacks and online threats, business enterprises are investing effort and money into improving their cybersecurity through better tech, training and tools. Still, an analysis of even the most sophisticated online attacks reveals that security is often imperiled by the most elementary mistakes that can be easily fixed by any business, organization or at home.

Poor Password Management

Weak or duplicate passwords are among the first reasons leading to cybercrimes including brute force attacks. A brute force attack opened over 1,000 user accounts due to weak passwords. The bad guys used the company email directory to compromise accounts that had weak passwords. Examples of weak passwords that are still used include “123456,” “password,” and “qwerty.”
What are the best practices in password management that can improve cybersecurity?:
  • Use of complex passwords that incorporates alphanumeric and special characters.
    • I had LastPass generate the following: 7MG87@o2^VzILBwe I won’t have to remember it as long as I remember a single Master Password for LastPass.
  • Enable 2-Factor Authentication (or 2FA) that can be used with strong passwords to safeguard user access.
    • We all have smartphones today, setting up 2FA is quick and easy.  Search for the Google Authenticator in the app store and you are almost done
  • Avoid the use of the same passwords in multiple business accounts.
    • Once bad guys figure out you have used the same PW in 2 accounts they will try them all using your email address or known user name.
  • Use of desktop or smartphone apps that can securely store (or even regenerate) passwords instead of writing them down on a post-it or note pad.
  •  Maintain the habit of periodically changing passwords for all your accounts.
    • The password manager, LastPass, can be used to change many of your passwords with a single click. You won’t need to know what the PW was changed to …. Provided you remember your Master Password to access LastPass.

The next post in our preparation for 2020 Cyber Security Awareness is:   
"Your business is NOT too small to be a target."

Windows 10 Hidden Tricks

Windows 10 Hidden Tricks
Sometimes I just wanna know stuff and while browsing some recent articles, I came across this one from PC Mag (https://www.pcmag.com/feature/347136/25-hidden-tricks-inside-windows-10/5 ) about some hidden tricks that came with the latest updates to Windows 10.  Some other tricks I found in the article are Shake (a quick way to clear cluttered windows), God Mode (for experienced users only!), Hidden Games and 3D Viewer. Go ahead and read the article, see how many of the hidden options you knew about and try out Shake.

While on the Windows 10 Subject. Microsoft ended mainstream support for Windows 7 in January 2015, with extended support running till January 14, 2020, 2 months from now. Businesses that fail to migrate in time will be saddled with high fees for further support from Microsoft.

This End of Life means no more bug-fixes, security patches or new functionality, making any user - personal or enterprise - significantly more susceptible to malware attacks. Just as it did with Windows XP, Microsoft will continue to offer support for those Windows 7 users still reluctant to upgrade to its Windows 10 OS, but it'll cost you.


However, there's absolutely nothing stopping you from using Windows 7 even after its End of Life. But you should know that using an outdated operating system makes your computer vulnerable to cyber-attacks.

As always if we can help you with a Windows 10 migration or any other support issues call us 541.243.4103

If you enjoy these short IT Tips subscribe to our Monday Morning Minute of Top Tech Tips (MMMTTT)

Thursday

Disposing of your PC

How to get rid of your computer


#1 Save essential files

Back up your data or transfer files to a new computer. The easiest way to do this is to invest in an external hard drive. If you're looking for secure ongoing backup and file syncing solution, use a cloud service such as Box, Apple iCloud, Google Drive or Microsoft’s OneDrive of for more assistance call 10D Tech 541.243.4103

Backing up data to the cloud will quickly transfer it back to a new machine or enable access to it via an Internet connection, even from your Android or iPhone. Storing data in the cloud is also very convenient if your computer dies and you need to restore your files. You can also get to the data if you travel and need access to data or information on a different device.
  1. Delete and overwrite sensitive files: Tax documents & other confidential data should be deleted with software specially designed to meet the government standards for secure data deletion. For hard drives in Windows PCs, try File Shredder (its free). For the older Macs with hard drives (pre-OS X El Capitan or OS 10.11) select the “Secure Empty Trash” option after deleting your files. You’ll see it under Finder > Secure Empty Trash. Macs with OS 10.11 and higher and Windows PCs with SSD drives, encrypt your drive. Encryption should be a standard practice at all times with all computers if it is available. Wiping your drive after these steps will securely erase your files.
  2. Turn on drive encryption. For Windows PCs with SSD drives, go to Settings > About. Toward the bottom, you'll see either an option for Drive Encryption or Bitlocker Settings. Follow the prompts to encrypt your drive. For Macs, go to System Preferences > Security & Privacy > FileVault and select Turn On FileVault. You'll then select a password and select Restart.
  3. Deauthorize your computer. Some programs, such as iTunes and Microsoft Office 365, only allow you to install software on a limited number of computers or allow a limited number of computers to access your files. So be sure to deauthorize your old equipment from your accounts - before uninstalling any programs.
  4. Delete your browsing history. Your internet browsers save info about your internet browsing history. How you have your settings configured, you may even store your usernames and site passwords at various websites. Obviously, you don’t want a stranger or, worse, a stranger with bad intentions having access to this information. For Microsoft Internet Explorer, you click on the cogwheel in the upper right corner, and it will open the browser menu, then click on the Safety option, and then Delete Browsing History. Make sure all of the checkboxes are chosen, so it all gets removed. Repeat this step for any other browsers on your computer (Firefox, Safari, Chrome). Firefox and Chrome, you will need to first sign out of your browser.
  5. Uninstall all of your programs. Many programs, such as Microsoft Office, will contain personal information like your name, address, and other details. We recommend uninstalling all programs before disposing of your computer. To uninstall programs on a PC: Start>Control Panel>Programs>click on program>click uninstall.
  6. Consult your employer or IT Dept about data disposal policies. If your computer is used for business, check with your company or IT Support company about how to manage the organization related information that is on your computer. Local, State and Federal laws require businesses to follow data security and disposal processes for deleting personal information about clients and customers.
  7. Wipe your hard drive. Once you've gone through and removed the information and data you know is there, perform a factory reset so you are confident that you have removed ALL of your personal files & software programs. Now restart your computer. Once the machine is back up, download & install the application “Eraser,” choose the most current version.
  8. OR physically damage your hard drive. If you are only looking to recycle your computer and are very anxious about somebody recovering your files, take out the hard drive and drill a couple of holes in it OR utilize the anger management training and beat the heck out of it with a hammer. This works for CDs, Jumpdrives cameras, etc, once the files you want are off them, a drill or hammer is a great way to say goodbye to your old media.


Friday

Living The Human Firewall Life

From the 10D Monthly Security Awareness Newsletter

The 5 Traits of a Human Firewall 
The security of our organization depends upon you, the human firewall. You help prevent security events and control the input and output of sensitive information by exhibiting these five traits. 

Trait 1: Thinking before clicking
Phishing attacks remain the top strategy in every cybercriminal’s playbook. They flood organizations with emails containing malicious links and documents, knowing that all it takes is one click. Generic attacks are easy to spot, thanks to their poor grammar, spelling, or awkward phrasing. Others take a much more sophisticated approach, as in the case of spear phishing, which targets specific people and organizations. A human firewall reads emails carefully, hovers over links to display the full URL, and treats all requests for sensitive data with skepticism.

Trait 2: Using situational awareness 
Situational awareness simply means minding your surroundings, staying alert, and never making assumptions. For example, if you see an unfamiliar person in an area normally reserved for authorized personnel, or notice a secured door left open, don’t ignore it! Maintain a clean desk so as not to lose sensitive materials, and shred those materials when no longer needed. When traveling or working remotely, keep an eye on your personal belongings, stay alert for shoulder surfers, and use discretion when accessing or discussing highly sensitive information in public. These are all basic, non-technical behaviors of a strong human firewall.

Trait 3: Respecting privileged access
Access includes everything from login credentials to badges or keycards that allow you to enter secured areas. Respecting access means ensuring that whatever clearance you’ve been granted never gets misused for any reason. It means closing and locking doors, preventing tailgating (when someone slips in behind you without you knowing), never allowing someone to borrow your credentials, locking workstations when not in use, and maintaining strong, unique passwords for every account and every device.

Trait 4: Reporting incidents immediately 
Incidents happen. Reporting them immediately is the only way we can mitigate damages and reduce future risk. It doesn’t matter how big or small the incident seems. A secure door left open, an unknown individual hanging around the office, a phishing email, a smart device or computer malfunctioning—we rely on strong human firewalls like you, to inform us of these types of incidents as soon as possible. If you see something or hear something, say something!

Trait 5: Always following policy 
Human firewalls always follow our organization’s policies and never circumvent them for any reason. Why is this so important? Because policies define our security culture. They set the standards for how data is collected, stored, transferred, and destroyed when no longer needed. They exist to ensure that the privacy of our employees, clients, consumers, and partners remains intact. Failure to follow policy could lead to data breaches, ransomware attacks, or other damaging security incidents. And while we require that you know and follow our policies at all times, we also encourage you to ask questions when you’re unsure of something.

Tuesday

Back to School Edition: Keeping children CyberSafe

Start With These 11 Easy Tips to Keep Kids Safe Online:
1.   Talk to your kids!
2.   Turn on the "Do Not Track  Tool" on your browsers.
3.   Read the Privacy Policies on all the services and apps you use.
4.   Never share passwords and make strong passwords.
5.   Keep personal information personal (don't chat/send photos to strangers).
6.   (For Kids) Ask permission before signing up for anything.
7.   Know how to recognize ads and don't click on them.
8.   Respect age limits on all social networking sites.
9.   Set privacy settings on all social networking sites.
10. Advocate for Cyber Civics lessons at your school!
11. Talk to your kids!

This is a good link to send to your teens. Yes they will roll their eyes at you when you require them to read it but the constant nagging reminders WILL help protect your teens from the bad guys (If they do bad things, they are bad guys regardless of their gender) included in this link is how to best set the security settings for Facebook, Twitter, and Instagram. G+, Tumblr, Meetme and a new one I just found to be rising in popularity TikTok, all have security settings that need to be changed to protect your teen, your family network, your business network and potentially you, the parent, personal information.  We do not recommend Snapchat, because of the false sense of anonymity young users experience.  The false sense of secrecy encourages teens and young adults to post things in Cyberspace that they would never want to be revealed to the world.  


For Teachers: This site has 3 good cartoon-like video stories about Cybersecurity with good discussion stating questions. https://www.esafety.gov.au/education-resources/classroom-resources/challenge

8 questions about Windows 7 End of Life - #3 of 10 Cybersecurity for 2020

Frequently Asked Questions: Windows 7 End of Life (EOL) We know it is not easy to make changes, especially to the computer that you are f...