Everyone enjoys having a more interactive internet experience, and one of the ways websites achieve this is through the use of JavaScript. Unfortunately, hackers and scammers can also utilize the same script to make malicious attacks on your system.

JavaScript makes the web experience very dynamic, enhancing the interactivity of many websites - you’ll see it everywhere, from Facebook to the most obscure sites on the web. Another reason it’s popular is that it’s compatible with all browsers, from Internet Explorer to Mozilla and even Mac’s Safari.

Unfortunately, this popularity and wide range of use also makes JavaScript a tool that hackers and other unscrupulous programmers can use to infiltrate and hack into a system. The attacks can be simple or complicated, ranging from simple spam to more elaborate scams. The degree simply depends on the purpose of the script’s designer. What’s more, a quick visit to an infected website can trigger an attack, if your browser is enabled to allow JavaScript to execute from that site.

The good news is that you can protect yourself from these kinds of attacks. Simply block JavaScript from executing from sites you aren’t familiar with - better safe than sorry.

• For Internet Explorer, go to Tools > Internet Options > Security, and set your bar to High. You can also input a list of trusted sites.
• For Firefox users, a free application called NoScript gives you control over which websites can execute JavaScript on your browser.
• Google Chrome users can select a universal disabling of JavaScript from all sites, and then add a list of sites exempted from the ban.
• Other browsers also have options to either disable JavaScript execution or prompt you for permission before the script is run from any website.

You should also be particularly wary of JavaScript attacks originating from malicious PDF files. Antivirus and security firm Symantec reports that almost half of all web-based attacks come from infected PDF files. You can disable JavaScript in Adobe Acrobat Reader by selecting Edit > Preferences > JavaScript, and then removing the check on “Enable Acrobat JavaScript”.

It might seem inconvenient to guard yourself from these sorts of attacks, but in the long run it pays to keep your system secure. If you want to know more about keeping your system clean and safe from attacks, give us a call and we’ll be happy to help you develop a customized plan that meets your particular needs.

Most entrepreneurs are not IT professionals or IT experts. Outsourcing IT services to experts is a definite advantage for business owners.

The term Managed Services is defined as “the practice of transferring day-to-day related management responsibility as a strategic method for improved effective and efficient operations”. (http://en.wikipedia.org/wiki/Managed_services) While large corporations regularly choose this technology solution, many owners of small and medium-sized businesses are still hesitant to go this route. Here are some reasons Managed Services can benefit all sizes and types of business:

1. IT is an integral part of most businesses.
Especially in recent years, the business world has become increasingly dependent on IT. Almost all businesses rely on some sort of technology. With this increased use of IT comes an increase in problems and outages – and even loss of data – all of which result in loss of productivity.

2. Faulty or under-supported IT causes costly downtime.
Small, in-house IT departments of one or two people are usually not able or equipped to handle occasional IT breakdowns, and employees must call on somebody else for help, sometimes resulting in hours or even days of lost productivity. This downtime greatly affects the bottom line of your business.

3. Technology is constantly improving.
Improvements in technology are continuing at a rapid pace. Equipment is upgraded and new specialties in IT are emerging. Small to medium-sized businesses are not equipped to keep up with these constant changes.

4. IT Managed Services provide state-of-the-art solutions.
Managed Services providers are experts in the field of technology, and bring knowledge and experience in the latest solutions to your business. And taking advantage of scale of economies, the Managed Services model gives you access to affordable state-of-the-art technologies previously only available to large enterprises.

5. Many businesses involve special compliance requirements.
Even small to medium-sized businesses can have complicated compliance requirements, but most owners do not fully understand how to comply with these regulations. Many Managed Services providers stay current on these regulations and requirements, and can help you translate them to your technology needs in order to stay compliant and avoid fees – and possibly worse.

6. IT Managed Services cost less in the long run.
With today’s economic downturn, IT budgets have been slashed in most companies. But bear in mind that businesses still depend heavily on IT, and work increases as resources diminish. This can bring about low morale for employees and lost productivity – and ultimately customer satisfaction suffers. While IT Managed Services may cost more in the beginning, lost productivity and lost customers cost a lot more.

The question is, are you an expert in IT? Most entrepreneurs aren’t. If you want to concentrate on your company’s core competencies without having to worry about your IT infrastructure, outsource your IT services to a reputable Managed Services provider.

Social networking is booming and blooming right now, and many organizations are seeing the benefit of utilizing the principles that revolve around social networks. However, there is also the need for company policies that manage the use of these networks.

One of these purposes is the creation of internal social networks which, in a nutshell, improve communication and information sharing within the organization. While some may worry about how employees will behave when such a mechanism is put in place, the results have generally been positive – employees view internal social networks as an extension of the workplace, and as such are usually at their best (albeit informal) behaviour.

Still, it is wise to have a policy in place that governs the use of your internal social network. Experts suggest drawing from existing IT / email / external social networking rules that are already in place, and simply extending and adjusting the policy to include points specific to the use of the internal social network. Also, it’s a good idea to consult a lawyer to avoid any legal obstacles or problems in the future.

Experts also recommend that department heads be given administrative duties in the social network, since smaller companies can ill afford to hire a person to manage it full time. So in the same way that a marketing manager, for example, handles the marketing department, he/she can also moderate discussions and topics within the social network that pertain to marketing and related issues.

Overall, internal social networks provide many benefits to companies that use them, but proper management and handling is needed. Always remember that unlike external social media platforms, internal ones are directly under your control and are a part of your organization – use them well in order to better and more efficiently achieve the goals you’ve set for them.

A new phishing technique has been discovered – tabnabbing “morphs” an unused tab in your browser into a lookalike website where you’re prompted to re-enter login information.

Dubbed as “tabnabbing”, the vulnerability was discovered by Aza Raskin, the creative lead for the Mozilla’s Firefox browser and co-founder of Songza, a music search engine and jukebox. Tabnabbing fools users into entering passwords and other sensitive information when an unselected tab in your browser appears to transform itself into a lookalike for a familiar website. You are then prompted you to re-enter a username and password, which in turn passes that information along to the hacker. Incidentally, Raskin’s blog post on the topic (http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/) demonstrates how the website can “change” into a lookalike.

Both Mozilla Firefox and Google are vulnerable to this type of attack, which is classified as “phishing” – a scam where users are tricked into entering login information into fraudulent websites masquerading as legitimate ones. Fortunately, there have been no instances – yet – in which tabnabbing has been used in phishing attacks, but Raskin says that he is “aware of other researchers and toolkits extending and expanding tabnabbing”. However, it’s very likely that phishers will be looking for ways to exploit tabnabbing soon, and are currently no fixes or patches released.

One way you can protect yourself from tabnabbing is to make sure that your browser has the proper anti-phishing features installed. It’s also important that your website is updated with the latest security features since many phishers like to exploit websites running old version web software, which they use to host phishing sites.

If you want to know more about keeping your system secure from the latest malware and security threats, please don’t hesitate to get in touch with us and we’ll be happy to sit down and discuss security options that fit your needs and requirements.

A money extortion scheme was revealed recently by security firm Symantec that warns website owners of a DDoS attack unless they pay up.

Security firm Symantec recently uncovered a scheme that purportedly attempts to extort money from website owners and operators in order to avoid the possibility of a DDoS attack. The capability of these extortionists to actually carry out the threat is still an open question, and it’s more likely that this may simply be an empty threat to try to get money.

The best action against these types of messages is employing screens to block such email from reaching your mailboxes. However, it’s best to seek the services of an expert to determine the extent of risk, and also to employ safeguards and response measures should an attack take place. If you find such messages in your mail, let us know and we can help.

Three online video conferencing services have put themselves at the top of the pack with new features that make them much more business friendly.

Many businesses these days are realizing the value of video conferencing and video chat. Not only do these tools eliminate transportation costs, they also drastically reduce unproductive time spent travelling. A simple phone call connects all parties instantly.

Video chats in particular are the cheapest of the bunch, with services offering video chats for anywhere from free to a minimal monthly fee. However, until recently, many of these services weren’t up to speed with the requirements and demands of businesses. Lagging transmissions, slow connections, and jumpy video were just some of the issues that plagued online video chatting and conferencing.

Recently, however, three online video conferencing services have put themselves at the top of the pack with new features such as group chat and improved performance that make them much more business-friendly. Let’s take a look at them.

Skype

Undoubtedly the best known of the three, Skype has long been a staple in online video calls and instant messaging, and now the beta version of Skype 5.0 offers video chats with up to 5 people at a time. It is also the most stable, with the least dropped calls, and is free to use. However, it is not without its cons – its interface takes some getting used to, and it is available for PC users only.

Tokbox

For $9.99 a month, you get crisp, clear video calls with up to 20 people, and basic chat free of charge. Tokbox’s user interface is very easy to use and understand, and allows you to send video e-mails, and share Tweet invites and your screen with other users.

Oovoo

Basic chats between two people are free, but with the paid version – the business plan is $39.95 a month per user – allows you to chat with up to six people at a time. Like Tokbox, it features screen sharing and Tweet invites, and also lets you record your video conferences. Like Skype, the interface can be a bit confusing to use at first, but the audio and video are high quality.

Considering video conferencing for your business? Give us a call – we can help you sort through the options and implement the best solution for your needs.

A scam to trick users into installing fake antivirus software harms systems instead of protecting them

Beware: a massive email campaign is underway to trick users into opening an HTML file attachment that redirects users to a hacked website containing links that further lure victims into launching a fake antivirus software package. According to security firm Sophos, the email messages are designed to trick people into paying to remove threats from their computer that may not really exist. Once a user’s system is infected with the fake antivirus software, it gives bogus warning messages encouraging them to pay for non-existent threats to be removed. Another danger involves users potentially revealing sensitive financial information such as credit card numbers to the hackers.

To avoid such threats, users are advised to never open suspicious emails, and to only use legitimate, well-known security providers and consultants in case they suspect something wrong with their computer systems. Working with trust-worthy vendors gives you peace of mind knowing your systems are safe.

How important is your data, and what would happen if you lost it? It is essential for any business to have a data backup to fall back on when the worst happens.

Let’s begin with a simple question: How important your data is to you? Think of all the information you have in your computers – all your databases, spreadsheets, documents, files, projects, emails, software – and think of how valuable they are to your business. Now try to imagine it all disappearing in an instant. What would happen to your company? What would you say to your clients? You’d have to start from scratch – and would you even have the capability to do so right away?

For most business – if not all – the result of a sudden and immediate loss of data would be devastating. Operations would be crippled, and productivity would grind to a halt. Many businesses rely on soft data and losing that data, simply put, prevents them from working on anything – at least until the data can be recovered or the system goes up again, and in some cases, they’d have to start from scratch again.

The difficulty of starting with virtually nothing is obvious. Things look a little brighter when a company goes the data recovery route, but the effects are just as debilitating to daily operations. For one thing, data recovery is not an exact science. Sometimes, if you’re lucky, all the data can be recovered, but many just a few tidbits of it can be retrieved, and sometimes you might get nothing at all. To top that off, data recovery is a long and expensive procedure, especially if you have a lot of data.

What is the solution then? Simple: back up your data. Data backup services are much cheaper than data recovery services, and if you lose your data, you have something solid and reliable to fall back on. Data backups are probably one of the most neglected aspects of data management for many businesses these days – but it is also one of the most essential ones. Some companies think that it’s a waste of time and resources. But in the long term not only do you pay a fraction of the cost of data recovery to have your information backed up, you also prevent your business from suffering if you lose everything.

You never know what events might happen that compromise you data. Natural disasters, accidents, and simple hardware failure can occur when you least expect it to, so it is only prudent and it’s responsible to make sure that your data is safely backed up. Talk to us – we’ll help you find the backup solution that’s right for your business.

Businesses gear up to provide products and services for customers on the go.

A new survey conducted by Adobe, a leader in software for the design and publishing industry, reveals great interest in emerging mobile channels among many businesses. Survey respondents from a wide variety of industries revealed an overwhelming preference for developing websites as their mobile commerce presence, compared with other types of mobile channels such as downloadable apps.

It seems that mobile websites promise the broadest reach in terms of being able to provide information to customers, promoting products and services, and selling and interacting online. The majority of those surveyed revealed that promotions were at the core of their mobile strategy to drive sales through online or offline channels.

Creating sites with rich, interactive experiences were highlighted as a means for businesses to possibly drive traffic to their sites. Among those who responded:

• More than 55 percent cited full-screen image zoom and videos as important factors in driving interest and sales.
• 96 percent asserted that the most effective merchandising features for mobile sites were catalogs and brochures, and the ability to zoom and pan images.

The increased interest is believed to be driven by the widespread adoption of mobile devices. In fact, analysts predict that by 2013, the combined installed base of smartphones and browser-equipped enhanced phones will exceed 1.82 billion units.

Two new viruses have been discovered to infiltrate systems through removable drives.

USB flash drives have become indispensable to almost everyone who uses a computer. It’s a quick and easy way to immediately transfer and share information and other data, especially files that are too large to send through email. Unfortunately, some malware take advantage of this convenience by attaching themselves to files on the drive to infect any other system it comes into contact with.

Two such malware have recently been discovered. Chymine is a Trojan application with keylogging capabilities, designed to copy passwords and other sensitive data, and Dulkis-A is a Visual Basic worm designed to copy and allow malware to infiltrate the system. Both exploit a vulnerability in Windows Shell.

Microsoft has yet to directly address the issue and provide a patch that fixes the problem. In the meantime, they have issued directions for a workaround that prevents both malware from manipulating the Windows Shell susceptibility. The workaround is effective for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server R2, but it comes with a cost – you lose all your icon graphics.

Success in removing the virus has been marginal at best, with current fixes including a warning that removing these malware might result in unwanted changes to your system because of the way the virus embeds itself.

The best way to avoid being infected, be careful not to run any suspicious programs and files, especially when taken from USB drives and any other removable storage, even from a Blackberry or an iPhone. It’s also best to avoid automatically enabling USB devices to autorun once they’re plugged into your computer.

If you have any concerns or want to make sure your systems are protected, give us a call and we’ll work with you to ensure the security of your systems and data.