Log in

Search our blog posts

This blog section of our site is provided to give our membership access to the site for posting information that they believe will be of value to visitors to the site. Opinions expressed herein are those of the author only.

  • 18 May 2016 8:40 PM | Fred Costa

    Employee Training On Cyber Security

    project-managementComputers are everywhere. We have them in our cars, in our phones and in our homes. Frequently, we work from home on our laptops, tablets or towers. Perhaps it is this universality that makes people tend to forget that cyber security is critical whether you are working remotely or on-site. In fact, a Houston managed IT services company will tell you that network security is essential, no matter where you are working. Just because you are miles away or in the office does not mean that you can relax cyber security.

    All employees need to be schooled in the safest methods to prevent hackers and others from accessing your company’s computer system. In Houston, network security requires diligence, an established cyber security policy and a constant remembrance that anything you do can leave tracks that can be followed all the way home.

    Any Houston backup and disaster recovery service would advise you to teach your employees about cyber security so they can avoid unintentionally exposing your system to the slings and arrows of miscreants. Here are a few tips that your employees should internalize so that they do not carelessly expose your network to unwanted intruders who are bent on stealing your customers’ data and using it to benefit their own purposes.

    • If you are a team leader or a foreman, your actions speak volumes to your underlings. It is important to set a good example and not leave such things as sticky notes with passwords affixed to your computer monitor. If they see your computer has notes all over it with password reminders, they may think that is an acceptable practice. Unless you set a sterling example, you have little room to criticize.
    • Do not overburden your co-workers with enormous volumes of security documentation. That is a sure way to guarantee that it will not be read. It is much better to send out a daily security tip that will be more likely to be reviewed. Your tips can be about procedure, vocabulary or best practices. Mentioning recent news events that highlight security issues without blaming your employees is also a great technique.
    • Do not let security issues slip between the cracks. If there has been a violation of your protocols, you have to treat it seriously. Any employee who is lax with their security needs to be taught the necessity of good habits. Make sure your employees understand that company-wide security is the goal and that all employees must make it their mission to keep your company’s computers safe.
    • Checking up on your employees will show your leaks. There are plenty of phishing scams that hit email inboxes every day. By teaching your employees to ignore and delete such emails, you are going to alleviate a major source of distraction and possible intrusion.

    Always have a supply of security tools available for your employees. They are more likely to use them if they are easy to find and easy to use. Malware screening, data encryption and virtual private networks (VPNs) are essential for users who might not be likely to use them unless they are sitting on their desktop or readily available on your server. Scanner systems do not work if they are not used. The best way to be sure they are used is to make them easy to find.

  • 30 Apr 2016 8:02 AM | Fred Costa

    Network Security to Protect Your Business from Wi-Fi Hackers

    Posted on April 29, 2016 by admin

    firewallHackers are busy folks these days. It seems like every time you turn around, another corporate entity has had its website infiltrated. In some cases, the hackers are looking for trade secrets. Sometimes, they are mining the site to acquire the customers’ private data. A very handy way to breach your security is via a Wi-Fi link. If you do not have a Houston managed IT services company handling your website and server, experienced hackers can easily slip past firewalls, find the programmer’s back door to the code or help themselves to sensitive data from employees who are logged in at the local coffee shop, motel or restaurant. Here are some steps that will help make your company’s website and server safer with more robust Houston network security.

    Secure your Office

    It is critical to lock down any potential weak links, especially on Wi-Fi routers and access points (APs). When that hardware is initially purchased, it is not secure. The first thing your IT department needs to do is enable encryption while they are being installed. If you do not, a passersby who are looking for free Wi-Fi could use your link to check their email or surf the web, which is disturbing but not disastrous. However, if you are unlucky, Wi-Fi invaders could gain access to your employees’ computer network and the files and passwords stored there. Employees often times send passwords to sites that do not require SSL encryption, including Facebook. Many identity thieves lurk in the shadows of Facebook, so it is important to secure your Wi-Fi routers and APs.

    You should also really tighten your server’s defenses using enterprise-mode WPA/WPA2 security. This may be harder to set up, but without such vigorous anti-hacking measures everything from your intellectual property, client data and bank account information might be exposed. Your website could be overtaken. Recovery would require the services of a Houston backup and disaster recovery team.

    Never use a single password and username for every employee of your company. If you do, you will need to change them every time an employee resigns or is fired. Otherwise, a spiteful employee could snoop on your employees just by logging onto the server.

    Off-Site Security

    Encourage your employees to avoid free public Wi-Fi hotspots. Coffee shops are good at brewing coffee. Network security is not their main concern. Hackers exploit these soft targets in search of data stored on the laptops and tablets of the coffee shop’s customers. If your employees absolutely have to surf the web while enjoying their morning coffee, remind them not to enter any personal information, passwords or credit card information. Tell them not to log onto the company network, Facebook or their bank from an unsecure Wi-Fi hot spot.

    Shared Folders

    Make sure your employees close shared folders when they are on the road. While they are great for office use, you do not want guests staying in the same hotel to have access to your company’s files.

    You can also set up a virtual private network (VPN) to encrypt data going from your network to an employee’s remote computer. Even if a hacker intercepts the data, your information is safe because it is encrypted.

    Your server’s security is only as strong as the weakest link, which is frequently a Wi-Fi router or access point. A predatory hacker can attack your system if your security is not state of the art. Call NSC Information Technology Group at 713-974-3889 to discuss your system and how we could make it more secure. Our experienced, expertly trained technicians will make certain that your server is able to withstand whatever a hacker can throw at it.

  • 20 Apr 2016 7:49 AM | Fred Costa

    Software Updates Can Compromise Your Company’s Network Security

    Posted on April 18, 2016 by admin

    networkWho gets the blame when a security breach occurs that exposes your company’s trade secrets or your customers’ secure personal data? A Houston managed IT services company will tell you that usually the answer depends on where the data was stored, how it was placed there and who had the rights to access it.

    Your commercial website is only as secure as your server is. Many businesses assume that their server is secure. However, security patches and updates that software manufacturers frequently distribute contain clues for hackers that they can use to compromise your Houston network security.

    Sometimes, a patch has its own vulnerabilities that are not discovered until a hacker has already commenced an automated assault on servers based on the weakness mentioned in the update’s script. That leads to the question of whether you should install patches as quickly as possible or if it is better for you to wait.

    If the software’s vulnerability is exposed before the manufacturer is able to fix the problem with an update, a hacker can launch an attack within a few hours. In that situation, you probably want to install the update when it becomes available. However, it is a good idea to turn automatic updates off because an installation could occur during your business hours, which might require your server to shut down and restart. You could lose valuable data when the system reboots, which will require immediate attention from a Houston backup and disaster recovery service. Your system might also completely crash during an automatic patch installation, which could prompt the dreaded blue screen of death for Windows users.

    It is better to have the program manager download the update and notify you that it is ready for installation. Then, you can install it at the close of business, over the weekend or whenever it will interfere least with your flow of commerce. The time that your server spends being unprotected is called a zero day. That is when security is at its weakest.

    Lately, many IT departments are wary of performing immediate updates even if they know it will not affect the normal course of business. They are unsure that a newly released, untested patch will not cause more problems than it solves. This cautious attitude was adapted in light of several patch fiascos initiated by major companies. Servers are not the only component being attacked. Mobile devices have suffered through such nuisances as Wi-Fi signal dropout, rapid battery drain, unexpected rebooting and poor or no audio.

    Microsoft’s very own update documentation says that you should only update your system if the risk of updating is less than the risk of not updating. Large companies with dedicated IT teams can set up a test area on their server to try out a new patch. Once they are convinced that it is safe, they can install it on the main server.

    Smaller companies that do not have the resources to test updates can wait a week or two before installing the update. This approach has two advantages.

    • The company can monitor the tech press and social media to verify that the update does not have its own set of problems.
    • If the original update has a bug and a patch is released to fix it before the company updates their server, the initial patch will not have to be uninstalled to install the latest update.

    Your servers and website are the heart of your business. Do not assume that they are secure. 

  • 31 Mar 2016 11:31 AM | Fred Costa

    In the past, companies allocated a large portion of their annual budget to travel expenses for their executives and sales personnel. Nowadays, business meetings are more likely to be conducted through some type of video conferencing. A Houston managed IT services company can empower your business to save money with this new technology. They can also help you increase your earnings by inexpensively accessing a remote customer base that was previously unavailable to you.

    Video conferencing is no longer just a standalone, room-centered technology. Now, it is an integral part of personal communications software on desktop and mobile devices. While these technological conveniences have made keeping in touch with friends and family members easier, the opportunities for businesses are in their infancy but growing rapidly. Advances in cross-platform integration and next-generation multimedia conferencing will soon establish video conferencing as the preferred form of business communication. Additionally, cloud-based connectivity will facilitate Houston backup and disaster recovery, which will make Houston network security even more robust than it already is. Here are some new trends that will open up the video conferencing arena even further.

    • Cloud-based servers are critical for running efficient, universally accessible collaboration software and video conferencing solutions. These integrations connect a company’s video conferencing solution to the numerous devices that employees use to interact with clients and staff members. Off-site team members employ smartphones and tablets more frequently than desktop or laptop PCs. Cloud-based collaboration will continue to erode device, location and platform-based barriers in enterprise and small-to-medium business communication.
    • In-person staff meetings, brainstorming sessions and small-team check-ins are no longer required. Room-based video conferencing is now the go-to method for routine business functions and for solving problems that would have required considerable expense in the past. As technology moves forward, video conferencing will become smoother, smarter, faster and more affordable. Although the technology may appear to be as simple as a flat-screen television, advanced software and high-resolution cameras will enable current capabilities with multi-way video conferencing at 720p or 1080p video resolution. Video conferencing technology has advanced quite a bit from its early days, but the future will bring even more seamless interoperability.
    • Businesses will also be able to tie together all their ongoing third-party services, including help desk software, customer relationship management (CRM) and the tools it uses to manage and gain analytics from its social media platforms. Businesses will optimize their productivity by using business intelligence (BI) services to reach their target markets by making smarter, more informed decisions. Collaboration and video conferencing tools will incorporate more integration and sharing capabilities, such as calendar applications, enterprise device management solutions, online accounting and voice over IP (VoIP) services. If these integrations do not already exist, the collaboration software will include an application programming interface (API) for developers and IT personnel to create and install their own.
    • While email is the business world’s default method of communication, modern collaboration software will soon end email’s reign by offering better live-chat options for direct group and team messaging. This centralized system of social feed and direct mention-based collaboration will gain more traction and eliminate long email chain messages filled with forwards and replies, which will enable increased employee productivity.
    • The next phase in the Internet communication revolution is coming in the form of voice and video calling that will be directly embedded in browsers. Web Real-Time Communication (WebRTC) is an open-source technology and API standard that will allow direct voice calls, video chat and data sharing without any add-ons, browser plug-ins or other applications.

  • 11 Mar 2016 12:32 PM | Fred Costa

    Why AES 256 Bit Encryption Is The Industry Standard For Data Protection

    Posted on March 7, 2016 by admin

    There is a simple reason why Advanced Encryption System 256 (AES256) is the most popular encryption system in use today by Houston managed IT services. If you utilize virtual private networks (VPNs), Active Directory authenticated networks or if you merely encrypt your data on box.com, it is likely that you are using AES256 whether you know it or not. That is because AES256 has never been cracked, despite constant attempts to break it. Why would hackers continue to try to open up the system to their attacks? That is because the advanced encryption system AES256 is the guardian of a million secrets. It is used to protect classified governmental secrets, banking data and personal health records across the world.

    What Makes AES256 So Safe?

    Every Houston network security company knows why AES256 is safe and the algorithm has been accepted by the United States and Canada as the standard for encrypting transited data and data at rest. This is due to the 256-bit key and the inclusion of 14 hashes. Hackers are at a severe disadvantage when trying to crack it, and they will not be able to do so for many hundreds of lifetimes to come. Another advantage is that it is easy for developers to incorporate into their programs because there is already a series of existing extensive code libraries that have been created specifically for future use for Houston backup and disaster recovery applications.

    The 256-bit encryption key is the gatekeeper of the system in both directions. It is the same if you are writing to or reading from the system. There are other version, such as AES128 and AES192, but they are not as popular because the 256-bit key is harder to crack. However, you must not lose the keys because you will lose both the data at rest and the entire conversation completely.

    In the past, hashing data occupied your computer’s CPU, but now that systems are more powerful, everything, including desktops, notebooks, tablets and even smart phones, can handle hashing transparently with no loss of performance. However, servers that are tasked to run several versions of the AES256 algorithm might lose some of their speed while encrypting.

    They say that AES256 can never be cracked without the services of a powerful psychic using binoculars with measured keystroke bounces. There have been countless attempts to crack it, but they have all failed. The National Security Administration is the only agency that knows if the system can be cracked, but even if that were possible, it would take extraordinary processing speed and numerous computers dedicated to that single task.

    How AES256 Works

    Your precious data resides in either plaintext or ciphertext. Plaintext is simple unencrypted text, and ciphertext is text that has been encrypted by an algorithm. You create plaintext and when it is loaded onto a platform to rest or be recalled later, it is encrypted and can only be recalled if you have the correct key for the symmetrical algorithm.

    If your data is a stationary target, there is always a chance that it could be vulnerable, however, AES256 ciphertext has never been successfully attacked when it has been implemented properly. NSC Information Technology Group understands how to use AES256 to its fullest extent. We can combine it with hardware aids that will share the processing burden that the algorithm exerts on your system. AES256 is able to resist all manner of hacking as it is. Further algorithms and ciphers can be added, but that usually defeats the simplicity of the encryption. There is really no need to embellish AES256. It is robust enough to withstand the most virulent attacks and remain uncompromised.

    Contact NSC Information Technology Group to see how AES256 can protect you from hackers who are looking to raid your data.

    Posted in Cyber Security | Tagged Houston Backup and Disaster Recovery, Houston Managed IT Services, Houston Network Security | Comments Off on Why AES 256 Bit Encryption Is The Industry Standard For Data Protection

  • 29 Feb 2016 1:24 PM | Fred Costa

    Outsourcing your company’s IT department can save you money in many areas. By allowing a group of highly-qualified experts at a professional technology firm manage your IT needs – servers, emails, security, firewalls, etc – you, the business owner/manager can do what you do best, while allowing the experts to handle the technology side of things – exactly what they do best. IT firms employ experts to handle things as they happen in real time, and will strive to set your company up to stay ahead of potential known issues. In-house teams are usually small teams (if comprised of more than 1 person) with long lists of to-dos. Professional IT outsourcing companies have teams allotted for certain task such as real-time emergencies and ongoing maintenance.

    In addition to managed IT and IT consulting, the offering of constant network security and support services can ensure that there are no vulnerabilities within your network. Not only can you rest easier knowing your important documents and data are safe, but you can offer your clients the news: their information is protected as well.

    IT Consulting firms offer many services including cloud integration services, structured cabling, and backup and disaster recovery planning. Many of these services are so important in today’s age of “hacking” and protects your business against natural disasters. In the event of a malicious attack, repetitive data backups will allow you to restore business functions immediately protecting your business and all of your data.

  • 08 Feb 2016 11:03 PM | Fred Costa

    Smaller Houston companies may be at risk of hacking attacks despite their relatively low profile in the business world. Computer viruses, ransomware and other malware can pose a real threat to sensitive company data and can bring regular operations to a standstill. In some cases, smaller companies may make even more attractive targets for criminals thanks to lower levels of security and reduced risk of detection during the digital infiltration process. Working with a company that offers Houston managed IT services can provide solid protection for small businesses against unauthorized access to information, allowing these companies to stop digital criminals in their tracks.

    Evolving Risks Require Cutting-Edge Strategies

    While most business enterprises employ some form of antivirus protection for their computing resources, modern criminals have developed an entire arsenal of strategies designed to move past these basic defenses:

    • Ransomware programs gain access to company files and encrypt them to prevent access by the rightful owners, who must then pay a sizable sum to regain control of these software packages and data files.
    • Password crackers use advanced algorithms to guess user passwords and to gain access to restricted financial, proprietary or confidential information.
    • Distributed denial of service attacks result when hundreds or thousands of computers are infected with a virus that causes them to request information from corporate servers in a concerted effort to render websites unreachable by patrons, clients and customers.
    • Phishing, also known as social engineering, involves direct attempts to elicit confidential information from staff members through phone calls, emails and other points of contact.
    • Data interception is sometimes called packet sniffing and takes place when a hacker gains access to information on its way into or out of your corporate network.
    • Malware programs can log all keystrokes on a particular computer to gain access to personal employee information or to obtain passwords for servers, software packages and other sensitive company data.

    Each of these techniques can offer hackers an easy point of entry to your small business network. Taking steps to secure your computing resources is critical to your ongoing success in the modern business environment.

    Risks of Unauthorized Access to Information

    Apart from the obvious issues involved with malware infections and the potential for misuse of financial information, data breaches can also cause a number of added problems for small business enterprises:

    • Failure to protect sensitive information can cause lasting damage to your company’s reputation and brand.
    • You may lose current and potential customers due to ongoing negative publicity regarding the data breach.
    • Repairing and remediating damage to computing resources can sometimes be prohibitively expensive.
    • Unplanned downtime can result in lost sales and lost revenues for your company.

    Outsourcing your corporate IT functions to an experienced Houston network security firm can help you to prevent data breaches and to protect your confidential information against unauthorized access.

    Enlisting a Little Professional Help

    Investing in managed IT services is a cost-effective move for small businesses. These computing professionals can assess your company’s current level of security and can identify areas in need of further attention. Houston backup and disaster recovery firms can allow your company to maintain regular operations in emergency conditions and can promote a more positive image of your brand by ensuring that you stay online even in difficult situations. By outsourcing your company’s IT needs to a professional firm, you can significantly reduce the risk of unauthorized data access by cybercriminals and casual hackers alike.

  • 21 Jan 2016 12:13 PM | Thomas McCulloch
    Attorney-CPA Thomas W. McCulloch presents, Estate Planning Advocating for Aging Americans Ethical and Practical Considerations”© at the 2016 Southwest Regional Education Conference of the American Academy of Attorney-Certified Public Accountants in San Antonio, Texas on Saturday, Jan. 23, 2016.

    The presentation is an in-depth legal technical analysis of estate planning changes evolving in order to meet the ever-changing needs of aging Americans.  Today’s world demands a focus on topics such as planning for 30 years of retirement,  financial exploitation/abuse, capacity and guardianships and helping Americans address the opportunities and challenges of aging.

    As estate planning, tax and elder lawyers who serve Houston’s aging population, it is vital that we maintain rigid accountability on meeting client expectations, as well as uphold the highest levels of integrity and accountability in serving our aging demographic.

    For more information on various estate planning topics in Houston, please visit www.houstonelderlawyer.comto read past blogs or to enroll in Tom’s e-newsletter.  You may reach Tom via email at tom@houstonelderlawyer.com or phoning 713-624-4294.  

  • 22 Jul 2015 1:12 PM | Thomas McCulloch

    Are you an advocate? I sure hope so!  I am counting on the fact that as an engaged professional or business owner that you are constantly advocating for the best value, the best possible service or the best experience for your clients or prospective clients.

    As most of you know, estate planning for seniors or their families, elder law and elder care is more than a profession for me.  Helping families get it right multi-generationally, secure quality care and define their long term care goals is a passion for my entire team.  In fact, my wife, Janet Jackson-McCulloch, and I have dedicated a better part of the last three decades to providing a continuum of care that I don’t believe any other estate planning or elder law firm in Houston provides.  Our unique approach to partnering our two companies, Weiner & McCulloch, PLLC and Elder Advisory Group, allows us to provide our clients some of the most comprehensive aging life care options available to aging Americans and their families.

    I hope you join me during my Member Spotlight presentation on Thursday, July 30 where we’ll discuss ways that you can help your clients, families, friends and associates learn more about life care planning --- it’s about more than drafting a will and naming beneficiaries.  You are an advocate and you are in a great place to help share valuable information within your circle of influence.  Hope to see you Thursday!

  • 26 Mar 2015 2:59 PM | Mark Madeley (Administrator)

    For small business owners, avoid being caught by surprise. You can file by paper or online. Your CPA is probably the best adviser on what information and amounts to provide on these reports. Sometimes you will want the information to tie to an asset schedule that your CPA maintains for your Federal taxes. This can be very helpful for business automobiles. Other times, it may be possible to elect the "under $20,000" option and from year to year to select the "no changes" option. Simple is great if that will work for your quantity and value of business assets.

    It's possible to fly under the radar on this tax if you are self-employed and work from a home office. With a computer and desk being about all that my business "owned," it was tempting to avoid filing because of the paperwork, not the cost. Ultimately I chose to let myself be known to the appraisal district and pay what has been a very small tax, $53, which does pay for services I use or others in my community need and can't afford, such as medical care and, especially, child education.

    Renditions (the report of your values) are due 4/15. You may extend to 5/15 with the proper form. You may also sign up for online reporting. www.HCAD.org is the website.

    Happy renditioning!

Powered by Wild Apricot Membership Software