Computer Threats: Fake Updates from Symantec Products

One of the fastest-growing methods cybercriminals are using of disseminating malware is through fake antivirus software. Fake antivirus software can either be a program that claims to be antivirus software that does little or no work, or it can actually be a Trojan horse, disguised to actually implant malware onto a computer. The purpose of it is to scare a user and get the payment out.

The reason why fake antivirus software can get around powerful protection is because of social engineering. Social engineering is the term used to describe the act of tricking an unsuspecting person into giving up information or money. Specifically, this is done in the context in the digital world where the trick is done remotely.

Question:

I have Norton Internet Security on my computer, and heard that it was hacked. Now, I’m getting e-mail from Symantec saying that I need to update my security, and the e-mail provides a link. I know you say never click a link in an e-mail, but what do I do about my security?

Answer:

You’re wise to question that e-mail. Hackers did indeed break into the network of security developer Symantec and stole the source code for multiple security programs, including your Norton Internet Security. While that happened back in 2006, the hackers just released new information related to that incident last week, so there is renewed concern.

Now other hackers are taking advantage of the situation and sending fake e-mail with malicious attachments and links. Remember, Symantec programs update themselves. The company will never send you update links or attachments via e-mail. Symantec will also never ask for your personal information.

That e-mail is a fake. If you use Symantec products, you’ll need to watch them carefully for available updates.

For more information on keeping your computer virus free, visit our site at OrangeCountyComputer.com and read our few simple and effective steps for proper security on your desktop/laptop system.

True Impact of The Cloud

The cloud model is the result of the creative reimagining of several technologies, most notably virtualization. It takes advantage of the widespread availability of high-bandwidth Internetworking, and grid-like scalability of hardware and software, all fueled by the availability of commoditized (i.e. affordable) infrastructure. This has enabled the realization of a true services-focused approach to IT that can offer a level of flexibility and responsiveness not easily attainable through the traditional route.

On the surface, this addresses many of the IT-related complaints of the frustrated business user. In addition, barriers to access are low, and the cloud provides an instant alternative to anyone with a credit card. This is unlike traditional IT models where cost (if apportioned at all) is often essentially a “tax” over which users have little or no control.

In this case, cost is based on real usage, meaning if a business doesn’t use the service, it doesn’t have to pay for it. The net of this is that we are at the precipice of a major transition in IT that is likely to dwarf those of the past. The critical question: Is IT ready for this?

A recent GlassHouse survey of more than 100 enterprise IT professionals suggests that many are not ready. In fact, when asked where they were in development/deployment of a cloud strategy, 31 percent said they had established a strategy or had a proof of concept underway while 69 percent were either still in the investigation stage or had no plans.

The most common reasons cited for not having a cloud strategy were related to security concerns, data recovery and ownership issues — and simply being too busy with other activities.

While all are valid issues, none are insurmountable. For example, in the area of security, the capabilities and expertise of major cloud providers — with many years of experience in the cold, cruel world of the public Internet — exceed that found within many organizations. The challenge is weeding out the true barriers from the excuses that simply justify saying “no.”

Traditional IT vs. a Cloud Service Provider

The concept of delivering a services-based approach to IT has been with us years. Its focus has been on clear definitions of service requirements (service level agreements and service catalogs), measurement and reporting, consumption-based cost models, and mature (ITIL-influenced) operational practices — all goals for some of the leading IT organizations.

However, evolving to this level of service delivery has not been easy, and for some organizations, the goal of becoming a true service provider proved to be too difficult — a worthy goal, but a bridge too far.

As a result, a majority of organizations remain heavily techno-centric, focused on building reliable infrastructures and relying heavily on vendors for technical direction. Although it’s becoming less common, many IT shops still operate on a project-focused, quasi-customized model that does not lend itself to the responsiveness and flexibility being demanded by the business.

By contrast, in a cloud, it’s once again all about service delivery, or more specifically, automated service delivery. Cloud providers leverage technology to provide standardized offerings that can be self-selected and automatically provisioned. This enables dramatic scalability and allows IT staff to focus on other tasks required to support the cloud, including developing and improving activities related to

• Orchestration, configuration and lifecycle management;
• Demand planning, capacity management and forecasting;
• Metering and analytics
• Customer management, including SLA reporting and accounting.

It’s notable that these areas are where IT often lacks focus or demands modification of an effort that is currently in place. Rest assured, there are plenty of vendors of all sizes working on cloud tool suites to address these gaps.

Making the Transition

The cloud era is upon us. As newer, non-IT-sponsored, mobile devices have pervaded the workforce and IT has been forced to respond, the cloud genie is out of the bottle. Unlike the mobile revolution, which impacts the organization at its periphery, the cloud goes straight to the heart of IT — the data center.

Without being alarmist, it has the potential, from a central IT perspective, to become outsourcing on steroids. It’s entirely plausible that just as organizations transitioned primarily from a build-to-buy model for enterprise software 20 years ago, the conversation for IT services across the board will become cloud vs. non-cloud very soon. In fact, it’s already started for a number of organizations, and a strong rationale will be needed to justify the latter.

The reality for most organizations is that a hybrid model will evolve, and traditional IT, private cloud and public cloud will coexist. IT organizations need to adopt a proactive view and develop a clear plan not only to manage, but also to lead this change.

In addition to traditional IT capabilities in areas such as asset management, provisioning, and plan, build, run project cycles, IT needs to focus on providing a portfolio of hybrid services obtained from a variety of sources, but integrated and managed under a common services umbrella.

Initial steps that should be taken by IT focus on the cloud and developing a focused strategy with an evolutionary road map for how and when cloud-related elements will be adopted. Specific activities should include the following:

• Developing a clear understanding of cloud technologies and capabilities — There are numerous cloud technology variants and, within those variants, numerous vendor options. Understanding the capabilities and determining which are most relevant for a given organization is a critical step.
• Identifying which environments in the organization are most “cloud compatible” — Basically, “know thyself.” If concerns about off-premises control of data are a major impediment, then it is important to identify those functions that are not likely to be subject to such constraints. Application-readiness is another major area of cloud focus, as some lend themselves to a cloud approach more so than others.
• Documenting existing service delivery costs — A big driver for cloud interest is cost containment, but few organizations have a clear understanding of how much it costs to deliver a service on a per-unit basis. This is a metric that becomes critical for doing an apples-to-apples comparison to a cloud alternative.
• Quantifying the potential benefits from cloud services — Understanding benefits and tradeoffs beyond the cost impact an equally important analysis that must be done when considering a cloud option.
• Improving organizational readiness for cloud services — Becoming a successful provider of services requires capabilities to handle things like automated provisioning and more accurate demand management. This will entail new or different roles and responsibilities within the organization, which must be developed.

Based on this list, transitioning to a cloud model doesn’t sound easy, but the status quo isn’t really a viable option, because it is becoming increasingly unable to adequately satisfy 21st century business demands.

The frustration expressed by my colleague can only be truly resolved by establishing common, aligned objectives between IT and its consumers and providing a transparent, service-oriented set of capabilities. The best road for doing that is via the cloud model, and the sooner that IT realizes this, the better.

The concept of what “The Cloud” truly is and why everyone is rushing to get there can be intimidating to some. Our technical team can help simplify these concepts and explain their extensive benefits to you. Orange County Computer offers custom Cloud Computing Solutions for Small to Mid-Market companies. From single hosted applications to completely virtual environments, we offer custom designed virtual environments unique to your organization. Contact a member of our Technical Team to schedule a Free Network Evaluation at 949-699-6619 or email sales@orangecountycomputer.com for more information.

Held Hostage By Your Computer Guy?

Has your IT Provider locked down your company network and disappeared? Do you believe that your In-House IT Guy is talking over your head to direct your focus away from their incompetencies?

Orange County Computer receives frequent phone calls from frustrated business owners inquiring about our services and how they can phase-out their existing In-House IT Guy or Outsourced IT Vendor who is holding them hostage. Many times they are contacting us in secret so a member of our team can relinquish administrative rights to that company network and give the business owner the rightful access to their company that they deserve. The technology industry isn’t safeguarded against the unsavory professional that falls short of basic business ethics. It’s important to choose wisely who you entrust with your company data, financial information and intellectual property and client contacts

Here are a few tips when either transitioning or hiring a Technology Service Provider for the first time:

1. Ask for both previous and current references – It is important to confirm how both current and past clients rate service and professionalism.
2. Verify partnerships or certifications that you are hiring the vendor for. For example, if you are running or want to run in a Microsoft Server Operating System Environment, it would be wise to confirm that the company is qualified and certified to help you or obtain support services in mission critical situations.
3. Confirm exactly how many employees the IT Vendor has on staff. Lack of staffing resources during mission critical times can cost clients thousands of dollars in lost revenue.
4. Personally visit the location of the business you are hiring to work for you. It is important to know where your IT Vendor conducts business. This may help to confirm or rule out a possible candidate. A “one man show” working from home might not align with the needs of your organization.

The team at Orange County Computer hopes this information has been useful. If you have found this blog post and your network is currently being held hostage by your IT Vendor, we are here to help.

Contact our Tech Team at 949-699-6619 or reach us via email at support@orangecountycomputer.com

Top Stories of Disaster Recovery 2011

It’s unfortunate, but computer hardware is bound to fail at some point…

Here are the Top 10 Data Disasters of 2011:

1. Triple whammy: When a lightning strike caused a fire that sent a famous Caribbean island home up in smoke, the computer servers were burned and then doused with water by the fire squad. The media then corroded while the building sat idle until it was safe to re-enter. In the end, the triple whammy of a lightning strike, fire and water damage was overcome in the Level 3 Data Recovery Center.
2. Doggy eat dog world: A man encouraged his girlfriend to back up her photo library, which contained thousands of high-resolution photos from her photo studio. She diligently moved the data from her laptop to an external hard drive, and unfortunately that became the only good copy. A friend then pulled into the driveway and the couple went out to meet her, but not before the hyper, happy family dog heard someone at the door and came tearing out from underneath the table where the drive is sitting. The drive went crashing to the floor, damaging the only good copy of this data
3. A little piece of history: A freelance photographer happened to be with a camera in the midst of the recent London riots. Some rioters saw they were being filmed and opted to smash the camera in order to destroy the potentially incriminating evidence. The camera made its way to the Level 3 Data Recovery Center where 100 percent of the data and the video footage was recovered and supplied to the police.
4. In the safe not on the safe: To avoid arriving late to a business meeting, an IT person opted to put a tape drive on top of the waterproof safe instead of inside it. Within an hour of doing so, the city was struck by a powerful earthquake and the tape was knocked to the ground. Then, the premises was engulfed by mud, water and sand. The tape looked unrecoverable, but the Level 3 Data Recovery Center proprietary tape recovery technology was able to recover 100 percent of the data, which included one year of TV and web animations.
5. Smoking kills: A newly hired security guard was doing his first evening security check in a chemical ingredients warehouse. While he was informed that smoking is forbidden, he pondered who could possibly spot him enjoying a cigarette after company hours. After it was lit, the fire alarm sounded and prompted the anti-fire sprinkler system. All the electronic equipment included 44 desktops and two servers were flooded.
6. Sunken business deal: Two businessmen met in a pub to discuss their future deal over a beer. The server accidently knocked over one of the glasses she was delivering, soaking the laptop which contained the business plans. A paper towel was not enough to save the laptop and its important deal files.
7. End of month disaster: A corporate accounting department stayed late to reconcile the books for the month. While rejuvenating on a coffee break, a power outage occurred. All of the computers shut down including financial server. Luckily the department’s computers were connected to UPS. However, the continual brewing of their cups of java drained the UPS battery, resulting in a crashed server.
8. Magnetic attraction: A laptop was set down on a desk near some rare earth magnets. The earth magnets came into contact with the laptop and when the user went to turn on the machine, it did not boot up all the way and there was a clicking noise. While there was physical damage to the platters, proprietary techniques overcame the damage and the data was recovered.
9. Virtual reality: To increase system performance, an IT administrator split the C and D partition of his virtual server across two different systems. Running out of space, the admin needed to rush and consolidate C and D onto the same system. Not knowing that the same naming convention already existed on the target system, he copied over the important data set.
10. Bad image: An actor deleted her entire portfolio including her model card samples and recent pictures by accidently selecting the wrong externally attached USB drive using the MAC disk utility program. Our Level 3 Data Recovery Center was able to recover her image entirely.

Our Certified Data Recovery Specialists at Orange County Computer have found that companies are not testing their data storage hardware or disaster recovery plans. We urge clients to test backups and schedule weekly backups at a mimimum in the event of a catastrophic data loss. Wisely choose a Data Recovery Provider to work with in the unlikely event that your company needs to retrieve data.

Common Precursors of Data Loss Events:

• Human Error
• Storage Hardware Failure
• IT disaster recovery plan that is weak or not exercised regularly
• Overconfidence in a SAN Storage redundancy
• Corrupted or unreadable backups or archives of missing data

Jumpstart the New Year with a Free Network Evaluation. Contact our Technical Support Center at 949-699-6619, via email at support@orangecountycomputer.com, or visit our site for more information at www.orangecountycomputer.com.

Drobo… Headache Free Data Redundancy

The Data Storage market has become inundated with anything and everything from flash drives to single external drives to 12 Bay Rack Mount hardware storage devices. How do you decipher which Data Storage Solution will meet your needs?

DROBO makes award winning data storage products for small to mid-market businesses and individuals that delivers “Big Storage in a Small Box” to create a simplified and reliable solution.

There are several difference configuration scenarios designed to meet the needs of multiple industries, both big and small.

What Is a Drobo?

Hard drives get full and wear out. A single drive failure can lose your data. Not so with Drobo.

Meet your new storage solution, the safe and expandable Drobo. It’s so simple that anyone can use it, yet powerful enough for business. Drobo connects to your computer or network and provides redundant data protection without the complexities of traditional RAID.

Incomparable Expandability

With Drobo, buy just the storage you need now and change it as your data grows. Mix and match drive brands, capacities, and speeds. Replace your smallest drive with a larger one and immediately use the new capacity in a matter of seconds, not hours! It’s a simple as inserting the new drive into the slot. Expand up to 24 TB on a single volume as larger drive sizes become available. Drobo creates one large storage pool. Dive in and eliminate the need for multiple external storage drives and devices.

Storage on your Terms

Safety access and quick access go hand in hand with Drobo. Whether you’re directly attached to your personal computer, sharing files with others over the network, or backing up a business application—Drobo’s the best choice.

Drobo connects to Mac, Windows, Linux, and server virtualization systems with ease. Everyone can take advantage of simple, powerful, and complete Drobo data protection.

Plug In Peace of Mind

Just plug in Drobo and your data protection is ready. Add disks at any time for additional protected capacity. Drobo can even solve problems by itself. Lights on the front tell you what’s happening—if you can read a traffic light, you’re already a Drobo expert.

Take a look at how the lights on the front work on a four-bay Drobo. They work the same way on all Drobo models.

Contact a member of our Data Storage Team today for pricing and configuration at  949-699-6619 or via email: sales@orangecountycomputer.com