ALERT: “Shellshock” Security Threat Can Affect Mac Computers

WHAT IS IT?

Another day, and yet another security threat has been announced. This one exposes a 20-year old hole that’s been in the UNIX OS called “Bash” that resides inside of every Mac. This could allow an outside attacker to have your computer execute commands, and potentially give them access to your machine without your knowledge.

 

DOES IT AFFECT ME?

Likely no – by default Macs do not have externally accessible services turned on – but servers and services that provide a web interface to the outside world are potentially threatened. This would include any service accessible by a web browser; web server, FTP server, email server with webmail, wiki, web or internet sharing, some games, etc.

 

HERE’S WHAT APPLE SAYS ABOUT IT:

“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities,” an Apple spokesperson said. “Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”

As with most of these announced “possible exploits”, they are just that – possible – but that does not mean they are being used actively.

 

WHAT CAN YOU DO?

Don’t install ANY software or updates without asking Central Coast! If a software hack is installed on your Mac that makes it externally accessible, it could open your machine up to attack. Knowing that the industry is working on a fix, we would wait until that is available and install it. Central Coast will announce when its ready.

 

Turn off any services on your Macs you really aren’t using. Go to Apple>System Preferences>Sharing and turn off anything that’s on there you don’t directly understand. Ask if you have any questions. We see a lot of people with Apple Servers they set up themselves for simple file sharing with EVERY service turned on, which is not only reduces performance but gives more than one way for a bad guy to get into your server.

 

If you have a server that has externally accessible services, we are monitoring this issue closely and will work with you to get a plan in place for them.

 

WHAT’S THE LESSON HERE?

No computer are ever really “safe” unless you disconnect your internet connection. People write software, and people screw up, so we’ll never have a fully secure computing world. Reducing your “exposure” is the key to keeping your file, private and financial data safe. Here are the best practices for internet security in general:

  • Don’t install any software or update without asking first. Really, there are no “routine updates”, everything is suspect.
  • Have separate, unique passwords for all services you interact with, and use 1Password, LastPass, etc. to help manage them.
  • If you must use the “cloud”, use it for temporary transferring of data only, not storing data long term. These servers out outside your control and are one breach away from exposing your data.
  • Email delivery of “malware” is on the rise, so don’t click links, accept or install anything that wants to install once you open a message. If its from a “trusted source” like a service or bank you frequent, you should be able to go to their website and and get the same result, so don’t click links in email to get their – do it manually through your browser.
  • Don’t let kids use computers that you use for your business! Get them their own machines to play on. We see a LOT of issues with this!

 

We’re here to help! Let us know if you think you may have opened the door to issues on your machine, and we’ll get things back in order and secure. If we haven’t seen you in a while, now may be a good time to go through your Mac and make sure everything is operating its best.

 

Email us at service@centralcoastweb.com.

ALERT: “Shellshock” Security Threat Can Affect Mac Computers2018-09-20T10:16:07-05:00

Update: It might be time to upgrade your Mac

13MBA_PF_Open_Mavericks_SCREENWhen is the Right Time?

With “Mavericks” finally getting more stable, Apple has released its new OS X “Yosemite” – the tenth version of the operating system named OS Ten (it looks like Apple is done with cat names. They only had one horse name, and have now moved on to parks). It is the only OS that will run on new Macs.

 

Now that Yosemite is released, it will not run the current 10.8 (“Lion”) or 10.9 (“Mavericks”) – and that can be a big issue.

 

Should you upgrade to Mavericks if you are still on Lion? It depends. OS X 10.8.5 is finally stable, and everything works on it, so now would be a good time to do the upgrade. Adobe, Microsoft, Extensis and others have gotten all the issues worked out and things are working pretty well, but Mavericks OS is a complete re-write and likely will affect software, networking, printing or some other mission-critical thing you need to do. That being said, you need to have a Mac that will eventually run 10.9, so being at 10.8.5 is a great start. There are a number of complicated items involved in the update so contact us and we’ll make sure its done correctly.

 

Hardware Update

The current line of Macs are all very fast, stable and feature-packed. If you have an older Mac, we recommend getting one now. Right now. The MacBook Pros and iMacs were recently updated and are the fastest designer Macs out there. The 15″ Retina MacBook Pro and a 27″ Thunderbolt display are an excellent choice for those who need to take their work on the go.

 

If you have a lot of apps running at the same time (press command-tab and look at the list). Its convenient, but each of them requires some RAM and hard drive space while its running. OS X takes about 1GB itself, and Photoshop grabs up to 70 percent of the RAM in your Mac when its running, so you can see how quickly it gets used. We recommend no less than 8GB of RAM, and if the Mac will take it, go to 16GB or 32GB. Many Macs even just a couple years old can’t expand to that level, and that reason alone is a good one to upgrade your hardware.

 

The latest Macs all have the option of either Fusion or SSD hard drives – both of which and far faster than traditional hard drives. Fusion drives combine a fast RAM area with a spinning hard drive, and store the OS and most used apps in that area for quick access. Solid State Disks or Flash Storage are up to 5 times faster than spinning drives. That speed comes at a higher cost however, and SSDs are still far smaller in capacity than spinning drives, so many designers are opting for the 1TB or 3TB Fusion Drives.

 

We’ll need to custom order new Macs with the features you need as many of them are not easily upgradable after purchase – so adding the faster processor, hard drive and RAM options need to be done day one. Also, the order time on new Macs has been 8-10 days so plan accordingly.

 

Software Update

In order to run Adobe CC, you will need to be on OS X 10.8.5. Coming from 10.6.8 is $19.99 for the OS, but you’ll also need to update your Microsoft Office to 2011, and Suitcase to Fusion 5. Note that older versions of apps may not run under 10.8, so if you have any questions on these apps – ask.

 

Many people have older font libraries that will need updating to be used properly by the latest OS X and applications. We know a lot about fonts and can assist with that process or take care of it for you. It’s astounding the number of people who do not know how to use font management tools. We can help!

 

We’ve offered this before, but feel free to send us your System Profile and we’ll determine the best course of action for your existing Mac – upgrade or replacement. Go to the Apple Menu>About this Mac and then System Report. Click File>Save and save the report to your desktop and email to service@centralcoastweb.com.

 

Enjoy, and Let Us Know If We Can Help With Anything – It’s What We Do.

 

-Ed Klemz, Owner, Central Coast Solutions

Update: It might be time to upgrade your Mac2018-09-20T10:16:09-05:00

Cloud Computing – How Safe Is Your Info?

cloudBe smart and know the facts before you leap.

If you are reading this blog, then this topic peaked your interest. Central Coast Solutions gets more questions about security of data than almost any other topic. Here’s what you need to know about the risks, and why your data is only 100 percent safe when kept in a known, stable environment that you control.

 

 

 

Cloud computing: a third-party provider is directly managing your data.

Essentially, as a business owner, CIO or IT manager, you have now transferred this responsibility to somebody else.  Make sure that you understand this:  No cloud-based provider is ever going to be as passionate about your data as you. Furthermore, “securing your data” is often a popular marketing theme more than a practice of what happens in real life. It’s offsite where you cannot see behind their curtain – do you even know the names of the people that have full access to your confidential files and proprietary business information? Additionally, if you have your customers’ proprietary information to manage (and have signed NDAs ensuring this is buttoned down), putting all of this in the cloud puts you at an undetermined level of risk that you cannot measure but is not zero percent.

 

Compatibility issues: What you see is what you get.

If you move to a cloud-based provider, you get whatever tools they offer. If they don’t have what you need to creative deliverables for your customers – you are likely out of luck.

 

Cyberattacks – the bad guys generally go after a concentration of large data

So if you have your data stored in the cloud with a bunch of other random customers, this is attractive. The cloud become a singular point of failure, as it impacts a wide group of people, and it’s more effective to steal in bulk. Most cloud providers have decent security measures, but passwords and secret questions/answers make it easy to phish around restrictions to try to unlock them. Furthermore, the most serious breaches (historically) have been due to insider threats and privileged administrative access by employees. Understand that any cloud environment can be destroyed in a matter of minutes if in the wrong hands – after the data is stolen.

 

As data breaches happen – lawsuits are on the rise.

There’s a tradeoff between keeping your data secure and ease of sharing information. Logically, this just makes sense – the more open your network is, the easier it is for everyone to get into it – wanted or unwanted. There is no “cloud standardization” so the question of risk has a lot of components to consider. As a consumer, you need to understand the word “safe” will be used, but has no real definition that can be backed by clear-cut rules or guidelines.

 

importantNo internet access? You’re out of luck.

Enough said. When this happens, you are officially down. You have a hunk of metal and wires (your computer) with no tools, no email, no functionality.

 

Long-term investment is expensive.

Short-term, the cloud can look attractive when companies can forgo purchasing their own equipment and software. But run the numbers. Studies show that after two years, onsite investments become the winner from an accounting perspective as capital assets depreciate. Plus – your cloud provider is not one stop. They are not going to provide what you need when your hardware breaks, your wireless doesn’t work, your employees don’t know how to use their tools, or if their network is too slow to meet your needs.

 

Yes, the Cloud can be realllllllly slow.

Sending data across the internet is always slower than using is from a local source (your server). It’s even slower when you need to get your data back from them. Cloud providers have finite amounts of bandwidth. When customer use is high, you slow down too. We often hear people complaining it’s easier to work during off hours because their cloud is slow. Is this really part of your business model for getting productivity from your employees?

 

Bottom line: A known, stable environment is best

Central Coast Solutions offers comprehensive service, products and training – in a way that all the factors above are managed in a known, stable environment – by you or those you personally hire to manage your information technology. Our service plans and maintenance packages make it easy to budget and plan – and service hours NEVER expire or have pressure to use them.

 

Over the last 20 years, we’ve created the best methods and service options for working with our clients — based on their feedback and what works to keep productivity high and down time low. Call us at 763-422-3922 if you’d like to have a conversation about having your technology help you make your organization more profitable!

 

Cloud Computing – How Safe Is Your Info?2018-09-20T10:16:10-05:00

AIGA Spotlight: Carolyn Porter – May 22, 2014

Join AIGA MN Solopreneurs for a free and information-packed event celebrating a stellar Solopreneur and Central Coast client – Carolyn Porter of Porterfolio, Inc.

 

Date: Thursday, May 22, 2014

Presentation: 6:00 – 7:30 p.m.

Hayden-Heights Library1456 White Bear Ave, St. Paul

Happy Hour: 7:30 – 9:00 p.m.

Ward 6858 Payne Ave, St. Paul

 

Registration is now open and FREE. Click here – reservations are required and space is limited. No walk ins. 

Direct inquiries to solopreneurs@aigaminnesota.org

AIGA Spotlight: Carolyn Porter – May 22, 20142018-09-20T10:16:10-05:00

MacBook Air is an excellent value!

MacBook Air is an excellent value if you are thinking about buying an iPad for the low price. Consider this: For only a few hundred dollars more, you get an entire computer, keyboard, trackpad…far more power!

 

Models now starting at only $899. Contact sales@centralcoastweb.com and we’ll customize your machine to meet all your needs.

 

 

 

MacBook Air is an excellent value!2016-10-31T15:51:18-05:00

Free Training with Macphun

As part of our role to make sure you have the right tools and training for your workflow, Central Coast Solutions is passing along some amazing free training opportunities!

 

There’s a wonderful little company in California called Macphun that has been putting out some excellent software for photographers and creatives for many years.

 

Check out the free online training sessions!

 

Free Training with Macphun2014-06-25T17:47:55-05:00

Workflow Design – A Note from Ed

Ed ColorMake Your Workflow Work for YOU

The growth of your company is based on its increasing ability to provide quality services to your customers. Workflow is defined by how you provide these services, and your success is defined by how well those services are provided.

 

Optimize How Data Moves In and Out of Your Organization

Central Coast Solutions is expert at evaluating and improving workflow. We assist our clients in getting the most out of every aspect of their workflow, including planning, training, technology, service and support. Ours is a unique, whole-company approach delivered through our in-depth knowledge of the industry, based on years of experience and our work with hundreds of clients. We approach workflow from a solution standpoint, and want to be sure that any plan put in place takes all sides of your organization and customer base into account. We start your evaluation from the standpoint of how data moves in and out of your company. The next step is to evaluate your systems, productivity and effectiveness in generating the work you do. The last step is to evaluate how effectively your company delivers those services to the client.

 

Better workflow | Greater Productivity | More Profits

While focusing on the tasks directly in front of you, it is difficult to have time to look at better solutions or the way you could be working–or should be working. The issues your organization needs to address are many. Answering such questions and taking in the broader view is our job. Let us show you how working with Central Coast will generate better workflow, greater productivity and more revenue for your business.

 

Workflow Design – A Note from Ed2018-09-20T10:16:13-05:00
Go to Top