Security – Central Coast Solutions

ALERT: “Shellshock” Security Threat Can Affect Mac Computers

WHAT IS IT?

Another day, and yet another security threat has been announced. This one exposes a 20-year old hole that’s been in the UNIX OS called “Bash” that resides inside of every Mac. This could allow an outside attacker to have your computer execute commands, and potentially give them access to your machine without your knowledge.

DOES IT AFFECT ME?

Likely no – by default Macs do not have externally accessible services turned on – but servers and services that provide a web interface to the outside world are potentially threatened. This would include any service accessible by a web browser; web server, FTP server, email server with webmail, wiki, web or internet sharing, some games, etc.

HERE’S WHAT APPLE SAYS ABOUT IT:

“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities,” an Apple spokesperson said. “Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”

As with most of these announced “possible exploits”, they are just that – possible – but that does not mean they are being used actively.

WHAT CAN YOU DO?

Don’t install ANY software or updates without asking Central Coast! If a software hack is installed on your Mac that makes it externally accessible, it could open your machine up to attack. Knowing that the industry is working on a fix, we would wait until that is available and install it. Central Coast will announce when its ready.

Turn off any services on your Macs you really aren’t using. Go to Apple>System Preferences>Sharing and turn off anything that’s on there you don’t directly understand. Ask if you have any questions. We see a lot of people with Apple Servers they set up themselves for simple file sharing with EVERY service turned on, which is not only reduces performance but gives more than one way for a bad guy to get into your server.

If you have a server that has externally accessible services, we are monitoring this issue closely and will work with you to get a plan in place for them.

WHAT’S THE LESSON HERE?

No computer are ever really “safe” unless you disconnect your internet connection. People write software, and people screw up, so we’ll never have a fully secure computing world. Reducing your “exposure” is the key to keeping your file, private and financial data safe. Here are the best practices for internet security in general:

Don’t install any software or update without asking first. Really, there are no “routine updates”, everything is suspect.
Have separate, unique passwords for all services you interact with, and use 1Password, LastPass, etc. to help manage them.
If you must use the “cloud”, use it for temporary transferring of data only, not storing data long term. These servers out outside your control and are one breach away from exposing your data.
Email delivery of “malware” is on the rise, so don’t click links, accept or install anything that wants to install once you open a message. If its from a “trusted source” like a service or bank you frequent, you should be able to go to their website and and get the same result, so don’t click links in email to get their – do it manually through your browser.
Don’t let kids use computers that you use for your business! Get them their own machines to play on. We see a LOT of issues with this!

We’re here to help! Let us know if you think you may have opened the door to issues on your machine, and we’ll get things back in order and secure. If we haven’t seen you in a while, now may be a good time to go through your Mac and make sure everything is operating its best.

Email us at service@centralcoastweb.com.

ALERT: “Shellshock” Security Threat Can Affect Mac ComputersMelissa Kalal2018-09-20T10:16:07-05:00

CCS FAQ – Our Most Popular Questions

Here’s a quick rundown of the questions we hear most often from our customers.

Understanding your ROI

Q. Help me understand the return on my investment when I hire Central Coast for my tech resource.

A. There a couple ways to think about this from both a big-picture and detailed point of view.

First, our hourly rate is likely to less than your billable rate for your clients. For example, if you are a graphic designer charging $125+ an hour for your services, by purchasing a Maintenance Plan or Service Plan hours, you will be paying us less than what it costs you do your own tech support. Additionally, before you think about hiring a person on staff to do tech support, consider the total cost to carry that headcount. Using Central Coast would be a third to half of that cost for a 10-15 person agency, for example. Our Service Plans are affordable and help you meet the needs of your budget.

Second, we are experts and this is what we do. Out team of technicians has a collective experience that far outweighs even the most avid “office tech.” We can likely fix things faster, maintain things at a higher level, and ensure your business won’t have to deal with as many emergencies that disrupt business. That said we work alongside you, as there are a number of things that can be done on your end to maintain the basics while we stay accountable for the more intricate areas.

Finally, if you are in business to make money (and we hope that you are), then your tools are your life line to your customers. They help you communicate. They help you create deliverables. They help you collaborate. There’s no excuse for NOT having them function the way you need them to so that you can do great work. When you do great work, we are happy.

Don’t Block Out the Sunshine!

Q. We’re thinking of moving our company to live in the Cloud. What do you think?

A. We have a separate post dedicated to this issue. Click here. In a nutshell, Central Coast is NOT a fan of Cloud Computing! There are other options that cost less money in the long run, are far more secure, have easy access through VPN from offsite…but most importantly, keep your data and your clients’ data under your control. Cloud providers do a bang-up job of marketing the perceived pros, but rarely mention the cons. So do your research before you leap to the cloud, because if you change your mind, getting your data back out can be a painstaking process and be highly disruptive to your business.

Cost Efficient and Convenient

Q. What’s the difference between buying my equipment from the Apple Store, and buying from Central Coast?

A. We offer hardware as a service to our customers, and give the best pricing possible.

Before you purchase anything, we look at what you need from a functionality standpoint, along with the other equipment you already own and the other components that need to connect with your new equipment. We ask about things that the Apple Store or an online retailer wouldn’t know – such as how the equipment will be used, the software it will run, the other components it needs to connect with, to how fast your Internet connection will run, even personal preferences. Purchasing technology hardware is rarely a standalone decision.

Once your equipment arrives, we deliver it to your location, set it up for you, and make sure it’s functioning the way you need it to. And if something goes wrong, we’ll help make sure it gets fixed so you aren’t left hanging out there alone to figure it out.

AppleCare is a wonderful investment and something we always recommend. It costs a small fraction of what you already investing in the hardware. Machines do have problems from time to time in their first few years. AppleCare is three-year smart insurance plan. We can take care of getting this for you too.

What’s Included?

Q. When I purchase a new Mac, does your service include moving my photos and music?

A. Yes! We’ll move them all over, along with your other data, settings, bookmarks, etc. It will be 100 percent seamless for you.

Accounting Software

Q. Do you know of a good alternative to Quicken for Mac?

A. Yes – try Moneydance. It imports Quicken file and is only $49. We hear great things from our clients about this software.

Internal Storage

Q. How much internal storage should I have on my Mac?

A. Upgrading the internal storage device of your existing Mac to a 512GB or 1TB Flash Drive is a huge performance benefit that will greatly enhance the long-term viability of the machine. You should balance the cost against having a faster computer, which also extends of the value of its usefulness later on too.

Worth the Space?

Q. We don’t want equipment “clogging up” our office space. Is Apple Time Capsule an option?

A. Yes, however, be aware that an internal drive is not serviceable in the Time Capsule, so a drive issue (and these do occur) means the unit is not longer working – period. Even if it happens under warranty, your data will be lost with a new unit replacement. Time Capsules are great for backing up your office machines, but they are not a server, and shouldn’t be used as one.

My Font Library Needs a Tune Up

Q. What happens when we hire Central Coast to do a “font review” on our Mac?

A. New OS and Creative Suite versions are less tolerant of older TrueType and Postscript fonts. When we clean up your library, we’ll convert your “must have” older fonts to the modern OpenType versions, and help you learn font management.

Backup Systems

Q. What’s the difference between Crash Plan and Time Machine? Do we need both?

A. Time Machine is a local backup of your entire computer, and a fast way to recover your data in an emergency. Crash Plan is set up to automatically update everything with no inconvenience to the user, but takes some time download back to a new machine, and cannot be used to directly recover from a startup drive failure like Time Machine can. Depending on how and who is using the machine – we’ll talk with you about a backup plan that will work best for you. The most important thing is that you know you need one.

CCS FAQ – Our Most Popular QuestionsMelissa Kalal2018-09-20T10:16:07-05:00

Cloud Computing – How Safe Is Your Info?

Be smart and know the facts before you leap.

If you are reading this blog, then this topic peaked your interest. Central Coast Solutions gets more questions about security of data than almost any other topic. Here’s what you need to know about the risks, and why your data is only 100 percent safe when kept in a known, stable environment that you control.

Cloud computing: a third-party provider is directly managing your data.

Essentially, as a business owner, CIO or IT manager, you have now transferred this responsibility to somebody else. Make sure that you understand this: No cloud-based provider is ever going to be as passionate about your data as you. Furthermore, “securing your data” is often a popular marketing theme more than a practice of what happens in real life. It’s offsite where you cannot see behind their curtain – do you even know the names of the people that have full access to your confidential files and proprietary business information? Additionally, if you have your customers’ proprietary information to manage (and have signed NDAs ensuring this is buttoned down), putting all of this in the cloud puts you at an undetermined level of risk that you cannot measure but is not zero percent.

Compatibility issues: What you see is what you get.

If you move to a cloud-based provider, you get whatever tools they offer. If they don’t have what you need to creative deliverables for your customers – you are likely out of luck.

Cyberattacks – the bad guys generally go after a concentration of large data

So if you have your data stored in the cloud with a bunch of other random customers, this is attractive. The cloud become a singular point of failure, as it impacts a wide group of people, and it’s more effective to steal in bulk. Most cloud providers have decent security measures, but passwords and secret questions/answers make it easy to phish around restrictions to try to unlock them. Furthermore, the most serious breaches (historically) have been due to insider threats and privileged administrative access by employees. Understand that any cloud environment can be destroyed in a matter of minutes if in the wrong hands – after the data is stolen.

As data breaches happen – lawsuits are on the rise.

There’s a tradeoff between keeping your data secure and ease of sharing information. Logically, this just makes sense – the more open your network is, the easier it is for everyone to get into it – wanted or unwanted. There is no “cloud standardization” so the question of risk has a lot of components to consider. As a consumer, you need to understand the word “safe” will be used, but has no real definition that can be backed by clear-cut rules or guidelines.

No internet access? You’re out of luck.

Enough said. When this happens, you are officially down. You have a hunk of metal and wires (your computer) with no tools, no email, no functionality.

Long-term investment is expensive.

Short-term, the cloud can look attractive when companies can forgo purchasing their own equipment and software. But run the numbers. Studies show that after two years, onsite investments become the winner from an accounting perspective as capital assets depreciate. Plus – your cloud provider is not one stop. They are not going to provide what you need when your hardware breaks, your wireless doesn’t work, your employees don’t know how to use their tools, or if their network is too slow to meet your needs.

Yes, the Cloud can be realllllllly slow.

Sending data across the internet is always slower than using is from a local source (your server). It’s even slower when you need to get your data back from them. Cloud providers have finite amounts of bandwidth. When customer use is high, you slow down too. We often hear people complaining it’s easier to work during off hours because their cloud is slow. Is this really part of your business model for getting productivity from your employees?

Bottom line: A known, stable environment is best

Central Coast Solutions offers comprehensive service, products and training – in a way that all the factors above are managed in a known, stable environment – by you or those you personally hire to manage your information technology. Our service plans and maintenance packages make it easy to budget and plan – and service hours NEVER expire or have pressure to use them.

Over the last 20 years, we’ve created the best methods and service options for working with our clients — based on their feedback and what works to keep productivity high and down time low. Call us at 763-422-3922 if you’d like to have a conversation about having your technology help you make your organization more profitable!

Cloud Computing – How Safe Is Your Info?Melissa Kalal2018-09-20T10:16:10-05:00

CRITICAL INFO: Heartbleed Bug and Mac Security

14 April 2014

The past week has seen quite the shake-up in the internet world. A programming hole in the most popular server security protocol (dubbed “Heartbleed”) was discovered that would allow the capturing of your passwords and allow hackers to forge your login – which means they could log in as you to any of your secure sites. While a patch for this bug was released last week, many sites are still in the process of getting the fix in place, and most are taking extra steps to review all aspects of their security. This bug has been there for two years – and its damage has yet to be fully realized.

Yahoo, Google (including gmail), Dropbox, Box, Pinterest, Creative Commons, Instagram, GoDaddy, Flickr, Netflix, YouTube and many others were affected. None of the major banks or credit cards were affected directly, but if someone could get into your account on any affected service, they could make purchases or gather information to help them breach your accounts. You should take the time to review all your accounts and email for any strange activity, and report it to the site’s customer service ASAP. So far, no one in our circle has reported being affected, but that’s not proof against attack.

Having the same password for every site you interact with may be convenient, but poses a huge potential risk if any one site’s data gets breached. We recommend changing your passwords on all accounts THIS WEEK, rethinking your password policy and having a unique password to every site you have an account on, and change them very so often.

While this sounds daunting, there are programs that can streamline the process like 1Password for Mac that really work well, or manual methods of keeping track. Just don’t have a Word document on your desktop called “Passwords and Banking info”…

While we are on the subject, even though Macs historically have been mostly immune to virus and malware attacks, we’ve been recommending to everyone to get the great “donationware” ClamXav – the same software Apple uses on their server software. I run in on my Mac – you should run it on yours. There are some details to getting it configured correctly so it automatically updates itself and scans your home folder, so if you need assistance with it – let us know and we’ll take care of it, and give your system a once-over while we are at it.

So what does this mean in the short and long term? NOTHING in the “Cloud” is truly safe. Ever. We get the perception of security, and for the most part it works, but unlike making sure you know where your checkbook and wallet are at all times, the information you give to any company you buy from on the web can be breached from the outside or even stolen by the employees who work there! As a programmer, and knowing the people at Apple, Adobe and Microsoft that I do, I know best efforts are being made to solve these sorts of issues before they occur. Sadly, people are the variable here, and good or bad, we should know that its our own vigilance that keeps us protected, or at least minimizes the damage from our critical data being used against us.

Sorry for the downer tone, but we deal in reality and sometimes its not as pretty as we’d like it to be.

Please send a link of this to anyone in your circle who could benefit from the information.

Thanks,
-Ed

CRITICAL INFO: Heartbleed Bug and Mac SecurityEd Klemz2018-09-20T10:16:12-05:00