Author: rory-admin

Are Home Routers Safe?
We’re talked about router safety before, but are routers marketed to home users safe in general?

Germany’s Fraunhofer Institute for Communication (FKIE) recently conducted a study on 127 routers from 7 different brands and the results were shocking.

They found that 46 hadn’t had an update in over a year, and that many routers are affected by hundreds of known vulnerabilities.

Many routers are powered by Linux, which releases security patches and updates throughout the year, but vendors are just not applying them. What’s worse is many routers are being shipped with known vulnerabilities and firmware updates that do not address them.

With so many working from home using an unsafe router is one more risk that you shouldn’t have to take, especially with a brand-new router. As we mentioned in our last article on the topic, similarly to other technical products routers do reach an end of life period. However, this is typically not for at least 3 years.

So which router brands performed the best in the study? They found that ASUS and Netgear routers performed better than other brands in the home market. There is also the option of going for a pro router which may have more features and better access to updates.

Ubiquiti routers are one option in the pro market that we recommend. You’ll have the ability to customize quality of service rules which lets you prioritize certain kinds of traffic, like streaming video over HTTP downloads. Or it’s possible to have a guest networks so you can have a segregated LAN for guests, children or even your security cameras.

It’s also possible to have site to site VPN, so you can access your office computer securely from home without using a third-party VPN or remote desktop service, it’s just router to router.

There may be a sharp learning curve however when trying to implement these things yourself but updating the firmware shouldn’t be a different experience from what you’re used to from home routers.

In general router brands need to do a much better job of securing their routers against vulnerabilities, both known and unknown – but there’s especially no excuse to leave known vulnerabilities unchecked.

If you need assistance or have questions about routers or other technical topics, feel free to reach out! Our knowledgeable techs would be more than happy to answer your questions.

Looking for more to read? We suggest these tech articles from the last week.
This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
July 15, 2020
Our Top 3 Picks for Password Managers
The topic of 2 factor authentication (2FA) comes up A LOT. You’re probably already aware a password manager is the easiest place to start and will even make using your devices more convenient. However, this space is so loaded with choices now you may not know where to start.

We’ve written a lot about what makes for a good password but what should you look for in a password manager?

It depends on what your goal is. All password managers will help you with password safety, things like not re-using passwords and having stronger passwords because you won’t have dozens to remember.

Some password managers only store your database locally, meaning it’s only on your own machine. The benefit of this is you’re in charge of your own security. The downside is if the device is lost or compromised, your database may be lost as well.

There are also cloud storage password managers, meaning the password manager company will store your password database for you. We think for most users this is the better choice, however you are trusting your data to that company.

So, what are our picks for password managers that are convenient to use but also have a good track record?
1. LastPass – This is no brainer; we use this one! It’s free, straightforward, and compatible with many different browsers – even across Mac, Windows and Linux. They also offer 1 GB of secure document storage, meaning everything you need securely store will also be conveniently at your fingertips.
2. 1Password – 1Password is a great mobile option. It began as an Apple centric product but has since branched out to include iOS, Android, Windows and ChromeOS. An extra bonus feature is it can act as an authentication app for programs like Google Authenticator. We also like its travel mode option, which allows you to delete sensitive data with one click while you travel and then restore it when you’re back home.
3. Dashlane – Our final pick is Dashlane. Dashlane is the newest of this bunch but they have a lot of slick features, including Dark Web reporting. The free version is somewhat limited but if you pay a low cost of $4.99 a month you unlock a host of features, including a free VPN and the ability to sync between devices. They also let you choose whether you want to store your database on your device or locally.
One more thing, while your browser can somewhat perform as a password manager, that’s really not what it’s meant for. Browsers focus most of their development on being a better browser, not being a better password manager. Also the passwords they generate are not much better than “password” or “123456” (the most popular passwords 7 years running).

Storing your passwords in a secure password manager is one of the best and easiest ways to improve your security online, so no matter which password manager you go with you’re making the smart choice.

Looking for more to read? We suggest these tech articles from the last week.
This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
July 8, 2020
The Threat You Might Not Have Heard of – Stalkerware.
We’ve all heard of ransomware and malware at this point, but there’s one that may be flying under the radar. I’m talking about stalkerware.

Stalkerware is a type of software or application designed to monitor or secretly record you on your devices. The phrase was coined because it was often used by spouses or other intimate partners who want to secretly spy on their partners.

While in some cases it may be deliberately installed, there are variations of this now that are more insidious. Applications that can detect your GPS location even in the background, as well as applications aimed at parents looking to track their children’s devices that collect more data than they’re supposed to are two notable examples.

In either variation they’re definitely a violation of the user’s privacy. The Google Play Store (for Android phones) and Apple App Store (for iOS phones) both prohibit applications aimed at tracking your loved ones use without their knowledge or consent, but so many things are added daily it’s inevitable some will slip through.

On the other end, applications you install on purpose that collect data they shouldn’t is also a major problem. The data they’re collecting is often sold to third parties who then use it to market to you on websites you frequent.

Most of us are aware the free websites and applications we use on the internet are not really “free”. The cost is being inundated with sales ads, but ads specifically targeted to you by data you didn’t know was being extracted by your computer or phone is a violation none of us would willingly sign up for.

We’re left questioning how much privacy we can really expect on the internet, and what is needed to protect that privacy. Much more is required of our governments and legislatures to ensure that the private details of our lives aren’t sold to the highest bidder.

One high profile example going on right now is over the popular phone application TikTok. TikTok was recently banned in India due to privacy concerns, which the company vehemently denies.

It’s our recommendation that you vet the software, websites and applications you download or visit thoroughly, as well as uninstalling any not currently in use. While this won’t completely mitigate the risk of stalkerware, it may help minimize the damage.

Looking for more to read? We suggest these tech articles from the last week.
This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
July 1, 2020
Returning to the Office? Here’s What You Need to Know.
The last few months have been hectic to say the least. A global pandemic has forced us to reconsider our office norms, when working from home became a necessity rather than a rare occurrence – prior to the pandemic only 1.3% of job postings on ZipRecruiter specified working from home.

The numbers vary but it’s estimated upwards of 50% of the knowledge-based workforce is working from home right now. Tech workers have had to scramble to adjust their security measures to cover employees on their home networks. In some cases, it still hasn’t been enough (Hacking against corporations surges as employees take computers home – Reuters.)

Now, as many cities and states begin to open, you may be wondering if it’s time to get back to the office. Here’s our steps for doing it smartly and safely.
- Evaluating devices that have been used at home thoroughly before introducing them back to the work network. Whether it’s their office device or a home device they normally use at work, you want to make sure it won’t function as a Trojan horse to your organization, inviting malware and/or viruses into your office.
Make sure these devices are also updated with any software patches and updates that may have been missed while working from home. You want to make sure they have been fully patched when they return to your network.
Consider requesting that everyone update their credentials and re-enforcing any efforts into enabling 2 Factor Authentication(2FA). Employees working from home may have let their work machines be used by family members, or otherwise have left these devices unattended in areas where they may have been accessed by others.
When returning to work we think it’s a good idea to also have a fresh start when it comes to passwords and other credentials, and if you haven’t been already consider requiring 2FA on work devices and work accounts.
Finally, we’ll all have to consider germs going forward and for the considerable future. It’s a good idea to have a plan in place for disinfecting these devices safely and consistently.
This doesn’t cover everything necessary for returning to work safely, but it’s my hope it gives you a place to start when it comes to the technology side of things.

Whether you’re returning to work or are still working from home, Valley Techlogic can assist you with these topics and more. Feel free to reach out, our brilliant tech team would be happy to assist you.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
June 24, 2020
Routers and Their Safety – How to Easily Improve Your Network
It was recently reported by ZDnet (https://www.zdnet.com/article/unpatched-vulnerability-identified-in-79-netgear-router-models/) that 79 Netgear routers from as far back at 2007 and across 758 different firmware versions had an unpatched vulnerability that would let a hacker take over the device remotely.

We rely on routers as our literal gateway to the internet – so how can you be sure the one you’re using is safe? Also, how can you keep it that way?

As the above article has shown one of the ways is just to be cognizant of news regarding the devices you use. An emergency patch was issued, and a more permanent patch is planned for later this month. Even if you normally shy away from the nitty gritty technical aspects of any news cycle it’s a good idea to keep an eye out for news regarding your specific devices.

It’s always a good idea to keep up to date on patches for all your devices. In the case of routers these normally come in the form of firmware updates.

This may seem intimidating but here are the steps for making sure your routers firmware is up to date.
1. Type your routers IP address into the search bar of your preferred web browser to access it’s web portal. It’s usually on the box or even on the router itself, it can also be found here (https://whatsmyrouterip.com).
2. Enter your username and password. If this is your first-time logging in again the information can usually be found on the router itself. This is also a good time to change the password!
3. Locate the firmware or update tab. The location may vary depending on which model router you have, referring to the instructions of your router is probably a good idea.
4. Go to your router manufacture’s website to find the firmware update file. You can usually find it by searching for your routers model on their site.
5. Download the update and apply it through the router’s web portal. Again, the router’s web portal is found by it’s IP address.
6. Reboot the router to ensure the update is applied.
By following these steps, you can be sure your router has the most up to date software version and is the most protected from bugs and malware.

What if you can’t find a firmware update for your router? If it’s a newer model there may not be one out yet, however if your router is on the older side it may have reached it’s end of life. Every brand is different, Cisco for example has a policy of supporting routers on the software side for 3 years and the hardware side for 5 years.

Most technical companies will provide advance notice if they have a product reaching end of life. It’s a good idea to keep track of this information for all your devices, as a device that’s not receiving regular updates may be less safe to use on the internet.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
June 21, 2020
DDoS Attack or Not? Yesterday’s Outage Left Many Systems Down for Hours

Yesterday, an outage stemming from T-Mobile left many major systems down. Affected websites included T-Mobile itself, Instagram, Comcast, Sprint and Chase Bank. Was it a massive DDoS attack or just a server misconfiguration as they’re claiming?

First, it’s probably a good idea to explain what a DDoS attack or Distributed Denial-of-Service attack is and what it aims to do.

A DDoS attack is a cyber attack where the perpetrator or group of perpetrators seeks to make a server or network unavailable by attacking its connection to the internet. They typically do this by flooding the affected systems with traffic, overloading them and causing them to go down.

These attacks can happen to a single computer, an office, or even on a global scale. The website https://digitalattackmap.com/ attempts to track these DDoS attacks on a global level, however it’s somewhat controversial among cyber security experts as they question the veracity of it’s data.

Many time these outages are made apparent by the website https://downdetector.com/ which accurately tracked the cascading wave of websites that went down in yesterdays event.

Down Detector is a reliable source for tracking whether the connection issues you’re having are stemming from your network or the website or service you’re trying to access is truly down.

So, was yesterday’s event a DDoS attack or just an error? The public will probably never know. However as cyber crime continues to ramp up – purported to be a $6 trillion dollar industry by 2021 – it’s a good idea to have the best protections in place so you and your business don’t fall victim.

A DDoS attack aimed at your systems may expose other vulnerabilities, and the downtime alone can be costly. If your IT team isn’t adequately prepared to defend against this or any of the other varieties of cyber attacks plaguing the technology market, it might be time for a new team.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!

June 17, 2020
Ransomware and Small Businesses: Why Some of Them Just Pay It

One of the biggest misconceptions among small business owners is that their company is too small to be the target of many cyber crime events – including ransomware. Statistically, this couldn’t be further from the truth.

In 2019 205,280 businesses submitted files that were victim to a ransomware attack, and 71% of those attacks were aimed at small to medium sized businesses. The average payout was $41,198, but many payments are significantly higher. Could your business withstand losing a lump sum of money right now?

Luckily for many businesses the use of prevention tools and having a proactive tech team means you won’t have to, but what if you’re not so lucky? Why do some businesses just pay the ransomware?

For many businesses their computer systems are directly tied to their day to day operations. So, if your files are being held by a hacker (or many times a group of hackers) you’re basically shut down. As a business you require your day to day operations to remain sustainable, but for many the margin for sustainability and being out of business is razor thin.

This means their business won’t survive an extended downtime while they wait for authorities to try to get their files back (if they ever do). So, they just pay the ransom.

Another scenario is if you’re in a sector where client confidentiality is paramount (think healthcare or finance), then the leaking of those details and the fines incurred will also put you out of business.

When it comes to ransomware the best method of protection is prevention. This means making sure your computers remain up to date – as of this posting there is a dangerous worm targeting Windows machines that haven’t been updated (learn more here.) It also means having a comprehensive security suite protecting all the machines attached to your network (even mobile ones!).

Finally, the best means of protection is having a good IT team backing your business – and backing up your important files! Your tech team will often be able to restore from backup if you DO get hit by ransomware despite having the other methods of protection in place. Their backup could literally save your business.

If you’re in the Central Valley and don’t feel 100% confident your business will be protected in the event of a ransomware attack, reach out to us today.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!

June 10, 2020
Zoom is Restricting End to End Encryption to Paid Users, What Does it Mean for You?

Last week, Zoom confirmed that it will only be offering end to end encryption to paid users. So, what does that mean and what should you do about it?

End to end encryption is a type of encryption that makes it so only the people communicating can read the messages, or in the case of Zoom see or hear the video. This means you can rest assured that your video call is completely private.

Zoom has been in the news frequently for their security issues, most famously in the case of Zoom bombers (this was where uninvited guests would drop into private calls and spam them). They have been releasing updates at a breakneck pace to tackle these issues as they come up, but some users may still be a little wary of their security while using the service.

This hasn’t lessened their popularity though. With 200 million daily users and a valuation of 1 billion dollars, Zoom has grown miles ahead of the competition largely because they are a free service.

But now that end to end encryption is a paid for feature, how will this effect their popularity? How many users will pay to have this protection?

The reason they’ve cited for making this feature paid is because they want to help law enforcement. With end to end encryption enabled, law enforcement cannot view the streams. Bad actors using Zoom for illegal activities probably won’t want their payment information tied to the site, and with no end to end encryption they’ll be stopped dead in their tracks from using the service as a means for their criminal activity.

How do you know if as a business owner you should you pursue this paid for feature? It depends on a couple of things, if you’re conducting meetings involving private information such as payment details or other secure information you may want that extra layer of security. If you’re not it may not be necessary.

Also, it’s important to keep in mind you cannot dial into an encrypted call with a phone. If you frequently have users that use their cellphone to reach your Zoom meetings this feature may not be a good fit.

It’s best to evaluate how you use Zoom and what’s discussed in your meetings, and then go from there to decide if end to end encryption is something your business needs for conducting your meetings.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!

June 7, 2020
Risks with Implementing New Technology in Your Business
If you own or operate a business chances are, you’re constantly looking for new ways to improve your processes or become more optimized and efficient. If you run a restaurant this may mean reducing your menu, if you’re manufacturing company owner you may always be on the lookout for new or better hardware.

What about your technology? Let’s face it, every sector of business these days liberally uses technology both in and out of the sales process. Computers that power your workforce, printers that help you invoice clients, your own laptop that may help you brainstorm new business ideas at 3 A.M.

Technology is interwoven into our success, but what are the risks associated with implementing a new technology? Either one that’s just new to you or new as a whole. Here’s our list:
- Integration Issues: New technology always has a learning curve, and you may not find out until you’ve already deployed it that it’s not a good fit for your business.It’s important to research a new technology thoroughly before jumping in feet first.
- Customer Support Issues: You’re probably aware of how to contact support with any current software or hardware products you have, you also know how quickly they’ll respond to your issue from past experience.With new technology you’ll have to figure out the best way to reach their customer support and over time, learn how responsive they are to you.
- Deficient Products: Every new technology involves a trial period where you’re figuring out if it’s a good fit, and that includes learning whether it’s a good product in general.In every business there will be periods of buyers remorse with a product that just wasn’t a good fit in the end.
- Training: Training your employees to use the new technology shouldn’t be a deterrent for making necessary upgrades, but it is something to keep in mind especially if you know your business is going to be really busy.Try to schedule upgrades during slower periods to accommodate a necessary learning period.
- Scalability: Finally, the technology you’re after may be a good fit in every other way but will it scale to your businesses needs? Are there any limitations on number of users or concurrent sessions for an example often seen in software.It’s imperative that you find these things out before deploying anything new.
As with most things, if you’re a business owner your IT team should be able to answer all these questions and more for you when they’re implementing something new. If they’re not, maybe it’s time for a new IT team?

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Support in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
June 3, 2020
Is Your Internet Provider Keeping You Safe?

In terms of internet security, we often think of what we as individuals can do, like good password security or not opening email attachments. Or what companies who hold our data can do, like notifying us of a breach or having their own measures in place to avoid one in the first place. When it comes to our internet providers, we often think about the internet speeds they provide us and having consistent uptime.

What about security though? What measures are in places (or not) to keep us safe while using the very thing that connects us all together?

At the beginning of April, sites like Facebook and Google came to a grinding halt for hours. It wasn’t a hack or a bug, it was a problem with the internet data routing standard known as Border Gateway Protocol, or BGP.

BGP disruptions usually happen by accident, but they can also be caused by large-scale spying or data interception. Denial of service attacks can be another culprit.

BGP is like the map the internet uses to connect everything. All our traffic is routed through gateways to various hubs around the world. Or it should be that straightforward. In reality, every ISP provider can decide which routes to take, and not all of them are good.

Cloudflare, who specializes in Internet Security among other things, has launched the website ISBGPSafeYet. Using this website will test your ISP by offering a legitimate route and an invalid route to load two pages.

If it catches the invalid route and only loads the page offered by the legitimate route, then your ISP has BGP protections in place. If it loads both they fail.

While we can’t change the problems with BGP overnight, public awareness is always a good thing. If your ISP fails the test, reach out to them and give them your opinion! Together we can make the internet a safer place for us all to use.

This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

May 27, 2020