Monthly Archives: August 2015

Introducing Windows 10

Windows 10 bridges the gap between PCs and tablets. This new OS combines the best bits of old and new Windows features into a cohesive package, while correcting nearly all of the missteps of Windows 8.

IT “Best Practice” methodology recommends upgrading to a new PC or Workstation with Windows 10 natively installed, rather than upgrading to Windows 10 from a previous Windows version on the same PC. However, if your plan is to upgrade your existing PC, workstation or laptop to Windows 10, below are several points to consider prior to upgrading:

• As Windows 10 is a brand new operating system, we are recommending to wait several months prior to installing, giving Microsoft the chance to work out any “real world” bugs
• You should check your current PC’s specifications in terms of RAM memory, available disk space and processing power before installing Windows 10 to ensure you have an adequate configuration to support Windows 10
• We do not recommend installing Window 10 on any PCs running XP, Vista or older versions of Windows
• Your current Antivirus software running on Windows 7 will need to be upgraded to run on Windows 10
• AlphaCom, Tiny Term and other popular terminal emulation software may also need to be upgrade to run on Windows 10
• Many of the new features in Windows 10 will be lost on those who don’t have touch screen functionality
• Automatic, forced updates could spell trouble later on
• Cortana’s features are better suited for smartphones than PCs, Laptops or Workstations

Please contact your local ASK salesperson for more information.

Time for a Check Up?

Every year you take your car to the garage for an inspection. Every year, you have your accountant audit your books. Every year, you renew your maintenance contracts and insurance. You do this because it’s good business, and it makes good sense. You do these things to stay safe and to protect your business. So why don’t you have a vulnerability assessment done annually?

According to Wikipedia, a vulnerability assessment “is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system.” If you have computer systems on your network that are exposed to the Internet, then you are at risk. How much risk? Well, according to the Verizon 2015 Data Breach Investigations Report, the largest threat to an organization is coming from the outside. The report, based on an analysis of over 79,000 incidents, states that “in 60% of the cases, attackers were able to compromise an organization within minutes.”

The question you should be asking yourself right now is “What can I do to minimize my risk?”

Fortunately, there are some good, proven best practices you can implement that will significantly reduce your risk. While no organization is completely safe, there are things you can do to make you less appealing to the criminals out there. Think in terms of locking your car doors, or having an alarm system in your house. Someone who is committed to getting in will still get in, but in most cases, the criminals will move on to something less secure.

The best place to start is with the Council on Cyber Security and their Critical Security Controls framework . This document lists 20 things your organization should do, or have in place, to help minimize your risk to being compromised. For each item, there are steps you can take – some are marked “quick win”, meaning they can be implemented easily and with minimal cost.

For example, criteria number 4, CSC 4: Continuous Vulnerability Assessment and Remediation states “Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.” This section then lists ten items that make up this control. The document also provides guidance on procedures, tools and metrics that can be used to implement and sustain this control.

One item is having a regular assessment of your networks vulnerability. This includes a scan of devices and computers that looks at open ports (how computers talk to each other); the version of the software and operating systems; the levels of security (or lack of security) in place; and additional information that can be gathered by an attacker, that could be used to compromise your system.

While you can do these assessments yourself, it’s usually a good idea to periodically have someone from the outside take a look. If you think this is something that makes sense, or if you’d like to learn more, please contact us at your earliest convienence.

[i] Wikipedia, July 30, 2015.

[ii] Verizon 2015 Data Breach Investigations Report, July 30, 2015.

[iii] Cyber Security Council, Critical Security Controls, Version 5.1.  July 30, 2015.