View Excalibur Technology's Facebook page View Excalibur Technology's Twitter page View Excalibur Technology's YouTube page View Excalibur Technology's Google Plus page View Excalibur Technology's blog View Excalibur Technology's LinkedIn page

Ben

 


It’s Time To Update Your Windows 10 PC

Upgrade to Windows 10There are a number of different Windows 10 versions out there right now, ranging from 1511 to 1709.  These numbers represent various patch levels and security updates to the Windows 10 platform.  It is important to keep your version of Windows up to date to remain secure, but Microsoft is now also giving you a much more compelling reason to update.  Version 1511 no longer will receive security updates after today.  Without these updates, you Windows 10 PC could be put at additional security risks.  It is highly suggests that you backup your PC and then apply all available updates and patches to keep your system running optimally and securely.

If you would like to read more information on this matter, check out the article by ZDnet by CLICKING HERE.

For help keeping your systems updated and your network secure, call the experts at Excalibur Technology today!


Google Chrome Will Soon No Longer Trust Symantec SSL Certificates

Posted October 03, 2017 by

Symantec LogoGoogle continues to use the sizeable market share of its Chrome browser to effect change in the realm of website security. Recently, we wrote about Google’s plans to have Chrome begin to display the message “Not secure” in more areas of a website when the site is not loaded over HTTPS (see our previous post, Will Your Website’s Forms Soon Display A “Not Secure” Message?). These planned changes have left website owners scrambling to secure their websites with SSL certificates in order to avoid their customers seeing this message.

As if this hasn’t shaken things up enough, Google now has a three-phase plan to completely distrust all Symantec SSL certificates permanently in Google Chrome. Once the three phases have been implemented, anyone who tries to load a website that uses a Symantec SSL certificate will be presented with an error message warning them that the site is not safe (the exact error message will vary depending on the browser being used). This means that the person trying to view the website will not even see the website, but just the error message instead. Although it is possible in such a scenario to continue to the site anyway, most people will not continue to the site because the error message is enough to scare them off. This spells disaster for any business website that suffers from this issue.

What are the Three Phases and What is the Timeline?

The first phase will begin in December 2017. Symantec will continue to act as a CA (certificate authority), but it will begin to “outsource” the issuance of certificates to another trusted CA. In essence, the part of the business in which they issue the certificates will be taken over by another company.

The second phase will begin with Chrome version 66, which is estimated to be released in April 2018. With this version, Chrome will no longer trust Symantec certificates that were issued before June 1, 2016.

The third and final phase will begin with Chrome 70, which is estimated to be released in October 2018. With this version, Chrome will no longer trust Symantec certificates that were issued before Symantec handed off the part of its business that handles issuing the certificates (i.e. all certificates that were issued before phase one began).

Why is Google Doing This?

In March 2017, Google and Mozilla engineers discovered that Symantec had incorrectly issued over 100 SSL certificates, meaning they had issued these certificates to websites when they shouldn’t have. The investigation was subsequently deepened, and the number of incorrectly issued certificates turned out to be closer to over 30,000 certificates! This news is very disturbing, especially given the fact that Symantec is one of the largest CAs on the market. Symantec is what is referred to as a “trusted CA,” meaning all of the major web browsers – Chrome, Edge, Internet Explorer, Firefox, etc. – trust that any website that uses a Symantec SSL certificate is in fact the website that it claims to be. This trust is important because it prevents, for example, a website such as “apple1[dot]com” from posing as the legitimate “apple[dot]com” site, which could trick visitors into thinking they are on a legitimate site that actually is malicious. Because Symantec incorrectly issued so many certificates, however, the aforementioned scenario could quite possibly be a reality for many sites.

There is a popular phrase regarding trust. Although there are several variants, it goes something like this: “Trust is hard to earn, easy to lose, and, once lost, nearly impossible to regain.” Although surely not intentional, Symantec’s accidental issuance of over 30,000 SSL certificates is simply unacceptable. Trust has been broken, and in the eyes of Google at least, it cannot be regained. This is why Chrome will ultimately revoke trust of all Symantec certificates. You can view the entire article by CLICKING HERE.

How Wide Ranging Will This Impact Be? Will My Website Be Impacted?

Not only will Chrome distrust certificates that were issued by Symantec itself, but it also will distrust certificates that were issued by other CAs that Symantec owns, including Thawte, GeoTrust, and RapidSSL. At Excalibur Technology, we have often used GeoTrust and RapidSSL certificates for our clients’ sites and our own because they offer some of the most competitive prices on the market. However, with such certificates set to ultimately no longer be trusted, we will have no choice but to use other CAs for our websites and our clients’ websites going forward. Unfortunately, with this change will come increased prices for most SSL certificates.

Do you have questions or want help determining if your website will be impacted by this upcoming change to Google Chrome? Call the experts at Excalibur Technology today at (877) NET – KING.


Excalibur Technology Newsletter – September 2017

September 2017 Excalibur Technology Tech Bytes Newsletter CoverExcalibur Technology September 2017 Newsletter

We invite you to read the latest edition of our newsletter, by CLICKING HERE.

Be sure to check it out!

Highlights in the September 2017 Edition Include:

– What Should You Know About Regulatory Compliance?

– 3 Ways Managed IT Creates Benefits For Your Business

– Comparing Cost And Control Between In‐House Architectures And Cloud

– 3 Ways Managed IT Creates Benefits For Your Business

– What Plans Does Your Organization on Have For Communications?

– And Much More!


Security Terms That Every User Needs To Know

Security Tools for Network SafetyChances are that you’ve seen quite a lot of stories on the Internet, or in the news, about the many security threats out there. Some of these, including ransomware, exploits, and reluctance to update software, might fly over your head if they’re not part of your everyday business vocabulary. Knowing what these terms mean is of the utmost importance in today’s workplace. We’re here to help you understand what some of these security terms mean for your organization.

Ransomware like WannaCry are one of the primary reasons why it’s so important to understand how network security works, and all of the terminology behind it. After all, hackers understand how to exploit your network’s weaknesses, so you’ll want to know all about the primary way to protect your business’s data from them: security patches.

These patches are issued by software developers to resolve certain issues or troubles found in their products. For example, a patch might be designed to address a recently found vulnerability in the program’s code, or resolve a particularly troublesome issue with the user interface. Understanding how these patches work is critical if you want to ensure the security of your business, your personal computer, and everything in between. Here are five of the most common terms used when speaking of security patches.

Patch Tuesday
Even if you allow your computers to update and install patches automatically, you should still have an idea when these patches are installed. Microsoft has a set schedule that they use to release these patches. They are released on specific days of the week, including the second Tuesday of each month, and sometimes the fourth as well. Perhaps in the future, data exchange will allow newer operating systems to be updated more frequently, or at the very least in real time, keeping your systems more secure.

Security Patching
Patches are basically issued to fix something that’s wrong with a computer application or program. It is these patches and updates that are provided on all of the official patch days, like Patch Tuesday. Of course, immediate patches to imminent threats of Microsoft’s software are issued for release as soon as one is created. These zero-day threats are so dangerous that they need to be resolved as soon as possible, making them top-priority for your organization.

Hotfixes
These are sometimes called quick fix updates, quick-fix engineering updates, and general distribution releases. These hotfixes generally include a patch that fixes just one small thing wrong with your application. These small issues are usually important enough that they need to be issued immediately without waiting for the next batch of patches. Even though Microsoft has long since forsaken the term “hotfix” specifically, it’s still used as a common way to refer to these fixes in the technology sector.

Zero-Day Threats
These types of weaknesses are those that are being used by hackers even before they are discovered by security professionals. The name “zero-day” refers to the fact that the software developers have no time, or zero days, to develop a patch to resolve the issue. These are some of the most dangerous threats out there, and need to be a priority for companies trying to keep damage to a minimum.

Whitelisting
Whitelisting is the process through which a patch or application is deemed secure or safe for your business. This allows your whitelisted app to access information found on your network. Contrary to whitelisting, blacklisting is the process of banning network access to certain apps. Whitelisting was a popular term used to discuss the security patch resolving the issue with the WannaCry ransomware, as IT departments wanted the patch to be “whitelisted” first to guarantee that the patch would be enough to stop it.

Is your business security-savvy enough to identify major problems with your network infrastructure? To learn more about how you can protect your business, reach out to us at (877) NET – KING.


What Plans Does Your Organization Have For Communications?

The Earth - Business CommunicationsOver the past few decades, technology has drastically changed the way businesses of all sizes and industries communicate. In fact, there is a direct correlation between the way a business communicates and its overall success. The majority of customers, as well as their employees, demand that the modern business find avenues of sharing information that are as close to instantaneous as possible.

To meet this demand, the future of business communication strategy will likely utilize multiple platforms, including email, phone, instant messaging and social media. For many businesses, the future has arrived – at least partially. Multiple avenues of communication are already being adopted by many companies, to great success. Have you given any thought as to whether you’re giving your business the opportunity to drive service and productivity through the best type of interaction?

Email
Once dominated by telephone usage, email is the predominant method of business-related correspondence. It’s inexpensive and efficient and can be accessed easily from practically anywhere. Email can be secured through encryption, as well as used retained and stored as a documented record of an exchange.

By the Numbers:

 

  • 93% say they’re likely to respond to email.
  • 94% recommend people contact them by email.
  • 86% say they use email daily.

Phone
The telephone may have been invented a hundred years ago, but it’s still one of the most popular ways to reach another person and interact in real time. While telephone communication through digital and cellular services steadily climbing, the use of landlines, or phones that require a connection to traditional, copper wires to operate, are rapidly declining.

Internet-based telephone platforms, such as Voice over Internet Protocol. (VoIP), are ideal for businesses because its capabilities dwarf that of landlines. VoIP gives users the option of have their phone ring at multiple locations (ex. desk, smartphone and home) simultaneously or in a cascade. It reduces the amount of hardware required and is less expensive than other phone options.

By the Numbers:

 

  • Only 54% use their landline on a daily basis
  • 76% recommended reaching out to them by cell phone.
  • 78% are likely to respond to a voicemail.

Chat Interface
Particularly popular with internal communications, instant messaging (IMs) allows users to chat in real time, and well as while carrying-on multiple discussions with several team members. Similar to email, it is possible to record a chat transcript as a record of the interaction. The distinction between chat and email is basically the sense of urgency. Receiving a message through IM generally means that a response is required forthwith.

By the Numbers:

 

  • 65% say they’re likely to respond to IMs.
  • 48% they like to be contacted by IM at work.

Social Media
The role that social media pays in digital communication is focused on the customer. Many businesses use their social media pages share their message and reach their target audience. Customer feedback and FAQs are common elements of business pages. Sharing pictures and information is an integral part of how a business shows off their knowledge and builds authority. To do this, it’s important that you have the right devices (laptops, tablets, smartphones, etc.) and software required to get your business into digital commerce.

By the Numbers:

 

  • People are 3 times more likely to respond to LinkedIn than Twitter.
  • 54% say they would respond to a social media message.

These four platforms play an important role in business communications, now and in the future. However, they’re just the basic necessities that no business can thrive without. Some businesses are also incorporating video chats, like Skype. Technology designed to improve the user’s ability to collaborate and communicate are constantly being developed. Are you ready to embrace the future of your business communications? Let us know. After all, there are many ways to get a hold of us!


Comparing Cost And Control Between In-House Architectures And Cloud

Comparing the Cost of Cloud and In HouseThe benefits of the cloud are almost too numerable to count, but you shouldn’t let this dissuade you from other possibilities. After all, what works for one business may not work for another. For organizations that don’t find the cloud to be the best method of data distribution, an in-house infrastructure is absolutely critical. How can you determine which of these solutions is ideal for your business?

Let’s take a look at two features that will be a major deciding factor for your infrastructure design: cost and control.

Cost
Capital is one of the most crucial parts of any business. After all, it’s your goal to make money from your organization, so you want to make sure that you’re able to comfortably afford your operational equipment. An outsourced cloud provider has an advantage over an in-house infrastructure in regard to the cost of maintenance. Financially, it takes a considerable amount of capital to maintain your infrastructure, especially if it’s located in-house. Your in-house technology infrastructure contains expensive technology, and it only grows more expensive when you have to power it and maintain it as well.

An outsourced provider will only provide a flat monthly rate designed around a service level agreement, which makes it easy to place into your budget. Operating a server in-house can be a bigger investment, so choosing to outsource gives your organization the opportunity to dedicate those resources to something else.

Control
It’s natural to want control over your infrastructure. Unfortunately, this desire for control can keep you from investing in a solution like outsourced cloud hosting, even if it is beneficial for your organization. If you are worried about having full control over your business’s infrastructure, perhaps it would be easier on your nerves and your management style to focus on your in-house network. However, outsourcing can be just as relieving, as it removes the responsibility of managing your technology completely, freeing up even more time and resources for other uses. It basically comes down to how much you trust either your in-house team or your managed service provider.

The Ideal Solution
Regardless of your company’s needs, Excalibur Technology is here to help you ensure that your network infrastructure is exactly what you want. We’ll work with your organization to build the ideal IT infrastructure. To learn more, reach out to us at (877) NET – KING.


Will These End Of Life Events Affect Your Company’s IT?

End of Life Windows ProductsOne of the best ways your organization’s network can remain secure is to always use the most recent version of any critical software solutions on your network. Unfortunately, making the jump to a more recent operating system is easier said than done, particularly for small businesses that have limited budgets. The problem of security becomes even more pressing for businesses that need to upgrade multiple servers and workstations, as failing to do so could prove to be fatal for your organization.

Windows software products eventually reach an End of Life event, which is when they stop receiving patches and security updates that keep the software functioning smoothly. These updates generally fix vulnerabilities which could be exploited against your business, as well as operational problems which can keep your organization from running at 100 percent. Using software that’s out of date could result in your organization being put into a dangerous situation. In fact, if you are using out-of-date software, you are putting your network, and all the data on it, at risk.

Just a few months ago, Windows Vista reached its End of Life event. Microsoft no longer supports either Vista or Windows XP, though the two couldn’t be further from each other in terms of popularity and usage. The lack of support for XP just goes to show that even the most popular operating systems eventually have to come to an end of support. The next Windows OS to reach an End of Life event is Windows 7, on January 14th, 2020. Another common server OS that is also reaching its end of life on the same day is Windows Server 2008 R2 Enterprise.

The time is now to evaluate your systems and know which operating systems your organization relies on. Businesses will have to take a considerable jump to the next stage, upgrading their workstations and servers so as not to fall off the support bandwagon. Not all businesses have the time and resources to ensure this happens, though, so it’s best to keep this issue at the top of your mind, as Windows 7 and Windows Server 2008 RN will be rendered obsolete in the near future.

We recommend that you don’t wait until the last minute to implement a solution to your end of life event situation. The reason for this is that the upgrading process could come with hidden troubles that only make themselves known when the process has started. If your legacy applications stop working properly, any processes that rely on them in order to stay functional will cease. This downtime can have considerable effects on your business, so it’s best to keep your implementation as seamless as possible.

You need to think about upgrading your soon-obsolete technology before its end of life event hits. This goes for both Windows 7 and Windows Server 2008 RN. We are purposely informing you of these dates now, so that you have plenty of time to think about how you want to approach this elephant in the room. To learn more about how to upgrade away from your business’s obsolete technology, reach out to us at (877) NET – KING.


3 Ways Managed IT Creates Benefits For Your Business

Does your business technology help you improve operations, or does it hinder your staff to the point where it’s nothing but a frustration? Chances are that your business requires considerable IT maintenance just to keep things moving forward, but if yourself and your employees are responsible for such a duty, you could be wasting valuable time and effort for other business ventures. To solve this dilemma, you should consider managed IT services for your network maintenance.

Here are three ways that managed IT beats out the competition in terms of providing your organization the best service possible at the best rate.

Managed IT is Less Expensive
If you have an internal IT department that keeps issues to a minimum, you’re one of the lucky small businesses with budgets flexible enough to handle the investment. The truth is that it’s not easy to hire an entire internal team dedicated to keeping your organization up and running; and, most SMBs struggle with such an expense. Managed IT is an outsourced solution that allows you to prevent issues from popping up in the first place, and resolving them before they are impossible to contain. Since you’re only paying for a monthly fee rather than multiple annual salaries, you’ll wind up saving money in the long run.

Managed IT Doesn’t Require Your Attention
Managed IT doesn’t interrupt your operations when an issue becomes apparent. Instead, the issue could possibly be resolved without you even knowing that it had existed. Remote monitoring and maintenance allows a managed IT provider to keep watch for these issues, and if it’s covered under your service level agreement, we’ll fix it before it interrupts the way your business functions. We’ll always notify you if something requires your attention, but most problems can be resolved without an on-site visit. This cuts down on travel time and downtime, since you won’t have to wait for a technician to arrive on-site to fix the issue.

Managed IT is More Flexible
Managed IT services offer so many solutions that you can achieve just about all of your needs through a specific service plan from Excalibur Technology. If you only need basic solutions like implementation of an email application, or you need your entire infrastructure managed and maintained, we can help your organization ensure optimal operations. It’s all about your business’s IT, and we’ll do what we can to keep your technology working as intended, if not even better than before.

You don’t have time to manage its own IT, and you shouldn’t need to. Your primary goal should be to keep your focus on managing your business, not your technology. That’s why Excalibur Technology is here, after all. We want you to devote your attention to running your business and creating more lucrative opportunities. You can count on us to be there to keep your mission-critical technology running as intended. To learn more, reach out to us at (877) NET – KING.


What Should You Know About Regulatory Compliance?

Org Chart with Cloud BackgroundWhen you sit down with new prospects, you rarely talk about data security. The client is usually focused on the problem they have that has made them come to you in the first place, while you are likely focused on closing in on bringing critical revenue into your business. That doesn’t mean that data security isn’t an extremely big issue, it just that without business, it is a non-issue.

With electronic record keeping at an all-time high, and the number of miscreants out there looking to gain access to those files, certain industries have outlined a series of regulations that businesses that work with potentially sensitive data have to adhere to. Industries like health and finance have the most strident regulations, as governments begin to set legal ground rules for the reporting and security of critical data.

To ensure that your company meets any compliance standards to which it is mandated, Excalibur Technology is versed in the technical aspects of data protection and can help you remain compliant with your industry’s regulations.

Government Mandates: In certain industries, normally ones where the data is the most lucrative, state and federal governments create regulations that organizations need to meet. Typically, these compliance standards are issued with attention on network and data security, and the protection of the dissemination of the data. The cost of keeping networks and data secure, reporting for transparency, and any noncompliance costs are absorbed by the organization, making it extremely important to adhere to and maintain regulatory compliance.

  • HIPAA is required by the Office of Health and Human Services (U.S. Government).
  • SOX is required by all publicly held companies.
  • New York State requires all financial organization to meet Cyber Security Requirements for Financial Services Companies.

Internal Mandates: Since many businesses that have had to deal with the fallout of significant data breaches come out significantly less prosperous, many organizations have begun to be more diligent about the way they share and store potentially sensitive data. Some internal regulations include:

  • Bring Your Own Device (BYOD) policies do a thorough job of controlling what devices have access to your organization’s network.
  • Remote Access is helping all types of organizations be more productive. Companies that allow for remote access often lean on a Virtual Private Network (VPN) to ensure that when a member of your team needs access, that they have it through secure means.

Continuity Policies: Most of the regulations set forth by the government require some degree of continuity planning. This includes a reliable backup and recovery solution as well as a more detailed and robust disaster recovery strategy. Since managed service providers are in a position to help secure data, manage and maintain hardware, and thoroughly inventory all hardware and software assets an organization holds, they are the ideal partner to help outline your continuity policy.

Vulnerability Assessment: The more secure your organization’s network is, the better. To help ascertain just how secure a network is, a penetration test is mandated by regulatory bodies. Basically, the penetration test is a deliberate attack on an organization’s network by a friendly party. Vulnerability assessments are often required, as well. A vulnerability assessment is a report that indicates where there are weak spots in a network. Along with performing these tasks, an MSP can also provide the necessary paperwork required to prove security measures are being taken.

Remote Monitoring and Maintenance: Keeping an artful watch over your network can be one way to keep nefarious and unwanted entities out of your network. Typically, any compliance mandate requires an organization to have some semblance of monitoring in place as a protection. MSPs have certified technicians on staff whose job is to monitor and manage client networks, improving the network coverage.

No matter what you are required to report, or your organizational technology needs, Excalibur Technology has the experience and knowledge to help you protect your business. For more information about network security, call us today at (877) NET – KING.


CCleaner Software Might Contain Malware Inside!

Creeping Virus Infecting a PCThe popular Windows “junk” cleanup tool and PC optimizer CCleaner has been found to have malware implanted inside it.  The exploit could allow remote control of a PC that is running the infected version of the software.  Users are advised to upgrade to the latest version of the software.  Ensure that you download the software directly from Piriform’s website.  The infected versions of the software are CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191.

Yes, even security companies and security tools are vulnerable to hackers and infections it seems.  This is why it is so important to have multiple layers of security, strong employee PC security training and multiple locations/copies of backups of all of your data and systems.  If this seems like a never ending or daunting task, call the experts at Excalibur Technology.  We make security and all types of IT support easy!

For more information, read about it on CNET by CLICKING HERE.



Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology