All posts in: Data Security for Moving Companies

Yesterday, Microsoft released a security patch for Windows, and we are urging all our customers to update immediately.  At the risk of frightening anyone before they have had their morning coffee, you should know this is a pretty big deal.

Without the patch, your Windows PC contains a security flaw that could give attackers full access to your computer.  By exploiting a vulnerability in OpenType fonts, if you visit a compromised website or open an unsafe document, an attacker can essentially stroll right into your computer.  This flaw affects Windows Vista, Windows 2008, Windows 7, Windows 8, Windows 8.1, Windows Server 2012, Windows RT, and Windows RT 8.1.   Unfortunately, if you are running the Windows 10 Insider Preview, you are also at risk.

Read More

Image via Shutterstock

Image via Shutterstock

You may have heard about the most recent security issue facing computing: the “Venom vulnerability.”  Venom is the name of the new security issue that impacts some data centers, and could be exploited by hackers to access the data of millions of end users.

The 30,000 ft. View of Data Centers

Most data centers employ “virtual machines” to store your data. Typically they’ll take a physical server and instead of devoting that machine to just you and your data, they “virtualize” it. What this means is that they divide the server’s resources, storage, etc. into many different isolated environments.  Initially, this can save you some money because instead of having to pay the upfront cost of a dedicated server, you are sharing space with several other companies for a monthly fee.  Even though your data may be on the same physical server as a dozen other businesses, you typically can’t access any data on the server that isn’t yours.  Your data center or cloud provider has systems in place that you rely on to ensure no one can access your data, either.  Unfortunately, Venom exploits a fairly old technology still used by many data centers and runs right past all those “protective” systems.

How It Works: The Non-geek Edition

For a hacker to exploit this vulnerability, the first thing they need to do is gain access to a user’s login credentials. This can be accomplished by breaking into a public network, like a hotel’s WiFi, and stealing login information from a dedicated employee who happens to be logging in while traveling. Using the Venom vulnerability they can break out of that initial virtual machine and access other data and servers in the network.  It appears that by using Venom, a skilled attacker can essentially access any part of the data center at an administrator’s level.

The Good News

First things first, your EDC data is not at risk.  We do not use any of the affected technology in any of our servers, any of the servers we provide, or any of the virtual machines we configure. If you are using an EDC provided server, and it is being housed at a data center, it will also not be impacted by this vulnerability.

At time of publication, no one has any proof that hackers have utilized the Venom vulnerability, and the majority of impacted virtualization products have been patched to prevent this from occurring.

The Not-So-Good News

If other parts of your company’s technology infrastructure is on the cloud or at a data center, your IT department should double check that every step has been taken to fill those gaps in security. These types of vulnerabilities, while uncommon, are not unheard of in cloud computing.  Symantec released research last month on how rookie hackers could access clouded files very easily.  Dan Kaminsky, one of the nation’s top security researchers, suggests in a conversation with Fortune that the best way to avoid this issue is to have your own server. This ensures that your data is always isolated from other companies and potential hackers.

As always, let us know if you have any questions or suggestions by commenting below or emailing blog@edcus.com.

 

A couple weeks ago, Eric Anders at ReloRoundtable had an interesting piece on using QR codes in marketing.  I love when Eric writes about tech in the moving & storage industry.  And his interest in incorporating what he calls “Smarter Advertising” is definitely something we can all get behind at EDC.

As an advertising and marketing junkie, I love QR codes.  They’re free and  can help you achieve your mission of getting customers to engage with your website, apps, social media or any other digital asset your company uses.  But as an undercover tech geek, it’s hard not to have conflicted feelings about QR codes, and what risks they can pose for uninformed users.

Let’s look at them from both sides.  First, we’ll see what you can do as a marketer to engage your customers using QR codes.  Then we’ll discuss some tips to help you protect yourself from hackers. Read More

World Backup Day

Today is World Backup Day, a day created to remind everyone how important it is to protect your data from loss or theft with regular backups.  Check out this very brief video from WorldBackupDay.com to learn more about how it got started and why you should back up your info:

Here’s what you can do to keep your data safe:

  1. Check out this link for step-by-step instructions on how you can back up your data.
  2.  Set up automatic backups on your devices, or set reminders in your calendar to back up your data on a regular basis.
  3. For business applications, ask your IT staff or software vendors what backup procedures they follow.  As an example, whenever we implement software for a new customer, we work with them to ensure there are regular, automated backups in place to protect their information.  But it never hurts to double check that all your other business software has a similar process.
  4. Spread the word.  I’m sure you have an uncle, friend or coworker who isn’t as tech savvy as you are, right?  So share the love (and security), and send them the link to this post so they can start protecting their data, too.

 

Image and video courtesy of www.WorldBackupDay.com.

02211403_Smaller

Raise your hand if you’re tired of hearing about another company or website getting hacked.  If you use a digital device (which if you’re reading this, you do), security breaches will likely affect you at some point.  The most important question then becomes, what can you do to protect yourself?  Here are a few tips from our staff:

Follow the password “rules”.  Last year, 4.6 million Snapchat users had their usernames and passwords compromised and posted online.  Initially some users weren’t overly concerned as they regarded Snapchat as just another messaging application.  But what if you used the same username and password for several different sites?  What if the password you used for Snapchat is the same one you use for your bank?

Read More