Have you heard Microsoft’s recent announcements that their browser is not secure? These news stories about “exploits” of the browser are not actually news. Microsoft’s browsers (all of them, versions 6-11) have always been susceptible to hacks and this has been widely known in the tech community for years.

If you want to avoid problems, don’t ask yourself “What browser am I using?” Ask yourself “Where am I going on the Internet?”.

Regardless of what browser you use, whether it is Internet Explorer, Chrome, Safari, or Mozilla’s Firefox, YOU CAN ALWAYS GET INFECTED. It’s NOT about the browser, it’s about the user’s behavior online.

In today’s world, viruses, hacks, exploits, and other malicious software come hidden primarily in two packages: Email and unknown websites (especially with pop-ups). That’s it! For the most part, when you close up these two channels, you’ve essentially locked out about 99% of everything bad that can happen to your network. Of course there are other ways into your network (like an infected USB drive), but that doesn’t involve Microsoft’s Internet Explorer browsing software.

The best way to avoid a problem?

Be careful when doing two things:

A) Opening email – do not open emails or click on any links in emails that have these characteristics:
a. Unknown source
b. Known source with unexpected Subject line
c. And NEVER EVER click on an .exe file.

B) Surfing – avoid sites that have these characteristics:
A strange address – anything that you don’t readily identify as a legitimate company, should raise your awareness. www.macys.com for example clearly shows that you’re going to the department store’s official website. An address that doesn’t end with “.com” or “.us” should tell you that you’re leaving the United States for the most part. Even “.net” extensions should raise some eyebrows unless you’ve been there before and it’s legitimate.
Sites with a lot of ads that require you to click multiple times before you get to where you’re searching. Pop-up ads are another dead giveaway. They make you waste time closing them in order for the site to load its deadly computer code.
Sites that you’ve never been to that were not recommended by a friend, but rather found randomly through a Google search should raise a flag. Just because Google gave you the search does NOT mean, it’s legitimate. Google searches for key words – not malicious virus content. This means that even virus-infected websites will show up on Google’s search engine.

You actually have a lot of control over the security of your own system! Just be careful.

All of that said, an interesting business question to ponder is: Why is Microsoft releasing this “news” now? They say there was another exploit that makes every version of their browser susceptible to yet another attack. They say “we’ll have a fix, but it won’t work on Windows XP?” Why all of these announcements? Could it be because people just aren’t jumping to (the underwhelming, mediocre, latest Microsoft fad) Windows 8.x? Could they actually be trying to SCARE people into buying this new product? Hmmm…

Where do viruses come from? For the most part, viruses infect your computers from three places: the Internet, email, and USB thumb drives. If you protect your business against these, you can prevent a problem before it ever starts.

Anti-virus software gives businesses a false sense of security because it makes employees think that they are safe and free to roam on the Internet and open mysterious emails without fear. WRONG! Computers get infected even with anti-virus software and the total costs of using workstation-based anti-virus software are much higher than they seem. Apple Macs included.

For a small business, Anti-Virus for individual workstations can be quite expensive.  A basic 1-year subscription will run you about $30-$50 per person.  Having an office of 30 employees puts this price at about $900-$1500 a year.

This might be all well and good if that were the end of the story.  But experience tells us it’s not the end of the story.  In a case study that we performed, we found that malware and viruses on a regular basis were STILL infecting employees’ workstations and there were many HIDDEN COSTS involved with Anti-Virus installations at the workstations including:

• The time spent on installation and updates at each workstation
• The costs of an inefficient workstation being bogged down by the constant scanning of the workstation’s files
• The cost of time being wasted on the very real possibility of not being able to access valid and important data due to “false positive” prevention
• The costs to rid an infection by a technical engineer
• The opportunity costs of an employee not being able to work
• The potential costs of losing intellectual property
• The risk of damaging the company’s external image to their clients

Is there a better solution? Yes. You can prevent viruses by introducing protection across the entire business rather than at the workstation level. This is a four-part solution:

• A security audit – a review of the current systems to ensure that there are no vulnerabilities
• A cultural change – employee training on what to watch-out for and how to avoid problems
• A firewall preventing employees from accessing problematic websites – with laser precision we can block certain sites from general employee use; this will increase productivity and prevent problems; management can be excluded from these firewalls allowing you to tailor the solution to fit your company needs
• Back-ups easily accessible and ready to be installed – ensure that your back-ups are ready for action

By preventing viruses at the business-level rather than at the workstation, you can free up every workstation to operate at its computing power and increase productivity at the same time. If you want to learn more, contact me here: http://www.rendezviewinc.com/contact-us/

-jdg, RendezView

Snapchat, founded just two years ago, was warned of exploits in their app, months prior to the hack, by an Australian-based security research group called Gibson Security. Several days before the hack Gibson Security posted the app’s exploits online.

Since the hack, Snapchat has implemented minor fixes which apparently can still be bypassed – a reminder that the hopping onto the latest and “greatest” is not always the best move to make.

– Albert Gelbaum