The Power of Passwords

We store a lot of data electronically, whether it’s at the office, or on social media, or anywhere else. But even the most sophisticated system is only as effective at keeping that data safe as the password you choose. Even the most powerful encryption won’t help when someone tries putting in “password” as your password. And yes, I’ve personally seen that used in corporate environments. The large security breaches confirm the same thing, that “password” is one of the most commonly used passwords.

So if you want to keep your data safe, the best way to start is with a better password. You want something difficult to guess, as well as difficult to crack by machine, but yet still memorable for yourself. Using characters instead of letters helps (such as a ‘zero’ instead of an ‘o’), though most people these days automatically attempt the common substitutions when trying to crack a password. The current trend is using phrases as your password. Due to their length, they are harder to crack. Yet, a password like “ilovetheocean” is still pretty easy to remember.

Another key is to use different passwords for your different accounts, services, etc. This way, if someone does breach a system and gets a list of usernames and passwords, they will only be able to access that system with your credentials, and won’t be able to get access to everything else you have. For example, say you use your email address and password on a forum about cars, and they get breached. That may not seem like a big issue to you, but it can be if you use the same password for everything. Now, instead of just being able to see some posts you made about your car, they can make transfers from your bank account, buy things on Amazon, and read all of your emails.

Now, it can get confusing having different passwords for every service, especially if you’re required to change them on a regular basis. It’s ok to keep them written down somewhere to keep track, but make sure it’s secure. You could use a password-protected service that maintains a list of all of your passwords. Or you could write it in a personal notebook, though you need to keep it safe from others at all times, and you need to realize the risk if you were to lose it and someone found it! Also, don’t leave your password on a sticky note on your monitor! Sure, it won’t make a difference to outside attackers. But what about someone that’s walking through the building? They can easily gather enough info that way to get into the system later on.

I know this all seems like a lot, but the effort to recover from unauthorized account access can be far, far more difficult. Just remember the key points:

  1. Use passwords that are secure (not ‘password’!!), but easy to remember
  2. Use different passwords for different services
  3. Don’t leave your password laying out where it can be easily seen

“Nah, nothing on it to really worry about!”

I could not tell you how many times in my profession that I have heard these words from people regarding their technology. The other one is; “Well I can recreate what was on it easily.” This is usually followed up by a few questions we ask and then by a very perplexed look on the person’s face when they realize that the QuickBooks data that they have been diligently backing up was to the same hard drive that just failed or that’s where all the pictures were from our trip to Spain.

Your hardware is replaceable and it can be costly. However, recreating years of accounting or even a week or two of a basic spreadsheet can cost the companies/end users a significant amount of time and resources. The average decent laptop runs around $1000 and a Server can run in the tens of thousands.

Ask yourself these questions: How much would it cost me to fly my family back to the Grand Canyon and retake the 150 photos that we took? How about; How many hours would it take to restore even one month of accounting work? (not to mention if years have been lost). What will the fines and penalties cost from the IRS when audited after the loss of accounting data?

This week I picked up new computer from a customer that had been kicked or dropped under a desk. They had purchased the cheapest piece of crap that Walmart sells. The end user had been waiting for a day for the disk to check itself and the system would not boot. When questioned about if they had a backup they stated; “Yah, from about a month ago but I can easily recreate it.”

I took the computer back to the bench where I booted it off of a USB to run some testing on the hard drive.  It quickly became apparent from the loud thunking noise of the hard drive that I would not be able to retrieve his data. I called and explained that the computer they had purchased was not appropriate for a work environment and that restoring any data would require it to be sent away to a clean room, platter removed and a data recovery performed. The cost would be in the thousands.

To my surprise (sic), the end user started to get irate with me about not being able to retrieve his data and that maybe 1 to 2 grand wasn’t that much after all. I have learned to become very firm with people at this point usually with a pointed, carefully worded phrase informing them of how absolutely stupid they were not to have a backup.

Folks, data backup is cheap. It may only cost a few dollars a month to backup your laptop or your documents and pictures. You can replace the hardware but the data is not as easy or cheap. Consider hiring a decent IT firm to take care of your data and the security of it. You will be more productive for it and contrary to popular belief we are not that expensive. Also, you should ask your IT firm to give you daily reports on the status of your backups and they should perform test restores on a regular basis to ensure data and backup integrity.

Bob.

 

PS – Last month I took on a new client that runs a fairly large office with about 15 employees. After initial analysis I determined that they had not successfully backed up their server for over 3 months which included all their email and their accounting system as well as user files.. The response from the CEO was; “Oh, Yah, we used to have someone in charge of that.” and didn’t even seem to be concerned.. No harm no foul right? I am still trying to convince him to let us manage his server and backups….. I am tired of barking at the moon.. So when you don’t have a good backup or a firm that is in charge of your data and there is a data loss. Don’t expect me to be consoling you. I will most likely tell you how stupid you were with a smile on my face!

 

Managed Services for Home Customers

Almost all commercial IT companies don’t like to get the calls from home customers and their computer problems.  When your brother calls at 10pm about problems you wish you had never answered the phone.  Recently, we have been dealing with this problem by installing our Managed Services Client on home users computers.

Below is a screen shot of our management interface. The agent, when installed, monitors critical resources, installs our managed antivirus and allows us to have direct remote access to the machine so when you do call we are able to help you quickly and efficiently. All of this for a whopping $9 bucks a month.

Please click on the picture below to get a clear view of the interface.

Home Customers

 

 

We are also capable of providing Cloud Backups and Internet Filtering to protect you and your children.

Out of the 18 or so home customers we have installed this service they have found that their computers are running 100% better. Limiting both of our frustrations.

Drop us a line today for a 30 day free trial.

Bob