By -- 2018-02-15 in Blog

What do you think happens when you go to a website and there is a big warning that says this website is not secure?  Do you think you will go back to that website?  That is going to happen to millions of websites beginning in July when Chrome version 68 is released.

Google is forcing all websites to begin using HTTPS for all websites which means that the connection between the website’s server and your computer is encrypted. Google believes it will make the web a more secure place and if you don’t do it, they will announce to the world that you are not secure.

If you want more information, click here, otherwise if you need help with installing an SSL certificate to have HTTPS on your website, please contact OptfinITy.

By -- 2018-02-8 in Blog

Making sure your website is updated with the latest patches is very important as new vulnerabilities are discovered almost daily – so what happens when the latest update stops your updates from working?

On Monday, WordPress released version 4.9.3. The very next day, WordPress released version 4.9.4. Although version 4.9.3 fixed 34 bugs, it also introduced a new bug that prevents automatic background updates from updating automatically! This bug causes WordPress to encounter an error when attempting to update itself to the latest version.

Four years ago, WordPress added the self-update feature allowing users to keep their website secure and bug-free so users have not had to think about updates. This means that there are millions of unmanaged WordPress sites that expect their site to automatically update itself. So if you are an admin of a website running WordPress, make sure to update now or if you need help with your website, give OptfinITy a call at 703-790-0400.

By -- 2018-01-29 in OptfinITy News

Data is the lifeblood of your organization.
If your systems were struck by a disaster,
How much data could you recover?
How much downtime would you experience?

To ensure your business continuity is to proactively protect your systems and data against disasters of all types. When we consider the amount of data we store and how much we rely on infrastructure to communicate and compete in today’s world, it’s easy to see how one system disaster can cause serious damage to a business.

Join OptfinITy at our February Lunch and Learn (catered by Pure Perfection Catering) where will not only discuss a great solution but will demonstrate an actual computer disaster to help you understand the threats to your data and the solutions to protect it.

For an agenda, here are the items we will be covering on February 22, 2018.  Go here to register. 

• Traditional Backup vs. Business Continuity
• Cyber threats of 2018 – Who is behind them, what to look out for, and where does Business Continuity fit in to your 2018 Cyber Security Plan
• Calculating the cost of downtime
• Live demo of how quickly you can virtualize your systems, and get your business back up and running
• Questions?

By -- 2018-01-6 in Uncategorized

As a Sonicwall partner, we were pleased to find out that Sonicwall routers were not susceptible to the latest vulnerabilities per their release shown below.

On Jan. 3, two processor vulnerabilities, known as Spectre and Meltdown, were published by Google’s Project Zero security team. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and Arm.

A successful exploit of this vulnerability allows an attacker to access sensitive information (e.g., passwords, emails, documents) inside protected memory regions on modern processors. Because the OS-level memory isolation is usually considered trustworthy, this data is most likely to appear in plaintext in memory when processed by the OS and applications.

Your SonicWall customers are not susceptible to Spectre and Meltdown vulnerabilities. No updates are needed at this time.

The SonicWall Capture Labs investigated the Spectre and Meltdown vulnerabilities and found the following:
• The full range of SonicWall TZ, NSA and SuperMassive firewalls are not vulnerable to the Meltdown or Spectre vulnerabilities.
• All other SonicWall products, including Email Security, Secure Mobile Access and Global Management System, also are not at risk. These products are hardened and do not run third-party code, which is a prerequisite for this attack.
• Signatures for SonicWall Gateway Anti-Virus (Exploit.Spectre.A) and Intrusion Prevention Service (IPS 13149: Suspicious Javascript Code) have been released to identify and defend the networks. Each are automatically applied to licensed firewalls with GAV and IPS enabled.
R

By -- 2018-01-5 in Blog

Meltdown and Spectre are the latest named vulnerabilities to appear in the news and they are in fact very problematic because the attacks could be used to read system memory that *should* have been inaccessible. What happens is an attacker could steal sensitive information such as passwords or encryption keys from your computer’s memory. And because these flaws are in your computer’s chips, it’s not a problem that is particularly easy to properly fix without a hardware replacement.

The solution at this point besides replace your computers? Change the low-level software that speaks to the hardware. Since the hardware can no longer be trusted to do what they were supposed to be doing, the software will limit the capability.

The good news is that these flaws have been known about for months and there are already plans to release these patches with some including Microsoft already releasing server versions on January 3, 2018. The researchers who discovered the problems disclosed them to chip manufacturers and software vendors, who have been feverishly working on fixes. The bad news is that we are at the mercy of some of these companies but the goal is to release patches soon. If you are managing your own hardware, then you should make sure you are updating all items (Phones, routers, computers, etc.). If we are doing it for you, you are all set as OptfinITy will roll out the patches as they are available.

By -- 2017-12-21 in Blog

 

Researchers at the University of Washington are trying to store small amounts of data on smart fabrics.  These magnetized garments would be readable by a magnetometer and not need any electronics or batteries to function.  This would be useful for invisibly labeling items or using clothing or accessories in place of a password or key card.

While connected textiles have been around for years, they haven’t yet made it to the mainstream.  Some reasons include high prices, limited functionality, and durability; not to mention lack of precision with things such as gloves for smart phones.

Soon, though, you might be able to buy ties, belts, and bracelets that may be programmed to help you open doors, unlock phones, or give you access to your laptop.  And you can bet when these new gadgets become mainstream in the workplace, Optfinity will be there to assist our clients manage their usage, security, and updates.

By -- 2017-12-1 in Blog

In December 2015 (2 years ago), DFARS 225.204-7012 required DoD contractors to implement NIST 800-171 “as soon as practical, but not later than December 31, 2017.  That is this month!   This deadline is now less than 30 days away, and many contractors are not complaint.  What is worse, is that many have not taken steps to begin to comply, putting their business at risk.

There is a lot of debate over what is and what is not Controlled Unclassified Information (CUI), and many small businesses think they do not have to comply because they are subcontractors, or they think they don’t hold any CUI.  However, the problem is that the big, multi-billion dollar DoD prime contractors (you know who they are) are not taking ANY chances with NIST 800-171 at all.  If you are a government contractor and you fall anywhere within the DoD supply chain, you need to comply with NIST 800-171.

For more information on compliance and what you can do from a technology perspective, please contact us at OptfinITy.

By -- 2017-11-16 in Blog

 

It’s the Holiday Season once again, but remember it is also a holiday for the bad guys as well, but not in the way you might think. Hackers go into scam-overdrive mode during this time of the year to prey on the heavy shopping done by consumers. This time of year is the busiest for on-line shopping and scammers are out to get rich off of your money. So what should you look out for?

There are too-good-to-be-true coupons that offer free or discounted phones, tablets, and countless other cool items all over websites and social media; don’t fall for them! Make sure the offers are from a legitimate company. While you’re at it, watch out for alerts via email or text informing you that you just received a package from FedEx, UPS or the US Mail.  These notifications will then ask you for some personal information; don’t be fooled into giving them anything!

The price of security, especially now, is constant alertness and willingness to fight back. Remember to only use credit cards online, never debit cards, as your liability is limited with a credit card and the money does not come straight out of your bank account. Be super-wary of spam email with crazy good BUY NOW offers and anything which looks slightly “off”.  Remember, if it seems too good to be true, it probably is.  And if you’re still wanting to take advantage of that offer, double check with the company directly.

If you think you might have been scammed, stay calm and call your credit card company right away, nix that card, and get a new one.  It is always better to be safe than sorry.

By -- 2017-11-9 in Blog

If you have an iPhone and you’re having the issue where “i” gets replaced with weird characters, here is the fix:

  1. Go to Settings
  2. Go to General
  3. Go to Keyboard
  4. Go to Text Replacement
  5. Tap + in the top right corner
  6. Type lower case i on the phrase line & capital I on the shortcut line
  7. Save

By -- 2017-11-6 in OptfinITy News

 

November 6, 2017 – OptfinITy, the DC areas Leading IT Provider for Small Business and Non-Profit Associations announced today that CRN®, a brand of The Channel Company, has named OptfinITy to its 2017 Next-Gen 250 list. The annual list recognizes standout IT solution providers who have successfully transformed their businesses to meet the demands of emerging technologies such as cloud computing, IoT, virtualization, mobility, business analytics and business intelligence. These solution providers, all in business for fewer than 20 years, have adapted to an evolving marketplace with a notable penchant for bringing key technologies to their clients before they become mainstream.

OptfinITy believes Cyber Security and Business Continuity will be one of the greatest challenges organizations will face this year and going forward. It is necessary for smaller organizations to partner with the proper provider to make sure that they not only have a proper security plan in place but a plan that helps them recover should a cyber event occur. We’re honored to be added to the Next-Gen 250 list of companies who will help organizations face these challenges,” says Michael Drobnis, Founder & CEO of OptfinITy.

This group of solution providers is leading the way when it comes to emerging technologies, bravely stepping into the uncharted territory of next-generation IT solutions ahead of their peers, said Robert Faletra, CEO of The Channel Company. Our 2017 Next-Gen 250 list is comprised of relatively new companies as well as established ones, all sharing the common thread of successful, trailblazing solutions designed to meet an unprecedented set of customer needs. We congratulate each team on its vision and contribution to the overall advancement of the IT channel.

 

About the Channel Company

The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequaled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace. www.thechannelco.com