Original release date: September 10, 2018
When your computer is accessible through an internet connection or Wi-Fi network, it is susceptible to attack. However, you can restrict outside access to your computer—and the information on it—with a firewall.
What do firewalls do?
Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary network traffic. Firewalls can also prevent malicious software from accessing a computer or network via the internet. Firewalls can be configured to block data from certain locations (i.e., computer network addresses), applications, or ports while allowing relevant and necessary data through.
What type of firewall is best?
Categories of firewalls include hardware and software. While both have advantages and disadvantages, the decision to use a firewall is more important than deciding which type you use.
Most commercially available firewall products, both hardware and software based, come pre-configured and ready to use. Since each firewall is different, you will need to read and understand the documentation that comes with it to determine whether the default firewall settings are sufficient for your needs. This is particularly concerning because the “default” configuration is typically less restrictive, which could make your firewall more susceptible to compromise. Alerts about current malicious activity sometimes include information about restrictions you can implement through your firewall.
Though properly configured firewalls may effectively block some attacks, do not be lulled into a false sense of security. Firewalls do not guarantee that your computer will not be attacked. Firewalls primarily help protect against malicious traffic, not against malicious programs (i.e., malware), and may not protect you if you accidentally install or run malware on your computer. However, using a firewall in conjunction with other protective measures (e.g., anti-virus software and safe computing practices) will strengthen your resistance to attacks.
Ask us about our Sophos XG Firewall
This product is provided subject to this Notification and this Privacy & Use policy.
What is enterprise network security?
Enterprise network security is the protection of a network that connects systems, mainframes, and devices―like smartphones and tablets―within an enterprise. Companies, universities, governments, and other entities use enterprise networks to help connect their users to information and people. As networks grow in size and complexity, security concerns also increase.
What security threats do enterprise wireless networks face?
Unlike wired networks, which have robust security tools—such as firewalls, intrusion prevention systems, content filters, and antivirus and anti-malware detection programs—wireless networks (also called Wi-Fi) provide wireless access points that can be susceptible to infiltration. Because they may lack the same protections as wired networks, wireless networks and devices can fall victim to a variety of attacks designed to gain access to an enterprise network. An attacker could gain access to an organization’s network through a wireless access point to conduct malicious activities—including packet sniffing, creating rouge access points, password theft, and man-in-the-middle attacks. These attacks could hinder network connectivity, slow processes, or even crash the organization’s system. (See Securing Wireless Networks for more information on threats to wireless networks.)
How can you minimize the risks to enterprise Wi-Fi networks?
Network security protocols have advanced to offset the constant evolution of attacks. Wi-Fi Protected Access 2 (WPA2) incorporates Advanced Encryption Standard (AES) and is the standard employed today to secure wireless enterprises. In June 2018, the Wi-Fi Alliance began certifying devices that support Wi-Fi Protected Access 3 (WPA3), which replaces WPA2. Users should employ the new standards as WPA3 devices become available. IT security professionals and network administrators should also consider these additional best practices to help safeguard their enterprise Wi-Fi networks:
Employing active WIDS/WIPS enables network administrators to create and enforce wireless security by monitoring, detecting, and mitigating potential risks. Both WIDS and WIPS will detect and automatically disconnect unauthorized devices. WIDS provides the ability to automatically monitor and detect the presence of any unauthorized, rogue access points, while WIPS deploys countermeasures to identified threats. Some common threats mitigated by WIPS are rogue access points, misconfigured access points, client misassociation, unauthorized association, man-in-the-middle attacks, ad-hoc networks, Media Access Control spoofing, honeypot/evil twin attacks, and denial-of-service attacks.
The following list includes best practices to secure WIDS/WIPS sensor networks. Administrators should tailor these practices based on local considerations and applicable compliance requirements. For more in-depth guidance, see A Guide to Securing Networks for Wi-Fi (IEEE 802.11 Family).
The Federal Bureau of Investigation (FBI) has released an article on building a digital defense against a fraud that uses Facebook’s texting app—Facebook Messenger. Scammers send messages that appear to be from trusted sources or trick users into clicking on malicious links or sharing personal information. Before clicking on links, users should verify the validity of the message with the sender outside of the app.
Talk to us about a security assessment!
What is a social engineering attack?
In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization's network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.
What is a phishing attack?
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as
HP Notebook Computer and Mobile Workstation Battery Safety Recall and Replacement Program
In January 2018, in cooperation with various government regulatory agencies, HP announced a worldwide voluntary safety recall and replacement program for certain notebook computer and mobile workstation batteries. These batteries have the potential to overheat, posing a fire and burn hazard to customers. For this reason, it is extremely important to check whether your battery is affected.
Batteries affected by this program were shipped with specific HP Probook 64x (G2 and G3), HP ProBook 65x (G2 and G3), HP x360 310 G2, HP ENVY m6, HP Pavilion x360, HP 11 notebook computers and HP ZBook (17 G3, 17 G4, and Studio G3) mobile workstations sold worldwide from December 2015 through December 2017. They were also sold as accessories or provided as replacements through HP or an authorized HP Service Provider.
Many of these batteries are internal to the system, which means they are not customer replaceable. HP is providing battery replacement services by an authorized technician at no cost. HP is also providing a BIOS update that places the battery in "Battery Safety Mode" so that the notebook or workstation can be safely used without the battery by connecting to an HP power adapter. Batteries affected by this recall should immediately be put into "Battery Safety Mode".
Battery Safety Mode is only applicable to HP products affected by this recall. If the validation process identifies a battery as being eligible for replacement, the BIOS update should be applied and the system should be rebooted. During the reboot process, an option will be presented to enable Battery Safety Mode. Accepting Battery Safety Mode causes the battery to discharge and to cease future charging until Battery Safety Mode is disabled. HP strongly recommends accepting Battery Safety Mode so that the notebook or mobile workstation can be safely used by connecting to an HP power adapter. For more information please refer to the FAQs tab on the HP website.
HP’s primary concern is for the safety of our customers. HP is pro-actively notifying customers, and will provide replacement battery services for each verified, eligible battery, at no cost. For customers with 5 or more potentially affected batteries, HP has put in place a process to assist with validation and ordering . For details please refer to the FAQs tab on this website.
Note: Not all batteries in all HP ProBook 64x and 65x, HP x360 310 G2, HP ENVY, HP Pavilion x360, HP 11 notebooks and HP Zbook mobile workstations are affected by this recall.
The HP Battery Program Validation Utility will check if the battery in your notebook computer is affected. Validation using the utility generally takes less than 30 seconds
Download the HP Battery Program Validation Utility
What do I do if my battery is validated?
HP will send you a free replacement battery for each verified, affected battery validated on the HP Battery Recall website. Refer to the instructions included with the new battery for information on what to do with the recalled battery.
Am I affected?
Both Spectre and Meltdown were discovered last year, but was only recently disclosed to the public. Both vulnerabilities exploit a processing technique, known as speculative execution, that went mainstream in processors around 15-20 years ago, so basically every CPU made in the last 20 years is vulnerable.
What might happen?
These vulnerabilities allow attackers to view information stored on the processor itself. Normally this is not allowed due to security on the Operating System and the hardware itself to keep secret things secret. These vulnerabilities bypass this to allow seeing things such as passwords and encryption keys, or in the case of cloud environments, potentially data on someone else’s server if they share resources.
Which Operating Systems are affected?
Because these are hardware vulnerabilities, the overlying operating system doesn’t matter. Windows, IOS, Android, and Linux are all affected. There are some patches being released that help plug the holes that can be exploited, but the true fix will need to come by re-designing the CPU from the ground up.
Are Spectre and Meltdown different?
Meltdown is a vulnerability that breaks down the security walls between an application and the operating system. This primarily affects Intel and Apple CPUs. AMD CPUs are not affects. This vulnerability is the easier of the two to fix and there are patches released or in the works to fix it. The downside to the fix is that it will slow the performance of the CPU. So far, the degradation of performance has not been noticed in normal office use.
Spectre is a vulnerability that breaks down the security walls between the applications themselves. This affects all CPUs made in the last 20 years, including AMD. The positive side is that is it VERY hard to exploit.
What should I do?
The best protection is to make sure you don’t turn off or ignore updates. Microsoft has rolled out updates to Windows 10 on 1/3/18. Windows 7 and Windows 8 will have patches released on “Patch Tuesday” on 1/9/18. Apple has released patches for iOS 11.2, macOS 10.13.2, and tvOS 11.2.
Guide to inbox management
With hundreds (or thousands) of messages coming and going from your inbox each month, it can quickly get unruly. Outlook helps you take control and stay on top of what’s important. Here are six Outlook tips and tools to help you overcome business email overload.
Your inbox should be your command center—helping you plan your day by staying on top of what matters. That’s why our Outlook team spends so much of their time improving your email experience. One of Outlook’s newest features, Focused Inbox, helps you focus on the emails most important to you. This feature separates your email into two tabs: Focused and Other—determined by an email’s content and the contacts you communicate with most. That way, all your less important emails are saved but out of the way, enabling you to focus on what’s most important first. To fine-tune the sorting criteria, just use the “Move to Focused” or “Move to Other” options.
Available on Outlook.com and Outlook for iOS and Android. This feature will soon be rolling out to Office 365 customers and Outlook on other platforms.
There’s now a better way to quickly identify action items for team members through email. Simply type the @ symbol followed by individuals’ names in the body of your emails. The @Mention changes the text color and style to call an item to the recipient’s attention. This helps you detect what emails require your response, as the @ symbol will appear in your message list when you’ve been mentioned in an email.
The @Mentions feature is already available in Outlook on the web and is available for Office Insiders using Outlook 2016 for Windows and Mac. Look for @Mentions coming soon for Outlook for iOS, Android and Windows 10 Mobile.
Outlook’s smart search has made it easier to find what you’re looking for—regardless of where the email is stored. This reduces the need to sort emails into folders, which can sometimes take more time than it saves. Outlook searches all email that is synced to your computer as well as stored on your email server, so you can find exactly what you need when you need it. Start typing a name or keyword into the search bar, and Outlook provides smart suggestions based on your previous searches and the content of your mailbox.
Outlook provides many ways you can organize your inbox to match your individual work styles or preferences. Make your emails more easily discoverable by taking advantage of features like colored Categories, Flags and Quick Steps. Categories allow you to assign a color to your emails, to assign them to a project or work group. Flagging an email will remind you to revisit later, and it will appear in your To-Do bar, Daily Task List within the Calendar as well as the Tasks view. Or simply use the Read/Unread options to come back to important items at your convenience.
Individually removing your email from each list can be a drain on your time. Luckily, Outlook can take care of this problem for you. Easily unsubscribe with just one click, without leaving your inbox.
Currently this feature is only available for Outlook on the web.
If too many emails are cluttering your inbox, the Sweep tool can help you quickly get rid of unwanted mail. Delete emails in bulk with the Sweep feature or create a rule for deleting certain emails so you don’t have to do it manually. Tired of receiving a store’s promotion? Sweep and block all future emails with just a few clicks.
Currently this feature is only available for Outlook on the web.
On June 14, 2016 HP announced a worldwide voluntary safety recall and replacement program in cooperation with various government regulatory agencies, for certain notebook computer batteries. The affected batteries were shipped with specific HP, Compaq, HP ProBook, HP ENVY, Compaq Presario, and HP Pavilion Notebook Computers sold worldwide from March 2013 through August 2015, and/or were sold as accessories or spares, or provided as replacements through Support. These batteries have the potential to overheat, posing a fire and burn hazard to customers.
Because these batteries pose a fire and burn hazard, it is extremely important for customers to check whether their batteries are affected, and to cease use of affected batteries immediately. Customers may continue to use their notebook computer without the battery installed, by connecting the notebook to external power.
HP’s primary concern is for the safety of our customers. HP is proactively notifying customers, and will provide a replacement battery for each verified, eligible battery, at no cost. For customers with 10 or more potentially affected batteries, HP has put in place a process to assist with the validation and ordering process
Here is the link to validate and create the paperwork for the replacement battery:
On this page you will find a utility to validate and then a form to fill out, submit and you can check your order status.
Please let us know if you need us to help you with this.
Here is a free utility to stop the Windows 10 upgrade.
Step 1 Download the utility
Step 2 Install the utility
After you downloaded the utility you need it install it. The downloaded executable will look like this image to your right. Double-click the GwxControlPanelSetup you just downloaded. You will have to click through several standard install screens. (Next, next next ...) The final screen will finish the install and open the Control Panel
How to use the control panel
In the bottom third of the Control Panel screen there are 2 columns of buttons.
On the left column click
"Click to Disable 'Get Windows 10' App"
"Click to Delete Windows 10 Download folders" (this will take several minutes)
"Click to Disable non-critical Windows 10 Settings"
On the right column click
"Click to Prevent Windows 10 Upgrades"
"Click to Delete Windows 10 Programs"
"Click to enable Monitor Mode" (this button may show on the left column)
As you click each button, the 'Yes' will change to 'No' in the upper part of the control panel window indicating the Windows 10 process has been stopped.
You are done. You may close the ControlPanel
Control Panel is provided by Ultimate Outsider - If you wish to make a donation to the author CLICK HERE
Here is how to revert your computer to Windows 7 or Windows 8.1
If it’s been less than a month since you upgraded to Windows 10, you can go back to your previous version of Windows by going to:
Settings > Update & security > Recovery and selecting either Go back to Windows 7 or Go back to Windows 8.1.
Hint - to find Settings, click the start button (lower left corner of your desktop) and you will see the word 'Settings'
This won't affect your personal files, but it will remove any apps you installed after the upgrade to Windows 10
Can I stop this from happening again?
Silloway Support Team
Call today - 802 282-4255
Silloway Networks offers Enterprise level support to Small and Medium Businesses in Rutland, Addison, Windsor and Bennington Counties. Employing highly-skilled technicians and developing partnerships with best-of-breed technology providers allows Silloway Networks to provide personalized technology solutions to enhance the operation of your business.
Website by Silloway Networks