2FA & General Account Security

I’d like to say thanks to “King_Jay16” from the TechJamaica forums. Details can be found on my Discourse and on their forums.

https://forums.carlosthomas.net/t/2024-general-account-security-passwords-2fa

https://www.techjamaica.com/forums/showthread.php?116270-2024-General-Account-Security-Passwords-amp-2FA

You can get right into it or just check the TLDR below.

I may edit this and add more details or photos as things progress.

TLDR

Those above are what I’ve tested. If you’re on iOS you can pick any of the two lower ones. My choice would be Authy based on the fact that some services specifically use it. If none of the services you’re on use it, then go with TOTP since it has browser push features.

If you’re on Android, Aegis is the one to go with. Authenticator Plus was put there to set the arena for the others. It was the best on the market back in the day, but it’s lack of development has reduced some features and made it lose the #1 spot.

Check more details below for why I’d pick one over the other.

2FA/MFA

2FA or TFA – Two Factor Authentication – is something that came about for added security of accounts. Hackers have been able to breach servers or use brute-force attacks to get access to data over the years, and the use of 2FA has reduced the risk significantly.

2FA may also be referred to as MFA at times – meaning multi-factor authentication.

2FA essentially uses your password with something else to authenticate the account. This can include, but isn’t limited to:

  • A text message (SMS).
  • A pushed notification (like Google).
  • An IM message (sent to WhatsApp or FB for example).
  • RSA hard or soft token (like those used by banks).
  • OTP – One Time Password.
  • Biometrics.
  • PIN.
  • Security Question/s.

2FA/MFA may include your password plus one or more of the items listed above. Again, it’s not limited to what’s above – other options may exist that I’ve overlooked.

MOST COMMON 2FA

By far the most common ones are those used by your bank and those used by email providers. Google and Microsoft are good examples.

Your bank may provide you with a hardware token that is tied to your specific account. This device generates codes that are put in with (or after) your password to get access to your account.

Google uses push notifications on your Android device to prompt for signing in. Microsoft has an option to use a timed authenticator with a 6 digit code – very similar to the one you’d use from your bank, but in a different app.

Part of the issue with all these apps is having so many installed to do the same task – we’ll get into that some more.

SETTING UP

If you’re not using a physical hardware token or key, most 2FA options include a QR code that’s scanned using your mobile device. This code then allows your authenticator app to register the entry with some name and other identifying data to differentiate each entry. As stated before, some companies – like banks – may have specific software that they require you to use. If there isn’t a defined requirement for specific software, then you can use any authenticator app and just add the entries.

SPECIALIZED 2FA

Probably not the best heading, but that’s how I’ll phrase it. As said before, there are some companies decide that they won’t use a regular authenticator app and you must use theirs. An example of this is NCB and their SecurID app. Other companies integrate a specific authenticator app into their backend, and you have no choice but to use that app.

Gamers that are familiar with STEAM or BattleNET are aware of the specialized push notifications and generation of tokens to secure their accounts. Most people with a Google account or an Android device will also get push notifications for login authentication. If you’ve seen these before – you have an idea of what a specialized app is like.

OTHER 2FA APPS

Personally, I have over 70 accounts in my listing. That list grows over time as more companies integrate 2FA. Emails and gaming accounts are just some of the ones that are secured. This brings me to the part I wanted to talk about – the various authenticator apps.

I won’t be talking much about specialized apps used by companies – unfortunately you have no way of getting around those. This will be focused on authenticator apps you can use for your daily life for adding all your accounts for 2FA security – minus the ones that force you to use a specific app. The focus will be on:

So let’s get into each one in the order above.

Authenticator Plus

I’ve personally been interested in account security since around 2007/2008, and when this app came around I jumped right on it. This was the first app that I saw with backup and export capabilities. All other authenticator apps simply had “add” options. If something happened to your device you’d have lost all your keys/codes. Authenticator Plus allowed you to backup to DropBox whenever changes were made – this was somewhat revolutionary.

The problem is – development stopped. This means less compatibility with newer Android devices and resulted in the loss of online backup capabilities. This was still a great option though, as you could do a local backup (encrypted) and then upload it manually. You could also do an unencrypted export, which was then placed in a password ZIP file, and you could the import that to any other authenticator app which supports that feature. I use WinAuth periodically and would export so I still have access to my 2FA even if my phone is dead/charging. I was looking for an alternative, and then “King_Jay16” from the TechJamaica forums introduced me to the next app in this list.

LINK: https://www.authenticatorplus.com/

Aegis Authenticator

I’d consider this to be the absolute best authenticator on the market. The only reason it’s not a definitive #1 is the lack of iOS support. IMO, this is like a continuation of Authenticator Plus with a lot of improvements. The ability to change the views, to export both encrypted and unencrypted and – best of all – the ability to backup to cloud services.

Aegis also has one added feature that I’ve not seen elsewhere – the ability to share a code. This means you can generate a QR code for a specific entry and have it scanned into another device.

With the various security options available within the app, the chances of someone stealing your info is minimal – unless you’re literally held at gunpoint and forced to send over all your account details. IMO – it’s far more secure than just about everything else out there, with the next entry being an awesome competitor for the security department but lacking in features.

LINK: https://getaegis.app/

Authy

This is (arguably) far the best option for security that supports Android and iOS. They did have a desktop app which is being retired – which is why they’re not ranked higher in my list.

Authy ties to your phone number and then sends a text (SMS) for the initial install. Thereafter, each added device is authenticated using a push notification on previously added devices. You can also audit and remove devices from your listing if you wish.

Cloud backup is done through their own servers, but the feature isn’t there by default. You must specify a password to decrypt the data and then it will backup and sync across devices.

There are some companies that use Authy exclusively, and I can understand based on how secure it is.

For persons that want a bit more control over their data though, Authy won’t be the top pick, but it is one of the best that I’ve come across. If only it had the ability to push to your desktop like our final entry.

LINK: https://authy.com/

TOTP Authenticator

This makes the list as one I was testing before finding Aegis. This is the only one I saw that has an option to push the 2FA to your browser from your mobile device. That’s a great feature to reduce typing out the code and maybe missing a digit.

TOTP supports cloud backup and sync options. There are options to order your listing in a custom manner or show it alphabetically. One reason why this didn’t end up at the top – or higher – is the lack of export and sharing features.

Unfortunately I don’t have much to say about TOTP, but it is still a great option depending on your use case and needs.

LINK: https://www.binaryboot.com/totp-authenticator

SUMMARY

There’s lots of options available for whichever platform you’re on. Using a 2FA app with your password to bolster security is a great way to keep undesirables out of your stuff.

If you want a regular set and forget it – Authy is probably the best way to go. Just ensure you set up the backup options.

If you want some added features like pushing to your browser, use TOTP.

If you’re on Android, the best option IMO (at the time of this writing) is Aegis.

RustDesk Problems & Solution

It’s come to my attention recently that RustDesk servers are under DoS attacks. This has resulted in problems with connecting to systems. The current workaround is to simply use Remote Utilities – my preferred solution. There are times however, that RustDesk will be required either if I’m on the road and unable to use may laptop/desktop, or if I need to provide support to a Mac. Fortunately, there’s still a solution to that.

Simply get the app started and then click on one of the two options shown by the arrows. This should take you to the settings page.

Once on the settings page, go to NETWORK and then fill in the two options for ID and RELAY servers. This information will be provided by me once you get in touch.

On completion of that – hit APPLY and then close the settings page or click back where it says HOME in the top left. I should then be able to connect.

The only down-side to this is it routes traffic through a custom server. If you intend to get support from other persons you’ll either have to input their server details or wait until RustDesk has resolved their DoS issues.

Hopefully that information helps. For a discussion on the issue you can see the link below.

https://github.com/rustdesk/rustdesk/discussions/7008

Power Problems – 2024-01 – MDVL

This is a quick update and will be sent out as much as possible.

https://www.jpsco.com/our-partners/

The link above will take you to the JPS website and show you some of their partners. These include places that they buy power from.

Recently in Mandeville specifically, there has been a major increase in the power fluctuations and outages. Now – I’ve been in IT since 1995 and I’ve known about UPSes. I’ve NEVER had to buy one before moving to Mandeville. While I’ve heard about other parishes having worse power issues, I can’t imagine it.

I’ve lived in various parts of Kingston, Spanish Town, MoBay, Sav, Negril and frequented Ocho Rios – that’s a few parishes – and still NEVER needed a UPS. When I first moved to Mandeville, I had to buy one in the first year or two. The power was terrible.

Apparently JPS is having some rather dirty switching between their various partners/suppliers and this causes HORRIBLE fluctuations or outages. Yesterday morning – 2024-01-10 – I counted 14 outages within 2 minutes of each other. Another day I recall hearing a fan in the house cycling up and down. While the regular transients are there, these very bad fluctuations seem to take place between 2AM and 6AM usually.

These fluctuations seem to have started in 2023 – around the middle to last quarter of the year – but I have no definite timeline. I can say for sure that it’s ongoing now into 2024, but some areas may be affected more than others.

An example of damage that can be done is with a genuine HP adapter that was left plugged in by a client. Photo is below. My advice is to use a UPS, surge strip (bare minimum) or fridge guard if possible. Get power surge protection for your home (in the breaker panel) or do whatever you can to mitigate the damages. I highly doubt there’s any recourse where JPS is concerned.

My client had left the laptop plugged in, went out of town and come back the next day. Could have come back to a burned down house. Thanks JPS!

Microsoft Migrates Windows Mail to Outlook

Somewhere between September and October, Microsoft migrated from Windows Mail to Outlook for free. More features and such. I’ve not checked it out fully, but it may be a “lighter” version of Outlook, or it could just be a different version from what you’d get if you purchased Office. If you have more details you can post a reply.

This information is to make you aware of certain issues that could arise with this move by Microsoft.

Due to security reasons, many email providers use what they call “app passwords” to allow older programs – or programs that aren’t directly theirs – to access their email service. Yahoo! – AOL – Google – among others – support these features. The screenshot you’re seeing is from AOL. I had originally assisted this client with setting up their app password when it became an issue, and they have been using Windows Mail since then. Once the free upgrade/update/change to Outlook took place, they lost access to their AOL email. All others migrated properly.

The app password for AOL seems to have been tied to Windows Mail – it’s not transferrable to Outlook. Attempts to generate a new app password from within the AOL site failed – they’re having problems – and calls to support show that they’re aware. The only workaround currently is to use the browser to check mails. You’ll have to keep trying until the service is available again.

This is not unique to AOL, but it just happened that way in this instance. So be aware if you’re a tech or end user – it’s not that you’re doing anything wrong. It may just be the email provider.

2023-09 – Cleanup

Good morning everyone. Once again I’m going through a cleanup phase.

If I have a device for you (laptop/desktop) with a ticket, you’ll be notified and it will be delivered back to you. In this instance, it’s likely that the device needs parts. Once parts have been purchased, I will collect the item again to do work.

If the device has a ticket and need to be sent for board level repairs, we will discuss.

If I have a device for you and there is NO TICKET in the system – this is either free work or something that was overlooked and should have been put on.

All persons will be contacted and devices will either be returned as they were or returned after repairs are completed.

Some persons may get free or reduced cost repairs due to the length of time I’ve had the items.

If for some reason I’m unable to make contact with you, the item/s will be kept for an additional month and then dumped.

To ensure that persons don’t try to claim things that don’t belong to them, information will be required to identify the device. A serial number, specific sticker or marking will be required. For devices that data can be accessed, a specific file that’s on the device or something that can identify you as the owner will be required.

I keep doing these cleanups each year (or few years) but I’m working towards making this the last one. My work focus has shifted based on the dynamics of the job, and any extracurricular projects taken on must be completed within a short space of time. Remote work will also be limited to a cutoff time of 8:30PM.

More details will follow as needed.

Remote Tools – 2023 Update

Hi all. I’ve done this before, but I think I need to put everything where it can easily be found. There’s a link on the main site here – so let’s get into why I choose the tools that I do.

RustDesk

This is free and open source. This makes it very easy to acquire and use on ANY platform. This is the choice for when I’m on the road as it works on my phone. I also rather using this tool for supporting Apple/MAC. I’ll need ID/password in order to connect.

RustDesk is somewhere between #1 and #2 with the next option below. The only reason it’s placed first in this list is the Apple/MAC support.

Remote Utilities

I have a license for this and it’s my preferred tool for use on PC/Windows. This has two primary modules that I use.

  • AGENT
  • HOST

The AGENT is the “run-only” tool. It does not install and gives me access to the system. You provide the ID/password and once the program is closed – no more access.

The HOST is what’s installed for clients that I do regular support. It allows me to connect to the system without you having to provide an ID/password.

Remote Utilities is my go-to remote support tool. The only time I don’t use it is for certain quick support scenarios and for supporting Apple/MAC.

TeamViewer 11

For this, you’ll have to download version 11 as my license does not allow me to connect to newer version. Due to TeamViewer retiring this version however, it sometimes gives issues to connect. This is my #3 in the list because I have a license – but it does give some issues with Windows 10/11 and newer versions of Apple/MAC.

TeamViewer was the most popular tool – probably still is – but the licensing has made it difficult for me to keep up, and I’m not into paying yearly to use it.

Newer TeamViewer?

I can connect with a newer version if needed, but I will then move to running a portable version of something else, or installing something else if I’m allowed. There is a time limit if you’re not using a licensed version and provide support exceeding a certain amount of time, or number of connections per week.

AnyDesk

This is the #4 on my list. I used it and had a license for a time, but I chose not to continue. They’ve changed their operation model – much like TeamViewer with the licensing – but it’s still a good tool to use. As of this writing, the current issue is the restriction of 5 devices per week if I recall. I will use it if it’s what you have, but – like TeamViewer – I will connect then use a portable remote tool or install one that I rather if I’m allowed to do so.

CONCLUSION

I will use any remote tool that you require once I’m able to. If I’m on the road, I will request RustDesk. I rather the use of the tools I’ve paid for or the free ones, but some persons may be more familiar with a particular one, or already have one installed. I’ll work with what you’ve got or are familiar with – once I have access I will set up what I need if allowed, or run a portable version and create an easy to find shortcut so you can run it again in future.

Remote Support – 2023-05

So – we’re back again. After much testing and checking – I’ve finally settled on TWO primary modes of support.

  • Remote Utilties (RU)
  • RustDesk (RD)

RU is not free, but I do have a license. While preferred, this should be primarily used by persons I provide frequent support to. The only drawback to RU is no easy phone support. The other drawback would be the inability to provide support to Mac/Apple users.

RD is actually a free remote tool, and works very well from my phone. If you need immediate support and I’m not near a PC/laptop, then RD it is. If you’re not a regular client and just need quick support, RD it is. If you have a Mac/Apple device – RD it is.

As a disclaimer – I will still use TeamViewer 11 or AnyDesk depending on the situation. I will advise you on what to use if the ones listed below do not work.

Let’s get into setting them up.

DISCLAIMER

Before anything else – I need to put this out there. Do not install any remote support software and provide details or access to anyone that you do not know or know about. There may be times when scammers and hackers try to get access to your system (desktop/laptop/iMac/MacBook) and steal your information or install malicious software. Only install or run software when you KNOW for certain that the person providing support is legitimate.

The following are examples of persons or companies that will not ask for remote access to your system.

  • Banks.
  • Loan offices.
  • Microsoft.
  • TeamViewer.
  • AnyDesk.
  • RustDesk.
  • Remote Utilities.
  • Your school.
  • Your office.

While some of those – like your school or office – may require remote access, this is done by first setting up the software they need when your device is physically taken into their office. Do not do installs unless you are 200% sure that the person requesting the software setup is legitimate.

Your bank and other places have no need to connect to your system. Microsoft does not need to connect for remote support. It doesn’t matter if they call you or not – it doesn’t matter how legitimate the email may seem. Always double-check before installing any remote software.

There are times when some persons on sites like Fiverr or other helpful persons on forums may request remote access in a private message on the specific site. Use caution in these cases – and common sense – and do not grant access to persons that you do not trust.

In the off chance that you’ve given a connection to someone and then realize you made a mistake, try to terminate the connection as quickly as possible. Depending on the method used, you may need to disconnect your internet connection to kick them off, or shut down the system. Whatever you need to do to secure the system – get it done. Call in a professional thereafter to assess the situation.

QUICK SUPPORT – RUSTDESK

The easiest way to get quick support is to download RustDesk, extract it and run. Provide me (or the tech/person helping you) with the ID and allow them on, or both the ID and password. For the technical persons, please bear in mind that quick support (portable) will require user interaction as UAC actions are not supported by RustDesk unless installed.

Head over to the RustDesk website by going to rustdesk.com. The person providing support will tell you which to get, but for this exercise we’re going with option 3 in the list – PORTABLE.

Once the file has downloaded, open it and run the file.

You should then be presented with a screen showing YOUR DESKTOP with ID and PASSWORD areas. The password may show as stars/asterisks (*) until you mouse over the little eye icon to reveal it.

If you’ve only provided the ID, you should see when the person providing support is connecting. A small window should show up in the top right corner with the ACCEPT/DISMISS options. Once you’ve confirmed it’s the person providing support, hit ACCEPT to let them on.

That’s all you need for RustDesk.

QUICK SUPPORT – REMOTE UTILITIES

If you’d rather use RU instead of RD – head to the website remoteutilities.com.

From there – mouse over the DOWNLOAD option and then click WINDOWS.

Once the page loads, scroll down until you see the AGENT option.

Click on DOWNLOAD AGENT and wait for it to complete.

Once it’s completed – run the file.

If you’re presented with a UAC prompt like the one above – hit the YES option.

A window with an ID and password should then come up. Provide that information to the person giving you support – and they will take it from there.

INSTALLING RUSTDESK

The steps to install RustDesk are very similar to the quick support section covered at the start.

After going to the RustDesk website by going to rustdesk.com – select the first option shown in the image above. That’s DOWNLOAD. Unless you have a 32bit operating system – or are directed by the person providing support – then you’d use the second option for 32bit.

A file will be downloaded. Open and run it.

The option to ACCEPT AND INSTALL is the one to choose now – unless you wanted quick support and downloaded the wrong file – then you’d select the RUN WITHOUT INSTALL option.

You will likely be presented with the UAC option – hit YES.

You should then be presented with a screen showing YOUR DESKTOP with ID and PASSWORD areas. The password may show as stars/asterisks (*) until you mouse over the little eye icon to reveal it.

Unlike the portable option – or the RUN WITHOUT INSTALL option – a full install grants the person giving support UAC access. This means you can leave them unattended to troubleshoot, diagnose, fix or install whatever you need.

RUSTDESK FOR MAC SUPPORT

Navigate to the RustDesk website through your browser. You can search for it on Google.

Note that it says – you need Mac OS 10.14 or higher for it to work.

If your Mac OS is lower than 10.14, please use AnyDesk. See the link below for more info.

The reason for moving from AnyDesk – aside from pricing – is the change in the model that has taken place. We’ll get into that another time.

If you’re continuing with RustDesk and it’s not compatible, you’ll know when you get to the install part. So let’s get there. Allow the site to download the file.

Run the downloaded file.

If it tells you that it can’t be installed – use the link mentioned before to get AnyDesk. If you’re going to use TeamViewer, it needs to be version 11. We’ll discuss that after.

If the opened file looks like above – with the “blocked” icon across the RustDesk icon, then we can try something else. If you’re able to continue it should look like below. Drag the icon into Applications and then continue.

Once you’re done, you can close and unmount/eject the RustDesk image from the desktop and then run the RustDesk application.

What’s nice about RustDesk is – it’ll prompt you to configure the necessary options right after install. So go ahead and run it.

Once it’s up, you’ll notice it needs permissions. Hit the “CONFIGURE” option and it’ll open what is needed.

You’ll probably have to hit the padlock in the bottom left to unlock the options.

Hit the padlock – enter your password – hit the checkbox beside RustDesk.

If you’re so inclined – you can preempt the need and enable the checkbox in the other area needed – which is ACCESSIBILITY.

Just scroll through the list and select it. Once you’re done, provide the person giving support the ID and password that’s in RustDesk.

Once that’s done – you’ll have remote support.

2023-04-05 Update

Good morning all – it’s 6:34AM at the time of this post. Just updating to advice that I’m sick – been sick from 2023-03-31. Caught a cold/flu from my kid and I’ve been really out of it. Self-medicating and taking natural remedies to try and push through, but it’s been one of the worst episodes so far. This has headache – likely due to sinus pressure – accompanied by weakness and a lowered appetite.

I’m on the mend now, so should be back in full swing soon, but it’s placed most of the work I have to do on pause.

Oh yeah – forgot to mention the lovely ISP – FLOW – that has been giving me problems from 2022-09 (September last year) with a major issue as of the same time I got sick. They resolved the major issue on Sunday – 2023-04-02 – so I finally have service again and can acquire tools/drivers/AV updates to proceed with diagnostics for the devices that I have.

The last part of the discussion with FLOW is below. They’ve still not sorted my rebate – as usual.

For those who I have work to complete – I’m hoping to have everything done by or before this weekend. Your devices should be returned to you by Monday – 2023-04-10 – all things being equal.

I apologize for the delays as a result of this – looking forward to your continued support.

2023-03 PUP (Malware)

So here’s another update. I came across this recently at a client. They were saying their McAfee antivirus and Microsoft Office kept asking for renewal.

Please take note that at the bottom of each page is the text – “Powered by PC App Store” – in very small print. If you’re not aware of this, you may end up giving your card information to some unscrupulous third party. They also give you no means of closing the nag screen.

For those who can – technically apt or can follow instructions – reboot the system in SAFE MODE and delete the folder with all related files.

It will be found under your user profile folder – most likely C:\Users\MyUserProfile\PCAppStore.

Replace the “MyUserProfile” with your username – or just browse to C:\Users\ and find your profile. Delete the PCAppStore folder once there in SAFE MODE – then reboot normally.

An issue I’ve seen with Windows 11 is the failure to reboot normally. If you come across this – follow these instructions.

SAFE MODE is typically characterized by the words “SAFE MODE” being seen in the four corners of the screen.

Click on the start menu and type the word “MSCONFIG” without quotes.

Click OPEN or click on SYSTEM CONFIGURATION. You should then have the available options seen below. Just ensure it’s set to NORMAL STARTUP and you should be fine. Reboot after the settings look similar to below.

Once you reboot – the system should be back to normal. Check to verify that the malware is no longer loading.

PUP = Potentially Unwanted Program.

Malware = Any software with malicious intent.

There are various tools that can catch and clean malware, but there are times when new variations arrive that aren’t detected. Not immediately at least. Where this one is concerned – I’ve submitted the infected files to Microsoft and other AV vendors. The scans from Microsoft did not find anything. That makes this kind of malware even more dangerous. Most persons as well may not see the fine-print. As an end user, you’ll need to be aware of what you’re subscribed to or have paid for. When in doubt – have a tech check it out.

Computer Usage & Care 101 – In Jamaica

This is a direct branch off from my last post. I realized something with most small to medium businesses in Jamaica – there’s very little thought given to IT. Whether internal or external IT suggestions – most of it is glossed over until something happens. We’re more reactive than proactive.

To reduce the risks associated with owning tech in Jamaica – here’s some info to get things going.

POWER – UPS – SURGE STRIP

Regardless of you being a home user or a business – you NEED power protection. JPS is not the most reliable power company, and they cannot guarantee clean power to you just by virtue of how things are.

A great example that was given to me by a friend was this – imagine that you’ve built a new home on a newly commissioned area that JPS has put in a brand new transformer. You’re getting the best and cleanest power off the grid in your area. But…5-10 miles down the road – nowhere near you – someone is running a business that does welding. The electrical noise generated on the line will affect your supply – believe it or not. Now imagine being a business and there are dozens of other buildings nearby with varying power requirements. How can JPS guarantee that YOU will get clean power?

While an ONLINE UPS would be best – the cost is very heavy per unit. The cheapest single unit costs around JMD$80,000 – meaning that’s what it would be for ONE PC. Quite expensive if you should outfit all your devices with an ONLINE UPS. So the next best thing is the LINE INTERACTIVE UPS – or SWITCHING UPS. These are the more common ones that make a “click” when they switch from JPS to battery and back. They provide good enough protection for your equipment – but as with most things, there are some brands that work better than others.

FORZA has become very popular in Jamaica – but it’s not a brand that I’d recommend for their UPSes at current. Their surge strips and other devices seem fine, but brands I’d recommend include:

  • APC
  • Liebert
  • PowerWare

If you can’t afford a UPS – at the very least – get a surge strip. And not one of the cheap ones from the supermarket – a good surge strip from APC – or even a Forza one. The surge strip will at least protect the system in the event of a high voltage surge.

If you’re in a place that has lots of outages – maybe a fridge guard would do better. At least those stay off until power has returned to a constant supply for 5 minutes – I think the timer varies with different models.

BACKUP

This is something that – surprisingly – isn’t taken as seriously as it should be. If you’ve followed the news, you’ll realize that lots of business locally have fallen victim to ransomware and other cyber attacks. Without even considering the darker side of computing, there’s the fact that devices may fail due to age or factory faults. With no proper backups available, a failed drive could grind business to a halt.

Speak with your IT personnel to discuss local and cloud backup solutions. You can do one or both depending on your needs and budget.

MAINTENANCE

This is another sore point for most places. If the systems are working – “just keep swimming” as the statement goes (Finding Nemo reference). Excessive dirt buildup over time can lead to part failure. Static buildup due to the dirt, or having the dirt become “caked” into the circuitry may then cause breaks and failures – or cause failures after cleaning is done. That last one is funny – imagine dirt literally becoming a part of the circuitry and holding the pathways together – then you get it cleaned – then it fails because the circuit is now broken. Things like this actually happen – and it’s not the fault of the technician – unless THEY didn’t schedule your servicing.

Each environment is different, and some systems require more maintenance than others as a result. Typically, home and office systems should be good with 1-4 times per year. This depends on the environment primarily, as a system elevated (on a desk) will have less dirt than one on the ground – typically. And a system in an AC environment will have less than one that’s not in an AC room – typically.

Laptops will usually require less maintenance – again – based on the environment. One that is used by a person that has it on a bed, couch and any kind of fabric surface will find that it’s more dirty than one that’s always kept on a desk, table or flat surface. Even if it’s used in a bed or couch, a laptop that’s kept on a book or cooling pad will have less dirt than one placed directly on the fabric surface.

With laptops – again – there are variables. Some have intake from the back, the bottom (typically) or the top – right through the keyboard keys.

SECURITY

This is another topic that I can’t get into much right now. It will depend on the business/home and how the staff/users utilize the resources. There are always best practices that should be followed, and each person should take the time to review their surroundings – work or home – and do their best to not place the equipment at risk.

Let’s give some examples.

  • Don’t click on links in emails that seem suspicious.
  • Don’t go to illegal websites.
  • Don’t click on pop-ups.
  • Even if you know the sender – should the email seem suspicious, call and validate the information with the sender. Their account could be compromised.

IN CLOSING

Check with your IT person/s to verify what needs to be done. Have security reviewed by your IT person/s and take steps to secure your systems. Use password managers. Don’t randomly click yes/allow unless you’re SURE about what’s being run. Do what’s needed to stay safe.

LINKS

The link below was found as one of the first Google results from a search I did.

https://intellipaat.com/blog/cyber-security-tips-best-practices/

Here’s a link from Norton – a well known antivirus vendor.

https://us.norton.com/blog/how-to/cyber-security-best-practices-for-employees#

You can check for other similar links from the results below.

Google – Free IT Security Best Practices