Facebook Security Settings

Facebook Security Settings

The Facebook Settings You Should Check

This year (2013) Facebook have made several changes to it’s privacy policy and your settings, if you haven’t looked at your profile settings lately then now would be a good time to do it.

If you’re like the most of us here, you like to share your social life with a select group of friends and not the rest of the world, there are a few settings you should make sure are in place going forward.

See your profile as others see it

First thing you should do is see how the rest of the world (except your friends) see your profile. Click the gear icon in the upper right-hand corner of your Facebook page and select Privacy Settings, now click Timeline and Tagging in the left pane, now click View As to the right of Review what other people see on your timeline.

If you’ve limited access to your timeline to friends only, the public will see only your profile and cover photos, a link for contacting you (which you can limit to friends of friends), the people you’re following, and the groups you belong to. A tip here, you can view your timeline as a specific Facebook user, click View as Specific Person at the top of the window and enter the person’s name.

Privacy Settings

You’ll find these as a drop-down option when you click the gear icon in the upper right-hand corner of your Facebook page on the Web. Here, you can tailor the audience for your posts. You can go back and make all your posts private in this section, access the Activity Log (see the next section), and determine how widely you want to distribute future posts by default.

You can also set who can contact you and how. This is where FB removed the feature “look up my timeline by name”, but you can still control who finds you by searching an email or phone number. We recommend you set these to “Friends” Only, and turn the Do you want other search engines to link to your timeline – Off.

Activity Log

In your activity log, you can view and edit your posts, messages, posts you’ve been tagged in, photos, likes, and comments. You can edit or delete any activity dating back to when you first joined Facebook. You can access your Activity Log via Privacy Settings – Use Activity Log.

Timeline and Tag Settings

After you’ve clicked into your privacy settings, look at the left-hand column for finer grained control of your Timeline and tags. If you want to know who’s tagging you in posts before your name publicly appears on someone’s timeline — and deny them if you choose — make sure the “review posts” setting is turned on. We also recommend you turn on “Review tags people add to your own posts before the tags appear on Facebook” and that you set “Who sees tag suggestions when photos that look like you are uploaded?” to No One.

We hope this helps and if you have any questions about Facebook security, or even just some free friendly advice, get in touch with us, 6-370 8093.

To discuss how Tech Solutions can help call us on 0800 878 878

Using Secure Passwords

Using Secure Passwords

Many individuals look upon the requirement to use and change passwords regularly as an evil inflicted by the Information Technology (IT) industry. What users should be aware of is that a password is no different than the combination to a safe and should be protected in the same way. Although you may believe your company and personal data would be of little or no interest to hackers, this often has no bearing on which sites are targeted. A large percentage of hackers are opportunists out to create petty vandalism and cause damage. Other hackers may be more interested in using your site to relay emails (spam) or viruses to others, thereby protecting themselves and implicating you. These are good reasons for making passwords difficult to crack or guess. This will make your site much less interesting to casual hackers and much harder for targeted hackers to infiltrate and abuse your computer systems.

Best Practice

There are many ways to crack or break passwords. For this reason it is essential all passwords be chosen with care and changed regularly. There are a number of industry ‘Best Practices’ which can help ensure the safety of the organisations data.

  • All passwords should be at least 6 characters
  • All passwords should contain at least one number
  • Passwords should be changed regularly (at least every three months).
  • Passwords should not be in the dictionary, names, dates or phone numbers
  • Each password change should introduce a new password, which should be substantially different from all previous passwords (e.g. the password should not remain the same and just have a new number tagged on the end)

If possible these rules should be enforced by software to ensure compliance and the security of the organisation.

Do

  • Use a password with mixed-case characters (e.g. aLEx54)
  • Use a password with non-alphabetic characters, e.g., digits or punctuation.
  • Use a password that is easy to remember, so you don’t have to write it down
  • Use a password that you can type quickly, without having to look at the keyboard. This will make it a lot harder for someone to steal your password by watching over your shoulder

Don’t

  • Use your login name in any form
  • Use your first or last name in any form
  • Use your spouse’s or child’s name
  • Use other information easily obtained about you. This includes license plate numbers, telephone numbers, the brand of your car, the name of the street you live on, etc.
  • Use a password of all digits, or all the same letter. This significantly decreases the search time for an intruder
  • Use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.
  • Use a password shorter than six characters

Some Selection Ideas

Often when people choose a random password it is then easily forgotten, although passwords can usually be easily reset, this can cause an overhead on the system administrator and waste valuable time. One popular way of choosing passwords that can be remembered is for the user to select a two syllable word, divide the word in half, reverse the order, and insert a number. For instance, the word SUMMER and the number 2 become MER2SUM. This becomes an easily remembered password (all the user must remember is SUMMER 2 and the rule), while still being difficult to crack or guess.

Switching letters for numbers is also a good method. Start with a normal word, say ‘computing’ and replace the i’s with 1’s and the o’s with zeros, so the password would become ‘c0mput1ng’. Use word abbreviations to create small simple phrases that are easy to remember. For example, “you too can be safe” would turn into “u2canbsafe”.

Taking a short phrase and using the first letter of each word can also be a good method. For example, ‘I like the beach in the summer’ would become ‘iltbits’.

Summary

The basic key with passwords is after avoiding all the common mistakes like using your name etc. It must be something you can remember. If you can’t remember it then you will write it down which is a big no-no. Second to remembering it is: the password should be easy to type.

So if you’re in need of some help with passwords, or even just some free friendly advice, get in touch with us on 0800 878 878

5 Ways to Spot a Scam Email

5 Ways to Spot a Scam Email

Sign 1: Does that link really go where it says it does?

More often than not an email fraud message will ask you to click a link to verify your account or some other call to action. A quick way to spot a scam is to hover your mouse over the link and see if it really points to the site in question.

In the below example I have an email purportedly from Kiwibank who want me to verify my account details. As you can see when I hover over the link it does not link to Kiwibank at all but to another much less inviting URL. If you see this click delete on the email and carry on your day knowing you’ve saved your credentials from another devious attack:

However the correct web address will always show the banks name first, for example:

Sign 2: If you didn’t expect it is probably Fraud

A common way to get people to enter their information into a web site is to claim you have a package waiting, or some money to claim or any number of other options. Sure it might be a nice thought to think this is the case, but to this day I have never known UPS to want someone details via an email link for a package they were not expecting. If in doubt, delete it. If someone really does need those details they will make a concerted effort via phone to talk to you.

Sign 3: Is it too good to be true?

“Hi, I am Suzie Gorgeous-Pants, and I need a companion in your area to give me a better life….”, Sound familiar? It is easy to get sucked into such things.. But in the end it’s all a scam, we hear of people sinking hundreds or thousands of dollars into getting a companion who didn’t exist in the first place… DELETE

Sign 4: Can that official email editor speak English correctly?

“Kiwibank needs you verify your account in the immediacy”, It might not always be this obvious, but if you read the email thoroughly and find bad spelling, grammar or it just doesn’t make sense then it’s time for the quick DELETE. If that email really was from a bank, IRD, UPS or any other official channel it will have been vetted thoroughly for errors before being sent

Sign 5: The easiest one to spot

This is not always the case, but often while the name of the person sending to you might be Kiwibank for example, their actual email address may be Iamabigscammer @ nigeriantheft.com or something equally ridiculous. If you see this sort of thing in the from area of the email then DELETE, quick simple and effective

If in doubt call us on 0800 878 878. We’d prefer to spend 2 minutes advising you beforehand than 2 hours helping you fix it once it’s too late

Phishing, Social Engineering and Online Scams

Phishing, Social Engineering and Online Scams

Rule 1: Think before you Click

Phishing or social engineering attacks are increasingly being used by cyber criminals to trick internet users into revealing sensitive information – website login details, bank account or credit card details or personal data that forms part of your identity.

Phishing emails (note the ‘ph’) are designed to look official and may use an ‘urgent security alert’ or other reason for you to immediately visit a website to confirm your personal details.

Misspelt website addresses or URLs can be bought and set up to look similar to your bank website with copied logos and login forms the added touch that aims to convince you to enter your account login information.

Rule 2: Beware the friend in need

A friend’s hacked email address can now be used to send highly convincing – but fake – appeals for emergency help or direct you off to ‘interesting’ video or photo content, perhaps involving a celebrity sex scandal.

Click the link in the email though and you may end up on a website designed to infect your computer if you haven’t fully patched the operating system and all software on it, particularly Java and Adobe Flash.

Even social networks have been affected by spam or malware links added via rogue apps or compromised accounts.

How to avoid getting Phished

  • Learn about the various phishing species that try to hook you and reel you in
  • Be careful when you receive emails requesting urgent account verification
  • Don’t download and open unexpected attachments
  • Curiousity killed the cat – avoid clicking on video or photo links posted on your newsfeed
  • Don’t respond, download files or click on links to websites you’re suspicious of
  • Investigate any online offers carefully that appear to be too good to be true

To discuss how Tech Solutions can help your business call Nick on 0800 878 878 or email nick@techs.co.nz

Making Best Use of Security Cameras

Making Best Use of Security Cameras

Security cameras are no longer the big old clunky things that you see pointing at you when you are getting some cash from the bank, who goes to the bank these days anyway? They are small, hi-def, clever and also affordable units.

Network (or IP) based cameras can be easily integrated into your existing home or office network, which removes a huge cost of having to install coax cable into a building where the cameras are needed.

Once you have a network camera getting access to it from anywhere via an internet connection is also easy, a smart phone can easily be connected and display what is happening. You can also link the camera into your website

Cameras are not just for companies wanting to protect their hordes of gold, you can keep an eye on your back yard if you are away for the weekend, or make sure the kids don’t try and feed the cat to the neighbour’s dog while you are inside the house

Cameras can be configured to alert you when certain conditions occur, eg. an certain amount of movement in the field of view. The can even email you snapshot of the image. And of course, they can record all the movement – this can be to a regular PC or even a service like Dropbox. Some cameras can even have pan and tilt controls so from afar you can change where the camera is looking. Pretty nifty.

KING STREET LIVE PROJECT

Recently we completed a project for King Street Live to provide cameras at their new music venue. These serve a number of purposes – primarily those working at the bar are able to keep an eye as to what is happening at the entrance and the garden bar with only having to turn their head. Security at the door are able to keep an eye as to what is happening inside and out the back via the smartphones

In addition these cameras record all motion so in the unlikely event of an issue camera footage is available to verify the events that happened.

And lastly, these are providing additional security measures when the venue is empty

Some things to consider…

  1. Power – most cameras will support power-over-ethernet, which is great as it means all you need is one piece of cable to do everything, the cheaper cameras don’t support this so it means you will need power where you plan to locate the camera
  2. Image quality – do you need high-def ? do you need night vision? Many low end cameras wont handle high-contrast very well, so for example a sunny day but with areas in shade. Remember there’s no point having a camera if the image quality doesn’t deliver what you need.
  3. Bandwidth – the more cameras you have the more bandwidth you will use. This isn’t normally a problem unless you have lots of cameras, but something to be aware of if you are wanting to keep an eye on lots of cameras from a remote location.

Some Do’s and Don’ts

  • Do talk to experts like Tech Solutions to ensure you get the right advice before you start
  • Don’t make all your decisions based on cost – a poor quality image isn’t going to be any good
  • Do consider where & who will require to access the camera footage
  • Don’t get too complicated – have a clear objective in mind at the start
  • Do make sure the system is scalable – if or when you want to make changes you shouldn’t have to start again

So if you’re in need of security systems, or even just some friendly advice, get in touch with us.

To discuss how Tech Solutions can help your business call us on 0800 878 878

Data Sharing at Home

Data Sharing at Home

Today computer networks are no longer limited to business and corporate environments. In fact if you have two or more computers in your home and they are both able to connect to the internet, you have a computer network running.

One major advantage in having a computer network is the ability to share and access data between computers. How you configure your home network for data sharing depends largely on what type of devices you have participating on the network and their ability to communicate.

If all your computers are Windows 7 then the easiest way to set up file sharing is to create a homegroup. A homegroup links computers on your network so that you can share pictures, music, videos, documents, and printers. You can help protect a homegroup with a password, and you’ll always be able to choose what you share with the group.

For more information: google “Windows homegroup”

If you have a mixture of Windows machines operating on your network you can configure a Windows Workgroup to enable file sharing but this is more complex and will require configuring firewall ports and additional services.

If you require data sharing between dissimilar devices such as Apple, Windows and Linux then using external storage such as a Network Attached Storage (NAS) device or cloud based storage such as Dropbox, Google Drive or One Drive could be the answer. NAS devices give you a common location to save and access data from any computer in the network and generally remain powered on while other computers have been shut down for the night. Configuring a cloud storage option on each computer in the network with the SAME storage account can provide for a common share location. This location is also accessible outside of your local network providing you have the account logon details. Most cloud storage providers offer a ‘personal’ option for free which comes with a set amount of storage. As an example, Dropbox offers 4Gb with the free account option. With cloud based storage, internet traffic charges will apply for both uploading and downloading. Check your internet plan first for monthly allowances.

References:

Dropbox: https://www.dropbox.com/login

Google Drive: https://www.google.co.nz/drive/

One Drive: https://onedrive.live.com

So if you’re in need of some help with file sharing, or even just some free friendly advice, get in touch with us, 6-370 8093.

CONTACT US

Address: 22 Victoria Street, Masterton 5810
Phone: 0800 878 878
Email: office@techs.co.nz

BUSINESS HOURS

Monday - Friday: 8am to 5pm
Weekend and After Hours services available

FIND US