| Spend More Time Growing Your Business by Letting Us Handle Your Network Needs Giga Systems is excited to introduce our new IT Management Service, designed to give your business peace of mind when it comes to managing and securing your network. In today’s fast-paced digital world, staying on top of network performance and cybersecurity can drain valuable time and resources. Which is why our IT Management Service includes access to programs designed to monitor your computer for antivirus/malware, manage important system updates, plus monitoring your computers for suspicious activity, so you can focus on what matters most: running your business. Key Benefits:
Managing IT systems on your own can be complex, time-consuming, and risky. Our service is tailored for small to mid-sized businesses looking for reliable, affordable protection and simplified network management—without the need for in-house IT staff. Let us handle the tech—so you can focus on your goals. Want to learn more or schedule a free consultation? |
It’s late in October, with less than a week until November. Where did the year go? While I try to figure that out, did you know that since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month? This month is dedicated to encouraging the public and private sectors to work together to raise awareness about the importance of cybersecurity.
What is Cybersecurity?
You’ve probably heard the term “cybersecurity,” but you might not know what it means. Cybersecurity is about protecting important information and maintaining productivity. It involves a variety of technologies and practices designed to defend against cyberattacks, which can aim to access, change, destroy, or hold sensitive information hostage while demanding ransom.
What Steps Should I Take to Secure My Data?
While cybersecurity is constantly evolving, there are some simple steps you, as the user, can take to help safeguard your data—none of which will cost you a dime. These methods include, but are not limited to:
- Using strong passwords.
- Enabling multifactor authentication (MFA/2FA) when possible.
- Using common sense:
- If a link looks suspicious in an email you’re reading, click the delete button.
- If a link on a website looks strange, click the exit button.
- Don’t engage with emails claiming you’ve won a free iPhone or that a long-lost prince needs your financial help to reclaim his title.
- If people you’ve never heard of call about your extended car warranty or claim there’s a problem with your computer, DO NOT give them any personal information.
Additionally, it’s essential to ensure your device’s software is up to date, back up all your data, and use antivirus/malware detection tools—something Giga Systems can help you with.
What Giga Systems Can Offer
Giga Systems provides a variety of services, from installing and configuring technology for office buildings to helping recover from major failures. One of our main goals is to prioritize security in everything we do while assisting our customers in creating real-world solutions for their networking, communication, and security needs.
In honor of Cybersecurity Awareness Month, we want to offer our network monitoring services to everyone. Giga Systems’ monitoring services will include antivirus/malware detection, help to ensure that all your devices stay up to date with all the necessary updates plus monitoring of your computers for suspicious activity.
Prices will depend on the number of devices you have and whether you would like to add remote or on-site support (availability for on-site support will depend on your location).
Example Pricing:
- For one single computer with just monitoring, the price starts as low as $20 a month. If you add remote support, the price becomes $40 a month, and you might be able to add on-site support for $60 a month, depending on your location.
- For ten computers with a server and on-site support available, the price for the month would be $720.
If you’re interested, please contact us by emailing in**@*********ms.com or call 405-877-9090 for a custom quote.
Before I begin, this newsletter is focused on Windows, so unfortunately if you’re not a Windows user this newsletter won’t apply to you… Unless you find yourself on the market for a new Windows computer with the latest Windows installed or needing to install/reinstall the latest version of Windows.
You are now probably wondering, “what’s up”. Well a couple of months ago Microsoft announced that the latest version of Windows 11, will now have Bit Locker (Microsoft Encryption Software) enable by default. The challenge down the road comes when data recovery measures are needed, because of situations of system malfunctions, forgotten passwords, or hardware failures, is that most people would not know where to look for the required recovery encryption key.
What is Bit Locker?
You must be thinking now, what is Bit Locker? As mentioned, Bit Locker is the built-in Windows feature that is design to encrypt your entire hard drive using an encryption key (stored in a special hard-to-hack chip called a TPM) so that if your computer is stolen or hacked, the malicious individuals can’t just pull your data off the drive without logging in as you. The encryption isn’t a one-time thing, and Bit Locker continues encrypting your data as you add more data to your computer as you use it and all this works in the background, so you have the peace of mind that this is a layer of protection protecting your data from unauthorized users.
However, as mentioned, the challenge comes later down the road, when faced with the need to recover data from your device for numerous reasons not limited to system malfunctions, forgotten passwords, or hardware failures. Which leads us to the main reason for this newsletter to inform our followers that with Microsoft enabling BitLocker by default most people wouldn’t know where to look for the required recovery encryption key so you’re able to get access to your data again during data recovery.
Recovering Your Encryption Key
When it comes to where to find your encryption key the likely place to check for the recovery key is going to be on your Microsoft account. Many people when registering their version of Windows will use a Microsoft account which will then allow Microsoft to back up the Bit Locker recover key automatically, which can be found by going to https://account.microsoft.com/devices/recoverykey. Just make sure that the Microsoft Account you use is the same one you used to register Windows.
If your recovery key isn’t found by using the above method, chances are the device was registered under a work or school email account, and you will most likely need to contact that organizations IT support staff to see if they will check and retrieve your encryption recovery key for you.
Does This Sound Like Too Much?
If this sounds like a lot, and you’re in the process of setting up a new computer(s) and feeling overwhelmed Giga Systems is here to help. We can help guide you through the computer buying process, recommending computer(s), network equipment, and more all to meet your technology needs and your budget. We can also help you set up your computer(s) and network, making sure that any important data like the Bit Locker Recovery Encryption Key is securely backed up.
Once you’re up and running we have services available to help maintain your computer(s) and network by making sure important updates get installed to your system, and by making sure your data is backed up regularly. Giga Systems is also able to offer cyber security software like antivirus and password managers for all those who might be interested.
Contact Giga Systems Today! Email us at in**@*********ms.com or call us 405-877-9090 to setup a consultation today.
Today I googled, “how many passwords does the average user have?” and the top answer that appeared stated that a research study conducted by NordPass reports that an average person has approximately 100 passwords.
This sounds like a lot to remember, not gonna lie, but to go a step further depending on devices you’re using and how your various accounts are setup for login, you are also probably using a combination of pins, patterns, biometric authentication (fingerprints, facial recognition, etc.), the more common two factor authentication, and then of course the good old trusty password and if you’re lucky your using some form of password management to keep track of all those passwords.
If you’re overwhelmed, that’s okay, we know there is a lot to remember when logging in to all your various accounts. However, there is a new login technique that became available this year called the passkey which is promising to solve phishing and prevent password reuse.
Now you’re probably asking what is a passkey, well according to Hoffman-Andrews article on What the !#@% is a Passkey? from the Electronic Frontier Foundation website eff.org.
The passkey is approximately 100-1400 bytes of random data, generated on your device (like your phone, laptop, or security key) for the purpose of logging in on a specific website. Once the passkey is generated, your browser registers it with the website and it gets stored somewhere safe (for instance, your password manager). From then on, you can use that passkey to log in to that website without entering a password. When you go to a website’s login page, you’ll have the option to “Sign in with a passkey.” If you choose that option, you’ll get a confirmation prompt from your password manager and will be logged in after confirmation. For all this to work, there needs to be passkey support on the website, your browser, your password manager, and usually also your operating system.
Pros
- The fact that each account has its own passkey helps prevent phishing and won’t let you log into a fake scam site.
- Using a passkey, you can usually skip the traditional two-factor authentication as it counts using your devices unlock pin, facial recognition, or fingerprint as the other factor of authentication.
- If you’re always forgetting your password and having to reset it often, you’re going to be forced to use a password manager, so the issue of forgetting your password has been solved.
- Never have to come up with a new password as passkeys are generated and then stored.
Cons
- Not all websites support passkeys yet.
- Syncing between Apple, Windows, and Android is tricky.
- Still must set up multiple passkeys for each account.
- If somehow you lose your device, and the password manager is unlocked/opened your accounts are vulnerable.
- Passkeys are device specific so you would need to have passkeys stored on all devices your access accounts with.
- The solution for this is to backup passkeys on your password manager using the cloud and then copy the file to the different devices, use a USB device, or passkeys can be stored in high-security chips that are built into newer devices.
To conclude, passkeys still have room for improvement, when it comes to website support and the ability to sync between platforms. However, for most purposes, using passkeys will represent a significant improvement in security helping to protect you for phishing.
In today’s world of Internet connections, network security involves more than just having secure passwords. See my article at https://gigasystems.com/createasecurepassword/ for help choosing a secure password.
Secure passwords are very important but they cannot protect you from every thing. A good password will not stop someone who can just bypass passwords all together. So let’s go over a few ideas to help stop the bad guys.
First and probably the easiest thing to do is keep everything up to date. Updates are written to fix known security holes and other problems. And it doesn’t matter what system you are using, Windows, Mac, Linux, or on-line programs like blogs and photo galleries. Also, let’s not forget your phone system. Even if it’s not connected to the Internet, it is accessible to the outside world through the phone lines.
Let’s start with the forgotten phone system. Modern phone systems have services that connect to the computer network and in many cases, the Internet. For these systems, there are usually updates available. It’s very important to keep up with these updates. The last thing you want is someone adding extensions to give out stolen credit card numbers or changing the password and locking you out of your own system. Older systems that do not connect to the Internet are still vulnerable. Most systems allow access to system features from any touch tone phone. Services like checking voice mail, making outbound calls, or making system changes. When I hear the prerecorded prompts, I can usually tell what brand of system it is (or I can just walk into your building and look at a phone to see what brand it is) and from there getting default passwords is pretty simple (you’ll want to make sure you change those). If I can tell what you have so can the bad guys.
On to the computers. So, you have all of your updates installed and you’re using strong passwords. You’re done right? Wrong. Most systems have a set of services installed by default. These are services that get used quite often. But if they are not used, they should be turned off. Next ,you should have a good firewall to filter who is allowed to connect to your network. That network service that didn’t get turned off could be giving out information usable to the bad guys, or provide a way into your network. Especially if it is not firewalled properly.
What about printers, routers, and other network devices? Some of these could have some big security holes that need to be addressed. If you have any concerns you should have Giga Systems come test your system to see how secure it is. These are just the basics, but doing a little due diligence now could save you from a lot of trouble down the road.
Choosing a secure and rememberable password.
Today we’re going to talk about creating a secure password that is also rememberable. Passwords are your first line of defense against the bad guys.
Before we get started with creating a secure password let’s talk about some things you shouldn’t do when creating a secure password.
- Do not use “password” or “123456”. Believe it or not these and variations of them (pass1234, password1, etc…) are still some of the most popular passwords around. They are also some of the most insecure passwords in use. Why? Because the bad guys know they are so popular.Do not use “god”, Jesus”, “LetMeIn” or cuss words. See number
- Do not use words found in the dictionary. All password cracking programs have words from the dictionary in them, including slang and cuss words.
- Avoid using keyboard patterns like qwerty. If your not familiar with qwerty it’s the first six letters from the left on the top row of the keyboard. Password crackers have become wise to this tactic.
- Unless you have the memory of an elephant or a good password manager (See number 4 below.) you should probably avoid randomly generated passwords. While they are very secure, most people cannot remember them and will end up writing them down or putting them in a text document which is very insecure.
- Do not use the same password everywhere. (Help with this is coming. See number 4 below.)
Now for something more helpful.
- Replace letters with numbers or symbols or even other letters. Pat could become P@+ or dogs could become d0gz.
- Always use numbers and/or symbols as well as letters in your password.
- String multiple words or number sets together to create stronger passphrases. They should not be related but should be remember-able. For example, if your favorite sport is baseball and you love pizza. And for some reason 315 always sticks in your head. Try P1sz@B@$e8all315.
- Use a password manager. You just have to remember one password to get into the program. All of your other passwords are safely encrypted inside a database. There are some very good ones available for free. KeePass is my favorite. It runs in Windows and Linux, plus it runs on most smartphones. So you have access to your passwords anywhere.