Blog

Threat Alert: WireLurker

Categories: Tech Tips

Last week, Palo Alto Networks reported the discovery of new malware that targets iOS and OS X, the operating systems used by Apple’s iPhone, iPad and Mac devices. Historically, malware and viruses have been directed at Microsoft Windows and its 90% install base. The growing use of Apple devices will start to put them at greater risk. WireLurker is likely the first of what will be a growing array of malware targeting iOS and OS X. We may look back on it as the canary in the coal mine for end users and IT administrators alike.

Read more →

Does Your Request For Proposal (RFP) Ask The Right Questions?

Categories: Strategy

Requests for Proposals (RFPs) are a controversial topic in the nonprofit sector. While governmental and corporate organizations use them regularly as a tool to evaluate products and services, their use in our sector is haphazard. I spoke recently about the RFP process and how it could work for us at the 2014 Nonprofit Technology Conference. My slides from that talk and a blog post outlining my key arguments in favor of RFPs are available online. But a recent conversation on NTEN’s DC community list really summed up the topic.

Read more →

BYOD Policy Template

Categories: Strategy

The growing ubiquity of computing devices, whether it is a home computer or a personal smartphone, means that more and more staff are using their personal devices to do work. This now common phenomenon often goes by the shorthand BYOD (Bring Your Own Device).

Read more →

SandWorm Vulnerability

Categories: Community IT News

Another security vulnerability is in the news today. This time it’s dramatically called “SandWorm,” an allusion to a creature in the film DUNE. It’s an attack based on a Windows vulnerability that has been used by Russian based hackers to attack NATO, EU, Telecommunications and Energy related computer networks for digital espionage. The security firm iSightPartners identified this threat and worked with Microsoft on the security vulnerability.

Read more →

Better Security through 2FA

Categories: Community IT News

Security breach…yet again. This one is notable for involving personal (in many cases intimate) photos of celebrities being hacked and stolen from iCloud. Apple has released a statement indicating that the hacked accounts were subject to a brute force attack in which a hacker knew the email address and relentlessly tested passwords and secret answers until the correct ones were identified. Regardless of the details, the immediate lesson is that our data and information systems are always at risk of breach. Many of the photos in the celebrity hacking incident date back over 3 years, suggesting that the hacker(s) had access for at least that long.

Read more →

Make the Most of What You’ve Got – Information Systems

Categories: Blog

Many Community IT clients under-leverage information systems already owned by the organization. There are a variety of reasons for this, but foremost among them is that information systems are frequently chosen to meet a particular set of prioritized business requirements, which become the focus of the initial implementation. As time passes, one or more of several conditions can emerge.

Read more →

Why bother with a Network and Security Assessment?

Categories: Blog

We haven’t had any problems. We don’t have anything worth stealing. Our staff knows enough to keep us safe. There are a lot of things we tell ourselves to help us feel safe and secure. But network stability and security is one case where you can’t rely on the old phrase of “what you don’t know can’t hurt you.” The truth is, the more you know, the better. Information and outside expert opinions go a long way to improving things.

Read more →