msp

Is Your Tech Partner a Team Player?

April 6, 2020 by Quality Computer's Staff

Business is about relationships. One important relationship today is with a technology partner. This partner will consult on hardware, software, security, and other IT concerns. You can focus on other business priorities, but is your tech partner actually a good team player?

There are a lot of businesses that call themselves technology partners. The term can be broadly defined.

Technology vendors who sell specific hardware or software solutions will promise a partnership, but they will focus on a relationship that benefits their business goals.

For instance, they will generally try to steer you toward buying the products that they themselves make. Vendors will also bill your business for support when you need it. Yet that creates a conflict of interest: they profit from your inconvenience. That’s not the type of partner you want on your team.

A True Partnership with your MSP

Managed Service Providers (MSPs) are another type of technology partner. They look to add value to the team.

In MSP partnerships, your business pays a monthly fee to keep everything working. Your MSP manages your IT and protects your end-user systems. You are paying them to prevent problems before they happen. Unlike reactive vendors, MSPs work to enhance business security and compliance.

Partnering with an MSP adds experts to your team who learn your business needs and look to improve efficiency and flexibility. Besides the convenience of predictable pricing, an MSP will also suggest ways to help reduce IT costs. MSPs have relationships with many different vendors, so they can get the best price when offering you access to new technology.

In introducing new hardware or software, or making upgrades to streamline processes, an MSP is usually brand agnostic. Sure, they may have favorites due to good experiences with a particular brand, but they will still put your business needs first and always find the best solution for you. They’ll want to explore how the work gets done, get to know the IT environment, and seek employee input.

The MSP experts will sit down with you to find out the business challenges that need to be addressed. Then, they do the research and propose the best solutions for your users and environment. To continue the sports analogy, MSPs have more than one single play in their playbook: they draw up the tech strategy that best suits your business needs.

The MSP is also in it for the long haul. A vendor may be looking only to be a partnership that leads to product or service sales and tech support calls. The MSP model is built on collaboration and communication. These are IT experts who thrive on seeing their clients develop, optimize, and succeed.

Plus, MSPs can join forces with businesses of any size. They’ll bring the same team play to the IT playing field for small and midsized businesses as they would for enterprise-sized organizations.

Key Takeaway

In gauging whether your technology partner is a team player, consider the relationship benefits. You may get the technology you think you want from a vendor, but they are also focused on profiting from the partnership.

Your MSP takes the time to learn about user experience and business objectives to ensure their solutions and services add value. Instead of benefiting from things going wrong at your business, your MSP partner has an incentive to prevent problems from ever happening.

If you want a technology partner who will find the right solution for the benefit of the team, give us a call at 478-474-0861.

How to Get Your Devices to Play Nicely Together: Home Networking Help

March 23, 2020 by Quality Computer's Staff

Why can’t we all just get along? You’ve probably thought that before. But the sentiment is also one that goes through our heads when we’re trying to set up home networking. When cables and passwords abound, we can’t help but wish it was easier to get all our devices to play nicely together. Here’s help.

Desktop computers. Laptops. Tablets. Network printers. Routers. Modems. Smartphones. Smart speakers. Media players. Gaming systems. Homes today have many, if not all of these. Each has all sorts of features, and they’d be even more useful if they connected to one another. If only it wasn’t so challenging to get all our devices to relay information between each other reliably.

Home networking can bring so many benefits. You might enjoy:

accessing emails on all your devices, wherever you are;
surfing the Web using your voice;
being able to share files, photos, and other media with any other networked device;
viewing a baby photo album from your computer on your Smart TV during a Sweet 16 birthday party;
printing from your smartphone or other devices, even when not connected to the device via cable, using AirPrint or Google Cloud Print;
backing up all computers in the house to a centralized location via the network;
securing your activity on all devices at home with a protected Wi-Fi network.

Yep, all that sounds pretty great, but we’re right back where we started. How do we get our devices to do all that?

What Your Home Network Needs

First, take a moment to imagine connecting all the computers and smart devices in your home via cables. Ack! As if you want more cables snaking around your home! You don’t want to feel as if you’re rooming with Medusa.

So, you’ll be looking into a wireless home network to connect your devices to the internet and each other. That means setting up a modem and a router (we’re assuming you already have an internet service provider).

The modem is what connects your network to the internet. The router connects your devices to each other and to the internet through your modem. The router communicates the wireless signal between your devices and the modem. A gateway option combines the modem and router functions in one device.

If your home is spread out over several floors or square feet, or you have to deal with thick walls, you might have difficulties at home with Wi-Fi dead spots. Great! You’ve made all this effort, and it’s still not working! You could try a mesh network. Instead of making one device do all the signaling, a primary router and many smaller satellites (or nodes) relay the signals with equal power.

Securing Your Home Network

When you get your devices connected, you’ll want to secure your home network. Taking these simple steps helps protect your personal information and prevent cyberattacks.

First, change the default passwords on your modem and router, and choose something more complex than “123456,” “password,” or “letmein.”

You’ll also want to set up a guest network if the router supports it. This allows visitors to access the Wi-Fi without you having to share access to your main network.

Also, rename your Wi-Fi network so that it isn’t obvious that it’s your house. For example, if you live at 920 Hassell Place, you wouldn’t name it 920Hassell. Or, if you’re the Wilsons, don’t name it WilsonNetwork. Don’t make it easy for someone trying to target you to identify which network they are trying to hack.

You like using all your devices, but getting them all networked seems like a headache. Still, once you have a home network set up, you’ll wonder why you waited so long. Don’t put off the convenience any longer. We can help you get all your devices playing together nicely and securely. Contact us today at 478-474-0861

Are You Doing Your IT Due Diligence?

March 16, 2020 by Quality Computer's Staff

The words “due diligence” may make you think of a courtroom drama on television. Surely, that’s something only lawyers have to worry about? Not so fast. Due diligence is something your business can be doing, too. Are you covering the basics?

Due diligence is about taking care and being cautious in doing business. It extends to how you manage your technology, too. You may think you’re immune to a data breach or cyberattack, but cybercriminals can target you regardless of business size or industry sector.

Depending on your industry, you may even have compliance or regulatory laws to follow. Some insurance providers also expect a certain level of security standards from you. The costs associated with these cyber incidents are increasing, too. Don’t leave your business vulnerable.

What due diligence involves

Technological due diligence requires attention to several areas. Generally, you’ll need to show the following:

Each staff member has a unique login. Require complex, distinct passwords. Educated your people to protect these (e.g. not write them on stickie notes that sit on their desktop).
You have a process in place for regular data backup. We recommend a 3-2-1 backup strategy. Keep three copies of your business data. One on the cloud with the other two on different devices (e.g. on your local computer and on a backup USB drive).
You patch and upgrade security consistently. Ignoring those reminders and waiting for the next release is risky.
You’ve installed antivirus software. You won’t know your computers are infected until it’s too late. Be proactive.
Email filtering is in place. These filters help protect your business from spam, malware, phishing, and other threats.
You have installed firewalls to monitor and control ingoing and outgoing network traffic.
You limit user access. Instead of giving everyone full access, set conditions based on role and responsibility. This approach minimizes vulnerabilities.
There are physical security procedures to limit access to your environment. You might install security cameras, fence a perimeter, and require RFID scanning in protected areas.
If your company lets employees use their own phones, laptops, or tablets, have a Bring Your Own Device (BYOD) policy in place. Installing mobile device management software is useful, too (and we can help with that!)
You test your security, too. You can’t take a set-and-sit approach to securing your network, systems, and hardware. Ongoing testing will help you identify risks, repair vulnerabilities, and protect your business.

It can also help you to prove that you’re being diligent by:

keeping copies of any training provided and employee handbook messaging;
updating your organizational chart regularly;
vetting contractors/vendors before granting them access;
having a policy in place that quickly denies access to any former employees;
inventorying all devices on your network.

IT due diligence protects your business. Meeting these security standards can also cut costs and preserve your brand reputation. Demonstrating vigilance helps you avoid hefty compliance or regulatory fines and fight litigation. In the event of legal action, you’ll also want to prove the efforts you made. So, be sure to thoroughly document all IT security efforts.

Due diligence doesn’t have to be difficult. Our experts can help you determine the best preventative measures for your organization. Some business risks will pay off, sure, but when it comes to your IT, caution will have the best results.

The Dark Web and Its Impact on Your Business

February 24, 2020 by Quality Computer's Staff

Business owners today know the internet is not only a force for good. Some people exploit the Web for ill intent. They congregate on the Dark Web, and small businesses need to understand the risks.

What is the Dark Web?

You and your employees spend time daily on the Web. They’re researching clients, checking out competitors, and searching for information. They are not accessing the Dark Web. The Dark Web houses dangerous, often illegal activity. This includes black-market drug sales, illegal firearm sales, and illicit pornography.

The Dark Web’s collection of websites is inaccessible using standard search engines or browsers. Users employ a Tor or I2P encryption tool to hide their identity and activity, and they spoof IP addresses.

To go into the Dark Web, you also need to be using the Tor or I2P service. Plus, you’d need to know where to find the site you are looking for. There are Dark Web directories, but they are unreliable. The people on the Dark Web don’t want their victims to find them. Ultimately, it’s not somewhere you or your employees need to be.

So, why do you need to know about it? Because Dark Web users can buy:

usernames and passwords
counterfeit money
stolen credit card numbers or subscription credentials
software to break into people’s computers
operational, financial, or customer data
intellectual property or trade secrets

The Dark Web is also where someone can hire a hacker to attack your computers.

The Dark Web business risk

The Dark Web itself isn’t illegal, and not all its traffic is criminal. It is also visited by journalists and law enforcement agencies, and it’s used in countries prohibiting open communication.

Yet the number of Dark Web listings that could harm your business is growing. A 2019 research study found that 60% of all listings could harm enterprises, and the number of those Dark Web listings has risen by 20% since 2016.

Business risks from these Dark Web listings include:

undermining brand reputation
loss of competitive advantage
denial-of-service attack or malware disruption
IP theft
fraudulent activity

With media attention on data breaches impacting millions, it’s easy to think a small business is not at risk. However, bad actors don’t target a business for its size â€“ they look for ease of access.

Dark Web information is up to twenty times more likely to come from an unreported breach. Privacy specialists told a Federal Trade Commission Conference victims included medical practices, retailers, school districts, restaurant chains, and other small businesses.

Reduce your risk

If your information ends up on the Dark Web, there’s little you can do about it. The bright side, at least, is that you would know that your business security has been compromised. Be proactive instead. Keep your security protections current, and install security patches regularly.

Consider a unified threat management (UTM) device, or UTM appliance. The UTM plugs into your network to serve as a gateway and protect your business from malware, illicit access, and other security risks.

Your UTM security appliance can provide:

application control
anti-malware scanning
URL and content filtering
data loss prevention
email security
wireless and remote access management

Or let a managed services provider (MSP) take care of all aspects of protecting your business. Pay a consistent monthly fee for an MSP to handle all your technology, patching, monitoring, and assessment needs.

Stay on top of the latest cybersecurity threats with an MSP, or learn more about installing a UTM. We can help protect you from the dangers of the Dark Web. Call us today at 478-474-0861!

Why You Need Professional Virus Removal

February 3, 2020 by Quality Computer's Staff

“Your computer has a virus.” Such a dreaded five words! We don’t want to come down with a human virus; we’ll feel awful and miss work. But when a virus hits our computer, we could lose valuable information or be vulnerable to attack. Chicken soup won’t cut it.

Perhaps you have an antivirus product installed on your computer. This computer software is intended to prevent, detect, and remove viruses. Antivirus tools are designed to keep infections out. They can also delete any viruses that may already be on the computer when the software is installed.

The software provides protection by tracking malicious code and other computer threats via:

classifying the actions the file or code drives (as malicious or OK);
inspecting file signatures for matches to an existing signature in its virus dictionary;
scanning for rootkits that can change how your operating system functions.

However, antivirus software isn’t that good at cleaning up. When it detects a malicious file, it will delete it. But what if the virus spread before discovery? If the infection spreads before virus deletion, it can do all sorts of damage.

Think of it this way: you have a cyst on your knee. Doctors decide it is pre-cancerous and operate to remove the cyst before it spreads. But, that’s all they do. They have seen the cyst. They go for the cyst. However, they don’t notice the cancer that’s in your shin or femur, because they were only working on the cyst. The rest of your leg remains unhealthy, and you don’t even know it!

Getting a Second Opinion on Viruses

If the antivirus software is your primary physician, a computer professional is the specialist you go to for an expert second opinion. For one thing, antivirus products don’t always remove all the malicious files. Many viruses start as one thing but can mutate into several different strains. The antivirus software may not be programmed to identify all of the virus variants. A professional actively looks for undetected strains on your computer.

Viruses are always evolving. A recent strain of malware, SquirtDanger, let hackers take computer screenshots, capture passwords, download files, and empty out cryptocurrency wallets.

Some viruses can change the settings of your computer. For instance, a common virus changes your computer’s DNS, which is like a bit like the Yellow Pages for the internet. On a virus-free computer, when you type in “Google.com”, your browser goes to Google’s servers located at the IP address “216.58.203.100.” However, an infection can make Google.com on your computer go to a different address. Perhaps a server address cybercriminals use to capture your personal data. It still looks to you like Google, but it’s no longer safe. These settings can still remain after the infection is long gone.

Viruses can also leave behind browser toolbars, extensions, and other nasties designed to spy on your Web browsing habits. If you’re consistently redirected to unwanted sites, or seeing unwanted pop-up advertisements, it’s likely your computer’s infected with a browser hijacker.

Ultimately, if you detect a virus on your computer, check with a professional. Don’t trust that your antivirus software is going to do the same, thorough job an expert can offer. Sometimes your computer isn’t fully safe until the operating system is reinstalled, but you can’t know that until someone can go in and see what the virus did and what remnants are still there, lurking.

Cybercriminals are growing more sophisticated and better able to design viruses that disguise their tracks. Avoid being an unwitting victim. A computer security expert can diagnosis when your computer gets a virus, or determine if there are strains on your device you don’t know about. Let a security expert protect your computer from harm today! Call us at 478-474-0861.

Are You Due? What to Do When You Get a Renewal Notice

January 27, 2020 by Quality Computer's Staff

Your business relies on any number of service providers. You’re likely contracting for domain names, website hosting, data backup, software licenses, to name just a few. And that’s only your online presence! So, when a renewal notice comes in, you might just forward it on or file it away for future reference. Here’s what you should be doing instead.

First, when you get a renewal notice, you should confirm that it’s legitimate. This is especially true of domain names. Your business’s domain name and expiration date are publicly available. Anyone could look them up and send you an invoice. Scammers do. They monitor expiring domain names and then send out emails or convincing physical notices telling you it’s time to renew. They are not doing this as a civic service!

Instead, they will be trying to get you to switch your domain services to a competitor or, worse, hoping you’ll pay your renewal fee to their account, which has no connection to your domain.

Look out for the following indicators that the notice is a fraud:
The price is much more than you’d expect.
The deadline is within seven days.
You don’t know the business name.
This business has never contacted you before.
The notice requires you to send a check.

Handling Authentic Renewal Notices

Once you’ve determined the authenticity of the renewal notice, you’ll want to take stock. Putting your licenses or other online services on auto-renewal plans can be easier, but it may not be cost effective. Before re-upping your plan consider:

Are you still using this service?
Do you really still need it?
Do your current needs meet your current plan?
Should you upgrade or downsize?

You might also contact your provider directly and ask:

Is there a better product available now?
Are you eligible for a loyalty discount?

The company you’re dealing with wants to keep your business (hence, the renewal notice). That can give you some leverage in negotiating what you are paying or what service you are getting. You could treat an annual renewal notice as an opportunity to renegotiate terms. It’s not always going to work, but it can be worth a phone call as you try to keep business expenses under control.

Finally, you should pay attention to any deadlines on the renewal notification. Some are sent months in advance. That seems so helpful, but if you put it away to deal with later, before you know it you’ve missed an important date and the service is stopped.

You should always get a renewal notice for something like a domain name. The Internet Corporation for Assigned Names and Numbers (ICANN) requires companies to send reminders approximately one month and one week before your domain name expires.

Don’t leave your renewal to the last minute. With expired domain names, for instance, you can lose your website! Options and fees for renewing domain names, including expired ones, are going to vary, so be sure you know what your subscription involves.

Also, there are bad actors out there who monitor domain expirations to buy them up at bargain prices. Then, when you notice the subscription has lapsed, you have to pay a king’s ransom to get the Web address back. Yes, it can happen to you. In fact, the World Intellectual Property Organization (WIPO) handled a record 3,074 cybersquatting disputes last year.

Avoid being overwhelmed by all the subscriptions and service plans your business relies upon. A managed service provider (MSP) monitors your license and domain expiration dates to ensure your business is current. At the same time, the MSP has the expertise needed to determine what plans best suit your business needs.

Give us a call at 478-474-0861 to enjoy the peace of mind a managed service provider brings!

LetMeIn101: How the Bad Guys Get Your Password

October 21, 2019 by Quality Computer's Staff

Passwords are essential to your cybersafety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your laissez-faire attitude is one way bad guys access your passwords.

Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.

Tip: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.

Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.

Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.

If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.

Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it unique to you.

The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.

Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.

Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.

Tip: Be cautious about your online activity on computers or networks you don’t trust.

Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.

Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.

These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cybercriminals?

Contact our experts today! Call us at 478-474-0861.

Island Hopping: Not Always a Good Thing

October 14, 2019 by Quality Computer's Staff

The phrase “island hopping” conjures up positive images. You might think of cruising beautiful sandy beaches on a tour of tropical islands. Too bad cybercriminals have given the term a new, less pleasant spin.

Island hopping is an increasingly popular method of attacking businesses. In this approach, the cybercriminal targets a business indirectly. The bad actors first go after the target’s smaller strategic partners. So, vendors or affiliates, who might not have the same level of cybersecurity, become stepping stones to hop.

Attackers might hack into smaller businesses handling the target’s HR, payroll, accounting, healthcare, or marketing. Then, they take advantage of the pre-existing relationship to access the final destination.

Humans are trusting. Cybercriminals exploit that. With island hopping, attackers leverage the trust established between strategic partners.

It’s quite simple: attackers gain access to Company A and send a counterfeit business communication to Company B. Company B, knowing the sender, is less likely to question a download link or opening an attachment.

After all, it’s not coming from a stranger; it’s a message from perfectly pleasant Jenny at Company A. You may have in the past already shared logins to various sites/portals, or passwords to unlock zip files.

The Rise of Island Hopping

This is not a brand-new form of attack. In fact, it’s named after a military strategy which the United States used in World War II to establish a stronghold in the Pacific Islands.

Perhaps the best-known island-hopping cyberattack was seen in the United States in 2013. Retail giant Target was the aptly named target of a point-of-sale system breach. Hackers stole payment information from 40 million customers. The first “island” in the planned attack was Fazio Mechanical Services. The heating and refrigeration firm suffered a malware attack shortly before Target’s breach. Fazio’s hackers stole email credentials needed to access the retailer’s networks.

As enterprises continue to strengthen their cybersecurity, it’s predicted that island hopping will gain momentum. According to Accenture’s Technology Vision 2019 report, less than a third of businesses globally know how strategic partners secure their networks. A majority (56%) rely on trust that business partners would uphold security standards.

Preventing Island Hopping

You may be one of the islands to hop or the attackers’ final destination. It depends on your business size and industry. Either way, your business is vulnerable to malware attack, infected systems, or a data breach. Plus, if you’re the stepping stone, you’re likely to lose the target company’s business, too.

How do you prevent island hopping? First, secure your own networks and systems:

Follow best practices to detect and identify vulnerabilities and reduce risk.
Educate your employees about the dangers of business communication scams.
Raise awareness of phishing schemes and social engineering.
Require two-factor user authentication.
Change all default, generic, or predictable passwords.
Keep security up to date (patching and system upgrades are mandatory).
Control who can access your networks and servers.
Protect all endpoints (including employee devices in a Bring Your Own Device workplace).

When it comes to cyber island hopping, your business doesn’t want to be a layover or the final destination. Keep your cybersecurity borders tight to avoid unwanted visitors.

Want to make your business inhospitable to island hoppers? Work with a managed service provider. They can help assess cybersecurity, provide a plan to reduce risk, and upgrade technology. Let us support your efforts to fend off unwanted tourists.

Give us a call on 478-474-0861.

Immediate Business Answers with Instant Messenger

September 9, 2019 by Quality Computer's Staff

You may have hated group projects in school, but collaboration is a lifeblood of business. Yet members of a team may not work in the same workspace. Even those who do, don’t want to spend their day crisscrossing the office to get quick questions answered. While they could send an email or pick up the phone, instant messaging is an even more efficient solution.

Don’t confuse this solution with the old AOL or MSN Instant messenger. Instant messaging (IM) for business takes group communication and collaboration up a notch.

First, IM is truly instant communication, faster even than email. When you type in your comment and hit Enter, your message appears on the screen instantly. You can see it, and everyone else in the chat can see it. While email is fast, it’s not instant. You must wait for the email to arrive and hope the recipient has their inbox up and will answer right away.

Calling on the phone could be as instantaneous, but often you’re going to get voicemail. Don’t even try to get several people on the phone at the same time without prescheduling a time! With IM, employees can chat in real time as if they were on the phone with someone or on a conference call. An added bonus?

They can use IM while on the phone too. So, a sales team could have IM up to relay information, while on the call, to make the best impression with the client.

Users can click and drag files, images, spreadsheets, PDFs, and more into the chat. For some businesses, IM is a way to keep all team documentation accessible in a single place.

IM Improves Productivity

Common business IM applications, such as Slack or Microsoft Teams, allow users to coordinate chats for greater efficiency. In group channels everyone on the channel can see what is going on. So, a business might set up channels for different client projects or a certain team members. Even clients can be invited to participate on channels.

IM also allows for direct person-to-person messaging. So, someone in marketing might shoot over a screenshot for a quick vote on wording or font size.

Group channels (open or private) and direct messages in the IM app become a record of what’s been going on over time. They are searchable and have many integrations with other tools you may be using in your office. For example, someone could post a link to a Dropbox or Google Docs file and instant messenger will show a preview.

A possible drawback is that instant messaging can be distracting. Being “always available” makes it more difficult to focus on the task at hand. Fortunately, most instant messengers let users change their status to “Away.” They will still be in the chat, but not available to respond to messages. Otherwise, the user can simply close the app.

IM’s Other Benefits

Since many instant messengers for business are also phone applications, employees also gain mobility. After downloading the app, people can access the system from any Internet-connected device. Talk about real-time communication and collaboration.

Other business benefits of instant messaging? Our email inboxes get cluttered with messages that steal attention and waste time. The same thing doesn’t happen in business IM as users are only in channels with other invited parties.

With an IM solution, employees won’t use personal texting, which could have compliance implications. Providing a continuous record of communications, IM channels can also help quality control.

Ready to make the move to instant messaging for your business? Let us help you find the best solution for your needs. Give us a call at 478-474-0861!

Do Macs Get Viruses?

August 27, 2019 by Quality Computer's Staff

Many Apple owners believe their Macintosh computers are immune to viruses. Apple itself has run ad campaigns promising its computers “don’t get viruses”. And those who have owned a Mac for years, decades even, are particularly prone to believing. After all, nothing’s happened to them yet. Regrettably, Macs do get viruses, and the threat is growing.

For a long time the argument was that cybercriminals didn’t bother to develop Mac viruses. There weren’t enough users to justify the effort. Instead, they’d focus on the lower hanging fruit – PCs running Windows.

Yet Apple’s market share is on the rise, and it’s increasingly common to see Macs in the workplace, especially in creative industries. Plus, there’s a widespread assumption that Mac users are a smart target as they are likely to be better off. So, while Macs remain harder to infect (installing most software requires a password), there’s often a greater payoff.

The research reflects the reality. In 2017, for instance, the iPhone OS and Mac OS X placed #3 and #6 in CVE Details’ top 50 ranked by total number of distinct vulnerabilities. Apple TV and Safari also made the list at #17 and #18, respectively. In 2017, Malwarebytes also reported it “saw more Mac malware in 2017 than in any previous year”. By the end of 2017, the cybersecurity firm had counted 270% more unique threats on the Mac platform than in 2016.

Finding Apple’s Weak Spots

It’s obvious then that bad actors are no longer steering clear. They are actively looking for ways to exploit Macs.

A common approach is to use Trojans. Named after a gift wooden horse that hid an army, Trojans look like something you would want to install. So, Mac users happily enter their passwords to download that application and open the gates to the cybercriminal.

In 2011, for instance, a Trojan called “Mac Defender” took advantage of people’s desire to protect their computers. The fake program appeared to be anti-virus software. Once the users installed it, they’d get an onslaught of pop-up ads encouraging them to buy more fake software.

Trojans get through the gates because you let your guard down. You are taken in by that supposed note from a long-lost friend. You think you want to see that pic of that famous celebrity. All it takes to stop this type of attack is suspicion of everything you might install or download.

A business would want to educate its employees about the importance of:

clicking on emails with care;
validating the source of any files they plan to open;
checking a website’s URL (being especially wary of those with less common endings such as .cc or .co);
questioning any promises of Ray-Ban sunglasses for 90% off or the latest iPhone for $29.99.

A new threat comes from within the Mac App Store, according to Thomas Reed, a Mac security researcher. When a user tries to install an app on a Mac, a Mac OS program called Gatekeeper checks the file’s code signature. The signature helps certify the app is valid. However, Reed found that cybercriminals could buy a legitimate certificate from Apple, or steal one and trick users. Users would install masked malware that could infect legitimate programs and evade detection.

Key Takeaway

Apple is always working to protect its users from malware. It has measures in place, and user caution can make a big difference, too. Still, it’s not true that Macs are completely safe.

Find out what you can do to protect your Macs and guard against threats. Partner with a managed services provider to gauge your security levels.

Call us today at 478-474-0861!

Quality Computers

All Professionals No Geeks

Do Macs Get Viruses?

FOLLOW US

Recent Posts

FOLLOW US

Recent Posts

Tags