Hate Windows 8? Turn it into 7 with a few easy steps.

I hate Windows 8.

Everything about its new interface is counter-intuitive.

Even on a tablet, unless someone shows you the swipey tricks, you will be confused. An invisible button? I guess they were copying samsung. At least on a Galaxy the button appears after you press it. And who the hell put the turn off button under settings?

Fortunately, we are not alone. 3rd party software developers have recreated the Windows 7 start menu!

The one I usually use is called Classic Shell. This tool brings back the Windows 7 start menu in all of its glory.

There are also some more options to play with to unflustercluck the GUI.

Right-click the taskbar, click Properties and select the Navigation tab. You can disable hot corners, the app switcher bar, and most importantly, boot directly to the desktop.

Article by CTRLIT.
Leading IT Support in Melbourne

Advertisements

The Importance of Penetration Testing

We get asked all the time what’s the point? Am I really exposed to risk here? How important is penetration testing? The bank would cover any money I lost anyway right? Well before I get started I’d like to share a quick story of a Financial Adviser based in Melbourne.

They as many people thought their money was protected and earlier this year had 300k+ fraudulently removed from accounts. They didn’t have cyber insurance but the banks did refund the money approximately 3 months later. On the down side they were not able to make pay roll, lease payments or Tax liabilities which ultimately sent them bankrupt.

Now the exploit used was a very simple key logger that could easily have been prevented with some basic protection. The IT company appeared to be doing a great job as the computers ran well, great up times and response times but they didn’t have their eye on the ball with security. Antivirus and a firewall simply doesn’t cut it these days. Companies need intrusion protection, vulnerability scanning and most importantly regular third party Penetration Testing.

A useful tip we give to our clients is ask your IT company this… Can you give me a report today on our vulnerability Scans? If they hesitate or advise they can get it to you next week then they are not doing any. It takes 30 seconds to run a report when scans are being run daily. At this point you should be alarmed and getting third party Penetration testing completed pronto.

Don’t be low lying fruit or an easy target. Security isn’t rocket science – it’s simply risk mitigation by not being vulnerable to simple exploits.

As always folks keep on top of your security and have a fantastic Christmas and New Year from the team @ Ctrl IT

Penetration Testing: Proactive Defense for your Business

Penetration testing is a process of determining if your network or business is secure or susceptible to unauthorized access by third parties. There are many different way of getting access to a network or business, including external attacks over the internet, social hacking and physical access. The article explains in more details these types of attacks, and how you can be best informed of your potential vulnerability to them, by employing penetration testing.

External penetration testing involves the use of specific designed software to scan the external IP address(s) of a network to probe for open ports. Through these ports, depending on the protocol they use, exploits can be targetted to gain access. For example, if port 23 was found to be open, then it could be assumed that this would be for a router, and the username and password could be brute forced via telnet. If port SSL port 443 was found to be open, then the Poodle exploit could be potentially used to execute remote code.

Social hacking forms part of the process of penetration testing. Your system is only secure if your staff are adequately trained with simple security procedures, such as locking their PC when leaving and never giving out a password to anybody – even a system administrator. Advanced social hacking techniques are usually creative and rely on confidence of the attacker to bluff their way into unauthorized access.

This leads on the physical access hacking. By using a combination of Social hacking and physical access, an attacker may be able to gain physical access to a machine and compromise it with something as small as a custom created USB stick. A temporarily unattended reception PC, or an unattended unlocked computer can be compromised in seconds using available technology.

A full penetration test checks your vulnerability to all of these attacks and provides important information to help keep you secure. The result can include simple things like account lockout polices, preventing physical access to machines in public places and most importantly – the patching of any software vulnerabilities.

Article by Steven Ward from CTRL IT – www.ctrlit.com.au

Someone get these companies some emergency IT support!

The consequences of a computer system failure at your workplace can range from ‘a bit of a pain’ and some downtime to major financial loss and the ruination of a company. The proliferation of people offering IT support in Melbourne shows that most business owners understand the importance of keeping their computer systems up and running, but in the world of technology, the odd glitch is simply inevitable.

If you’ve been hit by a computer bug that’s caused you grief, maybe these examples of massive computer failures will ease the pain!

Airports

An IT failure at an airport is usually bound to have very annoying consequences for passengers. You can bet the IT support at Melbourne Airport is pretty tight for this reason! Nonetheless, bugs still happen. Take the headache suffered at UK immigration after a fault occurred on the UK Border Force computers. The IT fault, which occurred earlier this year, meant delays in conducing passport checks, and lead to huge lines forming at airport terminals across the UK as people waited for hours to enter the country.

There are many other airport computer bad news stories. Take the 2012 glitch in a United Airline’s dispatch software, which resulted in 257 flights being delayed and another 10 being cancelled in just a two-hour period!

But both of these are at least better than a computer issue during the flight – when it’s never more crucial to have on-hand IT support! A Melbourne flight to Delhi had to divert to Kuala Lumpur in February this year after all three of the Boeing 787’s navigation computers failed simultaneously!

Finance

One of the most well-known stories of financial loss due to a computer failure is that of Knight Capital, an American global financial services firm. In 2012, an incorrect algorithm in automatic stock trading software – which saw the company buy high and sell low on 150 different stocks – meant the company lost a whopping $440 million – in just thirty minutes.

When it comes to transport (and the desperate need for some good IT support), Melbourne’s embattled myki system has had its fair share of woes. While many have suggested the system is inherently flawed, part of its problem has been computer glitches.

Mapping

I’m sure we all remember the infamous 2012 Apple iOS 6 update, when the company ditched the Google Maps platform in favour of its own system. Unfortunately, this system had a few glitches, including its missing out entries for whole towns, incorrect placement of locations, obscured satellite imagery, and incorrect locations given for queries – among others. Everyone from Melbourne to New York felt the impact of the poor mapping. In fact, New York Times technology columnist called it the “least usable piece of software Apple has ever unleashed.” Ouch.

Prisoners

Then there was the 2011 incident with the state of California. The state was required to significantly reduce its prison population by 33,000 by releasing non-violent offenders. However, a computer programming error led to “non-revocable” preference being given to 450 violent prisoners who were released into the public – and were not required to report to a parole officer. As of last report, it seems that many of these felons are still out there. Hopefully the state learned their lesson and invested in some better IT support!

All out war!

But that’s nothing compared to our last example, which could have led to war! In 1983, a malfunctioning Soviet nuclear early warning system warned that the US had launched an attack on Russia! Luckily, Soviet Air Defence officer Stanislav Petrov had a gut feeling that the alarm was false and didn’t sound the alarm – possibly saving the world from World War III!

Written by Bastien Treptel – Director Ctrl IT www.ctrlit.com.au

IT Risk & Security – Get a second opinion

Every day in the media we see another story about a new virus, a company being hacked and someone other than you having issues. This re-enforces your opinion that your IT Support Company is doing a great job which they may well be doing. Unfortunately from our experience over the last ten years the majority are not… businesses need to remember that a system running smoothly doesn’t mean your secure or free from risk.

Take for example a business on St Kilda Rd, an IT business of all things! They thought firewalls, backups, antivirus and fault tolerance were perfect until a few troubled teenagers were bored one day and downloaded some tools off the internet, the black arch toolkit which they used to break a very simple vulnerability and over the period of 1 month deleted all backups completely un-noticed and then wiped all hard drives… The company in question lost all their data and promptly went bankrupt after losing nearly 10,000 websites and 7 plus years of people’s stored emails which were safely “stored” in the cloud…?

The point being a simple vulnerability scan or audit would have shown this simple vulnerability in an otherwise well setup system and it could have been patched preventing many legal cases, insurance claims and general misery.

So our point?

  1. Get an IT Audit regularly
  2. Make sure your IT company are running external vulnerability tests regularly
  3. Get a second opinion even if your IT is run by a trusted professional

As always everyone happy computing and enjoy the appmazing world we live in safely with a dash of common sense 😉

Written by Bastien Treptel – Director Ctrl IT www.ctrlit.com.au