Security problems are getting worse. Systematic attacks are coming from kids, thieves and spies. Every day, we read about some break-in or other types of security compromises. Witness the recent major Sony break-in.
PCs can be compromised any number of ways. An infected machine can take hours to scan and clean. When things don’t go well it can take a day or more to get the machine rebuilt and reconfigured.
No one likes downtime.

These steps can prevent the majority of potential hacks.

1. Don’t open email or browse the web while logged in as an Administrator.
Administrator accounts are only suitable for (un)installing software and changing computer configurations. If an admin account is exposed to malware the computer is more likely to be compromised to the core. That’s just making it easy for hackers.

If a computer login account is an admin and those rights are needed, do the following things:
- Go to control panel and create a local administrator account for the primary computer user with a strong password (see #3).
- Change the regular login account to a limited user account.

2. Keep your PCs patched.
Patches are usually applied by the IT department when they don’t interfere with work – at night or on weekends. Find out when the PCs are patched and leave computers on. Log off and let the system apply the patches that have passed testing.

Monitors can be turned off to save power.

3. Don’t use a simple password.
When other people get infected with malware (such as the Conficker worm) their machines continuously attempt to breach passwords of the machines around them (as many as three million guesses per hour for an indefinite period of time). The machines do this by downloading dictionaries of all known words and numbers and trying them in various combinations and with common letter substitutions. For example, P@$$w0rd42 is actually not a strong password, even though it will stand up longer than Princess42.

Use a passphrase to create a strong password. “All work and no beer makes Homer go crazy!” becomes Aw&nbmHgc! The phrase is difficult to guess, easy to remember and can just be repeated as each character is typed. An easy reminder can be kept without compromising the account that says password=crazybeer.

4. Turn off two simple settings in Adobe Acrobat and/or Adobe Acrobat Reader.
Half of all machines are infected by exploiting Adobe vulnerabilities.
a. Launch Acrobat or Acrobat Reader.
b. Click Edit.
c. Click Preferences – We are going to make two changes.
d. Under Categories on the left side, click JavaScript, then clear the box that says “Enable Acrobat JavaScript in the right window.”
e. Under Categories on the left side, click Trust Manager. In the right window, clear the box under PDF File Attachments that says “Allow opening of non-PDF file attachments with external applications.”
f. Click OK to accept the changes.

5. Call Responza to assist in patching applications.
Periodically, machines may prompt an update of Java, Flash, Acrobat Reader, Firefox or some other application that are prevented from automatically launching by security settings. In such instances, check with the IT department before accepting updates. Sometimes, updates break applications or cause weirdness in PCs. Responza’s IT Pros can assist with patching processes.

Call your Responza IT Pro if you have any questions about security and policies for protecting your business data: 206-762-2100.

Online marketer Epsilon hacked, exposing thousands of names and emails.

Epsilon alerted its customers that some of their electronic information could have been exposed after a computer hacker penetrated the online marketer’s data systems. The names and emails of customers of Citigroup and other large organizations that use Epsilon’s email services were exposed in a massive and growing data breach that has the potential to become the largest in U.S. history.

According to Epsilon, no personal financial information, such as credit cards or social security numbers, appeared to be exposed.

Walgreens, TiVo, Capital One Financial Corp and HSN are included in the list of targets along with some of the nation’s largest banks. We are aware of fraudulent digital certificates issued by Comodo – a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows – that could affect many users.

Responza’s Recommendations:

It is our recommendation that you remain alert to email messages that ask questions or request information about financial account information of any type. As policy, financial institutions never request, provide or ask confirmation on full account numbers, user names, passwords or social security numbers.

Here is your to-do/to-don’t list:
1. Expect MORE spam.
2. Expect more spam that LOOKS LEGITIMATE.
3. DON’T open spam emails.
4. DELETE EMAILS from people you don’t know.
5. Don’t click on LINKS in spam emails.
6. Never enter ANY PERSONAL INFORMATION in an email or a website from an email.
7. Never CONFIRM personal information in spam emails.
8. If asked to confirm your Social Security Number in an email – DON’T – and forward that email to spam@uce.gov.
9. CALL your Responza IT Pro if you need help: 206-762-2100

Data Breaches are serious reminders to assess your security strategy and to implement policies that reduce the risk of data breaches within your own organization.

As always, call your Responza IT Pro if you have any questions about your security and policies for protecting your business.

We are aware of fraudulent digital certificates issued by Comodo – a certification authority present in the Trusted Root Certification Authorities Store on all supported versions of Microsoft Windows – that could affect many users.
Comodo advised Microsoft on March 16, 2011 that nine certificates had been signed on behalf of a third party without sufficiently validating its identity. These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.

Certificates for the following Web properties are affected:
. login.live.com
. mail.google.com
.www.google.com
. login.yahoo.com (3 certificates)
. login.skype.com
. addons.mozilla.org
. “Global Trustee”

Comodo has revoked these certificates, and they are listed in Comodo’s current Certificate Revocation List (CRL). In addition, browsers which have enabled the Online Certificate Status Protocol (OCSP) will interactively validate these certificates and block them from being used.

An update is available for all supported versions of Windows to help address this issue.
Typically, no action is required of customers to install this update, because the majority of customers have automatic updating enabled and this update will be downloaded and installed automatically. For more information about this update, or to manually install this update, see Microsoft Knowledge Base Article 2524375 (http://support.microsoft.com/kb/2524375).

The full advisory can be found on the Web at:http://www.microsoft.com/technet/security/advisory/2524375.mspx.

Most users create custom workbooks in Excel that they allow others to update. The problem is that often those updating the sheet change flag values or change formulas. How can these areas be protected or locked while allowing input cells to be unlocked so that the worst thing others can do is enter invalid values? Today’s tips explain the process to enable changes to be made only in selected cells of a worksheet.

Unlocking specific cells in protected worksheets
Unlocking input cells and protecting sheets is a simple enough process, but a truly knowledgeable user can get around it. For those users, there’s a simple macro for resetting things (which is the final tip noted here).

Unlock input cells in the simple sheet shown below:

There are only two cells that need to be updated in this sheet: B1 and B2. To unlock these for other users, do the following before you protect the sheet:

1. Select the input cells. In this case, that’s B1:B2.
2. Right-click the selection and choose Format Cells from the resulting context menu.
3. Click the Protection tab.
4. Uncheck the Locked option.
5. Click OK.

Protecting the sheet
To protect the sheet after you’ve unlocked cells B1:B2:

1. From the Tools menu, choose Protection, and then select Protect Sheet. In Excel 2007 and 2010, click the Review tab | Protect Sheet (in the Changes group).

2. Enter a password.
3. Uncheck the Select Unlocked Cells option.
4. Click OK.
5. Enter the password a second time to confirm it.
6. Click OK.

With these options chosen, only the contents of cells B1 and B2 can be changed. Other cells cannot be selected.

Using a spreadsheet that only gives access to the specific cells for altering, not only protects the author, but gives the user an easy-to-follow data entry map. There’s no confusion for the user—the only updateable cells are those the user can select.

The caveat
Knowledgeable users can quickly undo the selection property as follows:

1. From the View menu, choose Toolbars.
2. Select Control Toolbox.
3. Click the Properties tool.
4. In the properties window, change the EnableSelection property to 0-xlNoRestriction.
5. Click OK.

In Excel 2007 and 2010, users can also access this property via the VBE by displaying the Developer tab (via the File | Customize Ribbon route) and click Properties in the Controls group.

After resetting the EnableSelection property to 0, users can select any cell in the sheet, but they still can’t alter cell contents, except for the cells you unlocked before protecting the sheet.

For simple sheets, input cells are clear; however, a complex sheet will be confusing to less savvy Excel users and this is where the inability to select any cells but those they should update is valuable.

Responza helps companies and organizations of a variety of sizes and types determine their best computing strategies. Call Responza experts at 206-762-5100.

Microsoft Office 2010 is powerful, but some of the best time-saving techniques are relatively unknown. Here are some power-user tricks for Microsoft Word 2010. Each of these tips works in both the 2007 and 2010 versions of Word.

Give Word a more readable default font
The default font in Word 2010 is Calibri, which looks elegant on screen but some consider it unreadable. To change Word’s default font, press Ctrl-Shift-F to open the Font dialog. It is advisable to review fonts and have a replacement font determined before opening the Font dialog. Choose a font and size. Click Save as Default, choose “All documents based on the Normal.dotm template,” and click OK.

Change other layout defaults in Word
To disable other default settings, follow the same procedure as when changing the Font. Press Alt-O, then P to open the Paragraph dialog (or click the More Arrow in the Paragraph group on the Home tab). Set spacing and other options, and click Save as Default. Go to the Page Layout tab, click the More Arrow in the Page Setup group to open the Page Setup dialog. Set margins and other page-layout settings, and click Save as Default.

Make Word warn you when you save or print a file with tracked revisions
Those who use revision tracking in Word documents have probably mistakenly sent a document out with revisions still present in the file and easily visible to anyone who uses the option to display revisions and changes. Word 2010 finally adds a dignity-saving security option that provides a warning when the user tries to save or print a document that contains revision information, or e-mail it from Word’s menus. To turn on this warning, go to the File menu, then Options, then Trust Center. Click on Trust Center Settings and then Privacy Settings, and add a checkmark next to “Warn before printing, saving or sending a file that contains tracked changes or comments.”

Responza helps companies and organizations of a variety of sizes and types determine their best computing strategies. Call Responza experts at 206-762-5100.

Getting Digital Affairs in Order
Developing a plan for passing on those digital files and passwords after the business owner is gone can save loved ones from the time consuming and frustrating process of sorting through an online estate. It is also possible that survivors or attorneys may find themselves in the position where they need to handle someone’s digital affairs. The role of the estate executor is growing an entirely new dimension in the digital age.

A good starting point for both planning and execution of the digital part of a business is to find knowledgeable technical and legal help. There are attorneys and technology companies that have amassed expertise in this area and are familiar with the nuances and process of digital survivorship.

Even with outside expertise available, it helps to have a basic understanding of the right questions to ask and some immediate steps to take or not to take with proper closure, notifications and dissemination of digital assets.

The Top Five Issues in Getting Digital Affairs in Order
1) Change all passwords as soon as possible. Make copies of Web sites and other online accounts. Remove all credit card information from shopping accounts.

2) Make a list of applications, sites and social media systems that the person has used and determine if and how they should be transitioned or closed.

3) Do not start closing accounts, shutting down hosting and e-mail, or taking other drastic steps until it can be determined how best each should be handled. Keeping a Web site up for a year or more will not be expensive. Shutting it down too early and losing valuable data could be quite expensive.

4) Buy an external USB hard drive and make a copy of all hard drives, flash drives and other data and keep them in a safe place. Once the data is reviewed, another drive can be utilized to store any items of value.

5) Be slow to delete, and when deletion happens, do it in accordance with forensic standards so data cannot be retrieved by others. Err on the side of keeping e-mail, documents and photographs for family members.

Responza’s experts can help businesses establish the IT elements that support the protection of their digital assets for all phases of business needs including day-to-day operations, growth and expansion strategies and succession plans. Call Responza at 206-762-5100.

New IT security concerns arise almost daily for SMBs. Now is the perfect time and the ushering in of a new year is the perfect time to take action and safeguard your system from those that have the greatest impact. Here are the top five expected security threats for 2011.recognize those that have the greatest impact.

• State-sponsored malware attacks
Malware attacks that target critical infrastructures such as water supplies and electrical grids are high on the list of potential threats for 2011. Attempts on critical infrastructure systems first took place about 4 years ago. While the intruding organizations may be difficult to determine, it is obvious that these exploits have been designed and tested by organizations with much greater resources than the usual individual hacker, such as other countries or organizations owned by other governments. Such attempts have generally been non-crippling, but they are costly and they test infrastructure systems to determine what is effective for future attacks. Experts predict that as many as three of these attacks could take place in 2011. The timeframe for these complicated attacks depends on how long it actually takes cybercriminals to develop them.

• Blended threats will expose the companies with weak security policies
SMBs’s penchant for operating with lean resources exposes their systems to greater potential for attack and intrusion from blended threats. Blended threats give cybercriminals access to sensitive information, such as banking account. Such threats are more cunning than standard malware because they More cunning than standard malware because they blend mediums, such as the Web and email, and they hide in blended threats hide in rich media or innocuous-looking emails, and end up giving cybercriminals access to sensitive information, such as banking accounts.

Cybercriminals have targeted consumers with these attacks in the past, but are now targeting SMBs. With much more cash in bank accounts than the average consumer and generally subpar security arsenals, SMBs are ideal targets. Losses can be significant – in the hundreds of thousands of dollars – which makes it vital for SMBs to engage knowledgeable resources that can help them put security solutions in place that address different angles of Web attacks and data leakages.

• More corporate data breaches will occur over social media channels
Search poisoning is on the rise. In 2010, when searching for a current event or news story, 22 out of the top 100 search results were malicious Web sites, up from 13 the previous year. During 2011, it has been predicted that these malicious threats will not be limited to Google searches, but will migrate to Facebook and other social media platforms. By setting up malicious sites that look like popular legitimate sites, cybercriminals easily capture those interested in popular topics.

That is not the only danger with social media. Social media users are vulnerable to spam and malicious data-stealing content. Companies can be exposed because employees may post confidential corporate data to these public pages, thinking that they are secure. Because cybercriminals often use URL shorteners, users have no way of really verifying the link that is being posted by another user. It is important that SMBs alert their employees to these dangers and help users understand that even clicking on links from “people they trust” can be risky.

For SMBs this comes down to using an IT vendor that is in lock-step with innovative threats and puts a security solution with real-time capabilities that can protect users from these dangers.

• An increase in zero-day vulnerabilities and drive-by download attacks
More zero-day vulnerabilities will be discovered due to malware exploit kits and increase the use of drive-by download attacks. Zero-day vulnerabilities are exploits that take advantage of security vulnerabilities on the same day that the vulnerability becomes generally known. So there are zero days between the time the vulnerability is discovered and the first attack. Drive-by download attacks automatically download malware to the user when his or her browser is at the compromised site.

These types of vulnerabilities make data loss prevention and real-time threat protection a necessity for SMBs who want to keep information in and cybercriminals out.

• The iPad, iPhone and other smartphones will be prime targets for cybercriminals
Phones have always been a target, but this year will be the year they become true targets for cybercriminals. Of particular appeal is the iPad because of its growing popularity among executives who chose the smaller device over heavier laptops. Many executives have their entire corporate life on their iPad, making it particularly vulnerable to drive-by download attacks.

The need for mobile device security has increased as more people – especially SMB executives – get non-BlackBerry smartphones for business use. Regardless of the devices used – inside the office or out – it is vital to keep data safe as its exposure beyond the walls of the office is more and more common.

With experience providing outsourced IT and expertise in best practices for SMBs, Responza analyzes requirements and determines computing strategies tailored to fit business needs. Call Responza experts at 206-762-5100.

Viewing subsets of data is a routine task for many Excel users. An AutoFilter lets users limit the data displayed, but it is limited because it depends on the actual data. Excel’s Advanced Filter feature requires a bit of setup, but is more flexible and powerful than an AutoFilter. Not only can it be used as an expression to match records, but it can also be combined with expressions using the And and Or operators.

Excel’s Advanced Filter feature requires three elements:
• Data
• A criteria range, where you specify criteria as an expression.
• An extract range, where Excel displays the data that satisfies the criteria.

A simple AutoFilter
This is a simple AutoFilter example that uses a partial set of data from the Products table from Northwind (the database that comes with Access). To apply an AutoFilter, users select the column headings in A1:F1 and choose AutoFilter from the Data menu. In Excel 2007 and 2010, users click the Data menu and then click Filter in the Sort & Filter group. Excel will display a dropdown arrow for each column in the selection. Using this feature, users can perform simple filtering tasks, such as which products have no units on order. It’s quick and easy, but sometimes inadequate. (To remove a filter, simply choose All from the same list.)

An Advanced Filter and And
Suppose users want to know which products with a price of $20 or more have 10 or less units currently in stock. This filtering task has two requirements – two criteria – and the user would want to satisfy them both. In other words, the product must be $20 or more and have 10 or fewer units in stock. An AutoFilter just can’t do that, so an Advanced Filter must be used.

The criteria range, in this case, requires only two columns: Unit Price and Units In Stock. Copy just those column headings to an out of the way place. (It is recommended to copy ALL of the headers since they made be needed in another filter.)

Next, state the filtering requirements in terms Excel can understand, using an expression. In this case, both expressions are simple comparisons:
Unit Price: >=20
Units In Stock: < =10

As you can see in Fig. 4, the criteria range is above the actual data. This placement is efficient and easily accessible. Both expressions are in the same row – Row 2. By placing both expressions in the same row, Excel knows to apply an implicit And operator to combine the expressions.

The extract range is optional. To copy the data to another location, specify the columns you want to extract. User beware here – the headings must be an exact match to the original column headings. If the exact range is left empty, Excel will extract all of the columns – simply select the top-left cell in the range. To simplify the example, extract in place.

Apply the filter as follows:
1. Click any cell in the data range.
2. Click the Data menu, and then click Filter | Advanced Filter. In Excel 2007 and 2010, click the Data tab and then click Advanced Filter in the Sort & Filter group.
3. Retain the default setting, Filter the List In-Place.
4. Excel automatically fills in the List Range, correctly in this case.
5. Specify the Criteria range, A1:F2. It is necessary to identify only the column headings

6. and the criteria row or rows.
Click OK

Eight products have a price of $20 or more and have 10 or fewer units in stock. To remove the filter, click the Data menu, then click Filter | Show All.

An Advanced Filter and Or
To specify an implicit Or operator, users must place the expressions in separate rows. The criteria shown below will find products with a price of $20 or more or products with 10 or fewer products in stock.

After adjusting the criteria range by moving one of the expressions down a row, apply the new filter as follows:
1. Click any cell in the data range.
2. Click the Data menu, and then click Filter | Advanced Filter. In Excel 2007 and 2010, click the Data tab and then click Advanced Filter.
3. Retain the Filter the List In Place setting, the default.
4. Excel automatically fills in the List Range, correctly in this case.
5. Specify the Criteria range—that’s A1:F3. Notice that this time, the range includes Row 3.

Click OK. Many records meet one or the other criteria.

An Advanced Filter may also be used with just one expression, but using implicit And and Or operators opens the door for some very complex but powerful filters. Just be careful that the expressions and their placement make sense, in terms of applying the And and Or operators.

Responza helps companies and organizations of a variety of sizes and types determine their best computing strategies. Call Responza experts at 206-762-5100.

Filters are a powerful and easy-to-use Excel feature. Using filters, users can quickly limit data to just the records desired for viewing.

Summing filtered records is another matter. Trying the SUM() function will be surprising, so abandon that method and follow the method below:
Fig 1 shows a filtered list. It is obvious by the row numbers to the left that many rows are hidden. How the filter itself works is not covered here, but you can read more about using filters in Excel on another posting on Responza’s blog.

Fig 1

The next figure shows what happens when users try to sum the filtered values. It is obvious that the result isn’t correct; the value is too high. The SUM() function is evaluating all the values in the range D14:D64, not just the filtered values. There’s no way for the SUM() function to know that you want to exclude the filtered values in the referenced range.
Fig 2

The solution is much easier than it might seem. Simply click AutoSum—Excel will automatically enter a SUBTOTAL() function, instead of a SUM() function. See Figs 3 & 4. This function references the entire list, D6:D82, but it evaluates only the filtered values.
Fig 3

Fig 4

Responza helps companies and organizations of a variety of sizes and types determine their best computing strategies. Call Responza experts at 206-762-5100.

Business Need a Will
Digital Asset Protection and Succession Planning should be high on the list of priorities for business owners. If something happens to the owner, very often businesses cannot continue on successfully because there is no plan. This specifically refers to the digital files that entrepreneurs go to great lengths to keep private. In many small companies, the owner is the only one with access to important login information that is necessary to keep the business running. Without a plan to pass on those digital files and passwords, sorting through an entrepreneur’s online estate after he or she is gone can be time consuming and frustrating for loved ones.

If the owner already has a will, that attorney can draft an addendum that spells out who should receive the keys to the various digital accounts. However, a will is not the place for usernames and passwords since it will become a public document. A better way would be to store the information on a USB flash drive that is kept it in a safety deposit box or a safe in the owner’s home. Along with that, it is important to include instructions so the successor knows how the data is organized, including email and where sensitive company information is stored. Most importantly, keep this master information updated and make sure a trusted person knows where to find it if the need arises.

Here are 5 Basic Steps to Digital Succession Planning

Step 1. Inventory Digital Assets. Track down and identify a list all of the digital assets. In the digital world, it is also helpful to a successor to create an inventory that includes hardware, software, file structures for accessing key data, online accounts and work information.

Step 2. Identify Appropriate Help. How is that trusted person selected? Perhaps the IT person in the business could assist the surviving spouse and then make it clear that he or she should be engaged to help.

Step 3. Provide for Access. While all warnings caution against writing down passwords and PIN numbers, the simple fact is, if those passwords and PIN numbers key to the business aren’t written down and kept in a safe place where the appropriate person can find them, the business will basically be frozen. This can cause delay, frustration and inconvenience.

Step 4. Provide Instructions. There are a number of areas where survivors would appreciate instructions:
Notifications. Many have Facebook “friends,” LinkedIn “connections,” Twitter “followers” and others communicated with on a regular basis or a blog or Web site with readers that visit sites on a regular basis. These items should be included in the plan along with the owner’s plan for the blogs and sites after his or her passing. There may even be opportunities for the content of popular blogs, photography or online video sites to be recognized as income from licensing, the creation of a book or monetizing content.

Step 5. Give Appropriate Authority. For some, it makes sense to designate specific knowledgeable people as authorities who can properly manage digital assets and to designate them as co-attorneys-in-fact, co-executors or co-trustees, where one is specifically tasked with taking the responsibility for digital assets and affairs. Finding estate planning lawyers who are experienced and knowledgeable in “digital estates” is also essential in certain cases.

Online services are available that offer what is essentially a “digital safety deposit box”. These web-based services generally allow safe storage of key digital files and data and assign beneficiaries for all or specific accounts in the event of the owner’s passing. The service requires someone responsible for confirming the owner’s death to be named.

Responza’s experts can help businesses establish the IT elements that support the protection of their digital assets for all phases of business needs including day-to-day operations, growth and expansion strategies and succession plans. Call Responza’s experts at 206-762-5100.