Quick Tip: During a busy work day you may find your computer desktop cluttered with many open browser tabs and applications. Need to quickly get to your uncluttered desktop? Remember the Windows shortcut: Windows Key + D. Hit the Windows Key and then the "D" key and your desktop will appear.
If only this would magically work for the rest of a cluttered office!
Keep in mind that if your computer starts running slow, you probably need to actually close out the things you aren't actively using, but the shortcut is great for seeing the desktop fast.
Every day we review security patch compliance for all our clients with managed services coverage with us. Often, we see systems with security patches pending reboots. Many security patches require a reboot to install, and some security patches are sequential, so the next one won't install before the previous patch is complete. This can result in a system that isn't fully protected.
Server reboots are handled on a scheduled basis, but with desktop reboots, often we leave it to the user to reboot at their convenience to reduce the risk of disruption or lost files that aren't saved. As a general rule, we ask users to reboot (at least) weekly.
One thing we've noticed recently, is that many users think they're rebooting, but they're not. To clarify, here are the steps (in Windows 7).
- Click on the "Start Button" (Windows colorful flag in the lower left hand corner).
- Click on the arrow next to "Shut Down", and select "Restart" from the list. This closes all programs, shuts down Windows, and then restarts Windows again
If you see a yellow icon on the "Shutdown" button, then you need to select this option instead of "Restart", to completely power off your system. Keep in mind that you will need to manually restart the system with the power button with this option. If you're leaving for the day and want to remote in later, or you have a backup that runs over night, it's important to remember to power on your system again.
You'll also see many different choices - "Switch User", "Log off", "Lock", "Sleep", and "Hibernate". None of these is a reboot. A common mistake for laptop users is to always put the laptop to "sleep" by closing the lid and never rebooting. Some users mistakenly believe they did a reboot because they need to enter a password to log in again.
Remember to reboot your computer at least weekly! If you'd like us to set up an automated schedule for reboots, we can implement that for you, but keep in mind that all users need to get in the habit of not leaving files open and unsaved.
In our last post, we talked about suspicious emails that don't look so suspicious on the surface. Here is an example of an email to show you what to look for. In this case, a fake payroll report is being sent. A busy, distracted person may open this by mistake, or an opportunistic employee may try to open it to sneak a peek at confidential information. SLOW DOWN and check your mail carefully. Even with up to date antivirus protection and spam filtering, some emails CAN get through because they are engineered to get through. This can be a phishing email (trying to get confidential information) or a dangerous virus such as Cryptocker. Don't open the door!
- Multiple random email addresses are listed including some mispellings
- The subject line doesn't match what is actually used by this vendor (but this is tough to catch)
- The dates don't match - report date vs email "sent" date
- The instructions call for the user to download the file from Dropbox and this vendor would never transmit this type of information with consumer file sharing application
- The instructions mention Dropbox, but the link says Cubby (a different brand of file sharing)
- The link includes a .zip extension which is often used to hide executable files.
- There is no corporate email signature or information at the end of the email.
Many things to watch out for, and we thought it would be helpful to point them out. Please help spread the word by including this in your employee security training. You can click on the image to view a larger version which is easier to read.
We've all heard that we shouldn't open suspicious emails. They can be phishing scams (attempts to get personal information such as username, password, and account number), or contain viruses. The problem is, the "bad guys" know we're on the lookout, and the real danger lies in emails that are disguised to not look suspicious.
There's another round of Cryptolocker going around and this is just about the worst virus you can get. The virus attacks your files including any files you have on a networked device, and holds them for ransom. The virus often spreads through emails with very normal (and sometimes enticing) subject lines.
Here are some of the email subject lines to be on the lookout for:
- Scan from a Xerox WorkCentre
- USPS - Missed package delivery
- ACH Notification ("ADP Payroll")
- Voice Message from Unknown Caller
- Corporate eFax message from "random phone #" - 8 pages
- Important - New Outlook Settings
- Dun & Bradstreet Case Number
In some cases the emails look very routine such as a fax or a scan and you can see how easy it would be for someone to open the email on "autopilot". In other cases, they are designed to entice someone to open something they normally shouldn't have access to like a (fake) payroll report.
We've covered theses threats in our on-line training, newsletters, blog posts, social media feeds, but it's worth repeating - stay alert when opening email! When you slow down, you'll see the emails are always a bit off, or they may contain a "zip" attachment. If something is a bit off, STAY AWAY! It may be a criminal knocking on your door.
Outlook has a time saving "autocomplete" feature that's a big help most of the time, but can sometimes cause issues. When you compose a new email message in Outlook, as you start to type in the first few letters of the recipient's email address, you'll see that Outlook will have suggestions for you based on who you have emailed before. This is a great time saver, and over time your list will grow. An important thing to know, is that it's not actually your address book, it's a cached list of anyone you have emailed in the past.
The downside is that sometimes the list will contain an outdated or invalid address. If you ever email someone new and have a typo in the address, it will be saved and clutter your list for next time, which can cause you to make the same mistake over and over again.
To get rid of the bad address, scroll down the list, highlight it, and hit delete.
The file that stores all these addresses is called a "Nickname" file and has an extension of .nk2. If you get a new computer, and copy your mail and address book, your nickname file will initially be blank. Many users call us and report that their address book is missing. It's actually the .nk2 file, which can be migrated to the new system, but you may also choose to rebuild it fresh to decrease your "clutter".
Microsoft Outlook has a built in feature to process junk mail and send it to a "Junk" folder as a way to control Spam in your inbox. This is a great feature if you only read mail in one place, but for most users these days, mail is read on multiple platforms - smart phone, tablet, laptop, browser, etc. This is why we typically recommend filtering Spam in the "cloud" so the mail is filtered BEFORE it gets to your mailbox, and gets cleaned centrally before going to all your devices.
When spam is filtered in the cloud, it's important to turn off the Junk filter in Outlook so you don't wind up with two competing programs doing the work. We often get calls about missing emails that are sometimes found in a Junk folder, or have been processed by forgotten "rules" in Outlook. Some users are fine with checking in two locations for "false positives", but for most users, it just leads to confusion. Keep it simple!
To control your Junk settings in Outlook, in the "Home" tab, select "Junk", and then choose "Junk E-mail Options".
This will open the next window where you can control your settings.
When filtering is done in the cloud, we recommend turning off the local filter as shown.
You can see from all the options that this is a powerful tool, and if you have nothing else, and read mail only in one location, it's worth using. However, we do strongly advise filtering in the cloud and then turning off this setting for most users.
We've recently started upgrading our Spam filtering platform, so it's time to post some updated instructions. These days Spam messages account for 80%-90% of all email sent worldwide, generating a lot of clutter and in some cases, security threats. We strongly advise filtering mail before it gets to your mail server, and many of our clients have signed up for Spam filtering services with us.
The gist of this service is that all mail is filtered in the cloud before it gets to your mail server (either in the cloud or at your office). This way, the spam is kept off your network, and cleaned up in a central location before getting your PC, iPad, smart phone... all the devices you may use to read mail. Typically we set up the filter to send a summary report every day, typically scheduled for 8am (this can be scheduled for any time, and can be sent more than once a day).
You'll get an email summary in your inbox with a subject: "Messages quarantined since (previous day)". In some cases, you'll see a "false positive" which is a message that is flagged as spam, but actually something you want delivered. After a while, your filter will be "trained" to know what you want and what you don't want based on your preferences, but after an upgrade its important to check regularly at least at first.
When you open this message, you'll see a summary of the total number of messages quarantined and a list of all the messages including a "subject", the "Address" of where the email is coming from, a time stamp of when the message arrived, and some "Actions" you can take.
Scan through the list to see if there are an messages you want to have delivered. You have several allowed actions. "View" lets you look at the message in more detail without actually sending it to your mail server. This is a good option when you're not sure what the messages is. "Release Message" lets you release it to your inbox. Finally, "Allow from Sender" lets you release it to your mailbox and put the sender on your "safe list". This means that not only are you releasing the current message, but any future messages will automatically be allowed through. This helps "train" the software so you'll get fewer and fewer "false positives" over time.
At the top of the Quarantine Summary email is a link to "Enter your Quarantine". This is how you can get to your quarantine any time. For example, you may be expecting an important email that didn't arrive and you want to check your spam filter in real time to see if there's anything important there.
If you don't know your password, don't worry. Just go to the login page and select "Forgot Password" to reset it. Many people try their email password or Windows password and this is a separate password. After you log in, you'll be able to see your up to date quarantine (so you don't have to wait until the next day's summary), and you can also proactively add "safe senders". Under "User Options" you'll see "Allow List" and "Block List" where you can add addresses you want mail from or don't want mail from. Also, you'll see an option to set your password to something you can remember.
We strongly advise using only ONE spam filter. In Outlook, turn off your "Junk" filter as it is much more efficient to only check one location to manage spam. If you're not running Exchange mail, the Outlook "Junk" settings don't help for spam on your smart phone or tablet, so this is why we recommend filtering in the cloud before the messages get to your mail server. Getting your mail organized will save you time so take a few moments to acquaint yourselft to the settings.
The latest security vulnerability is all over the news. Microsoft is working on a fix to address a flaw that could potentially allow hackers to gain remote access to systems. This flaw affects all versions of Intenet Explorer (about 55% of the browser market) and a patch is expected soon. If you're still running Windows XP, support has ended and there will not be a security patch.
In the meanwhile, here's what you can do. The first option is to use an alternate browser for a while, such as Firefox or Chrome. If you're doing general surfing, this is the best course of action for now.
If you need to run Internet Explorer (many applications rely on it), it is recommended that you disable Adobe Flash. The security flaw requires Adobe Flash, so if its disabled, you'll be ok with this threat.
Here is how to disable Adobe Flash. In the upper right hand corner of Internet Explorer, select the "gear" icon, and then select "Manage add-ons" from the pull-down menu. Selecting this will enable you to pick from a list of all the add-ons to your browser and then disable Adobe Flash.
Select Adobe Flash from the list of "Toolbars and Extentions", and then press the "Disable" button.
Note that when Flash is disabled, some web features won't work, so this is a temporary work around.
One of the questions we frequently hear is "why are Microsoft products so insecure"? The technology underlying all the daily things you do on the web is very complex, and there will constantly be vulnerabilities. None of us are willing to give up the web, but we will need to live with some risk. Hackers will go where the market share is, and Microsoft dominates the market. Microsoft also diligently issues patches (which are free) to update products as new vulnerabilities are discovered.
Keep in mind that if you're still running Windows XP, there are no more security patches for this "retired" operating system. The next few months will be interesting as hackers may try to exploit this since about 25% of computers world wide are still running XP. Stay tuned...
Do you visit a lot of the same web sites over and over again? Some examples may include line of business applications, banking, tax sites, etc. Many people rely on browser "history" to find web sites when you need them...just start typing the address and Internet Explorer will try to complete it for you. This usually works well, but the more organized way to memorize these sites is to use "Favorites".
To access "Favorites" in Internet Explorer, look for the gold star in the upper right hand corner. Clicking this icon will open up the "Favorites" section where you view your existing favorites, and organize in folders as needed (if you have a lot of favorites).
To add a site to Favorites, browse to the site your interested in, and then click "Add to Favorites". You can then name the site so you can find it easily next time, without remembering the entire URL. Click "Add" to save the site.
Next time you want to access the site, simply select it from your list of favorites.
A big advantage of using the Favorites tool to organize your sites is that if you get a new computer, you can simply transfer this entire folder to your new system so you don't have to recall all your frequently used sites.
In Windows 7, to find your favorites folder (so you can copy it as needed to a new system, or make sure its being backed up), go to C:\Users\userName\Favorites (where "userName" is your actual user name). You can copy this to your new system, and then simply import it into favorites again. This will save you a lot of time getting started on the new system.
On this menu, there is also an option to Organize Favorites, where you can create new folders, move favorites, rename favorites, and delete as needed.
Take a few moments to get organized, and you'll save a lot of time in the future!
At a recent industry event, I had the opportunity to share some "war stories" over lunch. One of the guys at the table told a tale of an email server crash on a Friday night that one of his techs rescued after many hours of effort late into the night. The Microsoft Exchange server had crashed, and they ran recovery and clean up tools to get the mail running again. Mission accomplished!
Until Monday morning when they received a frantic call from the customer reporting missing mail! After a few questions, they figured out that the missing mail was from the "Deleted Items" folder, which had been cleaned out as part of the best practices for getting the mail up and running again. This turned out to be a major problem, because the user was actually intentionally storing important mail in the "Deleted Items" folder. The funny thing is that all of us at the table had heard this before from other sites over the years, so this wasn't an isolated incident.
If you happen to be one of these users who keeps important files in the trash, stop! Storing valuables in the trash doesn't make sense. You wouldn't keep your important paper files in a trash can and get angry when the cleaning service emptied the trash, and it doesn't make sense to keep your electronic files in the electronic trash.
Thinking about this dilemma, it seems that the users who do this may want to segment their mail between what has been read (winds up in the trash) and what still needs follow up (stays in the inbox). What may be occurring is that the users don't know that you can create folders in your mail, just like you can with your regular files. Creating folders is the right way to organize your mail.
To create a subfolder in your Inbox, right click on the Inbox and select New Folder. You'll then have the option to name the folder whatever you want, such as "Important Stuff".
As for your Deleted Items folder, the contents will remain in this folder until you empty the contents. You can do this by right-clicking on the folder, and select "Empty Folder" from the pull-down. Its a "best practice" to keep this folder (and all your folders!) free of clutter.
To organize your mail, you can create as many folders as you want. Think through a plan that works for you such as organizing by client account, or vendor, etc, but don't leave it all in your inbox, and don't use your "trash" for storage!