Warning: Don’t Get Hit with Shellshock by the New Bash Bug

A new malicious threat in the technical marketplace has just been discovered. The bug, dubbed the Bash bug, or “shellshock,” is on the loose for users of Unix-based operating systems, like Linux or Mac OS X. It allows the execution of arbitrary code on affected systems, and could potentially be very dangerous for your business. In fact, CNet is calling it “bigger than Heartbleed.”

Bash, which is commonly referred to as “Bourne again shell,” is a staple feature of most utilities in Unix-based operating systems. RedHat’s official security blog details the nature of the bug in the Bash shell:

In Linux, environment variables provide a way to influence the behavior of software on the system. They typically consist of a name which has a value assigned to it. The same is true of the Bash shell. It is common for a lot of programs to run bash shell in the background. It is often used to provide a shell to a remote user (via ssh, telnet, for example), provide a parser for CGI scripts (Apache, etc) or even provide limited command execution support (git, etc).

The problem is found in the environmental variables with specific values being used before the bash shell is summoned. These variables can contain code which is executed as soon as the bash shell is called. The name doesn’t matter, so the content could be disguised as another, non-malicious variable. The most concerning vulnerability this bug provides is the ability for remote users to execute malicious code before the bash shell is activated.

Attacks have already been reported utilizing this vulnerability for a number of functions, including denial of service attacks and password-guessing bots, which randomly input poor password choices on unprotected servers. Researcher Robert Graham has located at least 3,000 systems vulnerable to the bug with a fairly specific search, and it is estimated that several times more machines could be vulnerable to this bug. This makes the threat very real, and if you use Linux or Mac OS X, your business’s networks and data are at risk.

The threat is such a big deal that the United States Computer Emergency Readiness Team (US-CERT) has warned the public to download the patch before it infects their systems. To put it in perspective, the last vulnerability to make “Alert” status was the Backoff Point-of-Sale malware discovered in late July this year, which was able to steal sensitive information through sales terminals across the world.

While a patch has been released, it doesn’t fix all vulnerabilities presented by the bug. However, it is still recommended by RedHat that you acquire the partial patch until the complete one has been issued. For help acquiring the patch, call Michell Consulting Group at 305.592.5433 ext. 2601. We’ll apply it remotely so you have to worry as little as possible.

Are You Sure Your Former Employees Won’t Stab You in the Back?

As a business owner, you’ve probably had the misfortune of letting a valued (or not-so-valued) employee go. The reasons might vary, but one thing is consistent: they’re gone, and could potentially use their newfound residual malice to strike your business right where it hurts. How can you prepare yourself against former employees you may have once called “family?”‘

Almost Half of Employees Would Hold a Grudge if Fired
According to a Cyber-Ark survey, nearly half of all employees admitted that if they were to lose their jobs unexpectedly tomorrow, they would enact some form of terrible retribution on their former employer, like taking the company’s data with them. These same employees have held down their jobs for years and felt secure about their current situation. Such a circumstance may suggest that the employer had done the employee wrong by firing them. It’s only natural that, when prompted by the question, “if you were fired tomorrow,” they would react in such a manner.

Whether the motives of these employees are justified or not isn’t the topic at hand, but it does force business owners to consider the risk of irate former employees. If a flustered team member steals something like the office stapler or a few pens, it is of little consequence; but if they make off with a bunch of data, like database passwords, financial reports, or research plans, your business could be in for a real nasty treat.

Take it from Home Depot
IT sabotage from a disgruntled former employee isn’t a hypothetical situation. In fact, there’s a major real-world example of this recently happening with Home Depot. An incident where as many as 52 million credit card transactions were exposed. Apparently, there is more to this story than hackers breaching a firewall. It turns out that in May of 2014, Home Depot’s former Senior Architect for IT Security was convicted of sabotaging the company’s network.

Ricky Joe Mitchell is the former Home Depot IT employee. A more rigorous background check would have prevented this whole fiasco. According to Ars Technica, Mitchell has a history of doing this with other employers like EnerVest Operating:

When Mitchell learned he was going to be fired […] he “remotely accessed EnerVest’s computer systems and reset the company’s network servers to factory settings, essentially eliminating access to all the company’s data and applications for its eastern United States operations,” a Department of Justice spokesperson wrote in a release on his conviction. “Before his access to EnerVest’s offices could be terminated, Mitchell entered the office after business hours, disconnected critical pieces of…network equipment, and disabled the equipment’s cooling system.” As a result of his actions, the company permanently lost some of its data and spent hundreds of thousands of dollars repairing equipment and recovering historical data. It took a month to bring the company’s office back online, costing the company as much as $1 million in lost business.

It’s Your Responsibility to Protect Your Data
Preventing a catastrophe like this falls on your shoulders, and it is your responsibility to close every access point associated with your disgruntled former employee. Something of this magnitude is of the utmost importance. Before you let the employee go, you should start preparations for the upcoming fallout, just in case they get the bright idea to walk off with valuable information that might land them a job with a competitor; or worse, mess with the company infrastructure.

You have no idea what you can expect from a seemingly-normal former employee. Your best bet is to enact a standard set of procedures which will help you best combat the former employee, should they decide they want to take a memento of their time spent with your business along for the ride. Close off any access points which could allow the employee to take information from your network, and monitor your system for unusual traffic from that individual.

Of course, maybe they’re just out to make a quick buck, too. A former employee might have been responsible for making company purchases, and could then use this authority to use company credit cards to purchase goods from vendors.You need to immediately let your vendors know that any purchases from this team member should be denied or void. Remember, your budget is on the line, and therefore, so is your business. You can’t let a former team member be the reason that your budget is broken for the next several months.

How We Can Help
Michell Consulting Group (MCG) can help your business make employee termination easier. We can’t help you break the news, but we can help you ensure your network is secure from the terminated employee.

You can rest easy knowing MCG is watching your company’s network, ensuring that each access point is protected against malicious intentions. All you need to do is let us know when the deed has been done, and we can lock them out of your network for good. If they try to use mobile devices, we’ll block those too. If anything strange comes up, you’ll be the first to know.

It might seem like a trivial thing, but failing to secure your network against a very real threat is just negligent. One single mistake can take down your entire company and livelihood. Protect the future of your company by calling MCG. We’ll make sure unauthorized users stay out of your network. All you need to do is call 305.592.5433 ext. 2601.

How to Find Greater Success By Reading More Books

As a business leader, you know that you should read more about the latest industry trends and helpful management concepts. How’s that going for you? For many business owners, finding time just to run their business is difficult enough, making book reading a luxury. We’ve found that you can do both by learning how to speed read.

If you’ve not made books a priority, then check out this list of twelve benefits of reading from Lifehack.org.

  • You will optimize your brain power.
  • You will increase your odds of success.
  • You will immerse yourself in a new world.
  • You will improve your vocabulary.
  • You will have things to talk about at parties.
  • You will entertain yourself for a low price.
  • You will discover surprising new ideas that are interesting and engaging.
  • You will eliminate boredom during down-time.
  • You will strengthen your patience muscles.
  • You will become an expert in your field.
  • You will reduce stress and unwind into a good night’s sleep.
  • You will change your life.

When it comes down to it, reading is a crucial component to your success. A list like this can be a good source of motivation to pick up a book (feel free to print it off and use it as a bookmark), but improving your motivation to read won’t change the demands on your schedule. By learning how to speed read, you can find time to read everything on your book list, and thanks to helpful web browser extensions like Spreed, learning how to speed read has never been easier.

Spreed
Spreed isn’t the only speed reading tool on the market, but it’s one of the most popular and has received great reviews. Spreed is a web extension that is only compatible with Chrome. To install Spreed, go to Chrome > Tools > Extensions > Get More Extensions, and then search “Spreed.” You can also install it directly by going here.

Spreed allows you to read the content of your web browser in a separate window like you would a book. To help you learn how to speed read, Spreed displays text like a video at a selected Words Per Minute, with 1600 WPM being the maximum auctioneer-like setting. When selecting a playback speed for yourself, be sure to challenge your brain and select a WPM that pushes your comfort level. FYI, the average WPM for readers is 200.

By using a tool like Spreed to challenge the amount of words that you can consume, you’ll be well on your way to becoming a proficient speed reader. Subsequently, even though tools like Spreed only work for digital content, if you train yourself to speed read in the digital arena, then you will see improved results when consuming words via paper formats.

Tools like Spreed are ideal for those of us who find it difficult to find time to read, but we all know someone that’s well-adjusted and seems to have time read all the latest books. Are you an avid reader? How do you do it? What’s your secret to balancing work and reading? What books are you currently reading? Share with us your tips in the comments.

How Modern Businesses Take Advantage of The Cloud

For the modern-day business owner, moving to the cloud means to take advantage of the several strategic advantages it offers. Companies no longer have to restrict themselves by relying on physical servers, desktops, or hardware. Most businesses see the value that cloud-based operations can offer them, and they are racing to take advantage of this fairly recent development. In fact, Joe McKendrick of Forbes magazine says that four-out-of-five small businesses will be based in the cloud in the near future.

One of the biggest attributes of the cloud which draws in business is the concept of increased mobility that cloud-based applications and software offer. The Schaeffer Manufacturing Company, which McKendrick references, has seen an incredible shift in its profit margin since the inception of its cloud services. Will Gregerson, an executive at Schaeffer Manufacturing Company, claims that their business has jumped from $85 million to $130 million dollars in sales, just by switching to the cloud. In fact, this spectacular 53 percent increase in profits came with no strings attached. No new staff members were brought on to increase sales. The change was all thanks to the sheer convenience that the cloud offers modern businesses.

A recent survey from Emergent Research and Intuit Inc. revealed that 80 percent of small businesses plan on moving to the cloud by 2020. The results were gathered from a wide range of different industries, some not even related to technology. Businesses, regardless of what they are selling, providing, or buying; all want cloud services in the future. Steve King of Emergent claims that businesses can utilize the cloud in many different ways, all of which aim toward giving themselves a competitive edge over the opposition.

Plug-in Players
Some businesses want to take advantage of the cloud, but their budget doesn’t allow for it. These companies are called “plug-in players,” who concentrate on specialized services and outsource their technology and other necessary components of business to a third-party managed service provider. Michell Consulting Group can help your business achieve this goal by handling your IT needs while you manage your company on the home front.

Hives
Businesses will take the form of busy beehives in the near future: several individuals will work toward one common goal, and they are all connected via cloud-based applications and software. The increased mobility of the cloud revolution will help workers check in anytime, anywhere. Everyone will be connected via a virtual workplace designed to increase productivity.

Head-to-Headers
The sky will be the limit for small businesses. They will continue to grow and take on industries thought previously unreachable, such as corporate juggernauts, with cloud computing applications. This “head-to-head” approach increased opportunities and possibilities for small business owners, previously limited by the size barrier.

Porfolioists
Each business is made up of individuals, and these individuals will find ways to integrate the cloud into their day-to-day lives. This might include building a virtual portfolio, which will help them find other sources of income to further augment their existence. These individuals want to be their own boss, and the cloud gives them a way to express themselves online in ways which previous generations would have given anything for.

Regardless of how you plan on using the cloud, Michell Consulting Group will help you find the best method of achieving your personal and professional goals. With virtual servers, cloud backup data, and cloud-based applications at your disposal, you’ll feel as if your business is taking off without a hitch. Give us a call at 305.592.5433 ext. 2601 to see what we can do for your cloud business needs.

Create Dynamic Infographics with Microsoft PowerPoint

Not only can Microsoft PowerPoint make great slideshows, it can also make engaging infographics. The latest trend in marketing is fairly simple: Visual content sells. Images and videos are the most popular way to take advantage of this. Infographics can offer your marketing campaign a combination of text and image, allowing your marketing content to be both engaging and informative.

Unfortunately, some businesses find it difficult to integrate infographics into their marketing strategy. Even if you have someone who is a dedicated graphic designer, you still need the expensive software to put together a quality infographic. To make things harder, this specific software generally has a high learning curve which can be difficult to learn effectively when under pressure. With a little ingenuity, you can bypass all of these problems by making professional infographics with Microsoft PowerPoint.

There are three key elements you must understand in order to make the most out of your PowerPoint infographic: Text, Picture, and Shape. Additionally, there are four tools that must be used to make a quality infographic:

  • Fill: The primary color of the object or text. Choose this option by clicking the bucket-type icon.
  • Line: This determines what color the outline of an object is.
  • Effects: You don’t need to make your own effects. There are several pre-built options that you can use to give your objects outlines, shadows, and much more.
  • Style: There are pre-built styles that you can take advantage of to make professional-looking infographics with minimum training on your part.

The Proper Color Scheme Goes a Long Way
If you want the most effective infographic, be sure to use a fairly specific color scheme: Four colors at the most. Any more than four could distract the reader from what really matters – the content. You can include shapes, fonts, clipart images, and more through Microsoft PowerPoint itself, but if those don’t suit your fancy, you can upload your own photos. Just make sure you keep it simple.

If you can’t find anything you want to use in PowerPoint, try combining custom shapes and images to drive the point home. With several basic images at your disposal, you can essentially make anything you want. Altering the fill and line styles of these images is as easy as double-clicking the shapes, or using the toolbar that appears near the object. If you want to section off parts of the infographic into ideas, change the style to let the reader know that a shift in focus is occurring.

Text and Font Size Matter
The best infographics know how to utilize the power of different fonts and sizes. After all, what makes you look at statistics in an infographic? The font style and the size. When displaying lots of information, you want to use an interesting (but not overly complicated) font style. Only use around three colors maximum for your font. Avoid white space when you can, as an empty infographic isn’t what the reader is looking for. Try these text and font tips on for size:

  • Alternating colors can put emphasis on what’s really important. Your readers should be able to tell important information when they see it.
  • Custom graphics can easily be made in PowerPoint. Use several different shapes – you’ll never know what you can make until you try.
  • Font size is important for statistics. For example, large numbers work well with larger font sizes.
  • Don’t use graphs. People don’t find them appealing, or even engaging. Use images to explain the point better.

If you can master the art of making infographics in PowerPoint, you can make powerful marketing tools that appeal to your audience. For more information, tips, and tricks about how to take full advantage of Microsoft Office 365, give Michell Consulting Group a call at 305.592.5433 ext 2601.