Personal and Private Data Continues to Leak from Sony

This holiday season might leave technology and entertainment supergiant Sony with nothing but a big lump of coal in its stocking. In a high-profile hack, hackers continue to leak Sony’s employees’ sensitive information like Social Security numbers, passports, and even personal emails. This is obviously an issue for the company, but so is its lack of IT security, as shown by their passwords being stored in a folder named “Passwords.”

When the server was hacked and its contents were made visible to the attackers, it’s understandable that they would make a break for the folder titled, “Passwords.” They probably thought Christmas came early with this convenient present, gift-wrapped and ready to be consumed by the ravenous masses. At the rate at which data is being leaked, it’s hard to guess what information will be exposed next.

GOP (Guardians of Peace), the group supposedly responsible for the hack, has announced that if Sony employees or associates don’t want their personal information leaked, they should email them directly requesting to not do so. Considering the extremely personal nature of this information, it wouldn’t be surprising to see some people throw in the towel.

Some folks, like actors Seth Rogen and James Franco, are taking advantage of the hacks by making jokes on Saturday Night Live and social media. This distracts others from the gravity of the situation. This hack is a big deal, and crazy amounts of confidential data could leak due to lackluster security practices. All of this could have been avoided by optimizing both network security and password-keeping best practices. Here are some of the best ways to keep your passwords and sensitive information safe from prying eyes:

  • Use complex strings of characters, numbers, and symbols. Stay away from simple words like “admin” and “password” when creating your login credentials. In fact, a lot of institutions will force you to use passwords of a certain length, with numbers and special symbols. The reason? It makes it more difficult for hackers to guess it and obtain it. One simple way of strengthening your password is by plugging in numbers where certain letters would normally be, like 1 instead of a capital I.
  • Use long passwords rather than short ones. This goes back to many websites requiring a certain number of characters (many use a minimum of eight). It makes sense that a longer password would be more secure than a shorter one. For instance, a short and easy-to-remember password can easily be guessed by a hacker, and when they are trying millions of different character combinations all at once, it’s no surprise that a weak password can be compromised fairly easily.
  • Invent words when possible. Using common words can make your password vulnerable to a dictionary attack, where a hacker attempts to crack the lock by rapidly plugging in common words. To protect your business from this possibility, use made-up words. This complicates the hacker’s process, forcing them to either give up or try something else entirely.
  • Don’t use easily-obtainable information. Some people like to use their date of birth or Social Security number as their password. This is generally a bad practice. Both of these, with enough digging on the hacker’s part, can be figured out; plus, on the flipside of things, if a hacker uses keylogging to discover the characters behind your password, you can kiss your identity (and login credentials) goodbye.
  • Never use the same password twice. With such a complex password, it might be logical to assume that you should use the same password for everything, seeing how difficult it is to remember. This is a bad move. If a hacker compromises one account, they’ll try to use the same password for your other logins. If everything is the same, it’s game over. You want to use multiple different passwords for all of your accounts.

Let a Password Management Solution Remember Your Passwords For You
All of these best practices can make your password difficult to remember and even more difficult to guess on the fly. Granted, it’s tough to remember even one complex password. Thankfully, Michell Consulting Group’s preferred password management solution makes remembering even complex passwords easy as can be. A password manager is an application where all of your passwords are securely stored. When they are needed, the application plugs the necessary credentials into the website you’re visiting, giving you safe and easy access to your account.

If this sounds like too much of a hassle, another less-secure option is to write down all of your passwords in one place, like a notebook or a post-it note. However, as seen from Sony’s blunder, you absolutely can’t label the list as passwords. For more information about how to keep your data safe in a world full of criminals, give us a call at 305.592.5433 ext. 2601.

Look Out: Critical Microsoft Office Flaw Finally Patched

Does your office practice proper maintenance and security against the latest threats, like Sandworm and CryptoWall 2.0? You should, or else your business might get a nasty holiday gift in the form of the Schannel vulnerability in Microsoft Office. This particular threat allows a hacker to take over the entire system, making it an exceptionally dangerous vulnerability that you can’t ignore. Thankfully, a patch is available to the general public, so you want to apply it as soon as possible.

On October 21st, Microsoft issued the security advisory which states that the vulnerability allows for remote code execution. Even worse, the vulnerability can be found in most supported versions of Microsoft Windows, excluding Windows Server 2003. Users can trigger this vulnerability by opening an infected Microsoft Office file which contains an Object Linking and Embedding object, or an OLE. If the hacker is successful in exploiting the vulnerability, it could mean a completely compromised system on your network. These hackers could then proceed to delete data, install malware, or other sketchy activity.

Earlier this November, the patch was issued. If you haven’t patched your business’s systems yet, it’s imperative that you do so at your earliest convenience.

Thankfully, the vulnerability can’t be taken advantage of unless the system administrator grants the file permission to open. This means that if you download a file with an OLE object from the Internet, a permissions prompt will ask you whether or not you want to download it. For example, a spreadsheet embedded into a Word document would be an OLE object.

In the official security advisory, Microsoft states that any Office file using an OLE object is vulnerable to being infected by this threat. Here are some tips on how to avoid this vulnerability until you apply the security patch.

  • Enable the Windows consent prompt. In the observed attacks, the User Control Account interface shows a window requesting permission to download files. Depending on the privileges of the logged-in user, it will appear just before the file begins to download. This feature can give you a second chance to not download the file, if need be, making it a powerful tool to stop an infection before it’s too late.
  • Grant fewer user rights to your team. Thanks to the hacker hijacking the entire system from the currently logged-in user, they will have the same permissions as them upon system takeover. This means that hackers can do more damage if they have more lenient user rights. The average employee shouldn’t have administrative user rights, as it could lead to unapproved actions.
  • Avoid email phishing scams. In theory, a hacker could also convince a user to download an attachment containing a vulnerable Office file. These will typically be found in emails disguised as important documents. Keep an eye out for suspicious behavior or activity surrounding the messages, and never click on a link unless you know for sure it won’t redirect you to a malicious web page.
  • Avoid downloading files from the Internet. This might sound impossible, but you shouldn’t download a file from the Internet unless you know for sure it’s legit. Unknown files could have adware, malware, or any number of other nasty things lurking in their code.

It’s always important to protect your business from the latest threats as they become known. Updates and patches are regularly released by companies to ensure that they are fixed for the majority of the general public, and your business needs to take advantage of these. Michell Consulting Group can apply these updates automatically and remotely with our remote IT maintenance service.

Michell Consulting Group can also integrate our Unified Threat Management solution into your network security policy to protect your business from all manners of nasty threats. Our UTM is a comprehensive security solution designed to protect your business from both internal and external threats. For more information about remote maintenance or our UTM solution, give us a call at 305.592.5433 ext.2601.

Pro Tip: How to Put the Power Back into Your Laptop’s Battery

A laptop with no power can be a pain, especially when it only lasts a minimal amount of time. Sometimes it feels like you can’t operate at full capacity without leaving your laptop plugged in at all times. Thankfully, you don’t have to suffer from this, and with a little bit of troubleshooting and basic PC maintenance, you can prolong the life of your laptop’s battery significantly.

If a laptop can’t remain portable, it loses the advantages of being a laptop. Therefore, prolonging the life of your battery is imperative. With these five tips, you can significantly improve the life of your battery and get the most use out of your laptop.

Update Your Operating System
While updating your operating system might not seem like it has any effect on your laptop’s battery, you’d be surprised to find out how effective it is. The latest patches and OS updates can keep your system safe from threats in the online community while also improving your battery life. Granted, you can only receive these updates if you’re using a supported Windows operating system; one that has yet to reach its end-of-support date. These updates are released regularly, so you should always take advantage of them.

If your business has trouble integrating these updates and patches, Michell Consulting Group can remotely assist you with them. We can even run the updates automatically, taking the responsibility from you and allowing you to concentrate on more important parts of your business.

Optimize Your Laptop’s Power Settings
Windows 8.1 has made it super easy to change your power settings so they are as conservative as possible. To access these options, simply click on the Power Options selection in the Control Panel. Some of the settings you can change are:

  • Screen brightness.
  • How often the display turns off.
  • When the computer enters Sleep Mode.
  • Where your computer’s resources are being used.

Dim Your Monitor Display
The brightness of your laptop’s display has the power to sap your battery for all it’s worth. The higher the laptop monitor’s brightness, the less time the battery will last. According to CNet, the brightness of the monitor should be just below half, or whatever your eyes are most accustomed to. In Windows 8.1, there’s a slider you can use to adjust the brightness, allowing you to optimize your settings to just the right level. If your keyboard lights up, you can turn that off, too.

Disconnect Any Unused USB Devices
If your PC has any USB devices plugged into it, they could be unknowingly draining your laptop’s battery. Even something as simple as an external mouse or keyboard could be using unnecessary battery power. This includes your smartphone, which you might charge by plugging it into your laptop’s USB port. This gives you a tough choice: your smartphone, or your laptop, and you can probably get more done with your laptop than your smartphone.

Whether you’re looking to increase your productivity, or simply make better use of your company’s technology, Michell Consulting Group can help your business optimize your laptop’s performance. We can help you figure out what’s causing your laptop troubles and educate you on how to resolve the issue. Whether you need to replace the battery or replace the laptop, we’ve got your back. All you need to do is call us at 305.592.5433 ext. 2601.

How Cloud Computing Frees Up Funds for Your Business

From the perspective of a business owner, spending money on technology is an investment that one hopes to see a return on (ROI). After the initial investment is returned, then all funds generated by the technology are sweet profit–which is the driving goal for every business. One technology that’s the most capable of driving profits for business is cloud computing.

The potential for cloud computing to drive profits makes it a valuable business tool. One of the biggest ways that cloud computing drives value is by freeing up the time and expense associated with hosting and maintaining an IT infrastructure. By outsourcing your company’s IT needs to the cloud, you will no longer have to concern yourself with managing IT maintenances, or worry about getting hit with a surprise bill from an unexpected server crash. You can then divert the resources previously spent to maintain your in-house IT systems to other business ventures that generate revenue (we’re sure that you’ve got a few in mind).

Upon implementing cloud computing for your business, one of the most immediate ways that you will see value is in regards to the accounting side of your operation. When you have to purchase and maintain your own IT equipment, the money spent on this is categorized as a capital expenditure–and we all know how capital expenditures are notorious for decreasing in value. However, cloud computing is an outsourced service that you’re regularly billed for, making IT an operating expense–thus, freeing up a significant amount of capital for your business. Therefore, not only does cloud computing provide your business with a dependable IT service, it also frees up money, making it a very easy way to add value to your organization.

Cloud computing for business is growing rapidly as more organizations are adopting it and enjoying a windfall of funds that they can use to invest back into their company. A large-scale example of this is Whirlpool, which recently transferred 30,000 employees from using on-premise IBM Lotus Notes system to the cloud-based Google Apps productivity suite. Whirlpool Global CIO Michael Heim says the move just makes sense:

At the end of the day, the capabilities and economics around the cloud computing model are so compelling that when you artificially try to not take advantage of them you impact your ability to compete, because others will take advantage of them.

With more companies participating in the cloud computing trend, Forrester estimates that public cloud offerings that exited 2013 with $58 billion in revenue will nearly quadruple over the rest of the decade as companies start to replace their current IT systems with cloud-based systems. This kind of projected growth means that, sooner than later, Software as a Service offerings will be utilized by the majority of businesses worldwide for the purpose of enhancing daily operations.

One of the most attractive features of cloud computing is that it’s scalable to meet the needs of your organization. In fact, several businesses are choosing to implement a model of cloud computing where they keep some of their favorite in-house IT services in place while outsourcing others to the cloud. This popular cloud computing model is known as the hybrid cloud and Michell Consulting Group can take the time to review your company’s computing needs in order to implement a cloud computing model that works best for your business.

Start generating additional revenue for your business with a comprehensive cloud computing solution from Michell Consulting Group. Call us today at 305.592.5433 ext. 2601 to schedule your free IT consultation.

4 Holiday Tech Gifts for 2014

The holidays are again upon us and if you are looking for the perfect gift for your favorite business professional, you don’t have to look too far. There are more consumer electronics available today than ever before, and most of them have some sort of novelty attached to them. We have made a list of four gifts that are not only cool, they serve a practical purpose and will probably avoid being re-gifted or recycled.


Google Chromecast
This device is not brand new by any means, however the Google Chromecast is a great device for that tech-savvy person in your life. Chromecast basically turns your HDMI-supported television into a smart TV, making content available through the Google Chrome browser on your PC or mobile device. With the Chromecast, a user can access dozens of streaming services and can even play some local content through the use of the “Googlecast” extension for Chrome. Some of the apps that Chomecast supports include:

  • Netflix
  • YouTube
  • Hulu Plus
  • HBO Go
  • WatchESPN
  • Showtime Anytime
  • and many more…

Priced at a modest $35, it is a great addition to any electronics aficionado’s device library.

seyvr wallet
Seyvr Power Saver Wallet
Mobile has becoming the favorite computing method for millions of people, and because of this, much emphasis is put on the battery power of devices. The Seyvr Power Saver wallet allows the person on the go the flexibility of a dynamic phone charger coupled with the utility of a high-end wallet.

The Syvr Power Saver Wallet works for almost everyone, as it is a slim and effective wallet with a 1,400 mAh Li-Po battery built in. This rechargeable, built-in element can be recharged with a USB cable in under three hours, and provides a convenient and powerful solution to the person that’s always on the go. The Power Saver Wallet comes with six card slots and a money clip for cash and receipts. Available now at, The Power Saver Wallet comes in brown or black and has an available model for iPhone (lightning charger on the iPhone5/5c/5s/6/6+) and Micro USB, which powers Android and Windows-8 & 8.1-powered devices.

mobi eye-fiMobi Eye-Fi SDHC Card
Millions of people love to take pictures, but if your camera doesn’t support digital transfer, you will use up your memory pretty quick. With Eye-Fi from Mobi, you can snap pictures with your point-and-shoot camera or your DSLR and immediately get the benefits of built-in wifi from your SD card. This allows you to improve mobility by cutting the cords that had you tethered to your rig. You can also share you photos via social networks for immediate gratification when you have taken the perfect shot.

Another feature that the Mobi Eye-Fi presents a user is the integration with Eye-Fi Cloud, which backs up all your pictures to the web-based platform for easy and secure accessibility of all the pictures you take. These capabilities make Mobi Eye-Fi a great addition to any amateur photographer’s cache of tools. The Eye-Fi card comes in 4, 8, 16, and 32 GB local storage capabilities.

The Internet of Things is beginning to enter the consumer market with devices such as the wifikettle by iKettle. The product is a WiFi connected tea kettle that allows a user to control the kettle from anywhere your network connection reaches with a simple push of a button. Not only can you boil water from anywhere, the device’s mobile app will alert you when the water is heated to your liking.

Made from high-grade stainless steel, the iKettle/wifikettle and their corresponding apps have been designed for one distinct purpose, to allow you to boil water remotely over your WiFi connection. The device is available in five colors and features a Wake up Mode and a Home mode that allows you to customize the kettle to save you time. The iKettle/wifikettle is supported by iOS and Android mobile operating systems and is not limited to the amount of devices that have access as long as they are compatible with the app and designated app stores. You can pick one up for around $175 and is a great addition to anyone’s modern kitchen.

These four devices are all great for the tech-savvy person in your life. Do you have any other suggestions that may get the techie you know excited? If so, please elaborate in the comments.