Everon & Webroot Secure Anywhere

Standard

WSA_Plain_Logo_Color

Everon’s partner, ITSupport247, is now using a new antivirus provider called Webroot Secure Anywhere.  Webroot is based out of Colorado, in fact, Webroot is so close to our call center that we can see their building from where we sit (maybe they will let us take a tour someday!). Before the switch, Everon had been reviewing various antivirus software. After extensive research, and ultimately choosing Webroot Secure Anywhere as our official antivirus, we couldn’t be happier!

The management for most antiviruses for businesses take place in a centrally managed console on a server or workstation within the network, and all machines must report to that location. The centrally managed console is then the sole connection to the outside world where it will look for definition updates to the antivirus company’s servers. In most cases, if you are not constantly reviewing the console, ensuring it is up to date and pulling the definitions over on a daily basis, you could have issues. Most consoles work decent enough to allow their agents to pull definition updates from the Internet themselves in the event that the console is unavailable, however, you still have many variables that can go wrong. Did you update your notifications properly? Do you back up the local database that manages the console?

After rebuilding a few consoles from scratch due to database failures, I realized that if an antivirus builds their console into the cloud, that would make my life so much easier, and that is exactly what Webroot does. Webroot built the centrally managed consoles right in their collocation facilities, thus taking away a potentially huge point of failure for businesses.

Webroot allows setup within minutes, as you first determine how many seats you need. This is directly proportionate to how many machines you want to be protected with the antivirus. Once you determine that, you create custom groups for your company (you don’t want the same rules to apply for your servers as you do your desktops), and then you are ready to push the product out. Webroot gives you an easy to install link that you can simply run with no login required. It is built custom to your site, and will link the machine back to your site, with all of your rules intact. Notifications are easy as well. You don’t need to set up a custom SMTP server to route notification emails through, you simply choose what you want to be notified on, put in the email addresses in the appropriate locations, and you are done!

Webroot has made antivirus management easy and Everon is proud to provide it to our client base. The antivirus is even good at protecting its resources (which to be honest is probably the first thing you should be concerned with when choosing an antivirus). PCMag rated it one of the best antiviruses of 2015. One thing that is very important in the world of antiviruses is what type of imprint it makes on the machine. Some antiviruses have GBs of files used to manage itself and its definitions, or scans take multiple hours. Webroot is a very small, very light package with hardly any imprint to a machine. Its scans are quick and efficient, and reporting back into the console happens within minutes usually.

Webroot Secure Anywhere is a great antivirus! Give our engineers a call at 1-888-244-1748 to see if Webroot and Everon would be a good fit for your company.

Now Offering Webroot Antivirus

Standard

What this means to you

As a trusted IT adviser, one of our jobs is to constantly evaluate new technologies that come our way. After reviewing Webroot SecureAnywhere Antivirus endpoint protection software, we are confident it will be the best solution for many of our customers.

Webroot offers a revolutionary, cloud-based Antivirus technology that protects against advanced security threats in real-time. According to PCMagazine, “Webroot joins Bitdefender and Kaspersky as Editors’ Choice for commercial antivirus.”

What you need to know

Webroot graphic 1Webroot provides full remote user/endpoint management via cloud-based management console. Because it is cloud-based, there is no on-site-management hardware or software to operate or maintain.

Webroot also provides real-time threat detection. It can proactively protect against new security threats as they’re detected – sort of like your own, personal bouncer standing right outside your computer. While it requires an Internet connection, its offline mode protects the user against potential infections from removable media (CD/DVD, USB, etc.). It does this by taking a snapshot of the current computer configuration and then watching for any changes made to the system while the user is offline – especially changes that are typical of malicious software behavior.

Webroot graphic 2

Webroot also offers automated monitoring, roll-back, and infection remediation for the highest efficiency. In the MRG Effitas 360 Full Spectrum test, which measured a software’s time to detect an infection, Webroot was noted as being one of three solutions able to remediate a computer either on or before the first user reboot. Scan times are also dramatically reduced by logging only newly-introduced software and scanning only that software.

Is this solution ideal for you?

After the initial full system scan, additional scans typically take only 26 seconds compared to the industry average of close to 10 minutes. (This is according to the PassMark Software Performance Benchmark Testing, which gave Webroot an overall score of 97 out of 104. The second place software was a distant 70.)

Historically, the installation of an antivirus came with limitations that the user had to accept in order to get some level of protection. An antivirus could not be deployed in tandem with another antivirus, as these caused conflicts. Typical antivirus software also required a server console in order to adequately manage all workstations within a business.

Webroot alleviates the need for a server console by allowing full management of clients through the web-based console. It can be installed alongside other software because of its ability to heuristically scan for infections both on and offline. This is an ideal solution for companies with employees in remote locations, who don’t have direct access to a console server, or who have no server at all. This also means that license renewal is no longer a tedious, manual process for those workstations. Everything is managed directly through the web console and our installed monitoring software.

What should you do next?

So you’re interested in Webroot? If you are a current Everon customer, please feel free to contact your account manager to discuss whether this solution fits your current environment and needs. Not an Everon customer? No problem. Everon offers a remote IT department equipped to fully manage your small business’ technology needs. Please call us at 888-244-1748, or email us at info@everonit.com.

 

True Story: Rescue From a Zero Day Virus

Standard
080303-N-0517H-003

DoD photo by Shane Hollar, U.S. Navy. (Released)

A zero day virus is a brand, new virus that has just been released to the public, and for which there is not yet any information or antivirus protection. This is the story of how our team encountered and identified a new Cryptolocker variant, and then raced the clock to prevent its spread and data loss.

Last week a client called in stating that their server was filled with files with the extension .ECC. This was an extension that we had never seen before, so it immediately flagged us of a potential threat.

According to our research, .ECC files are associated with DVDisaster — an application created by a developer named Carsten Gnörlich. This didn’t really make any sense; we doubted our clients were using this new application. And even if they were, why would the application create .ECC files on their file server? We couldn’t figure it out.

Unless…!

Suddenly we realized we were dealing with a virus. We began scanning their file server with our antivirus and malware tools. But our tools came up empty. What gives?

Still playing on our virus-hunch, we decided to bring one of the .ECC files into our test environment. Carefully, we opened it up.

And there it was: a variant of Cryptolocker, in all of its terrible glory.

Our client’s network was infected.

We scoured the Internet but couldn’t find anyone, anywhere, who had seen this Cryptolocker variant. Not only were we dealing with a vicious form of ransomware, but, we realized, we were dealing with a zero day virus. There was no antivirus for it yet, because it was brand-new.

Our team has had extensive experience in dealing with Cryptolocker in the past, so we had a baseline for this virus’s potential behavior. Cryptolocker will first encrypt users’ own hard drive and then try to encrypt mapped network drives. We immediately began looking for a host machine.

A host machine is the machine that introduced the virus into the network.

Once you locate the culprit, you can choose to wipe Cryptolocker with your AV or Malware tools from the infected machine. In this case, for precaution, we decided to pack up the machine and wipe the hard drive completely. Cryptolocker has a nasty habit of encrypting files and hiding them on the hard drive. Being that this was a zero day infection, we were not sure if this variant left any malicious files on the server — or anywhere else.

In past versions of Cryptolocker, once you found and killed the host machine, you could delete the files. (They are pretty much useless without the encryption key, and the files themselves are not malicious.) But since we weren’t sure, we decided to use our Microsoft partner account to reach out to the WOLF team.

WOLF is the team at Microsoft that is dedicated to security, vulnerabilities, and virus/malware removal. They are essentially the software world’s version of Navy SEALS. They are fantastic. We called them up, and, like a true black ops team, they jumped in with their custom-built tool and scanned the server and the network, looking for any traces of the virus left behind.

The WOLF team was able to determine that the .ECC files were merely encrypted, and no further infection existed. They were also able to determine how the virus came into the network and what vulnerabilities caused this.

We patched machines to keep them secure, and we also recommended that users do the following:

  1. Ensure your antivirus is up to date and properly scanning.
  2. We recommend installing a complimentary malware scan in addition to the antivirus scan. (We recommended Malwarebytes Pro.)
  3. Install AdBlock Plus for all Internet browsers. This helps block unwanted ads and can potentially protect them from anything trying to get through as well. For information on AdBlock Plus for Chrome, click here.

With good, current backups, patching of your Windows and 3rd party applications, and these steps above, I believe this can help any company stay safe out in the cloud without compromising any employee freedom to go where they choose.

For more information about Cryptolocker, or any security issues, feel free to call our engineers at Everon at 1-888-244-1748.

 

Silk Road 2.0: The Latest in the Cybercrime Fight

Standard

 

Most consumers have probably never heard of the stuff I am going to discuss here, however, it’s very important for the security and health of the Internet. This week police forces made a great breakthrough against what is considered the “black market” of the Internet. Seventeen arrests were made in cooperation between US and European forces, in relation to the Silk Road 2.0. This is a secret cache of websites that runs off the Tor Network, a specialized network that is not searchable via common search engines. The websites that were shut down total around 400. Most of them dealt in illegal drugs and weapons.

tor-logo

The Tor Network, sometimes just called Tor, is a very dark place within our Internet world. It was originally set up by the US to assist people fighting against oppressive regimes, however, it is now overrun with illegal sites, including ones that do more than just selling illegal drugs and firearms. It includes sites for child exploitation, and it is a place where extremist groups (such as ISIS and Al-Qaida) operate, so it is constantly targeted for shutdown through all specialized cybercrime sources. To get to the Tor Network (which I am not going to explain here), you have to set up specialized proxies and VPNs to re-route your traffic and find these sites.

The Silk Road 2.0, a notoriously dark area within Tor, was set up in October after the original Silk Road was shut down and the owner arrested. (Not everyone agrees with the latest shutdown.) As a consumer, there is not much needed to protect yourself from the Silk Road. It is not a location that targets consumers. It is really a place for black market activities. You should be aware of where your family members go online. You should also be aware of similar things with your staff, if you own a business. There are many nefarious locations on the Internet that you need to be aware of so you can protect your family and/or your company.

First off, ensure that your antivirus is up to date on all machines in your home and office. If you have a special router, ensure its firmware is up to date and all passwords have been changed from their default settings. In addition, you can download tools to help review where your family or staff goes online. You can also put proxies in place to prevent people from stumbling onto bad websites.

Here are some great sites to protect your children from dangerous sites online:
http://www.onguardonline.gov/topics/protect-kids-online and
http://www.netsmartz.org/Parents.

If you need help setting up similar protections for your workplace — or if you even want to manage (or block) the time your employees spend on social media (or other adult sites) – feel free to call our experts at Everon. We are just a phone call away: 1-888-244-1748.

 

Five Things You Should Do to Clean Your Computer This Weekend

Standard

 

tree computer pic

Fall cleaning? Don’t forget your computer!

There’s no time like now to get in all that fall cleaning you want to do before the holiday season kicks in. So why leave your computer out of all the fun? I asked the techs at Everon what they would do to clean their own computers. Here are their top five responses:

1.      Run a virus and/or malware scan. If you don’t want to spend the time running both, pick one and do the other later. You can get good virus removal programs, like Avast, AVG, Symantec, or Malwarebytes, a malware removal program, for free. Each of these scans could take several hours. A good idea is to start the scan before you go to bed and let it run all night, while you sleep.

2.      Get rid of extra programs that you don’t need. A lot of times, when you download or install new software, you’re also saddled with extra programs you neither asked for nor need. Those can be a real memory-suck. Look for ones that redirect your browser. (Any extra toolbars on your Internet browser?) Now is a good time to uninstall these pieces of baggage. Also, bloatware – preinstalled software on a device – is another nuisance. Check out this blog, by James, for one way to get rid of it. This process should take around 30-45 minutes.

3.      Blow the dust or lint out of your system, especially the fans. This can be done with one of those handy cans of compressed air, available at just about any store that sells office supplies, or with an air compressor. If you haven’t done it in a while there will be a lot of dust, so you may want to take your computer outside. Remove the outer casing and blow away. (Note: do not use your breath! The moisture from your mouth can damage the microprocessor. Plus, if you get too close to all that dust you will probably sneeze.) Pay particular attention to getting those dust bunnies out of the fans. If they stay clogged up, your computer can overheat.

4.      Clean your keyboard. While you’re taking your computer outside to power-blow it, unplug and bring along your keyboard. Tilt it upside down, and blow it out, too. You will be both grossed out and amazed at what falls out of there. But all of that stuff can build up between the keys and make them stick or not work properly.

5.      Clean your screen, mouse, and keyboard (again). As long as we’re doing a proper cleaning, let’s do it right. You can get out the isopropyl (rubbing) alcohol and cotton swabs, or you can just buy pre-moistened, disposable electronic wipes (my preference). Wipe down your computer screen and your mouse. Pay attention to the buildup on the mouse’s underside. Also, before you plug your keyboard back in, give the keys a good wipe down. These last three steps will take you 30 minutes or less.

There, all done. This entire process can take an hour or so (not including the scan that ran while you were asleep), but once done your computer will run more efficiently. You can add years on to the life of your machine with regular maintenance like this. Not to mention how good it feels to have a sparkly-clean desktop. ;)