Tuesday, December 1, 2015

If You Get Viruses, Fire Your Technician - Or Yourself

There's a simple formula for avoiding viruses on your computers. I am extremely frustrated when I go to professional conferences hear people talking about Cryptolocker and other viruses.

There is no excuse for letting your computer get viruses today. Really. Zero.

Twenty years ago a client asked me if computer consultants created viruses so they could stay employed. I said no, we don't have to because the bad guys are creating enough. That's still true.

BUT I have met a lot of consultants recently who do not do the best job they can of patching systems . . . because they want your computer to break. In my opinion, these are amateurs at best and incompetent technicians at worst.


How We Get Viruses Today


Virtually every virus today requires YOU to install it. Something pops up on your screen and you click YES. When that happens, you are to blame and you should pay for the cleanup.

Virus manufacturers try to trick you into clicking in many ways. The most common are

1) A fake virus scanner pops up and says your system is infected. You click to "clean" your machine, but you're really installing a virus.

2) Fake web sites look like the real thing, so you start clicking on stuff. Again, at some point a program wants permission to install something and you say yes.

3) You receive emails with fake lures. For example, your bank needs you to read a notice or says your deposit did not go through. You panic and click. And infect.

4) You receive an email with an attachment, often with a fake extension. You open it and infect your machine.


Five Simple Steps to Zero Viruses


It is extremely easy to stop getting viruses ever again. But you have to do all five. If you do less than five, then you will get viruses. Note: You computer consultant should recommend these steps to you and pressure you to do them. This is worth paying for because it's cheaper than cleaning up one nasty virus.

Step One: Have a good, current anti-virus program. In addition, know what it is! Open it. Look around. See how the quarantine looks. Be comfortable with it. That way, when something pops up and says you have an infection, you will know that it's NOT your anti-virus program and you can close it without clicking.

Step Two: You need a good patch management system. This will cost a little money every month, but it guarantees that your operating system and all your software is up to day. There's a big buzz every week about Microsoft updates. Of course you ignore it because it's not your job. But those updates (as well as updates from Adobe, QuickBooks, Sage, and others) are critical to the health of your computers.

Very often, these updates do not install automatically (even when set to) and sometimes fail to install for weeks or months. That's why you need a managed system. Your computer consultant should be making sure all these patches are applied. On rare occasions, a patch should NOT be applied because it causes problems. Your computer consultant should manage that as well.

Step Three: No one in your company should have "administrative rights" on your computers. As soon as you take away admin rights, programs cannot be installed. Viruses are programs. They need admin rights to install and infect your computer. Once you take this away, 99% of all viruses are stopped dead in their tracks.

WHINE: I always hear the argument that it's a pain in the neck to contact the computer guy every time we need to install something. A) No it's not. B) Here's another thing you can do.

Have your computer consultant create a special Administrative account on your computer. Call it something like AdminX with a password that's easy to remember. This doesn't have to be a super secure password if you have a properly set up and secured network. Now, when a program asks for Administrative credentials in order to install a program, you can put in the AdminX username and password. Ideally, that will slow you down, make you think, and NOT install viruses.

If you do install a virus, you'll know instantly that you did it yourself and you can give up the lame excuse that you browsed to a web site and magically got a virus.

Step Four: You need a good firewall with an anti-virus module installed. That means you can't use a crappy $39 router any more. You need a real firewall with a real anti-virus module - and a subscription to keep that up to date. Yes it costs money. But it costs less than fixing one nasty virus.

Step Five: You need good habits. As you read above, YOU are the cause of all viruses. So change that, educate your people. And stop clicking on everything on the Internet!!! Here are a few rules. Follow these and you life will be good:

1) If you have any doubt whatsoever, do not click. For example, if your bank has a message for you, close the email and log on to your bank site. Since you initiated the connection, you'll know you are at the real bank site. If there's a message, it will be there.

2) Do not open email from someone you don't know. Just delete it. Really. The world will keep spinning.

3) Do not open any email attachments unless you asked that person to send you that file. Even if it looks like it came from your mother or best friend. Send them an email and ask them if they sent you something. If they say no, delete it.

4) Have your computer consultant enable "view extensions" on your computer. That way, you can look for files with two extensions and you can delete them without opening. These files have names like: FILE.DOC.EXE or FILE.PDF.JS.


In the 21st Century, I believe it is unscrupulous for computer consultants to let their clients get viruses and lose data. It costs the client a lot of money and is completely avoidable.

At the same time, business owners who are not willing to pay for a good firewall, good anti-virus software, and a patch management program are just asking for trouble. It costs money to run your business the right way. If you don't buy a managed service contract and you don't invest in basic security, then please don't complain when you have to pay money to clean up a virus or two. Or three.

:-)