Spectrum Computer Solutions Blog

Admin rights key to mitigating vulnerabilities, study shows

Summary: By running users under standard, non-admin accounts, IT can prevent a very high percentage of Microsoft vulnerabilities from being exploited.

It’s been best-practice for a very long time: all users and processes should run with the fewest privileges necessary. This limits the damage that can be done by an attacker if the user or process is compromised.

Unfortunately, running users without admin rights on Windows XP was generally impractical. It is a much more reasonable and manageable approach on Windows Vista, 7 and 8, but many organizations still run users as administrator because it makes things easier in the short term.

A new study from Avecto demonstrates the real world import of running with “least privilege”. In 2013, Microsoft released 106 security bulletins and updates to address the 333 vulnerabilities identified in them. 200 of the 333 total vulnerabilities would be mitigated if the user were not running as administrator. 147 of the vulnerabilities were designated critical; 92 percent (135) of these would be mitigated.

The greatest impact comes with remote code execution vulnerabilities. Such vulnerabilities are necessary in the large majority of meaningful attacks. 100 percent of critical remote code execution vulnerabilities would be mitigated with non-administrator rights.

BreakdownOfMicrosoftVulnerabilityImpact2013
Avecto 2013 Microsoft Vulnerabilities Study: Mitigating Risk by Removing User Privileges

Non-administrator users can still be compromised, but it’s much less likely that they would be and, if they were, the impact would likely be greatly limited. Least privilege is most effective as part of a more comprehensive security architecture including prompt application of updates to patch vulnerabilities.

Avecto is a UK software company which develops products to help organizations configure and manage their systems to run with least privileges necessary.

Original Article Author : Larry Seltzer
Original Article Date : February 18, 2014

How to comply with the EU cookie law

Effective from 26 May 2012 the EU cookie law requires websites to gain permission from users, before planting cookies. Find out how to comply and what fines you may face if you don’t.
http://www.computerweekly.com/guides/How-to-comply-with-the-EU-cookie-law
http://www.computerweekly.com/opinion/The-cookies-monster-How-to-deal-with-the-new-cookies-law

100% Annual Investment Tax Allowance – Limited Time Left

In the emergency budget on 22 June 2010 Chancellor George Osborne announced a reduction in the limit of Annual Investment Allowance from £100,000 to £25,000.

The new allowances take effect on 1st April 2012 for companies and 6 April 2012 for unincorporated businesses.

AIA is a 100% deduction from taxable profits for qualifying expenditure on plant and machinery.  So if your business is planning on major capital expenditure in 2012, you could reduce your tax liability by bringing forward that spending prior to the April 2012 deadlines.

Examples of items qualifying for Annual Investment Allowance:

  • Computers
  • Business machines such as tooling machines and lathes
  • Tractors and other agricultultural machinery
  • Office equipment and furniture
  • Vans for business purposes.

Contact Spectrum Computer Solutions for all your computer hardware solutions.

 

Backup Mission Critical Data With Spectrum’s Prism

Many small businesses have one or more work station that are deemed mission critical. We often find that these work stations access or create sensitive data, or run key software which is only used by specific trained members of staff.

Often these applications are quite old and are no longer supported by the vendor. But because the sensitive data, or application, is held on a work station rather than on the network, this data is often not included in routine backups.

Is your data on specific work stations being backed up?

If you are concerned and would be interested in effective solutions to backup sensitive data excluded from your current process or wish to protect the working version of any specialist application software you may have, please read on.

For an alternative backup process, SpectrumCS offer a product called “Prism”, a fully automated, on-line solution for off-site data backup. Users create an encrypted account from which they can select the folders and files of data they require to be backed up, the frequency of backup and how long the data should be stored. Your data is automatically copied to a safe, offsite server at a cost of £1.50 per month for each Gigabyte of data you need to be backed up. (Minimum 12 month contract). Data can be accessed and retrieved by the account holder, within a few minutes.

Click here to read more about Spectrum’s Prism data store.

To secure a working copy of your application software, SpectrumCS suggest buying an additional hard drive for the work station and taking a snap shot of the software application. In the event of a hardware failure or loss of that work station, that software application could be restored.

Last chance to buy a PC with Windows XP installed!

Microsoft are finally withdrawing Windows XP, which is the preferred platform for our customers to run their business computers.

This means that any new workstations will have to be supplied with Window 7 installed.

Our suppliers are currently selling their existing stock of workstations with the facility to revert to Windows XP, which they anticipate to have run out by mid next week.

If you’re core applications have not been tested on Windows 7, this is the last opportunity to buy up a know compatible PC.

If you’re interested in purchasing one, please contact Dave Hodkinson to check availability.

Website re-launched!

September 2010 sees the launch of the new Spectrum Computer Solutions website which has been revitalised because of the use of the WordPress framework. The website has been re-launched with a vibrant new look, new content, significant layout updates and features video tutorials showing end users how to preform those task which require a little jog of the memory in order to complete.