If you’re running Windows XP, your shredder may not be helping you

If you’re running Windows XP, your shredder may not be helping you.Here is a story we heard and would like to pass along. “My wife has a little cleaning job for an elderly couple we like helping. They’re nice. They give us chocolate. They are obsessed with shredding any paper that might have their name or any other identifier on it, for they are terrified of someone stealing their money or their identity. They have two big shredders with special blades for destroying both catalogs and bank statements. The problem is their shredders aren’t the full-scale protection they think. You see, they conduct financial transactions with their brokerage and manage their bank accounts online with an old computer running Windows XP.” Their computer has probably left open the only door that matters. Do you have that security risk?

A brief history of Windows XP and its successors

In August 2001, Microsoft released its newest, most stable and secure operating system to-date. They called it Windows XP. You may remember what a great advance this operating system was. Mick Jagger introduced its new Start button to a rocking audience of enthusiasts. It had all the benefits of Windows NT without the clunky interface but with nice, rounded edges to the graphical elements. It quickly became the de facto standard for just about every computer system in the world, but had to get 3 major “service pack” updates for security and stability demands. Now, 13 years later, Windows XP still runs on something like 34% of the desktop computers in the world.

Since Windows XP was released, Microsoft introduced 2 new replacement operating systems for personal computers, each to make it both easier and safer to use personal computers. But most important, each of these new operating systems, Windows 7 and Windows 8, brought better security technology to the desktop. They are far and away preferred over Windows XP to protect sensitive information from the bad guys. Which brings us to why running Windows XP is a security problem.

What Windows XP “End of Life” means for users

So what’s the risk? Data breach. And, no viable restitution recourse. It’s not like we weren’t warned and given time to prepare, to upgrade to a more secure platform.

Microsoft began warning of the Windows XP End of Life 2 years ago, in April of 2012. And, true to their word, in April of 2014, Microsoft stopped supporting Windows XP. From a security perspective this is significant. It means that Microsoft will no longer provide security updates to protect the system from hackers; no more patches to fight against harmful viruses, spyware and other malicious software that could steal your personal information. It also means that there will be no more system updates to improve the reliability of the computer system. Sure, you could find some software to protect against malware, but not software that can detect core system intrusions.

A well-known security firm has posted more than 350 known Windows XP vulnerabilities that will not be patched by Microsoft.

In our opinion, and that of even the least conservative expert, organizations having Windows XP machines in operation (desktops, laptops, virtual machines) should make every effort to replace that machine or remove its connection to the organization’s network.

The favorite elderly couple was told that their next purchase should be a new, more protected computer while they destroy the hard drive in that Windows XP machine. And, now we’re saying the same thing to one of our favorite people. You.

References

Here’s how to learn more. Click on the links below:

Mobile apps: Why needed, when needed, how needed…

Mobile AppsIt used to be simple: programs were those things you used on your computer to make it work. Until computers got really small, with simpler processors that were not as strong and used less power than big computers. These less capable computers that fit in your pocket came to be known as “devices”. The word “programs” didn’t work to describe their software; programs had come to mean software that could do much more than a mobile device was capable of doing. So the word “app” was coined to describe a less-capable program built to run on a mobile device, hence the evolved term “mobile app”. The people who make devices and/or their operating systems came up with a way to control the distribution and installation of apps, called an “app store”.

When people first bought their mobile device, most of them, especially the ones who bought an Apple device, bought dozens or even hundreds of mobile apps for their mobile device. Many were free, or cost 99 cents. So if you are like a lot of other people and have all those apps on your device, what is the security risk? Do you really need a mobile app when a simple web site will do? How do you manage the mobile apps on your device? Great questions. Here’s a way to start finding your own best answer.

Do you need that mobile app?

These days the web designers have caught up to mobile app developers and many apps are no longer the only way to get what you want. For example, Peoples Bank allows customers to access their bank accounts online in multiple ways: via a standard computer browser, a mobile device web browser and a mobile app. So which should you use? The simple answer is “it depends”– on what device you have, when you use it and what functions you require. All are secure if used properly, all provide the same information and all offer you a simple way to manage your money online.

The biggest reason for mobile apps up until about a year ago was that programmers and designers could have better control on what was displayed on the screen with a mobile app. Back then, the web browser display could not be controlled well-enough. So, for example, there was no way to know if the user had a 2”x3” screen or a 6”x10” screen, which makes a huge difference when you need to depict an account summary transaction screen. So, the mobile app provided a consistent framework of content display.

Nowadays the web browser technology has caught up. Modern websites can determine the size of the users’ screen and format the page appropriately so that information is properly displayed.

But the larger question, how to make sure your friend the mobile app doesn’t become your enemy, is answered by understanding the fundamentals of mobile app management.

Learn how to manage mobile apps

Over time, we’ve learned that apps we loved are no longer viewed as safe:

Wow. Mobile apps can be a big risk if not well-managed by their users.

A great resource for learning about mobile apps, and making sure you aren’t vulnerable because of them, is located on the US Federal Trade Commission’s Consumer Information website. It’s too much to try to cover all the information in this blog post. But there are important considerations, such as privacy, confidentiality, child safety, malware, security and even feature selection. We urge you to browse the FTC’s web page “Understanding Mobile Apps.” There you will find great links and fundamental principles to help you manage this emerging technology in your pocket.

By the way, business owners should ask themselves if they feel good about how well they have managed the risk of staff member’s smart phones. “Do you have a risk in your pocket?” takes on a special and serious meaning given the need to practice responsible mobile device security.

Are you worried about what to do if your credit card or debit card gets hacked?

Fighting fraud from credit and debit card data theft

Here’s how we can help you help yourself.

Recent news articles about major retailers who have suffered from customer data breaches have led many people to learn how to minimize the damage a hacker can do to their finances. If your information was part of a breach, the most immediate risk is that the thieves may make unauthorized charges or debits to your accounts. SOLUTION: Keep a close eye on your account activity and report suspicious transactions immediately to your bank or credit card provider. The sooner you tell your provider about any unauthorized debits or charges, the better off you’ll be.

Four Steps You Can Take

The Consumer Financial Protection Bureau has good information if you think your credit or debit card data has been breached with their article, Four steps you can take if you think your credit or debit card data was hacked.

Signs of Identity Theft

Credit.com lists some early signs to look for if your identity has been compromised: 8 Signs Your Identity Has Been Compromised.

The Simple 3 Factors of Financial Protection

The Simple 3 Factors of Financial ProtectionWe have published thousands of words online and on paper to help protect your information. It’s too much to remember all at once, so here are the 3 fundamentals in 100-words or less.

The Big 3 Fundamentals of Financial Protection

  • Keep your financial records in order
  • Watch out for fraud and scams (there are a LOT of them out there)
  • Be insured (at the bank, and at home)

That’s it. The details can be found at the links below.

MyMoney.gov | Protect – good tips and even better links to helpful information

Peoples Voice blog posts specifically about online security

Peoples Bank Online Security Tools