How Hardware Virtualization Works

Hardware virtualization is a rapidly growing practice among small and medium-sized businesses (SMBs). That's because business owners and managers are discovering the great benefits and cost savings hardware virtualization can provide.

For example, virtualization allows you to run multiple "virtual machines" on a single computer, instead of needing to have a separate physical machine for each workload. That saves your business money by reducing the number of computers you have to purchase and maintain to run all your applications and service all your users.

But how does hardware virtualization actually work? Here's a brief explanation.

Normally each physical server consists of the computer hardware (often referred to as "bare metal"), along with operating system (OS) software, such as Windows or Linux. Your application programs, like Microsoft Word or Excel, run on top of the OS. When the application needs a service, such as access to a disk file, it asks the OS to provide it. So, the OS is the intermediary between the application programs and the bare metal.

In this traditional environment, the operating system controls both the hardware and the application programs. For that reason, there can only be one OS running on a physical server at a time.

But by using hardware virtualization, multiple operating systems can run on a single physical machine. Here's how.

In a virtualized environment an additional layer of software, called a hypervisor, is inserted between the bare metal and the operating system(s). When an OS thinks it's interacting with the hardware in order to access a disk file that one of its applications needs, in reality, it's talking to the hypervisor. In fact, each OS on the machine thinks it's the only one because the hypervisor interacts with it exactly as the bare metal hardware would. The OS literally can't tell the difference.

The result is that the hypervisor can service several different operating systems, each with its own set of applications. And none of those operating systems is aware of the existence or the activities of the others. The hypervisor keeps them entirely separate from one another.

So, it's the hypervisor, always a very small and speedy piece of software, that unleashes the magic of hardware virtualization.

Bit by Bit can help with all of your technology needs. You can contact us at 877.860.5831

or our website.

Cyber threats are real!

Cyber Security

Face it folks, there are many people from many countries that want your money and or want your information.  These same people have all of the time in the world to become very talented at hacking into your computer.  We pay for varying services to protect us.  And the hackers spend their time working around the firewalls, spyware, malware and other pieces of software designed to protect our information and our money.

Recently I received an email from a long time customer.  The email came from his usual email address, therefore nothing seemed suspicious.  He requested an IRA distribution form.  This client is in his seventies and the request was not out of the ordinary.  I sent a blank IRA distribution form and it was returned promptly.  The form had his account number, address, and social security number.

First red flag was the distribution request was substantially more than what he had in his IRA.  The second red flag was the funds were to be wired to a bank in Virginia.  My client lives in Texas.  I promptly called my client and he carefully explained that he had not sent any emails nor any IRA distribution requests to me.

I contacted my I.T. company to have them him check out my server and my system to be sure we were not compromised on our end.  I also contacted my consultant, for compliance purposes since we are a broker dealer, to make sure I took appropriate steps to document and contact the proper authorities. 

We do have a written Cyber Security policy for our firm.  I quickly thumbed through it.  And proceeded to file a report with the F.B.I.  There is an online portal for such purposes. 

Later that evening my I.T. company had determined that our computer system had not been hacked.  And my client’s email must have been hacked.  Unfortunate for my client.  Very relieving for me. 

If our firm’s system is ever hacked, we must notify all of our clients of the breech.  That would be devastating for our firm.  I am sure you will agree security is of great importance when one is entrusting us with their investments.    

The following day I contacted one of my banking friends to find out what department of the bank I should call.  I wanted to make contact with the bank that was to receive the wire.  He told me the B.S.A. Compliance Department or Fraud Department.  B.S.A. stands for the Bank Secrecy Act. 

I did contact the bank and gave them the account number so they would know fraudulent activity was being operated through the account.

I could have contacted the local police, but after reading the website I determined the online report forms did not fit the occurrence and would create more questions than answers.

I also followed up with my client a number of times and he had his I.T. firm work on his end.  And at the end of the day we stopped the potential theft from ever happening.

A different occurrence.

A couple of years ago another client told me of an attempt at his firm.  The hackers had to have been observing and reading the firms emails for quite some time.  This attack was very well thought out.  The hackers knew the names of the correct executives and their job functions and the employees in accounts payable. 

One day a request for a wire of funds was sent to an employee in accounts payable.  The wire request was in excess of $300,000.  The amount was a little high but not completely out of the ordinary for this firm.

The employee was one keystroke from sending the wire and decided to ask the controller of the firm if it was legitimate.  My client, the controller, looked into the request further.  He made a phone call or two and verified the request was not valid.

They dodged a large bullet that day. 

Thereafter, the firm has instituted more layers of review before wires of such size are sent out.

Procedures, procedures, procedures.

After mine and my clients scare last week, we are instituting additional layers of procedures as well.  We cannot be careful enough.  There are many people out there who want our money and our information. 

Be careful out there.

Six Steps to Take After Your Email is Hacked

We use email and other online services so much that it's all but inevitable that our accounts will be hacked. Having your private accounts invaded can be confusing and inconvenient, but it's possible to control the damage and prevent future hacking attempts. Below, you will find out how to regain control of your account while minimizing future risk.

Go Into Your Account

Before you can do anything else, you'll need to see how much damage is done. Log into your email account; if the hacker changed the password, click the "Forgot Password?" link or its equivalent. Once you have access to your account, change your password right away. Use a combination of numbers, cases and characters. Instructions on password security are coming up later in this guide, but for right now, preventing hackers from re-accessing your account is the most important thing you can do.

Assess Other Accounts

Once you have changed your email password, you should make the change on other accounts that share that password - especially if you use your email address as a username on those accounts. Check your inbox and "trash" folder for password resetting emails that you didn't request; the hacker could have tried to change other sites' passwords using your email address.

Check For Sent Spam

Some hackers access email accounts to launch attacks on those on your contacts list, using your email address to send phishing or spam emails that trick friends into providing personal information. It can be hard to tell if your account was used in this way, but checking your inbox for replies can help you determine if any of your contacts were targeted. If you do find spam, let the person know that you didn't send the email.

Check Your Apps

Once your email account is secure, and you've dealt with the consequences of the hacking attempt, you should ensure that you can still access your account via the usual channels. If you use Windows Mail, Outlook or another similar program, you'll have to change the passwords on those apps. Every program is different, but for most, you'll have to get into the "Settings" menu to make the change.

Protect Yourself From Further Intrusions

The risk of email hacking is increasing, but there are preventive steps you can take. Choosing a strong password is one of the easiest ways to safeguard your account; generally speaking, the longer the password, the more secure it is. Use a mix of cases, characters and numbers to increase the strength and complexity of your password, and don't use real words. Above all, NEVER use the same password across multiple sites. Long, complicated passwords can be hard to remember, and services such as 1Password and LastPass can help you store your passwords securely. 

Add Extra Layers Of Security

Along with strong passwords, two-factor authentications are often used to secure email and other accounts. In addition to your password and username, you can use a code created by an app or a card reader at the time of each login. The code changes rapidly, and hackers cannot access it - which makes your account much more secure. Most email providers offer two-factor authentication free of charge, and it's worthwhile to use this security measure if it's available.

Your email account is an important part of your online identity, and you should protect it just as you would any of your other personal information. Cut your exposure risk by being discreet, smart and sophisticated in your approach to email security, and keep an eye out for things that may seem a bit odd. By knowing your damage control choices, it will be easier to control that damage when or if it occurs.

Bit by Bit can help with all of you technology needs. You can contact us at 877.860.5831

Working with a new security company!

https://www.esentire.com/

This will be a great addition for our clients.