To Make Hard-to-Crack Passwords, You Write the Rules

By now you’ve heard from countless experts that the best way to protect yourself online is to have hard-to-crack passwords for all your logins. “Don’t use any words that occur in the dictionary,” they say, “and don’t use easy-to-find information like your pet’s name or the street you live on. And while you’re at it, forget about memorable number combinations like your address, your date of birth, or ‘123.’” Great advice, but if you’re also told never to write anything down, how on earth are you supposed to remember a string of numbers, letters, and characters you’ve intentionally made as random as possible?

The trick is to invent a simple set of rules that’s easy to remember and replicable across all sites.

Here are some examples. You wouldn’t want to use these specific scenarios, of course.

• First letter of each word in a common phrase + four-digit number + ampersand. To change the password – something you should do every six months or so anyhow – just change the common phrase, or start using the second letter of each word.

• Site name + your first name backwards + four-digit number + same four-digit number with the shift key held down. To change the password, come up with a new four-digit number or start using your last name backwards.

• Take two words and run them together with a numeral at the beginning and a symbol at the end. So, “Gandalf” + “sesame” would yield 2Gsaensdalmfe#.

The trend these days is toward “pass phrases,” often composed of song lyrics or idiomatic sayings, rather than passwords. Why? Because password crackers can generate millions of guesses in a second. The more characters you have for them to work through, the longer it will take them and the greater the likelihood that they’ll move on to an easier target. In other words, length beats complexity.

Find out how you can leverage the power of Social Media to promote your small business at our free Webinar, “Social Networking: Uncovering the Hype.” It will be held on Thursday, April 29 at 12pm Central Daylight Time. Click here to register.

more info - http://cmitsolutions.com/centralsv

Tax Season Is Upon Us! Look Out For These Scams.

It’s tax-filing season, and as surely as the sun rises in the east and sets in the west, scammers will be crawling out of the woodwork trying to take advantage of this opportunity to steal sensitive business data. Here’s how to make sure your small business doesn’t have identity thieves and con artists to contend with on top of the usual taxes and paperwork…

1. Educate employees to be on the lookout for phishers, phone scammers, and email cons. People who would never open a suspicious-looking email in their personal inbox might not hesitate to turn over your Federal Tax Identification Number and names of key executives to someone posing as a representative of the IRS. The next thing you know, somebody has stolen the identity of your business and is taking out credit cards in your company’s name.
2. Pay your taxes electronically. If you drop a check in the mail, all an identity thief needs to do in order to access your bank account number, routing number, Taxpayer ID, and other information is snag the right envelope. In contrast, the Electronic Federal Tax Payment System (EFTPS) is a free, secure government website that uses the highest level of security available. Every user must have a secure Internet browser with 128-bit encryption in order to access the site. To log on to the system, an enrolled user must be authenticated with three pieces of unique information known only to the user: Taxpayer Identification Number (EIN or SSN), EFTPS Personal Identification Number (PIN) and an Internet Password. That’s pretty secure.
3. Pay your taxes, period. If somebody tries to sell you a package or kit that promises to help you avoid taxes by deducting personal expenses as business expenses related to a home-based business, don’t buy it. If somebody says the 16th Amendment was never properly ratified and personal income taxes are unconstitutional, ignore them. If you own a small business, you’re responsible for determining your personal and your business tax liability – and paying accordingly.

You can reduce the likelihood that you’ll have to deal with tax-related digital cons by using up-to-date spyware detection, antivirus, and antispam software. These should help to keep all those phony emails from making it into your inbox and prevent hackers from accessing sensitive business data. Go to to find out what security services CMIT Solutions offers.

Last-Minute Alert: Attend a free informational Webinar on Google Tools this Thursday, April 25th at noon CDT. Find out how you can leverage the power of Google to promote your small business – without spending a dime. Click here to register.

more info - http://cmitsolutions.com/centralsv

Don’t Trust Luck to Keep Your Computers Safe

This St. Patrick’s Day, while you’re busy celebrating "the luck of the Irish", remember – luck is a beautiful thing, but it’s no substitute for common sense and precaution when it comes to your computers.
In the world of IT, luck is not a strategy! And yet, how many of us still don’t listen to advice like this:

1. Don’t use obvious or easy-to-crack passwords.
2. Use a different password for every site or application that requires one, and change your passwords often.
3. Back up, back up, back up. Back up to at least two different media or locations, with at least one of them off site. And if you can’t remember to run a backup, sign up for a service that will run them automatically. Make sure you know how long it would take for your backup provider to restore all your data if your office was completely wiped out. Some backup services can take days or even weeks to ship a full set of disks; others may take less than 48 hours.
4. Update your antivirus software often and run a full system scan. Again, if you can’t remember to do it yourself, sign up for a service that will do it for you.
5. Write down all your software product keys, license numbers, passwords, configuration notes, and encryption codes and keep them in a locked safe -- preferably both on premises and off.
6. Write down a detailed plan for restoring data in the event of a loss -- that means figuring out the sequence in which applications, servers, and databases need to be brought back online in order for data to properly repopulate.

If this sounds like a lot of work -- well, it is! But putting in the time now can prevent you from some major hassles later. Or call CMIT Solutions, and we can help you get started on the path to complete disaster preparedness. We often recommend taking a serious look at CMIT Guardian, a backup and disaster recovery solution specifically tailored to the needs of small business. It’s affordable, reliable, and stores all your valuable business data securely on and off-site.

Don’t Forget! On Thursday, March 25 at noon Central Daylight Time, CMIT Solutions is hosting a free informational Webinar on Google Tools. Learn about the ways you can harness the power of Google to promote your small business – without spending a dime. Click here to register.

more info - http://cmitsolutions.com/centralsv