Archives 2016

When to Upgrade Your Security – Four Key Considerations

by Billy J Long Guidance, PSA Articles

Article (PSA‑0002‑C)

Below is a plain‑language breakdown of the four situations that typically justify moving beyond a basic home‑router firewall to a more capable solution such as a commercial next‑generation firewall (NGFW), unified‑threat‑management platform, or a managed security service.

1️⃣ You run a small business with multiple endpoints and need centralized management

  • What it means – You have 5 – 20 devices (PCs, laptops, printers, VoIP phones, servers) spread across one or more locations.
  • Why a basic firewall falls short – Each device must be configured manually, creating a high risk of “policy drift” where some machines stay open to the Internet.
  • What you need from a new solution
    • A single management console (cloud‑based or on‑prem) that can push policies, updates, and patches to every endpoint.
    • Policy templates that apply the same rule set to all devices automatically.
    • Device‑aware logging that ties every event to a hostname, MAC address, or user for easy forensics.

2️⃣ Ransomware or phishing attacks are a frequent threat in your industry

  • What it means – Malicious PDFs, Office documents, or links that deliver ransomware; fake login pages that harvest credentials.
  • Why a simple firewall can’t stop it – Basic NAT/firewall only looks at IP/port; it can’t inspect file payloads or block a phishing URL that resolves correctly.
  • What you need from a more robust platform
    • Content‑inspection and sandboxing – unknown files are executed in a safe VM before delivery.
    • URL and web‑reputation filtering to block known phishing domains in real time.
    • Network segmentation/micro‑segmentation so an infected workstation can’t reach every other device.
    • EDR integration to stop ransomware processes on the endpoint and auto‑rollback changes.

3️⃣ You require application‑aware filtering, IDS/IPS, or secure remote‑access VPNs

  • What it means
    • Allow Zoom video but block Zoom file‑sharing.
    • Detect and block known exploit attempts (e.g., EternalBlue).
    • Provide encrypted, MFA‑protected VPN tunnels for remote staff.
  • Why standard NAT routers can’t deliver
    • Home routers only see TCP/UDP ports – they can’t differentiate between applications that share the same port.
    • No built‑in IDS/IPS signatures, so exploits go unnoticed.
    • VPN support is often old PPTP/L2TP and lacks MFA or split‑tunnel control.
  • What a modern NGFW (or complementary appliance) offers
    • App‑ID/DPI – precise, per‑application policies (allow, limit, or block).
    • Signature‑based IPS plus behavioral analytics for zero‑day protection.
    • Modern SSL/TLS or IPsec VPN with MFA, client certificates, and detailed session logging.
    • Optional ZTNA layer for identity‑based, context‑aware access.

4️⃣ You must comply with regulations (HIPAA, PCI‑DSS, GDPR) that mandate specific security controls

  • HIPAA – audit logs, encryption, role‑based access for ePHI
    • How a basic firewall fails: No immutable logs, no enforced TLS for internal traffic, no RBAC for rule changes.
    • Required capabilities:
      • Detailed, tamper‑proof audit logging (forwarded to a SIEM or immutable storage).
      • TLS/SSL inspection and encryption enforcement for any traffic containing PHI.
      • RBAC so only authorized staff can modify firewall policies.
  • PCI‑DSS – segmentation, IDS/IPS, strict firewall configuration
    • How a basic firewall fails: No VLAN‑based segmentation, no IDS/IPS, and no change‑management logs.
    • Required capabilities:
      • Network segmentation (separate CHD zone) with firewall rules that isolate card‑holder data.
      • Built‑in IDS/IPS to detect attacks against payment‑card servers.
      • Change‑management logging for every rule alteration.
  • GDPR – data‑loss prevention, breach‑notification readiness, encryption
    • How a basic firewall fails: No outbound data‑filtering, no guaranteed encryption, limited visibility for breach forensics.
    • Required capabilities:
      • DLP or outbound filtering to prevent accidental export of personal data.
      • Enforced TLS for all traffic that could carry EU personal data.
      • Comprehensive logging to meet the 72‑hour breach‑notification window.

How to Act on These Considerations

  • Multiple devices? Deploy a centralized endpoint‑protection platform (e.g., Microsoft Defender for Endpoint, Bitdefender GravityZone) and pair it with a lightweight NGFW (FortiGate 60F, Palo Alto PA‑220).
  • Ransomware/phishing frequent? Add sandboxing, URL filtering, and network segmentation; enable EDR on all endpoints.
  • Need app‑aware control, IDS/IPS, VPN? Choose an NGFW that bundles those services or combine a dedicated VPN concentrator with a separate IDS/IPS sensor.
  • Regulatory compliance required? Verify the firewall is certified for PCI‑DSS/HIPAA, enable immutable logging, TLS inspection, and RBAC. Consider a managed security service that handles audit‑ready reporting.

Need a Tailored Recommendation?

If any of the four triggers above sound familiar, it’s time to move beyond a consumer‑grade router. PSA Computer Services can evaluate your environment, recommend a solution that fits your budget, and handle the deployment so you can focus on your business.

Call us today at (707) 506‑6802 for an assessment and a roadmap to a more secure network.

Security, Is More Better?

by Billy J Long Guidance, PSA Articles

Article (PSA‑0002)

Security requirements vary by how a computer is used. For a quick assessment you can split the environment into two categories:

  • Online (Internet‑connected) devices – need real‑time threat detection and a firewall.
  • Offline (stand‑alone) devices – may need fewer safeguards, but still require some protection if they ever exchange media with other systems.

1️⃣ Online Devices – Core Requirements

Antivirus / Antimalware

A modern, licensed solution that provides both **real‑time** and **scheduled** scanning is essential.

  • Real‑time scanning – Monitors files as they are created, downloaded, or executed and blocks known threats instantly.
  • Scheduled scanning – Performs a deep scan of the entire drive (or selected folders) on a regular basis (daily, weekly, or monthly) to catch dormant or missed malware.
Built‑in options (2025)
  • Windows 10/11 – Microsoft Defender – Free, always‑on, AI‑enhanced, and centrally manageable via Microsoft Endpoint Manager.
  • macOS – Xprotect + Gatekeeper – Native malware detection and notarization checks for downloaded apps.
  • Linux – ClamAV, Sophos Home for Linux, or commercial EDR agents – Useful for servers or workstations that run Linux.
When to consider a third‑party solution

If you need additional features such as ransomware‑specific protection, web‑filtering, or centralized reporting for multiple endpoints, look at reputable vendors like Bitdefender GravityZone, SentinelOne, or ESET Endpoint Security.

Firewall

A firewall controls inbound and outbound traffic based on a set of rules. Two layers are common:

  • Software firewall – Built into the OS (Windows Defender Firewall, macOS Application Firewall, Linux UFW/nftables). It blocks unsolicited inbound connections and can restrict outbound traffic.
  • Hardware firewall – The router or a dedicated appliance (e.g., Ubiquiti EdgeRouter, Cisco Meraki, or a commercial NGFW – Next‑Generation Firewall). It adds network‑level filtering and NAT, keeping the entire LAN hidden from the Internet.

For most home users and small businesses the combination of the OS firewall plus the router’s NAT/packet‑filter is more than adequate.

2️⃣ Offline (Never‑Connected) Devices – What to Consider

If a computer truly never touches the Internet and never receives files from another network, you can forego a full‑time antivirus program. However, keep these points in mind:

  • Even removable media (USB sticks, external HDDs) can carry malware. Scan any media before it is introduced to an offline system.
  • Use a lightweight on‑access scanner (e.g., Windows Defender in “offline scan” mode) for occasional checks.
  • Maintain a strict air‑gap policy: keep the device physically separated and disable any wireless adapters.

Why One Security Suite Is Usually Enough

Running multiple antivirus products on the same machine creates more problems than it solves. The most common issues are:

  1. RAM depletion – Each engine consumes memory. When RAM runs out the OS starts paging to disk, causing severe slow‑downs.
  2. Software conflicts – Two real‑time scanners can flag each other’s activity as malicious, leading to endless alerts and potential system instability.
  3. Quarantine of critical files – One product may mistakenly quarantine the other’s core components, leaving both programs corrupted.
  4. Administrative overhead – Managing multiple licences, updates, and alert streams is time‑consuming and costly.

For the vast majority of users, **one up‑to‑date antivirus/antispyware product plus a properly configured firewall** provides comprehensive protection.

Practical Checklist – Get Secure in Minutes

  • Enable the built‑in OS firewall. Verify that inbound connections are blocked unless you explicitly allow them.
  • Install a reputable antivirus. If you’re on Windows 10/11, make sure Microsoft Defender is turned on and receiving updates.
  • Schedule a weekly full scan. Set the scan for off‑hours to avoid interrupting work.
  • Keep the system patched. Enable automatic OS updates and apply vendor patches for all installed software.
  • Use strong, unique passwords and enable multi‑factor authentication (MFA) on all cloud accounts.
  • Back up your data. Apply the 3‑2‑1‑0 rule (see PSA‑0005) and test restores quarterly.
  • Limit admin privileges. Operate daily tasks as a standard user; reserve Administrator rights for installs and system changes.

When to Upgrade Your Protection

Consider a more advanced solution if any of the following apply:

  • You run a small business with multiple endpoints and need centralized management.
  • Ransomware or phishing attacks are a frequent threat in your industry.
  • You require application‑aware filtering, IDS/IPS, or secure remote‑access VPNs.
  • You must comply with regulations (HIPAA, PCI‑DSS, GDPR) that mandate specific security controls.

Need Professional Help?

If you’re unsure about the right antivirus, firewall configuration, or overall security posture for your home or business, call PSA Computer Services at (707) 506‑6802. We’ll perform a quick health check, recommend a solution that fits your budget, and set everything up so you can work safely.

Testimonial – Eureka Rescue Mission

by Billy J Long Testimonials

Carol Ice, Office Manager
Eureka Rescue Mission
http://www.eurekarescuemission.org/

We have been using PSA for our computer technology needs since 2012. Having a PSA technician come in monthly to deal with our network and computer needs has relieved us from having to think about keeping our computers updated and computerized information secure, which is very important to us.

The backup service PSA supplies for our company also provides us with the ability to recover from any lost data problems quickly. He has always responded immediately to any of our computer issues and kept us up and running. He is current with technology information and is able to make that information applicable and understandable.

I would recommend PSA to anybody needing IT services.