The Differences between Hubs, Switches, and Routers

In discussions about networking, you might find that the terms "hub", "switch", and "router" are being used interchangeably when they should not be. The reason for the confusion is understandable. Besides looking similar, all three devices pass along data traffic through connectors called ports. Plus, as these devices become more sophisticated, the functional differences between them continue to blur.

To understand the differences between hubs, switches, and routers, it helps to look at their fundamental roles as well as their levels of intelligence.

What Is a Hub?

A hub is the least intelligent of the three hardware devices. It serves as a connection point for the computers (and other devices such as printers) in a network. A hub simply passes along the traffic it receives to the computers connected to it. Any traffic that goes in one port comes out the other ports. As a result, all the computers receive the traffic, even if it is not for them.

What Is a Switch?

A switch is more intelligent than a hub. Like a hub, a switch is the connection point for the computers (and other devices) in a network. However, a switch is more efficient at passing along traffic. It records the addresses of the computers connected to it in a table. When traffic comes through, the switch reads the destination address and sends that traffic to the appropriate computer rather than sending it to all the connected computers. If the destination address is not in the table, the switch sends the traffic to all the connected computers.

What Is a Router?

A router is the most intelligent of the three hardware devices. It is typically a small computing device designed specifically to understand, manipulate, and direct traffic. Routers include a user interface so that you can tell them where to direct the traffic.

The primary function of a traditional router is to connect two or more networks (or network segments in a very large network) and direct traffic between them. For instance, a business might use a router to manage the connection between its local network and the Internet. To distribute the traffic to the computers in the local network, the business could connect the router to a switch or hub.

While traditional routers are still available, most small business and home office routers today combine the functionality of a router and the functionality of a switch or hub in a single unit. These integrated routers often include additional software that lets businesses set up features such as network firewalls and virtual private networks. There are two main types of integrated routers: wired (e.g., for networks using Ethernet broadband) and wireless (e.g., for Wi-Fi networks).

The Lines Continue to Blur

Integrated routers are blurring the functional lines between routers, switches, and hubs. But they are not the only devices doing so. As switches become smarter, they are taking on some of the tasks that used to require a router. Even hubs are becoming more intelligent. Your IT service provider can help you sort through the many types of routers, switches, and hubs so that you can pick the best routing solution for your business.

Hospital Pays Hackers a Ransom to Regain Control of Its Computers

February 5, 2016, started out like any other day for the doctors, nurses, and other staff members at the Hollywood Presbyterian Medical Center in Los Angeles, California. But by the end of the day, many of them could no longer access or update patients' medical records. Nor could they send or receive emails. When the hospital's IT department investigated, it found that the computer systems were infected with ransomware.

The ransomware had encrypted the hospital's files, paralyzing its computer systems. The hackers demanded 40 bitcoins (about $17,000) to get the decryption key. The hospital paid the ransom. "The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key," explained president and CEO Allen Stefanek in a statement released by the hospital. After the hospital regained control of its computer systems on February 15, the IT staff, with the help of outside computer experts, removed the malware.

Not an Isolated Incident

The Hollywood Presbyterian Medical Center is not the only hospital to come under attack. Two hospitals in Germany also reported being ransomware victims. The Lukas Hospital in Neuss was attacked on February 10, 2016. Two days later, Klinikum Arnsberg was targeted. Although the ransomware had encrypted some files at each hospital, neither one paid the ransom.

While the Hollywood Presbyterian Medical Center, Lukas Hospital, and Klinikum Arnsberg reported their attacks, most organizations attempt to hide them, according to Bob Shaker, director of strategic operations for Symantec's Cyber Readiness and Response group. He knows about hundreds of ransomware attacks in a variety of industries that have been kept secret.

Shaker and other security experts fear that the successful attack on the Hollywood Presbyterian Medical Center will encourage more organizations to pay the ransom if infected by ransomware. This, in turn, will lead to hackers launching even more attacks.

What You Can Do to Protect Your Business's Computer Systems

Since more ransomware attacks are inevitable, you need to take measures to protect your business's computer systems. Perhaps the most important measure is to back up your files and make sure they can be successfully restored. Although this will not prevent a ransomware attack, it will mitigate its effects. You will not have to pay the ransom to get your files back since you can restore them from the most recent backup.

Prevention is also important. To help prevent a ransomware attack, it is helpful to know the common ways of getting infected. They include:

  • Visiting a malicious website or a legitimate website that has been hacked
  • Opening a file or clicking a link in a phishing or spear phishing email
  • Being infected with some other type of malware that, in turn, downloads the ransomware

Given these attack vectors, one way to help prevent ransomware is to use anti-malware software. It can help guard against known ransomware ploys and other kinds of malware threats.

Taking advantage of the popup blocker functionality in web browsers is another way to help guard against ransomware. Popups sometimes contain malware or lead to malicious websites. In addition, you need to educate employees about the importance of avoiding any websites marked as potential security threats by their web browsers or anti-malware software.

You also need to educate employees about how to spot phishing or spear phishing emails. Let them know what they should and should not do:

  • They should not open any email attachments that are not expected. If the email is from someone they know, have them check with that person first before opening the attachment.
  • They should not click any links embedded in emails sent from unknown sources. Even if they know the person who sent the email, have them check the link (hover their cursor over the link to see the address of the website) before clicking it.

Take Action Now or Pay Later

Ransomware is one of the biggest cyber threats in 2016, according to McAfee Labs and Trend Micro. To avoid becoming a victim, you need to take action now to protect your computer systems. Waiting could cost you money, hassle, and negative publicity. Contact us to do an IT security assessment to reduce the risk of your data being held ransom. We can also help you set up effective backup and restore operations.

6 Things That Google Knows about You

Have you ever visited a shopping site followed by a news site and found that most of the ads you see are from that shopping site? That did not happen by accident. Google has been tracking your activities and using the data it collects to make money.

Google has one of the largest collections of consumer data on the planet. Besides capturing the information that users freely give when they sign up for a Google account, Google tracks its users' web activity so it can display ads that better match their interests. Even users without Google accounts have their web activity tracked, though Google is unable to connect it to a specific person.

Google uses the data it collects to develop profiles about its users. Many people do not realize just how shockingly detailed these profiles can be.

If you are a Google user, here are six things that Google knows about you:

1. Your Account Details

Google knows your name, phone number, and all the other information you provided when you signed up for a Google account.

2. Your Usage of Google's Tools

Google provides users with many tools, including a word processor, web browser, and contact list. The tech giant keeps track of how you use these tools. This means that it knows how many documents you have in Google Docs, how many bookmarks you have in Chrome and what they are, and how many people you have in your contact list.

3. Your Gmail Inbox Contents

If you have a Gmail account, Google knows how many messages are in your inbox. It also scans your messages for keywords. It uses this information to tailor the ads and search results it shows you.

4. Your Searches

Besides tracking your web browsing activity, Google keeps tabs on your web search history. This is one of the main ways in which it develops an advertising profile about you. By knowing what you are searching for, Google can determine what types of products and services you are likely to buy.

5. The Videos You Watch

Google owns YouTube, so it is able to track your activity on that site as well. The information about your YouTube activity is used for advertising purposes.

6. Your Location

It is likely that Google knows where you live. It might even know where you are located right this minute. If you have used Google Maps to get directions from your home to somewhere, Google knows where you live based on that information and your IP address. If you have an Android phone and have not disabled the Google Location History feature, Google knows where you are located right this minute. Location tracking lets the company offer you geographically specific results when you search for something.

Check Your Profiles

There are several ways you can find out the types of information that Google is collecting about you:

  • You can review your Google account profile by going to the My Account web page. There you can see what personal information you gave Google when you signed up. Plus, if you click the Account History option, you can see if Google is tracking your location, web search history, YouTube search history, or browser activity.
  • Google has developed a dashboard designed to increase transparency about the data it collects about you. The Google Dashboard summarizes the data collected for each Google tool that you use.
  • Google's advertising profiles include guesses about its users' ages, genders, and interests. You can see your advertising profile on the Control Your Google Ads web pageand find out just how right (or wrong) the tech giant is about you. You can also use this website to stop Google from tracking your web activity by opting out of its interest-based advertising program.

6 IT Policies to Help Protect Your Company

Many companies rely on IT to help run their businesses. For this reason, they often depend on a set of IT policies to ensure the productive, appropriate, and legal use of IT resources. IT policies establish expectations and regulations for behavior related to company computers and networks.

In addition, IT policies detail consequences for employees or customers in the event of a policy violation. The proper enforcement of IT policies may also provide a basis for defense in the event of a lawsuit.

Here are six common IT policies to help protect your company:

1. Acceptable Use Policy

An acceptable use policy, or AUP, restricts use of a company's network or services. AUPs prevent illegal activity, ensure security, and safeguard the reputation of the company.

AUPs also outline the consequences of breaking the rules. A common penalty is restricted or permanent loss of access to the associated network or service.

2. Privacy Policy

Privacy policies protect the personal information collected from a company's customers and employees. Personal information includes anything that can be used to identify an individual. Names, social security numbers, credit card numbers, email addresses, and even photos of individuals are considered personal information.

Privacy policies typically document how personal information is collected, stored, used, and disposed of. Privacy policies may also disclose when personal information is shared or sold to third parties.

3. Data Governance Policy

Data governance policies describe how data is managed as it passes through company systems. Specifically, these policies document how a company makes sure that data is accessible and secure, as well as accurately collected and properly maintained.

Data governance policies also identify the people responsible for the quality and security of company data. They might also mention any third parties that play a role in the company's data management plans.

4. Disaster Recovery Policy

A disaster recovery policy outlines the broad requirements of a company's disaster recovery plan. These policies identify critical data and responsible departments or staff. They also specify allowable downtime, as well as how to ensure business continuity in the event of downtime.

Disaster recovery plans are usually created by senior IT staff. However, the specifics of data recovery plans are normally left to those designing and executing the plan.

5. BYOD Policy

A BYOD policy, or Bring Your Own Device policy, is an IT policy that governs the use of personal mobile devices in the workplace. BYOD policies are becoming increasingly important, with study after study showing the dramatic shift of personal mobile devices into the workplace.

Specifically, BYOD policies state the degree to which personal mobile devices are allowed within the workplace, what can be done with these devices, and how the company will support them.

6. Social Media Policy

Social media policies govern employee use of social media both in and out of the workplace. These policies define how a company will manage and monitor the online behavior of it's employees. They also set forth any company expectations regarding the nature and tone of information being posted.

As a result, social media policies are sometimes perceived as repressive. However, they can actually empower employees by letting them know what can and cannot be posted. Striking a balance between the needs of the company and employees is the key to a successful social media policy.