Meltdown and Spectre: What You Need To Know




What is it?

Google security researchers found a couple big new bugs.  These bugs, ominously called Meltdown and Spectre, are pretty serious.  Most security bugs are simple to fix.  The vendor just releases a software patch everything is secure again.  These bugs are actually built into the hardware of your computer (the CPU), so they are harder to secure.  That is why you’ve been seeing so much press about it lately.

The way the bugs work doesn’t really matter, but know that it is difficult to patch completely, and it can put your data at risk, such as passwords, files on your computer, and sensitive info you are working on.  If you want more technical information about what’s going on, here is a great link to read up on it: Click Here

Does this affect me?

Yes.  These bugs affect most CPU’s made since 1995.


I have a Mac.  Am I still at risk?

Yes.  Apple has confirmed their computers and mobile devices are vulnerable.

What do I do?

The good news is, all major hardware and software vendors have been working on fixes for this and they are being released presently.

  • Apple has released software patches to all their devices. So, run your normal software updater, in the App store, to download and install the latest patch.
  • Microsoft gets a little trickier. When testing their patches, they saw some antivirus programs crashing the computer.  They have told all AV companies how to fix their software, but there needs to be a coordination before everything is up to date.  What you need to do:
    1. Update your anti-virus frequently over the next couple of weeks.
    2. Check for Windows Software updates every day, until you get the security patch.

How do I know if I am patched or not?

If you are a Strive Client, ask us if your protected and we will let you know.

If not, here is an technical article on how to check to see if your system is protected: Click Here

Who is exploiting it?

Tough to tell.  Right now, there are no “known” exploits out there.  On the other hand, exploiting these vulnerabilities wouldn’t leave traces in normal logs, so there may be some hackers that keep secrets well and are exploiting them and we don’t know about it.  Bottom line: make sure you have a good antivirus system, keep it up to date, and patch your computers frequently over the next few weeks.

I’ve heard that updating this software patch will slow my computer down, is that true?

Not really.  The computers that are most affected by these changes are Servers and cloud stations that see a lot of work heavy loads.  Traditional workstations should be fine and see negligible performance loss.

5 Biggest Mistakes Businesses Make Developing a Business Continuity Plan


A business continuity plan (”BC plan”) is a plan that prevents the disruption of normal operations of a business and allows for a quick restoration of business operations.  A disaster is not just a natural disaster but can include cyber-attacks, telecom outages, unplanned IT outages, hardware failures, construction mishaps, etc. Having a BC plan in place means there will be fewer questions of what people need to do and how they need to do it when the time comes. This translates to a quicker recovery, less money lost, and less headache for you and your business. All businesses should have at least an outline of a BC plan, but many don’t, or make mistakes when creating one.  Here are 5 of the most common:

“We’re small, so we don’t need a Business Continuity Plan.”

A BC plan includes what to do with personnel, communication, technology issues, facilities, electronic payment systems, liquidity concerns, financial disbursement, and other aspects both in a short-term and long-term settings.  A BC plan can help prevent issues like loss of data or revenue in the event of a disaster and it will provide a road map for the business to recover efficiently with the least amount of downtime possible.  This is a very comprehensive plan that is created to help assist all business sizes.  Small businesses operate similarly to large businesses.  There are personnel that need to be dealt with, technology that may need to be repaired or replaced, a facility where your personnel can work, communication to those personnel and to clients that may need your services during this disaster event. The list goes on.  Just because you may be a small business, doesn’t mean that your business is less important than any other larger business.  Get prepared, stay prepared, and conquer disaster.

“We have our plan written down, we don’t need to test it.”

“No plan survives contact with the enemy, ” said (or thought) every important general throughout history.  This is what happens if you don’t test your BC plan. The enemy here is the disaster waiting to strike, and your plan–if never tested–will probably break. We have all heard stories of the company that thought they were doing backups of their information, but sadly when they needed to restore all that information, it wasn’t there—to their surprise. If they had tested it than they could have fixed the issue! To quote Singleton’s 2nd law of backups “If you aren’t testing backups than you aren’t doing backups.”

“We have a plan that focuses on our technology.”

Technology is the obvious piece that people generally consider first.  But each major function of your business must be accounted for in your BC plan.  These may include:

  • Technology: Computers, telephones, network equipment, wireless, internet access, and data backups.
  • Accounting & Payroll: How will you get your employees paid during an extended outage?  Do you have liquid capital to continue paying your debts, even if you are not taking in income?  Even if you have insurance, it may take a long time to pay out.
  • Communication: How you will get a hold of all your employees, telling them that the BC Plan is in effect?  How will you get a hold of your customers and tell them what (if anything) will change?
  • Facilities: Do you have a spare building available?  Will everyone work from home?  If so, will they be able to and do they know how?  Will you need to move or store inventory?

If you have other major areas of your business, add them to this list.

“Our data is safe, so we should be too.”

Backing up your data is not the only thing you have to worry about. Data may be all the information that a company uses, but is useless if you can’t reach that data.  All your crucial data needs to be backed up, yes, AND TESTED, but what about everything else that is required to run your business. You will need certain services to be able to communicate with key personnel and to clients: Internet, phone, email, etc.  You also may need to repair or replace any technology that you use or your facility before you can even access and start using your data. Getting these parts put into place in a timely manner is a difficult task if all you have is secured data.

“Our owner knows and understands the plan, isn’t that enough?”

This violates one key component of a BC plan: communication. Communication needs to be a two lane highway. The employees must communicate their intentions with the boss, and the boss must communicate their intentions with their employees.  If the owner is the only one that knows the BC plan, than the recovery process can become long and hectic. Employees won’t know how to do their work and the owner will have to manage every little detail. If employees know how to deploy the BC plan than the company will have a better chance of recovering fully and promptly. Communication is key to running a business, don’t let it add to the destruction, talk to your employees about your BC plan.