Warning - this blog contains opinions, strong language, occasional bold text, and HTML. Viewer discretion is advised.


Fort McMurray Assistance!

One of our long time clients, All Service Insurance, has organized a HELP Campaign for victims of the Fort McMurray fire.  If anyone has any of the items listed below, you may drop them off at either of the following locations:
  • Bulletproof Red Deer Office – 11, 7711-50th Ave, Red Deer, before 4pm Tuesday May 10th.
  • All Service Insurance – #270, 5002-55 St, Red Deer, before 5pm Tuesday May 10th
Our family lived in Fort McMurray for nearly 10 years, and all three of my children were born there.  Many of my friends were impacted by this disaster, and to my knowledge they are ALL safe, but now possibly homeless.  Every little bit helps.

Thank you and read on!

Sean Tindall, President, Bulletproof InfoTech

Fort McMurray Evacuees Need Your Help!fm3 fm2 fm1

The following items are desperately needed to help the residents of Fort McMurray that have been evacuated:
  • Dry, non-perishable food items
  • Canned food items
  • Powdered baby formula
  • New Pillows
  • New Socks and Underwear
  • Pet Kennels
  • Toiletries - shampoo, conditioner, soap, deodorant, toothbrushes, toothpaste, feminine hygiene products
  • Diapers
  • Baby Wipes
  • Dog/Cat food
  • Cat Litter
  • Advil/Tylenol/Allergy Medication
  • Hair Brushes/Combs
  • Sunscreen
  • Band-Aids
  • Gift Cards
Drop Offs:

Bulletproof Red Deer Office – 11, 7711-50th Ave, Red Deer, before 4pm Tuesday May 10th
All Service Insurance – #270, 5002-55St, Red Deer, before 5pm Tuesday May 10

All donations are being taken to an Edmonton drop center on Wednesday, May 11th.

Thank you for your support!

For more information on how to help, or where to drop off supplies if you are not local to Red Deer, click here: http://edmontonjournal.com/news/local-news/how-yiou-can-help-the-evacuees-from-the-fort-mcmurray-wildfires

Fort McMurray Assistance!


What You Need to Know About Stagefright

If you’re an Android user, learn how to protect yourself from Stagefright:

What You Need to Know About Stagefright

This Stagefright has nothing to do with public speaking and everything to do with a new Android cyber threat.

Intel Business Social Hub

What You Need to Know About Stagefright


Quarterly Threat Report: What Do the Numbers...

Malware attacks double, as well as target Macs and mobile.

Quarterly Threat Report: What Do the Numbers…

Every quarter, the team at McAfee Labs releases a threat report detailing information about the latest trends in malware and cybersecurity.

Intel Business Social Hub

Quarterly Threat Report: What Do the Numbers...


Macro Malware Is Back

Malicious macro incidents are up by a factor of four in the last year alone.

Macro Malware Is Back

Macro malware — a threat you probably haven’t thought about since the early days of the Internet — is back. And if you’re a regular Microsoft Office user, you might want to take notice.

Intel Business Social Hub

Macro Malware Is Back


"Locky" Ransomware Alert from BulletproofIT

New Ransomware Notice from Bulletproof InfoTech:

We wanted to make you aware of a new Ransomware that has started to raise its ugly head.  The IT world is calling it "Locky" and it works in a similar way to other “Ransomwares” such as CryptoLocker and CryptoWall.  Please review the following information and share it with your staff members.

The main point?
  • Be careful!  If activated on your computer, Locky will encrypt your files, change your file names, and you will see a message telling you that you can’t access the data unless you pay the hackers for a password.
How do you avoid it?
  • Locky is sending fake invoices that look like a Microsoft Word document.  Once you open one, the text is illegible and you are prompted to enable macros in the document.  DON’T DO IT. See a sample photo below of what such a message might look like.

  • While Bulletproof works to ensure your systems have multiple levels of security software in place, the main way Ransomware gets into a system is by tricking you into opening something bad – particularly via email attachments.  By “you” I mean me too -€“ it can happen to anyone.  So we all need to be careful.
  • Use great caution when opening attachments in emails you aren’t expecting and/or from people you don’t know.
  • Never open zipped file attachments unless you are specifically expecting them to be sent to you from known senders.
  • Never enable macros in an email attachment unless you are very sure about the source of the document.
  • Never click on a link in a fishy (phishy) looking email.
  • If you’re unsure - call BulletproofIT for assistance and we will look at the email with you.
  • If you think you’ve clicked on something bad -€“ call BulletproofIT right away for assistance.
We highly recommend you share this information with your staff.

If you have any questions or concerns, please contact us!


More detailed information can be found here: http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-shares/

"Locky" Ransomware Alert from BulletproofIT

BulletproofIT achieves CompTIA Security Trustmark+ Certification



Bulletproof InfoTech Earns CompTIA Security Trustmark+ - Validation that BulletproofIT uses industry accepted security best practices

Calgary, AB, Dec 9 2015  Bulletproof InfoTech, an IT Managed Services Provider for small and medium sized business, announced today it has received the CompTIA Security Trustmark+ from CompTIA, the non-profit association for world's information technology (IT) industry.

The CompTIA Security Trustmark+ validates that BulletproofIT uses the security processes identified by the IT industry as generally accepted best practices and has been evaluated by an independent third-party assessor as meeting the criteria established by the CompTIA Security Trustmark+. Based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the CompTIA Security Trustmark+ is a comprehensive review of the security posture of any IT business, applicable across multiple industries and compliance regulations.

"The CompTIA Security Trustmark+ signifies that BulletproofIT adheres to our industry's highest standards for security practices and business processes in critical components of identification, protection, detection, response, and recovery as related to data security," said Nancy Hammervik, senior vice president, industry relations, CompTIA. "Earning the Security Trustmark+ demonstrates a true commitment to address the challenges of security compliance facing our industry today."

Security Trustmark+ really makes you think hard about all of the various processes that simply have to be put in place to handle any situation, security or otherwise.  We feel equipped to handle any scenario while following the Trustmark framework - Sean Tindall, P.Eng, President, Bulletproof InfoTech

To earn the CompTIA Security Trustmark+ Bulletproof InfoTech successfully passed an independent assessment of their security policies, capabilities, practices, and processes against industry best practices in areas such as:
  • Security technologies, including firewalls, anti-Virus/ malware/ spyware and intrusion detection
  • Vulnerability assessment detection
  • Data encryption
  • Technical employee knowledge/expertise
  • Security clearances and background checks
  • Physical and hardware security
  • Permissions, passwords and other security requirements
For more information on the CompTIA Security Trustmark visit http://www.comptia.org/trustmarks/security-trustmark-plus.

About Bulletproof InfoTech
Bulletproof InfoTech is celebrating its 29th year supporting small business networks in Alberta and beyond.  They specialize in delivering flat fee managed services to IT dependent companies, allowing clients to have greater budget predictability and focus more on their business instead of worrying about leveraging technology.

Contact:Sean Tindall, P.Eng., President
Bulletproof InfoTech Inc
403 340 1011

BulletproofIT achieves CompTIA Security Trustmark+ Certification


Don't forget about the old school

I'm downsizing my network at home and I want to get rid of my on-premise domain controller.  So I'm converting to using Azure AD and Windows 10 machines.  All of my devices have been upgraded to Windows 10, but because I also happen to use Google Apps and Google Drive, I ran into THIS annoying problem:

Google Drive on Windows 10 with Azure AD Sign in will not start properly: https://productforums.google.com/forum/#!topic/drive/-Q3no-2OoRw

So, temporarily forced back to using local logins, I was also faced with implementing login restrictions.  Windows 10 Parental Controls are TOO restrictive for my tastes (in addition to now FORCING you to use Microsoft Accounts for all family members), so after some digging I discovered this old school way.  Basically, you can't do login restrictions for local accounts from the GUI, but you can from the command line, below.  You'll probably want to combine this with screen saver timeouts forced with local policy editor:

net user username /times:m-th,2pm-4pm;f-s,1pm-3pm;su,6pm-8pm

So, this will have to suffice until Google Drive fixes their issue with Azure AD logins, and Azure AD lets us perform user logon restrictions like on-prem AD does.