There are a lot of things that have changed since the invention of the internet. One of these is how we bank and access our accounts. You used to have to go into a local bank branch to make deposits and withdrawals. Now, you can take a picture of a check and deposit it from your phone.
Approximately 73% of people around the world use some form of online banking at least once a month. People have never had such convenient account access. But that convenience can come at a cost.
In 2021, account takeover fraud increased by 90%. New account fraud jumped a whopping 109%. As the ease of online banking has increased, so has banking-related cybercrime.
If someone breaches your Facebook account, it can be a real pain. But, if a hacker breaches your bank account, it can be devastating. It can mean significant losses. Losses that you may not be able to recoup from your financial institution.
In this article, we’ll take a look at the mistakes people make that leave their accounts at risk. Then, we’ll go over some important tips on how to keep your bank account better protected.
Two-factor authentication (2FA) is a simple process that packs a big punch. When you enable this setting in an online account, it requires an extra step to gain access. That step usually consists of receiving a one-time passcode (OTP) by SMS and entering that at login.
Many people make the mistake of leaving this disabled. They either don’t know it’s there or they think it’s too inconvenient. But leaving this setting off makes it much easier for a bad actor to breach your account.
There are several types of phishing scams that target online banking. Cyber criminals send emails that look like they come from your bank. They’ll even promise incredibly low rates on credit cards.
Other scams can involve warning you of unauthorized account activity. But when you click the link to log in, you’re actually on a fake page. One designed to look just like your normal bank website.
These are just a few ways that scammers can get your online banking login details. Once they have them, they’ll act immediately to get whatever they can.
If your account password is easy to remember, it’s also often easy to guess. Using weak passwords is a common mistake that enables many cyber criminals.
Some best practices for passwords include:
Banking trojans are often hidden in malicious mobile apps. These apps can look like something as innocent as a task manager. But, once installed, banking trojans seek out any details they can find. They are looking for banking and wallet apps.
One surefire way to give away your online banking password is to log in while on public Wi-Fi. Hackers hang out on public hot spots and spy on the activity of others. You should never type in a password or other sensitive details when connected to public Wi-Fi.
Enable two-factor authentication in your online banking account. This is also known as multi-factor authentication or two-step verification. According to Microsoft, it can block 99.9% of fraudulent account login attempts.
Time is of the essence when an intruder breaches your account. The faster you can notify your bank of the breach, the better. You could reduce the impact on you by having your account locked down immediately.
Set up banking alerts through your online banking. These can include things like low-balance alerts and login alerts.
It’s important to have reliable antivirus software on your PC and mobile device. Many people don’t think about protecting their phones in this way. Yet, they shop online and bank via mobile devices.
It’s also good to use a DNS filter. This is a filter that protects you from going to dangerous phishing sites by blocking them.
Do you know how to identify phishing? Are you up on all the newest scams? You can make yourself less vulnerable by taking some phishing awareness classes. There are many of these for free online. You can also contact us for more personalized training options.
Knowing how to spot phishing via text, email, and phone can help you avoid becoming a scam victim.
There are some key digital solutions we can put in place to keep your family safer from online threats. Give us a call today to schedule a chat about online security.
This Article has been Republished with Permission from The Technology Press.
Microsoft released the Windows 11 operating system (OS) over a year ago. It was largely well-received as stable and user-friendly. The OS is not a large departure from the Windows 10 experience. But it does offer a lot of enhancements over the older environment.
Yet with several improvements and a free upgrade for Windows 10 users, it still lags in adoption. As of November 2022, Windows 10 still owns the lion’s share of Windows PCs. It has a 69.75 percent usage share as compared to 16.13 percent for Windows 11.
People are slowly upgrading to the newer OS. But it’s natural for some to take a wait-and-see stance. They want to make sure it’s worth the time to upgrade. Additionally, no one wants to have to relearn their computer desktop.
The good news is that Windows 11 has a similar workspace feel to its predecessor. But it packs a lot of great productivity and security benefits that Windows 10 lacks.
Here are some of the coolest features in this current Windows OS. After taking a look, you may choose to go ahead and take the plunge into the Windows 11 universe.
Most people are working with more than one app open at a time. It’s not unusual to need to reference two different windows while doing side-by-side work. Switching back and forth between apps can be tedious. It’s also time-consuming.
Approximately 68% of app users say that switching between apps costs them at least 30 minutes per day. Trying to size two windows next to each other can also be frustrating. You lose the scroll bar or can’t get to the menu items unless you resize.
Enter snap layouts. This nifty feature in Windows 11 solves the multi-app problem. Simply hover over the maximize icon at the top of any window to get access to a snap layout.
Choose the area you want for the active app, and it will snap into place and allow you to choose apps for the other slots.
Need to find a document, website, image, or app quickly? Use the Windows 11 master search. Just click the search icon on your desktop. You’ll get a search bar that will populate results from the entered keyword.
As an added touch, Microsoft populates fun topics into the search bar daily. Learn more about James Webb Space Telescope, Coffee Day, or other fun subjects.
Once you enter your keyword, you can further refine your search. Refine it according to the type of search result you want. (apps, documents, web, etc.).
In the latest Windows 11 update, Microsoft gifted users with a free video editor. The new Clipchamp app makes it easy to edit videos. You don't need to download any extra software.
Clipchamp has a lot of the features you’d expect to have to pay for. These include templates, effects, video resizing, green screen, and more.
Video calls have become the norm since the pandemic. But not all video software is easy to use. Most of us have had to wait on someone late to a call because they were struggling with the app.
Windows 11 comes with Microsoft Teams preinstalled. This gives you a simple click-to-call experience. You can easily invite someone to a video or audio call. The person does not need to have a Microsoft account to connect with you. This makes things easy on both sides.
Another great feature of the Teams app in this OS is the fact that you can use it for SMS messaging. Instead of having to drag out your phone, just text someone from your desktop.
Windows 11 has some great accessibility features. They're designed to help ensure everyone can use their computer as they want. Those with disabilities can enjoy these features. As well as those that like the extra flexibility they offer.
Four of the newest accessibility features in the OS include:
Microsoft Edge is the default browser for Windows. It’s worth checking out if you haven’t yet. Especially because of a feature called “collections.”
If your bookmarked favorites are becoming a mess, you’ll love this Edge capability. If you click the “plus” icon at the top of an Edge browser window, you’ll get the collections panel. Add a collection subject and click to add webpages.
You can see a preview of what you’ve added, and everything is nicely organized. Collections are easy to access and easy to delete when you’re finished with them.
Phishing remains the biggest online security threat. It’s used to enable many forms of cyberattacks, from ransomware to credential theft. A significant number of phishing messages send users to malicious websites. You often don’t know until it’s too late that you’ve landed on a malware-laden site.
Windows 11 includes Microsoft Defender SmartScreen. This app helps protect you from those dangerous phishing sites. The app checks URLs in real-time against a dynamic list of reported phishing sites. It will warn you if a site is potentially dangerous.
It can be intimidating to upgrade your system’s operating system. Why not get a pro to help? Give us a call today to schedule a chat about a Windows upgrade.
This Article has been Republished with Permission from The Technology Press.
No business wants to suffer a data breach. But unfortunately, in today’s environment, it’s difficult to completely avoid them. Approximately 83% of organizations have experienced more than one data breach. (IBM Security 2022 Cost of a Data Breach Report)
These breaches hurt businesses in many ways. First, there is the immediate cost of remediating the breach. Then, there are the lost productivity costs. You can add lost business on top of that, and lost customer trust. A business could also have extensive legal costs associated with a breach.
According to IBM Security’s report, the cost of a data breach climbed again in 2022. The global cost of one breach is now $4.35 million, up 2.6% from last year. If your business is in the U.S., the cost rises to $9.44 million. In Canada, the average data breach costs companies $5.64 million.
Costs for smaller companies tend to be a little lower. But breaches are often more devastating to SMBs. They don’t have the same resources that larger companies do to offset all those costs.
It’s estimated that 60% of small companies go out of business within six months of a cybersecurity breach.
Companies don’t need to resign themselves to the impending doom of a data breach. There are some proven tactics they can take to mitigate the costs. These cybersecurity practices can limit the damage of a cyberattack.
All these findings come from the IBM Security report. They include hard facts on the benefits of bolstering your cybersecurity strategy.
Most organizations use the cloud for data storage and business processes. Researchers found that 45% of all data breaches happen in the cloud. But all cloud strategies are not created equally.
Breaches in the public cloud cost significantly more than those in a hybrid cloud. What is a hybrid cloud? It means that some data and processes are in a public cloud, and some are in a private cloud environment.
What some may find surprising is that using a hybrid cloud approach was also better than a private cloud.
You don’t need to be a large enterprise to create an incident response (IR) plan. The IR plan is simply a set of instructions. It's for employees to follow should any number of cybersecurity incidents occur.
Here is an example. In the case of ransomware, the first step should be disconnecting the infected device. IR plans improve the speed and effectiveness of a response in the face of a security crisis.
Having a practiced incident response plan reduces the cost of a data breach. It lowers it by an average of $2.66 million per incident.
Zero trust is a collection of security protocols that work together to fortify a network. An example of a few of these are:
Approximately 79% of critical infrastructure organizations haven’t adopted zero trust. Doing so can significantly reduce data breach costs. Organizations that don’t deploy zero trust tactics pay about $1 million more per data breach.
Using the right security tools can make a big difference in the cost incurred during a data breach. Using tools that deploy security AI and automation brought the biggest cost savings.
Data breach expense lowered by 65.2% thanks to security AI and automation solutions. These types of solutions include tools like advanced threat protection (ATP). They can also include applications that hunt out threats and automate the response.
Many of these ways to lower data breach costs are simply best practices. You can get started by taking them one at a time and rolling out upgrades to your cybersecurity strategy.
Working with a trusted IT provider, put together a roadmap. Address the “low-hanging fruit” first. Then, move on to longer-term projects.
As an example, “low-hanging fruit” would be putting multi-factor authentication in place. It’s low-cost and easy to put in place. It also significantly reduces the risk of a cloud breach.
A longer-term project might be creating an incident response plan. Then, you would set up a schedule to have your team drill on the plan regularly. During those drills, you could work out any kinks.
Working with a trusted IT partner takes a lot of the security burden off your shoulders. Give us a call today to schedule a chat about a cybersecurity roadmap.
This Article has been Republished with Permission from The Technology Press.
Cybersecurity researchers uncovered an alarming mobile statistic. During the first few months of 2022, mobile malware attacks surged by 500%. This is alarming both in scale and because many people aren’t yet protecting smartphones.
For years, mobile phones have become more powerful. They now do many of the same functions as a computer – just with a much smaller screen. Yet, people tend to secure their computers better than they do their smartphones.
This is a behavior that needs to change. Over 60% of digital fraud now occurs through mobile devices. That makes them highly risky if proper safeguards aren’t followed.
Many of these are the same types of protections you have on your computer. It’s time to start thinking about your smartphone as a mini-computer and keeping it just as secure.
Yes, your mobile phone needs antivirus/anti-malware too! Malware can and does infect smartphones and tablets. You need to ensure you have a reliable mobile anti-malware app installed.
And beware of those freebies. Freebies are great when you’re talking about food, but not security apps. Malware is often hidden inside free apps. These apps are ironically supposed to make you more secure.
Only download mobile apps from trusted sources. Do not download outside a main app store. Trusted app stores include places like:
You also should research the app developer online. Make sure they have a good reputation. Once you download a dangerous app to your phone, it can infect it with malware. That malware can remain behind even if you delete the app later.
Many people prefer checking email on their phone rather than PC because it’s so handy. But they have a false sense of security about the safety of emails when viewed on a mobile device.
You can’t assume an email is safe just because you’re not on your computer. Be just as wary about unexpected emails and scam emails masquerading as legitimate.
It’s difficult to hover over a link without clicking when on a smartphone. If you see something questionable and want to check the link, open the email on your PC where you can do that.
In March of 2022, text spam outpaced robocalls. Unwanted text messages rose by 30%, ten percent higher than robocalls. Many of those spam texts are smishing.
Smishing is the text version of phishing. These texts usually contain malicious links. A hacker can potentially breach your device if you click them. The message may also ask you to text back personal information.
Be on the lookout for text messages that don’t quite make sense. For example, getting a shipping notification when you haven’t ordered anything. Also, beware of texts from unknown sources.
Phishing via text message is a growing concern. It’s also one that most people aren’t aware of yet, so they often get caught in its trap.
Approximately 2.6 million apps haven’t had an update in a year or more. Apps are often abandoned by the developer. This can leave security vulnerabilities on your device. Hackers seek out these types of vulnerabilities to exploit. If they aren’t addressed, then they remain a danger.
Go through your device and remove old applications that you are no longer using. There is no reason to keep them around, potentially leaving your device at risk.
Additionally, look at the time of the last update. If it’s over a year, then you may want to consider replacing that app with something more current. App updates often include security-related items. It’s not good when a year or more goes by without the developer making any type of update to the app.
Speaking of updates, you also need to keep your device's operating system updated. Are you using the current version of Android or iOS? Not installing updates can mean your phone has vulnerabilities. These vulnerabilities allow hackers to breach your data.
Automate updates as possible. If you have a company with several devices, then it’s a good idea to include your phones on a managed IT services plan.
Public Wi-Fi is dangerous. Most people understand that, but many connect to it out of necessity anyhow. You may worry about going over your data plan allotment. Or your mobile carrier reception may be slow. Both cases are reasons people opt to connect to unsecured public hot spots.
You can connect to public Wi-fi with less risk if you use a VPN application. VPNs stand between your device and the internet. They route your data through a secure server. This keeps it away from prying eyes that may be lurking on that public Wi-Fi.
Don’t wait until your phone is infected with malware to secure it properly. We can help you with automated solutions that protect your device, accounts, and data. Contact us to schedule a consultation.
This Article has been Republished with Permission from The Technology Press.
The new buzzword around town is “metaverse.” But what does that actually mean for businesses? Is it just something that social media companies need to be concerned about?
According to people like Apple’s CEO Tim Cook, the metaverse is coming. He stated that “Life without AR will soon be unthinkable.” Whether that’s a short-term or long-off prediction, companies need to be ready.
First comes the understanding of what the metaverse is. Metaverse is a general term – hence why it’s not capitalized like a proper name. The metaverse refers to a collective upgrade of the internet to a 3D virtual environment. This would be a world interconnected between various sites. These sites would reflect the immersive games that you see today.
Did Facebook/Meta invent the metaverse? No.
The idea of connected 3D immersive worlds has been around for decades. Several online gaming companies have staked a territory in the metaverse. But their applications are less interconnected.
What's one of the best representations of the early metaverse? It’s a short-lived software called Adobe Atmosphere. This 3D immersive experience included interconnected online worlds. It also gave people the ability to chat with others. It was a bit before its time but shows how the concept of the metaverse has been around for a while.
The metaverse is getting attention now because technology has advanced. It has begun to catch up to the needs of such a world. This includes fast internet connections and immense processing power. It also includes a delivery method for 3D that works on most PCs.
Are we there yet? Not quite. But the metaverse is picking up steam. Recently, Microsoft announced a partnership with Meta. This partnership is to bring Microsoft 365 apps into the metaverse. This means collaboration in an entirely new way. Microsoft notes that 50% of Gen Z and millennials expect to do some of their work in the metaverse in the next two years.
With companies like Microsoft looking at the future of AR/VR, it could be a reality soon. You can expect the metaverse to touch your own company in some way in the next few years. Here’s a preview of what it may impact.
When the internet was first introduced, companies didn't immediately realize its potential. Now, most companies wouldn’t consider operating without a website. It’s a necessity for driving leads and converting sales.
If the metaverse takes off as a new 3D iteration of the internet, it could be just as important. This means exploring metaverse-type advertising in virtual worlds. Also, potentially creating your own VR site or showroom.
As the popularity of social media took off, companies realized customers used it to reach out. Seventy-nine percent of consumers expect companies to respond to a social media message. And they expect that response within a day.
To address that need, many businesses have a social media presence. They use this for marketing and to answer questions and inquiries from customers.
The metaverse may be the next step. If people begin hanging out there, they will expect to interact with businesses in that space. Just like they do now with social networks.
This means companies need to be aware of how customers may be using the metaverse as it grows. Adding a question about metaverse use to a year-end customer survey could be a way to be proactive on this topic.
One of the touted benefits of the metaverse is its ability to enable more immersive training. This could greatly increase training capabilities for everyone from doctors to forklift operators.
Imagine being able to replicate a task more closely in a virtual world. A person could safely make mistakes there. Then they could grow proficient before doing that thing in real life.
Start thinking about the types of training that your employees need. Then, look at ways that a VR world may make the training safer or more efficient. The metaverse may not have what you’re looking for now. But with the pace of technological advancement, it could in a year or two.
Virtual meetings skyrocketed out of necessity during the pandemic. Now, meeting by Teams or Zoom is commonplace. The next generation of online team meetings may end up being in a virtual world.
As we noted earlier, Microsoft is already working on bringing its apps into a virtual space. Add a few avatars and an immersive setting. Suddenly, you have a completely different meeting experience.
What's one more way to enhance remote team collaboration in the metaverse? It has to do with building design and maintenance. Imagine being able to walk through a 3D recreation of a space before it’s built. Then fine-tuning the construction while inside that space.
What are your digital transformation plans for the next 12 months? The next three years? If you’re not sure where to begin, we can help. Contact us today to schedule a technology brainstorming session.
This Article has been Republished with Permission from The Technology Press.
There’s a reason that browsers like Edge have added breached password notifications. Data breaches are an unfortunate part of life. And can have costly consequences for individuals. Hackers can steal identities and compromise bank accounts, just to name a couple.
Cybercriminals breach about 4,800 websites every month with form jacking code. It has become all too common to hear of a large hotel chain or social media company exposing customer data.
Hackers can breach your personal information and passwords without you knowing it. And the time from breach to notification of the breach can be lengthy. One example is the data breach of CafePress. This is a popular online retailer that prints personalized items.
CafePress suffered a data breach in February 2019. That breach exposed millions of names and addresses, security questions, and more. Hackers also breached social security numbers that weren’t encrypted.
As mentioned, the breach happened in February. But many consumers weren’t notified until late summer. The FTC recently took action against the company. This was due to its careless security practices.
The point is that months or years can go by without you knowing about compromised data. Unless you happen to look at the right website, you may not even realize it. Those breached password features in browsers are helpful. But what if you have other information beyond a password compromised?
It’s best to protect yourself with some knowledge. We’ll help by listing several recent breaches. If you’ve interacted with any of these companies, you’ll want to take steps to protect yourself from the fallout.
On October 19, 2022, Microsoft announced a breach that exposed customer data. A misconfigured server was to blame. The breach exposed certain business transaction data. It’s thought that this breach could have affected more than 65,000 entities worldwide.
Did you get a student loan from EdFinancial and the Oklahoma Student Loan Authority (OSLA)? If so, you could be in trouble. The organizations notified impacted individuals by letter in July 2022.
The personal information at risk included:
The breach compromised the data of over 2.5 million loan recipients.
Large rental firm U-Haul is a household name. It also just had a major data breach. It notified clients in August of 2022 of a compromise of some rental contracts. The contacts in question were between November 5, 2021, and April 5, 2022.
The breach exposed names, driver’s license numbers, and state identification numbers. It affected over 2.2 million individuals that rented vehicles from the company.
You wouldn’t suspect a cute site like Neopets to be a cybersecurity risk. But users of the platform got a rude awakening due to a breach of the service. An estimated 69 million accounts may have had emails and passwords leaked.
The full stolen Neopet database and copy of the source code were being offered for sale for about $94,500.
Hotel giant Marriott suffered another breach in July 2022. It blamed a single unsecured employee computer. About 300-400 individuals had data leaked. This data included credit card numbers and other confidential information.
Unfortunately, the company shows a pattern of poor cybersecurity. Within the last four years, it has suffered three separate breaches. That’s enough to want to pay in cash or use a pre-paid card if you stay there.
In March of 2022, Shield Health Care Group detected a breach. This Massachusetts-based company found that hackers breached up to 2 million customer records. This includes medical records, social security numbers, and other sensitive personal data.
In December of 2021, Flagstar Bank suffered a breach. It wasn’t until 6 months later that it identified the individuals affected. And the impact was large. It included exposed social security numbers. The hack impacted about 1.5 million customers.
Block was formerly known as Square, a popular payment processing platform. It announced in April of 2022 that it was breached the previous December. A former employee accessed customer names and brokerage account numbers. Some accounts also had other stock trading information accessed.
About 8.2 million current and former customers had their data exposed.
Cryptocurrency may be hot at the moment, but it’s very susceptible to cyberattacks. In January 2022, over 483 users had their Crypto.com wallets breached.
The criminals made it past two-factor authentication, which is usually quite effective. They stole about $18 million in bitcoin and $15 million in Ethereum and other cryptocurrencies.
There are many solutions that can help you better manage and secure your passwords. Give us a call to learn more about protecting your personal data from a breach.
This Article has been Republished with Permission from The Technology Press.
Data privacy has been a growing requirement ever since the internet age began. So much personal information is flying around through computer networks. Protecting it has become a mandate.
Most companies must follow HIPAA, GDPR, or another industry or locality-based privacy rule. By the end of 2024, 75% of the world’s population will have their personal data protected. It will fall under one or more privacy regulations.
You don’t need to be a large enterprise organization to have data privacy compliance at the top of your mind. It goes hand in hand with cybersecurity. Additionally, privacy requirements hit all sized companies.
Between July 2020 and July 2021, GDPR violations rose by 113.5%. The number of associated fines also jumped, by 124.92%. When it comes to HIPAA violations, each incident can carry a penalty between $100 to $25,000.
It’s important to make data privacy a priority and factor it into all your data collection processes. When companies collect, send, or store personally identifiable information (PII) it needs protection. This means putting adequate safeguards in place.
To stay on top of your privacy compliance obligations, you should also keep up with trends in this area. Next up, we’ve documented the biggest data privacy trends happening in 2023 that you should be aware of.
Approximately 40% of privacy compliance technology needs artificial intelligence (AI) to operate. AI has certainly made its way into many of the applications we use on a daily basis.
When you’re typing in MS Word and text just springs up as a suggestion, that’s AI predicting what you’ll type next. When working on a photograph in Photoshop, you can now click a button to give a frowning face a smile. This is also the work of AI.
So, it’s no surprise that AI is running many of the algorithms responsible for keeping data protected. But what happens when there is a problem with the AI?
This is the question that AI governance is working to address. This is a new trend in data privacy because AI has never been so prevalent throughout the data journey as it is now.
Whenever AI is used in the data protection area, organizations need to govern it properly. This helps ensure that automated processes aren’t accidentally exposing sensitive data.
A trend that we’ve seen over the last several months is putting more privacy power into the consumer’s hands. Many privacy regulations require that apps and websites provide data transparency. They need to tell people what data they’re collecting, how they’re collecting it, and what they do with it. People also need an “out” to get their data back.
These needs have led to consumer privacy UX becoming a “thing.” You can think of this as a centralized privacy portal. A place people can access privacy-related settings in various apps. This gives better visibility into how their data is being used.
The pandemic has forever changed the global workforce. Many organizations are now running completely remote offices. Or may be using a mix of remote and in-office staff. The dramatic increase in people working from home has led to data collection changes. Companies are ramping up their monitoring of those employees working off-site.
But this type of monitoring opens a can of worms when it comes to data privacy. Organizations need to ensure that they aren’t encroaching on the rights of their staff. This is most pertinent when putting monitoring in place on employee devices.
For example, approximately 49% of remote employees use their personal computers for work. Companies often put endpoint device monitoring in place for security reasons. They need to ensure they are not gathering or backing up any personal data. That would be data owned by the employee and not the company.
One of the concerns when the social app TikTok became popular relates to location. With the firm being a China-based company, people worried about the privacy of their data. The data was originally stored on servers governed by the Chinese government. A country with very different data privacy rules than the US and other countries.
Data localization is going to become more prevalent. Increasingly organizations look at where their cloud data is being stored. Where a server resides governs the privacy rules and regulations that it may fall under. Thus, companies and governments are now asking a question of cloud providers. This is, “Where is my data stored?” Many want their data to be as close to home as possible.
Data privacy by design is a fairly new term. Using privacy-enhancing computation is a way that AI is helping cybersecurity. By using PEC as a built-in component of software and apps, developers provide value to clients. They address privacy concerns by making data protection more automated.
Look for PEC components in data analytics when shopping for business tools.
How are your data privacy protections? Are you risking a penalty due to lax controls? Give us a call! We can help with a compliance checkup.
This Article has been Republished with Permission from The Technology Press.
Our technology inevitably comes with us when we travel. Most of us won’t even travel to the end of the block without our smartphones. When you go on a trip, not having your technology there when you need it can ruin your day.
Travel smarter and more securely by doing several checks before you go. Use our handy tech travel checklist. It can save you from suffering from lost devices, missing chargers, or a data breach.
Have you ever sat at an airport gate wondering why it looked so empty? You then found out that your gate had changed, and you had no idea. You go rushing to the other end of the concourse, hoping you’re not too late.
How did everyone else know about the gate change? They most likely had the app for the airline and received a notification.
Before you leave for a trip, make sure to download any apps you may need. It’s better to download them when you’re at home on your own Wi-Fi. If you wait until you’re at the airport, reception may be an issue.
Some of the apps you may want to grab or update before your trip are:
People leave behind countless chargers and adapters every day. They litter airports, restaurants, and train stations around the world. Make sure to bring a backup charger for your laptop, tablet, or phone. Otherwise, you may find yourself paying a premium for a new charger in a gift shop. Your device could also go black if you lose its charger and can’t quickly get a new one.
A great way to ensure you have the power you need is to buy a small charging battery. You can find these in most major retailers or online. They are small “blocks” that hold a charge and can power up a cell phone in a pinch.
Having this extra backup also helps you avoid potential juice-jacking ports. These are fake or compromised public USB charging ports. Hackers use them to steal your data when you plug in.
If you’re traveling out of the country, you’ll want to check your mobile plan. If you don’t have the ability to call internationally, then you may not be able to text or call home.
Carriers can add an international capability to your plan, but ask about pricing. It can get expensive if you’re on long calls or using mobile data. An alternative is to set up a VoIP app you can use with your office, friends, or family while you’re traveling. These enable both calls and SMS, but you do need an internet connection.
Free Wi-Fi may be a welcome site when you’re on the road, but it can also be dangerous. You don’t know who else is using that Wi-Fi. A hacker hanging out on the connection can easily steal your data if you’re not protected.
It’s better to use either your mobile carrier connection or a virtual private network (VPN) app. VPN plans are inexpensive and will keep your data encrypted, even if you’re on public Wi-Fi.
Unfortunately, mishaps occur when traveling. You may leave your phone behind on a boat, have your luggage lost, or get your device stolen while in a crowded area.
10% of all laptop thefts happen in airports.
Don’t lose all your data with the device! Back up your devices to the cloud or local storage before you travel. This ensures that you won’t lose the valuable information on your device. You also won't need to think twice about enacting a remote “wipe my device” command if necessary.
Make your devices as secure as possible before you hit the road. When we’re traveling, our minds are occupied by other things. So, you may not think to check your antivirus or avoid suspicious phishing links.
Protect your devices before you go using:
What do we mean by checking your double-checks? Use the buddy system as a backup. When the family is getting off a plane, each should check with the other that they have all their devices.
If you’re traveling alone, have a friend or family member check up by text. Did you grab your charger? Is your VPN turned on?
Those little reminders can go a long way toward avoiding digital travel nightmares.
Don’t leave your devices unprotected. This could mean a breach of your banking app or personal data. Contact us for device security solutions to reduce your risk.
This Article has been Republished with Permission from The Technology Press.
If you follow Microsoft products, then you may know about Microsoft Ignite. Held annually, it generates many exciting updates and announcements in the Microsoft world.
Microsoft held its most recent conference last October. In the rush of the recent holidays, you may have missed some of the highlights. So, we’re bringing them to you now.
One thing you’ll notice is that Microsoft Teams got a lot of love at the event. Microsoft is now describing Teams as “the app at the center of Microsoft 365.” We can see why the company keeps enhancing this virtual workspace. Teams now has over 280 million users. It’s not surprising seeing that Microsoft has introduced over 450 new Teams features. And that's just in the last year.
We’ll go over some Teams features below, along with other Microsoft App announcements from Ignite. These may give you some ideas for your next digital workflow upgrade.
There is a new Teams Premium offering from Microsoft that adds a whole new AI component to the platform. This service includes several AI-powered features. They make it seem like you have your own meeting assistant.
Some of the cool features include automatically generating chapters from a Teams meeting. The app also generates personalized highlights for you. This saves you from having to rewatch the meeting later.
If you’re meeting internationally, you can enjoy real-time translations for captions. Meeting guides is another new feature. It sets up your meeting options according to your needs.
SmartVision 60 is the first 360-degree, center-of-room intelligent camera. It has the ability to track the speaker as they’re moving. The camera is also due to have a people recognition feature coming soon.
Virtual meetings can feel much more like real meetings using SmartVision 60. Instead of just seeing a small video feed of one person, the movement of the camera can capture a whole team.
Those that are fans of Cisco meeting products will be pleased to know they now have more options. Microsoft announced that Cisco is now a Teams Room Certified Devices partner. You can now start Teams meetings across all certified Cisco meeting devices.
One of the virtual workspace apps to support the new hybrid movement is Microsoft Places. This is a team management app that integrates with the rest of the Microsoft 365 ecosystem.
The office is still around, but for how long? Much of the world had to do things virtually during the pandemic. Many companies and employees found they like it better that way. Seventy-four percent of US companies have or plan to put in place a permanent hybrid work model.
Microsoft Places is one more way Microsoft is leading the hybrid office revolution. Some of the app’s features include:
Another feature announcement related to the hybrid working world is hours and location. This is a new capability added to Teams and Outlook to make it easier to schedule in-person meetings.
It can get tricky to plan in-person meetings when you don’t know who is working at the office and who is remote. If you plan without checking, you're bound to alienate someone. They won't be happy if they were planning to work from home that day.
The new hours and location feature allows people to specify where they are working. They can adjust this from hour to hour. It takes the guesswork out of scheduling.
Another exciting app announcement that Microsoft made was about its Loop app. It stated that Loop entered private preview. This gives some organizations a chance to check it out.
Loop is a collaborative workspace app that helps teams ideate in a virtual space. All data pulled in from Microsoft 365 apps syncs automatically to stay up to date.
You may have noticed an unfamiliar app popping up on Windows. Microsoft Clipchamp was formally announced at the Ignite event. It’s a quick and easy video editor for Windows PCs.
Have you ever felt frustrated trying to fix a video and not having the right tool to do it? Then you may want to take a closer look at what Clipchamp has to offer. It looks to have a fairly low learning curve.
Microsoft 365 has come a long way in a short period. There are many different app integrations you can use to power your workflow. But it can get a bit complicated without an expert to help. Give us a call today to schedule a Microsoft consultation.
This Article has been Republished with Permission from The Technology Press.
Cybersecurity insurance is still a pretty new concept for many SMBs. It was initially introduced in the 1990s to provide coverage for large enterprises. It covered things like data processing errors and online media.
Since that time, the policies for this type of liability coverage have changed. Today’s cyber insurance policies cover the typical costs of a data breach. Including remediating a malware infection or compromised account.
Cybersecurity insurance policies will cover the costs for things like:
Data breach volume and costs continue to rise. 2021 set a record for the most recorded data breaches on record. And in the first quarter of 2022, breaches were up 14% over the prior year.
No one is safe. Even small businesses find they are targets. They often have more to lose than larger enterprises as well. About 60% of small businesses close down within 6 months of a cyber incident.
The increase in online danger and rising costs of a breach have led to changes in this type of insurance. The cybersecurity insurance industry is ever evolving. Businesses need to keep up with these trends to ensure they can stay protected.
Here are some of the cyber liability insurance trends you need to know about.
The average cost of a data breach is currently $4.35 million (global average). In the U.S., it’s more than double that, at $9.44 million. As these costs continue to balloon, so does the demand for cybersecurity insurance.
Companies of all types are realizing that cyber insurance is critical. It’s as important as their business liability insurance. Without that protection, they can easily go under in the case of a single data breach.
With demand increasing, look for more availability of cybersecurity insurance. This also means more policy options, which is good for those seeking coverage.
With the increase in cyberattacks has come an increase in insurance payouts. Insurance companies are increasing premiums to keep up. In 2021, cyber insurance premiums rose by a staggering 74%.
The costs from lawsuits, ransomware payouts, and other remediation have driven this increase. Insurance carriers aren’t willing to lose money on cybersecurity policies. Thus, those policies are getting more expensive. This is at the same time as they are more necessary.
Certain types of coverage are getting more difficult to find. For example, some insurance carriers are dropping coverage for “nation-state” attacks. These are attacks that come from a government.
Many governments have ties to known hacking groups. So, a ransomware attack that hits consumers and businesses can very well be in this category.
In 2021, 21% of nation-state attacks targeted consumers, and 79% targeted enterprises. So, if you see that an insurance policy excludes these types of attacks, be very wary.
Another type of attack payout that is being dropped from some policies is ransomware. Between Q1 and Q2 of 2022, ransomware attacks increased by 24%.
Insurance carriers are tired of unsecured clients relying on them to pay the ransom. So many are excluding ransomware payouts from policies. This puts a bigger burden on organizations. They need to ensure their backup and recovery strategy is well planned.
Just because you want cybersecurity insurance, doesn’t mean you’ll qualify for it. Qualifications are becoming stiffer. Insurance carriers aren’t willing to take chances. Especially on companies with poor cyber hygiene.
Some of the factors that insurance carriers look at include:
You’ll often need to fill out a lengthy questionnaire when applying for insurance. This includes several questions about your cybersecurity situation. It’s a good idea to have your IT provider help you with this.
This can seem like a lot of work that you have to do to qualify for cyber insurance. As you review the questions, your IT partner can identify security enhancements. Just like other forms of insurance, if you take steps to reduce risk, it can often reduce your premiums.
So, it pays to do a cybersecurity review before applying for cyber insurance. You can save yourself time and money. It can also fortify your defenses against cyberattacks.
Cybersecurity coverage and insurance applications can be complex. If you answer wrong on a question, it can mean paying hundreds more in premiums than you should.
If you’re considering cybersecurity insurance, don’t go it alone. Give us a call and schedule a consultation. We can explain the policy details and provide guidance.
This Article has been Republished with Permission from The Technology Press.
The new year has just begun and it’s a time of renewal as we plan for the possibilities to come in 2023. It’s also a time when you need to plan for resiliency in the face of ever-present cyberattacks.
Sixty-eight percent of surveyed business leaders feel that cybersecurity risks are getting worse. They have a good reason. Attacks continue to get more sophisticated. They are also often perpetrated by large criminal organizations. These criminal groups treat these attacks like a business.
In 2021, the average number of global cyberattacks increased by 15.1%.
To protect your business in the coming year, it’s important to watch the attack trends. What new methods are hackers using? What types of attacks are increasing in volume? Knowing these things is important. It helps you better update your IT security to mitigate the risk of a data breach or malware infection.
We’ve pulled out the security crystal ball for the upcoming year. And we've researched what cybersecurity experts are expecting. Here are the attack trends that you need to watch out for.
The world has been buzzing about 5G for a few years. It is finally beginning to fulfill the promise of lightning-fast internet. As providers build out the infrastructure, you can expect this to be a high-attack area.
Hackers are looking to take advantage of the 5G hardware used for routers, mobile devices, and PCs. Anytime you have a new technology like this, it’s bound to have some code vulnerabilities. This is exactly what hackers are looking to exploit.
You can prepare by being aware of the firmware security in the devices you buy. This is especially true for those enabled for 5G. Some manufacturers will build better firmware security into their designs than others. Make sure to ask about this when purchasing new devices.
This alarming new trend is designed to get past one of the best forms of account security. Multi-factor authentication (MFA) is well-known as very effective at preventing fraudulent sign-in attempts. It can stop account takeovers even in cases where the criminal has the user’s password.
There are a few different ways that hackers try to bypass MFA. These include:
During the pandemic, the cyberattack volume increased by approximately 600%. Large criminal hacking groups have realized that world events and disasters are lucrative.
They launch phishing campaigns for world events. Attacks come for everything from the latest hurricane or typhoon to the war in Ukraine. Unsuspecting people often fall for these scams. This is because they are often distracted by the crisis.
People need to be especially mindful of scams surrounding events like these. They will often use social engineering tactics, such as sad photos, to play on the emotions.
Mobile devices go with us just about everywhere these days. This direct connection to a potential victim is not lost on cybercriminals. Look for more mobile device-based attacks, including SMS-based phishing (“smishing”).
Many people aren’t expecting to receive fake messages to their personal numbers. But cell numbers are no longer as private as they once were. Hackers can buy lists of them online. They then craft convincing fake texts that look like shipping notices or receipts. One wrong click is all it takes for an account or data breach.
Mobile malware is also on the rise. During the first few months of 2022, malware targeted to mobile devices rose by 500%. It’s important to ensure that you have good mobile anti-malware. As well as other protections on your devices, such as a DNS filter.
These days, phishing emails are not so easy to spot. It used to be that they nearly always had spelling errors or grainy images. While some still do, most don’t.
Criminal groups elevate today's phishing using AI and machine learning. Not only will it look identical to a real brand’s emails, but it will also come personalized. Hackers use these tactics to capture more victims. They also allow hackers to send out more targeted phishing messages in less time than in years past.
Is your business prepared for the cyber threats coming in 2022? Don’t wait to find out the hard way! Give us a call and schedule a cybersecurity check-up to stay one step ahead of the digital criminals.
This Article has been Republished with Permission from The Technology Press.
The global home security market has been growing by leaps and bounds. By 2026, experts expect the market to expand at a rate of 20.1%. This is on top of an expected increase of 21.6% from 2021 to 2022.
From Ring doorbell cams to entire home security systems, consumers want these solutions. Watching your front door from afar has never been so easy. With cloud-based video streams, homeowners can view any part of their home.
Sharing doorbell camera shots on neighborhood social media groups is now common. These home security systems also provide peace of mind at a wallet-friendly cost.
But don’t let the ease of setup fool you. Home security cameras can open your family up to risks if you don’t take precautions. Often, people are so excited to see what they can do, they don’t stop to think about device security.
There are horror stories online about hacked video cameras. This includes strangers saying disturbing things through those cameras to children.
Additionally, in 2019, Ring suffered a data breach. That breach exposed the personal data of over 3,000 Ring users. This included usernames and passwords.
It’s enough to make you reconsider your decision to add extra security. But don’t let those incidents scare you off. You can properly secure a home video camera system to ensure it’s not breached.
Here are some of the things you should do for a safe home security setup.
You access an IP security camera via the internet. Any commands going to the system or footage coming from it go through your router. So, you need to make sure that your router is properly secured.
Hackers breach routers so they can get to the devices connected to that network. Ensure your router security protocol is no lower than WPA2. The next generation, WPA3, is even better. These protocols govern the protection of data transmitted through the wireless network.
Give the router a strong password that is at least 12 characters long. Software can crack a password of only 8 standard characters instantly. But a 12-character password with at least one upper case letter, number, and symbol takes 34,000 years.
You also need a strong password for your security system’s admin account. You should also change the default device and username. Hackers have lists of all these device defaults and use them to break into these systems.
Changing the default username and password for the device should be one of the first things you do. Otherwise, it could be mere minutes after you connect to the internet that you’re hacked.
You don’t want the footage from your cameras transmitted for anyone to grab and watch. Make sure the security system you choose notes SSL/TLS. Or another standard encryption.
This ensures that the data cannot be intercepted and accessed. SSL is short for Secure Sockets Layer, and TLS is short for Transport Layer Security. Without a form of encryption, a hacker can easily breach your device.
If your security system has an automatic update feature, turn that on. Unfortunately, many users don’t think about updating their device software. This leaves it more vulnerable to a hack.
Updates often include important security fixes for found vulnerabilities. You want to make sure updates install promptly. That’s why automating this is best.
Do you have several family members accessing your cloud-based security device? If so, set up some access levels. Not everyone needs to be at an administrator level.
Hackers love it when they can breach the login of an admin user for an account. This gives them more privileges, like changing settings. Giving lower-level privileges, such as “view only,” to most family members improves security.
There will be various security features that are available with your system. Manufacturers often do not enable all security settings by default. The user must turn all or some of them on.
If you’re unsure of what settings should be on or off, we’ll be happy to help. Some home security systems have generous sharing options. This can be an invitation for hackers. You want to restrict these as much as possible.
Most people access their security cam through their smartphone. Make sure that you secure yours and keep it updated with the latest operating system. Hackers can gain access to a security system through a device with weak safeguards.
Add things like:
Give us a call and schedule a visit. We’ll be happy to help you ensure your security system is set up with best practices.
This Article has been Republished with Permission from The Technology Press.
You often hear the words “digital transformation” and “collaboration.” But what do they actually mean? What do they mean for the day-to-day of running your business?
Collaboration can’t happen without shared goals. When departments are siloed and unconnected, priorities can conflict. People are doing their best but may not be moving in the same direction.
Digital transformation is simply the use of technology to better reach business goals. This encompasses moving from analog ways of doing things. Transitioning to tools that are more automated and connected.
Microsoft has been at the forefront of digital transformation and collaboration. Its Viva platform drives an improved employee experience. It does this by use of AI, automation, cloud connectivity, and more.
In this article, you’ll get an overview of Microsoft Viva. Then, we’ll dive into one of the newest Viva offerings, Viva Goals. We’ll explore what it does and how it can help your company meet its targets.
Microsoft Viva is a line of employee experience applications. These connect to the Microsoft 365 platform, and especially Microsoft Teams. The apps act as add-ons that can build on your organization's digital capabilities.
There are currently seven apps within the Microsoft Viva line:
The Viva line expands what businesses may traditionally see as “software.” It creates a connection between Microsoft Office and M365 apps. It also focuses on the people, rather than the tool. Microsoft designed Viva applications to use AI. This makes work easier and gives visibility into actionable data points.
Viva Goals is one of the newest Viva applications from Microsoft. It connects teams so they’re moving toward a shared set of goals. Employees align, whether someone works in the accounting department or customer support.
Business leaders can look at Viva Goals as a way to solidify company objectives. They can then tie these objectives to meaningful targets for each department.
For example, say you have a corporate target to provide exceptional customer support. This goal by itself is generic. It doesn’t connect to what teams need to do to make it happen.
In Viva Goals, that target can have directives for various teams. Such as customer support reducing ticket resolution by 8 hours. This brings goals to a meaningful level and allows organizations to track progress.
Here are the key value-adds of using Viva Goals.
Viva Goals puts company goals and targets in a tangible form. There is a definition of success for teams and individuals. Work outcomes are directly connected to company-wide objectives.
Everyone is on the same page, rather than departments pursuing different targets. With alignment, companies can more easily reach their goals.
Viva connects to other M365 apps, making it easier to gather data insights. These insights help leaders more easily see goal progress.
Employees stay focused on goals. This is because goals connect to their daily work targets. Rather than being something they hear at a company event, goals get infused into the workflow.
The integration with Teams keeps goals front and center. Employees get recognized for meeting targets and helping the company achieve its goals. This keeps everyone engaged and moving together.
Progress towards goals isn’t kept on a spreadsheet on someone’s cloud drive. Instead, stats on goal achievement live in tools used daily. When goals remain visible, organizations have a better chance to achieve them.
If you want to subscribe to Viva Goals as an add-on to your M365 plan, it is currently $6.00/user/month.
For the entire suite of Viva applications, the current price is $9.00/user/month.
Digital transformation with tools like Microsoft Viva is a necessity if you want to keep up. Old ways of doing things are giving way to the cloud, AI, and machine learning. We can help you navigate that territory. Give us a call and schedule a consultation to learn more.
This Article has been Republished with Permission from The Technology Press.
The global pandemic put a big emphasis on the need to run a business from anywhere. Enabling employees to work remotely requires cloud solutions. This includes collaborative platforms like Google Workspace and Microsoft 365. VoIP (Voice over Internet Protocol) phone systems have also become critical.
VoIP allows companies to stay in contact with customers and potential customers. Employees can work from anywhere and still answer the business phone line. Callers get a similar experience no matter where employees may be working, office, or home.
When you have people working from home, those old landline systems are inefficient. This has led to a large movement by businesses to VoIP. Both for necessity and cost-savings.
According to Microsoft, 82% of organizations have reported saving money after implementing VoIP.
While VoIP is the way to go for the future, this doesn’t mean it’s foolproof. Companies that don’t set up their system efficiently, can experience issues. This includes things like dropped calls, low bandwidth, and features left unused.
If you’ve been struggling to make your cloud phone system more efficient, check out these tips below. They provide setup best practices for VoIP. Use these to positively impact your bottom line.
You can’t just assume that you can enable a VoIP system, and all will be well. Your network may not be able to handle the extra bandwidth needs without adjustments.
Things you want to look at include jitter and packet loss. Additionally, review router settings to make sure it can handle peak traffic times. Experiencing dropped calls or choppy audio shows a need to address issues. These may include adjusting network hardware and/or increasing your ISP bandwidth.
Quality of Service (QoS) is a router settings area that allows you to say which traffic is most important. If QoS is not in place, it means resource issues. A large cloud backup could kick in and interrupt your calls because it’s taking up bandwidth.
QoS sets up “traffic lanes” that give priority to certain functions. You’ll want to have your VoIP software prioritized to get the bandwidth it needs. This avoids issues with less critical processes hogging up internet resources.
Using QoS keeps your calls smooth. It also improves the reliability of your cloud phone system. It’s also a good idea to use these rules for other important cloud activities.
A cheap headset can ruin the call experience for a potential customer. If someone calls in and can’t hear anything or gets choppy reception, they’ll quickly get frustrated. They will most likely figure that your company doesn’t have its act together.
Your employees may not be able to afford high-quality headsets. They also may not know what type to buy. Head off potential problems by issuing quality headsets for your team to use.
One of the great features of VoIP phone systems is the ability to set up ring groups. You first set up your department groups (accounting, marketing, etc.). Then set the included employee extensions.
Creating a ring group allows you to have a call go to your customer support department as a whole. This is better than one person, who may be busy. That way, the whole group gets the ring, and the first available person can pick up.
Ring groups improve the caller experience by reducing the wait time. It can also mitigate the need for the caller to leave a voicemail and get stuck waiting on a callback.
Auto assistants are extremely helpful and nearly all VoIP systems have them. First, you set up your company directory and then record messages to prompt the caller.
For example, you can set up a message that prompts them to input the last name of the person they are trying to reach. If they aren’t calling a specific person, they can be routed to a department.
While setting up a company directory takes a little effort upfront, it will save much more. You no longer will need to have someone specifically routing every call. Callers can also get to the person or department they need faster. This improves the customer experience and boosts office productivity.
When you get out of a long meeting, going through a bunch of voicemails can take time. Instead of having to listen to each one to see which calls are a priority, you could simply read through them.
The voicemail to email feature in VoIP phone systems will automatically transcribe voicemails. They are then emailed to the recipient. This improves efficiency. It also eliminates wasted time having to listen to entire messages to know who called.
Have employees set up this feature with their extension and email address. Some VoIP systems also offer an option to have transcribed voicemails sent via SMS.
Don’t leave your employees to jump in and learn a VoIP system themselves. It’s important to train them on the features and the company calling process. This ensures that your team can enjoy all those time-saving features.
Need help improving your business phone system? Looking for a better customer experience? Give us a call and schedule a consultation. We can help!
This Article has been Republished with Permission from The Technology Press.
One constant struggle in offices is the balance between productivity and security. If you give users too much freedom in your network, risk increases. But add too many security gates, and productivity can dwindle.
It’s a fine balance between the two, but one you can achieve. Organizations need to recognize the importance of both. And not sacrifice one for another.
A recent report from Microsoft notes a dangerous lack of authentication security. Just 22% of Azure Active Directory users had multi-factor authentication (MFA) enabled. This means that over three-quarters were at a much higher risk of an account breach.
Why do organizations fail to adopt important security protocols, like MFA? We know that it's as much as 99.9% effective at stopping fraudulent sign-ins. Yet so many companies aren’t adopting it.
User inconvenience is the biggest reason. MFA is not expensive. In fact, it’s free to enable in nearly all cloud applications. But if users say that it’s hurting productivity and is a pain to use, companies may not bother with it.
But sacrificing security can hurt productivity worse. Downtime due to a data breach is expensive and can put smaller companies out of business. The main cause of data breaches is credential compromise. So, if you’re not protecting your authentication process, the risk of becoming a breach victim is high.
35% of data breaches initiate from breached login credentials.
There are ways to have both secure and productive users. It simply takes adopting some solutions that can help. These are tools that improve authentication security. But do it in a way that keeps user convenience in mind.
Not every user needs to go through the same authentication process. If someone is working in your building, they have a certain trust factor. If someone is attempting to log in from outside the country, they do not have that same trust.
Contextual authentication is used with MFA to target users that need to reach a higher bar. You may choose to limit or block system access to someone attempting to log in from a certain region. Or you may need to add an additional challenge question for users logging in after work hours.
Companies don't need to inconvenience people working from normal locations during typical hours. But they can still verify those logging in under non-typical circumstances. Some of the contextual factors you can use include:
A report on U.S. employees found they use a lot of apps. Workers switch between an average of 13 apps 30 times per day. That’s a lot of inconveniences if they need to use an MFA action for each of those logins.
Single sign-on applications solve this problem. They merge the authentication process for several apps into just one login. Employees log in once and can go through MFA a single time.
Using multi-factor authentication isn’t nearly as inconvenient. Users gain access to everything at the same time. SSO solutions help organizations improve their security without all the pushback from users.
Another way to better secure network access is to recognize devices. This is typically done using an endpoint device manager. This automates some of the security behind user authentication. Thus, it doesn’t inconvenience the person.
First, register employee devices in the endpoint device manager. Once completed, you can then set up security rules. Such as blocking unknown devices automatically.
You can also put in place device scanning for malware and automated updates. Both these things increase security without sacrificing productivity.
Your shipping clerk may not have access to sensitive customer information. But your accounting team does. One can have a lower barrier to authentication.
Using role-based authentication saves time when setting up new employee accounts. Authentication and access happen based on the person’s role. Admins can program permissions and contextual authentication factors once. Then, the process automates as soon as an employee has their role set.
One of the most convenient forms of authentication is biometrics. This would be a fingerprint, retina, or facial scan. The user doesn’t need to type in anything. It also takes just a few seconds.
Biometric hardware can be costly, depending on the size of your organization. But you can introduce it over time. Perhaps using biometrics with your most sensitive roles first, then expanding.
Additionally, many apps are now incorporating things like facial scanning. Users can authenticate using a typical smartphone, making it much more affordable.
Don’t give up important security because you’re afraid of user pushback. Give us a call and schedule a security consultation.
This Article has been Republished with Permission from The Technology Press.
When the year is coming to a close, it’s the perfect time to plan for the future. Most businesses begin the year with the hope of growing and improving operations. Much of how a business operates depends on technology. So, it makes sense to look to your IT for areas of optimization.
A year-end technology review provides an opportunity to look at several areas of your IT. The goal is to take time to focus on improvements you can make to boost your bottom line. As well as what tactics to take to reduce the risk of a costly cyberattack.
A recent study by Deloitte looked at digitally advanced small businesses. Small businesses that make smart use of technology are well ahead of their peers. Here are some of the ways they excel:
The bottom line is that companies that use technology well, do better. They are also more secure. According to IBM, businesses that have an incident response plan reduce the costs of a data breach by 61%. Using security AI and automation can lower costs by 70%.
This year-end, take some time to do a technology review with your IT team or managed IT provider. This will set you up for success and security in the coming year.
The goal of a year-end technology review is to look at all areas of your IT infrastructure. Security, efficiency, and bottom-line considerations will be the key drivers for future initiatives.
When technology policies get outdated, people stop following them. Review all your policies to see if any of them need updating to reflect new conditions. For example, if you now have some staff working from home, make sure your device use policy reflects this.
When you update policies, let your employees know. This gives them a refresher on important information. They may have forgotten certain things since onboarding.
When is the last time your company did an incident response drill? Is there a list of steps for employees to follow in the case of a natural disaster or cyberattack?
Take time to look at disaster recovery planning for the new year. You should also put dates in place for preparedness drills and training in the coming months.
You don’t want to go through a big IT upgrade without considering employee pain points. Otherwise, you might miss some golden opportunities to improve staff productivity and well-being.
Survey your employees on how they use technology. Ask questions about their favorite and least favorite apps. Ask what struggles they face. Let them tell you how they feel technology could improve to make their jobs better. This, in turn, benefits your business. It can also help you target the most impactful improvements.
Do an audit of your privileged accounts as part of your year-end review. Over time, permissions can be misappropriated. This leaves your network at a higher risk of a major attack.
You should ensure that only those that need them have admin-level permissions. The fewer privileged accounts you have in your business tools, the lower your risk. Compromised privileged accounts password open the door to major damage.
While going through your accounts, also look for orphaned accounts. You need to close these because they’re no longer used. Leaving them active poses a security risk.
If you make IT upgrades and decisions “on the fly” it can come back to bite you. It’s best to plan out a strategy ahead of time, so you can upgrade in an organized way.
Have a vulnerability assessment performed. This gives you a list of potential problems your company should address. Eliminating vulnerabilities improves your cybersecurity. Planning ahead allows you to budget for your upgrades and avoid unplanned expenses.
Review your use of cloud applications. Are certain apps hardly used? Do you have redundancies in your cloud environment? A review can help you cut waste and save money.
Also, look for uses of shadow IT by employees. These are cloud applications that are being used for work but did not go through approval. Management may not even be aware of them. Remove this security risk by either closing the accounts or officially approving them.
Don’t forget to look at the customer experience of your technology infrastructure. Go through your website and contact process as a customer would.
If you get frustrated by things like site navigation, then your customers and leads may be too. Include optimizations to your customer-facing technology in your new year plans.
We can help you with a thorough review of your technology environment to give you a roadmap for tomorrow. Contact us today for a free consultation.
This Article has been Republished with Permission from The Technology Press.
It seems that nearly as long as passwords have been around, they’ve been a major source of security concern. Eighty-one percent of security incidents happen due to stolen or weak passwords. Additionally, employees continue to neglect the basics of good cyber hygiene.
For example, 61% of workers use the same password for multiple platforms. And 43% have shared their passwords with others. These factors are why compromised credentials are the main cause of data breaches.
Access and identity management have become a priority for many organizations. This is largely due to the rise of the cloud. As well as the practice of people needing to only enter a username and password to access systems.
Once a cybercriminal gets a hold of an employee’s login, they can access the account and any data that it contains. This is especially problematic when it’s an account like Microsoft 365 or Google Workspace. These accounts can access things like cloud storage and user email.
Below, we’ll explain what conditional access is. As well as how it works with multi-factor authentication (MFA). We’ll also review the advantages of moving to a conditional access process.
Conditional access is also known as contextual access. It is a method of controlling user access. You can think of it as several “if/then” statements, meaning “if” this thing is present, “then” do this.
For example, conditional access allows you to set a rule that would state the following. “If a user is logging in from outside the country, require a one-time-passcode.”
Conditional access allows you to add many conditions to the process of user access to a system. It is typically used with MFA. This is to improve access security without unnecessarily inconveniencing users.
Some of the most common contextual factors used include:
Conditional access can be set up in Azure Active Directory. It can also be set up in another identity and access management tool. It’s helpful to get the assistance of your IT partner. We can help with setup and the conditions that would make the most sense for your business.
Using conditional access improves security. It allows you more flexibility in challenging user legitimacy. It doesn't just grant access to anyone with a username and password. Instead, the user needs to meet certain requirements.
Contextual access could block any login attempts from countries where no employees are. It could also present an extra verification question when employees use an unrecognized device.
Once the if/then statements are set up, the system takes over. It automates the monitoring for contextual factors and takes the appropriate actions. This reduces the burden on administrative IT teams. It also ensures that no one is falling between the cracks.
Automated processes are more accurate and reliable than manual processes. Automation removes the human error component. This helps ensure that each condition is being verified for every single login.
Conditional access isn’t only for keeping unauthorized users out of your accounts. You can use it in other ways. One of these is to restrict the activities that legitimate users can do.
For example, you could restrict access to data or settings based on a user’s role in the system. You can also use conditions in combination. Such as, lowering permissions to view-only. You could trigger this if a user holds a certain role and is logging in from an unknown device.
Studies show that as many as 67% of businesses don’t use multi-factor authentication. This is despite the fact that it’s one of the most effective methods to stop credential breaches.
One of the biggest reasons it is not used is because of the inconvenience factor for employees. They may complain that it interferes with productivity. Or say that it makes it harder for them to use their business applications.
Using conditional access with MFA can improve the user experience. For example, you can require MFA only if users are off the premises. You can put in place extra challenge questions on a role or context-based basis. This keeps all users from being inconvenienced.
Using the rule of least privilege is a security best practice. It means only granting the lowest level of access in a system as necessary for a user to do their work. Once you have roles set up in your identity management system, you can base access on those roles.
Conditional access simplifies the process of restricting access to data or functions. You can base this on job needs. It streamlines identity management. This is because it contains all functions in the same system for access and MFA rules. Everything stays together, making management simpler.
Once conditional access is set up, the automated system takes over. It improves your security and reduces the risk of an account breach. Contact us today for a free consultation to enhance your cybersecurity.
This Article has been Republished with Permission from The Technology Press.
Bring your own device (BYOD) is a concept that took hold after the invention of the smartphone. When phones got smarter, software developers began creating apps for those phones. Over time, mobile device use has overtaken desktop use at work.
According to Microsoft, mobile devices make up about 60% of the endpoints in a company network. They also handle about 80% of the workload. But they’re often neglected when it comes to strong cybersecurity measures.
This is especially true with employee-owned mobile devices. BYOD differs from corporate-owned mobile use programs. Instead of using company tools, employees are using their personal devices for work. Many businesses find this the most economical way to keep their teams productive.
Purchasing phones and wireless plans for staff is often out of reach financially. It can also be a pain for employees to carry around two different devices, personal and work.
It’s estimated that 83% of companies have some type of BYOD policy.
You can run BYOD securely if you have some best practices in place. Too often, business owners don’t even know all the devices that are connecting to business data. Or which ones may have data stored on them.
Here are some tips to overcome the security and challenges of BYOD. These should help you enjoy a win-win situation for employees and the business.
If there are no defined rules for BYOD, then you can’t expect the process to be secure. Employees may leave business data unprotected. Or they may connect to public Wi-Fi and then enter their business email password, exposing it.
If you allow employees to access business data from personal devices, you need a policy. This policy protects the company from unnecessary risk. It can also lay out specifics that reduce potential problems. For example, detailing the compensation for employees that use personal devices for work.
As soon as a policy gets outdated, it becomes less relevant to employees. Someone may look at your BYOD policy and note that one directive is old. Because of that, they may think they should ignore the entire policy.
Make sure that you keep your BYOD policy “evergreen.” This means updating it regularly if any changes impact those policies.
Before the pandemic, 65% of employees gave their personal phone numbers to customers. This often happens due to the need to connect with a client when away from an office phone. Clients also may save a personal number for a staff member. For example, when the employee calls the customer from their own device.
Customers having employees’ personal numbers is a problem for everyone. Employees may leave the company, and no longer answer those calls. The customer may not realize why.
You can avoid the issue by using a business VoIP phone system. These services have mobile apps that employees can use. VoIP mobile apps allow employees to make and receive calls through a business number.
Remote work has exasperated the security issue with BYOD. While BYOD may have meant mobile devices in the past, it now means computers too. Remote employees often will use their own PCs when working outside the office.
No matter what the type of device, you should maintain control of business data. It’s a good idea to restrict the types of data that staff can store on personal devices. You should also ensure that it’s backed up from those devices.
When employee devices are not updated or patched, they invite a data breach. Any endpoint connected to your network can enable a breach. This includes those owned by employees.
It can be tricky to ensure that a device owned by an employee is kept updated. Therefore, many businesses turn to endpoint management solutions. An endpoint device manager can push through automated updates. It also allows you to protect business data without intruding on employee privacy.
The monitoring and management capabilities of these tools improve security. This includes the ability to safelist devices. Safelisting can block devices not added to the endpoint manager.
If an employee leaves your company, you need to clean their digital trail. Is the employee still receiving work email on their phone? Do they have access to company data through persistent logins? Are any saved company passwords on their device?
These are all questions to ask when offboarding a former staff member. You should also make sure to copy and remove any company files on their personal device. Additionally, ensure that you deauthorize their device(s) from your network.
We can help you explore solutions to secure a BYOD program. We’ll look at how your company uses personal devices at your business and recommend the best tools. Contact us today for a free consultation.
This Article has been Republished with Permission from The Technology Press.
Microsoft Teams is a lot of things. It’s a video conferencing tool, a team messaging channel, and a tool for in-app co-authoring, just to name a few. During the pandemic, the popularity of Teams skyrocketed.
User numbers for MS Teams jumped from 20 million in November 2019 to 75 million in April 2020. As of this year, Microsoft reports a user count of 270 million for the platform. This makes it the most popular business tool for team communications.
But one of the things that makes the app popular is also one that can make the setup complex. Microsoft Teams has many moving parts, but to use them effectively they need to be well organized. Additionally, users need to have a chance to learn the system and train on best practices.
First, let’s look at the different areas of Microsoft Teams and what it can do. Then, we’ll give you a simple setup checklist to help your team get up and running productively.
You can think of Teams as a virtual office in the cloud. It’s a centralized hub where teams can communicate, collaborate, and manage tasks. There is also an external communication component to Teams. You can use the app to video conference with anyone. You can also invite guests to a chat channel.
Here are some of the features of MS Teams:
Some good news for small businesses is that there is a free version of Microsoft Teams. If you sign up for a Microsoft 365 business plan, you get the app included, but with a few more features.
Microsoft has also been pushing MS Teams for personal use. So, you can use it to keep your departments better coordinated at work. Or to manage family video calls or PTA meeting collaboration. It’s a versatile and scalable virtual office platform.
One of the advantages of Teams is that it allows you to set up specific areas for your groups to collaborate. You do not want everyone to set these teams up on their own, or you could end up with an unorganized mess.
Some ideas for setting these up:
Typically, if you mirror the hierarchy of your organization, that’s a good place to start. Team areas are secured so only those users invited can see or access any of the content in that team.
For each team, add the members allowed to take part in that team. These would be people that can see the resources posted in that team area. It would normally be the members of the department or group that the team is designed for.
The next level beneath the Team is the Channels. These team channels help organize conversations. For example, within a team set up for your marketing department, you may decide to add three channels. This keeps conversations more focused and makes it easier to find things.
For instance, you could have channels for:
Team channels are another area that you want to control. Don’t let everyone set up channels without a plan, otherwise, things get messy fast.
Tabs are a great way to foster productivity. Say that employees on your accounting team need to access a tax reporting website. Inevitably, there can be time wasted asking for that link or a login. This is especially true if someone is filling in for a co-worker.
You can add that website link and info to the Tabs area at the top of the team channels. Just click the plus sign to add a new resource and consolidate things for your team members.
One of the reasons that company initiatives fail is that users weren’t properly enabled. If users aren’t trained on using MS Teams, then they’ll revert to using whatever they used before. This negates the benefits of moving to Teams when not everyone is onboard.
Work with a Microsoft professional to train your teams. We can provide tips on the most productive features. As well as short-cut their learning curve quite a bit! Make sure to have a realistic timeframe. You should also survey users on whether they feel they need more training.
We can help you over many of the roadblocks that organizations face when starting with Teams. Contact us today for a free consultation to enhance your collaboration and productivity.
This Article has been Republished with Permission from The Technology Press.
Have you ever bought a new computer and then had buyer’s remorse a few months later? Maybe you didn’t pay attention to the storage capacity and ran out of space. Or you may have glossed over memory and experienced constant freeze-ups.
An investment in a new PC isn’t something you want to do lightly. Doing your research ahead of time and consulting with a trusted friend or IT shop can help. It will keep you from making major mistakes that could come back to haunt you later.
Here are several things to consider before you put down your hard-earned money on a new computer.
One of the big mistakes that people make when looking for a new computer is to ignore the RAM. Random access memory may be called RAM on the specification or “memory.” If your system has low memory, you run into all sorts of problems.
These issues can include:
Memory is the “thought process” of the PC. If there isn’t enough, it can’t take on another task until it completes the current processing tasks. This can cause frustration and ruin your productivity.
People often go for those low-priced computer deals when looking for a new device. But these can include only 4GB of RAM. That’s not a lot if you do much more than staying in a single application or just a few browser tabs.
The higher the RAM, the more responsive the system performance. So, look for PCs with at least 8GB of RAM. Or higher if you do any graphics/video or other processing-intensive activities.
Buying a new computer is an investment. So, it’s natural to want that investment to last as long as possible. You don’t want to spend $700 on a new computer, only to begin experiencing problems when it’s just two years old.
Take your time to research user reviews on the specific models you’re considering. You’ll begin to see patterns emerging. Steer clear of models that have consistent complaints about breakdowns sooner than expected.
You may have to pay a little more for a system that has a better track record of performance. But it will save you in the long run when you have more years of usable life before that device needs replacement.
If you have a small business or are a freelancer, you may try to save money by buying a consumer PC. But this could end up costing you more in the long run.
Consumer PCs aren’t designed for continuous “9-to-5” use. They also often lack certain types of firmware security present in business-use models. The price gap has also shortened between good consumer computers and business versions. If you’re not looking at the cheap systems, you’ll find that it’s not that much more to get a business-grade device.
It can be confusing to read through the processor specifications on a computer. How do you know if Intel Core i7 or i3 is best for your needs? What’s the performance difference between AMD and Intel processors?
If you don’t want to do the research yourself, you could call up your local IT shop. We will be happy to steer you in the right direction. We’ll explain in layman’s terms the differences. As well as which processor makes the most sense for your intended use.
If you’re looking for a laptop computer, it’s important that it is durable. Laptops have some unique characteristics that differ from desktops. For example, the screen is often folded down one or more times per day. Additionally, the keyboard is part of the case and is not easily replaced by the user.
If you get a laptop with a cheap plastic case, it’s bound to break during normal use. Keys could also easily pop off the keyboard, requiring a trip to a computer repair shop.
You want to consider the materials used for the case. Paying an extra $20-$30 upcharge for a better casing is definitely worth it. It can help you avoid unneeded headaches.
Storage capacity can be a pain point that you experience after the fact. If you buy a computer without paying attention to hard drive space, you could regret it. You may not be able to transfer over all your “stuff” from the old system.
But storage capacity can also be an area where you can save some money. If you store most of your files in the cloud, then you may not need a lot of hard drive space. The less space you need, the lower the price.
If you can get a computer with a solid-state drive (SSD) rather than a traditional hard disk drive (HDD) you should. SSDs are faster and less likely to have read/write issues. They have no moving parts; thus they are quieter as well.
Solid-state drives have come down in price quite a bit recently. There are many affordable options, and you’ll also find some PCs with both a hard drive and SSD.
Don’t blindly invest in a new computer without some expert guidance. Contact us today for a free consultation to save you from a bad new PC experience.
This Article has been Republished with Permission from The Technology Press.
