Protecting your Android mobile devices
When personal and professional information live on one mobile device, a small breach can have huge impacts. As the adoption of bring your own device (BYOD) policies increase, employee awareness of cyberthreats becomes critical. Here are five tips for avoiding common Android-based security risks. Unsafe devices Sometimes, the device itself might not be safe due to faulty production or configuration. In fact, Avast recently found hundreds of Android devices that were infected out of the box.This means that the infection was not caused by users, but the malware was installed via apps somewhere along the sales and delivery process. Malicious apps Although Google employs strict security measures when it comes to allowing apps into the Play Store, some developers find a way to hide malicious code in their programs and still have them approved. Simple Call Recorder, for example, tricked users into downloading an additional app, which purported to be an Adobe Flash Player update. Believe it or not, Simple Call Recorder lasted for a year on the Google Play Store and had been downloaded over 5,000 times before it was taken down. Information leakage from useful apps Many applications are installed for legitimate uses. But don’t let that fool you, as these apps can be used to extract confidential information such as contact information from your mobile device. Timehop, a popular app that retrieves old photos and posts from social media accounts, recently suffered a data breach that affected 21 million accounts. Compromised information included names, email addresses, and phone numbers. The attack was due to cybercriminals tapping into the company’s cloud computing account using an administrator’s sign-in credentials. Banking malware Most forms of banking malware involve creating a fake login window that mimics one from a reputable institution. It could be a fake website or app that users type their username and password into, only for that information to be sent to a hacker. According to Security Intelligence, Google recently removed 29 apps from the Google Play Store after nearly 30,000 users accidentally downloaded banking malware. The victims were tricked by personalized phishing forms based on the apps they use. While the programs were attributed to different developers, researchers discovered common code within them, implying that they were all created by the same threat group. The malware enabled attackers to send and receive text messages, impersonate software from victims’ financial institutions, and download additional apps. Ransomware Ransomware is a type of malware that makes data on a device inaccessible and demands a payment to unlock it. In 2017, WannaCry spread like wildfire and wreaked havoc on the global healthcare industry. Ransomware continues to be a cyberciminal’s weapon of choice and according to Malwarebytes, 35% of small- to medium-sized businesses have experienced a ransomware attack in the past year. If you think ransomware is bad, ransomworms are even worse. Basically, they are ransomware programs that spread themselves across a local network, eliminating the need for human error. All this sounds horrific, but the worst is yet to come if you don’t act fast. Having said that, here are some security best practices that will help keep your Android devices secure: Set up a lockscreen passcode Monitor mobile device access and use Patch mobile apps and operating systems quickly Forbid unapproved third-party application stores Control physical access to devices Conduct regulatory compliance assessments Implement an incident response plan for lost or stolen mobile devices While it’s easy to turn a blind eye toward cyberthreats, the question is are you willing to take that chance? If you’re looking for an advanced security solution to keep your Android device safe, give us a call and we’ll be happy to help. Published with permission from TechAdvisory.org. Source.
Should I choose virtualization or the cloud?
Have you heard about cloud computing and virtualization technologies but don’t know the difference? Or maybe you’ve heard a fellow business owner talk about why one is better than the other? Here are the differences between the two and the things you must know to determine which solution is best for your business. Differences between cloud computing and virtualization Virtualization lets you reallocate hardware power using software. For example, many organizations virtualize an in-house server because if only 60% of a server’s computing power is needed to support the company email, it’s hard to make sure the other 40% is used efficiently. With virtualization, you can create two virtual servers from one set of hardware. Each virtual server can be configured with just the right amount of memory and processing power for the needs of specific services such as email, data storage, and hosted telecommunications. Using IT more efficiently means you can put off buying new server hardware, save space in your office, and lower IT maintenance costs. Cloud computing, on the other hand, is a method for delivering processing power. It allows you to access servers and other IT resources via the internet. For example, you could pay for access to a traditional cloud server (one set of hardware, one computer) or a virtualized cloud server. The main advantage of the cloud is that you can access your IT resources from anywhere with an internet connection. Arguments for virtualization A virtualization migration is relatively easy on end users since most of the upgrades are behind the scenes. Your employees may not even realize that your server has been virtualized. But adopting cloud technology means they will need to learn new apps, interfaces, logins, security practices, and a host of other new processes. Such a big change could hurt productivity. Arguments for the cloud If you’re willing to risk a short-term reduction in productivity in exchange for long-term independence from unpredictable hardware, cloud computing is a no-brainer. Other than a steep learning curve for your employees, the cloud is easier on your IT team and on your bottom line. Although some migrations, like moving from locally installed Office software to the cloud-based Office 365, won’t affect end users at all. Which is the best choice for your business? If you want to increase the efficiency of your existing IT hardware, make virtualization a top priority. If long-term growth and IT flexibility are more important, the steeper learning curve of cloud computing might be worth it. One thing both technologies have in common is that they both need the unwavering support of trained professionals. Whether you’re virtualizing a server or upgrading to a cloud app, things like network security and data backups will need specialized care. Give us a call today to receive a special consultation. Published with permission from TechAdvisory.org. Source.
Google Chrome: New money-saving alert
Over the years, Google Chrome has had several versions, with each one providing new benefits to users. In December, Google will launch the 71st version of Chrome, introducing a money-saving feature to users. How will it do that? The money-saving warning The Google Chrome update aims to protect users from websites with “insufficient mobile subscription information.” These are online businesses that offer subscription services, but don’t provide users with enough billing information, either due to poor website design or a deliberate attempt to deceive. To curb this, Chrome will show a warning page that says “The page ahead may try to charge you money” and offers options to proceed or go back to the previous page. Some users may know that they’ll incur charges when they hit “proceed” but may not be aware whether the charges will be one-time or recurring. The new Chrome warning will serve as a reminder for this. How will it benefit users? The Chrome warning’s main benefit will be removing surprise charges. Many users don’t always know what they’re agreeing to when they click a link, and being reminded that they’re about to spend some money is definitely advantageous. In fact, some merchants (e.g., mobile gaming companies) require users to input their mobile number without specifying that doing so entails paying for a subscription service, much less indicating the amount being paid. A recent study shows that more than 50% of internet users browse sites using a mobile device, with this number expected to increase in the next few years. Considering that not all websites are optimized for many types of mobile devices, this update is certainly a welcome one. In addition, Google recently reported that millions of Chrome users may be tricked into paying for site services that have “insufficient mobile subscription information.” According to the tech company, billing information should be obvious. The new warning page will be integrated into those sites with unclear mobile billing features. If you don’t want to go through the hassle of asking a merchant for a refund for products and services you didn’t intend to purchase to begin with, this new feature will be a tremendous help. Whether you want protections like this on your mobile devices, laptop, or desktop, our IT experts can offer money-saving IT tips, tricks, and recommendations. Give us a call today. Published with permission from TechAdvisory.org. Source.
Is your VoIP distributor right for you?
Because it is cost-effective, Voice over Internet Protocol (VoIP) is a popular choice today among small- and medium-sized businesses (SMBs) looking to upgrade their phone systems. But before you contact just any VoIP distributor, make sure you are dealing with a respectable and trustworthy one. Here is a checklist of the must-have qualities of a reputable VoIP distributor. Highly trained technical support A good VoIP distributor will provide some technical support before and after the sale. But a great VoIP distributor will offer highly skilled, well-trained, and certified support. Make sure your distributor’s IT team has been trained on the latest advances in VoIP technology, and has obtained the appropriate certifications. Provisioning capabilities Provisioning means providing service to the user. This includes configuring the hardware and software so they work properly. Ask your potential distributor how many stations and ports they have available, and whether or not they offer custom provisioning packages. API services Check whether your VoIP distributor offers advanced Application Program Interface (API) services. An API is a set of routines, protocols, and tools for building software applications that specify how software components should interact. It helps streamline your ordering process and ensures your hardware will arrive correctly provisioned on your service platform. Training programs Before committing to any VoIP distributor, be sure to check their educational resources. How often do they offer webinars on new products? Do they provide training and educational materials on their websites and product portals? And check whether your VoIP distributor is willing to create custom training materials for you and your customers. A VoIP distributor that offers a complete suite of telephony services helps you overcome your business’s phone service obstacles and lets you better serve your customers. For more information, don’t hesitate to get in touch with us. Published with permission from TechAdvisory.org. Source.
How to protect your Office 365 data
Office 365 is a complete cloud solution that allows you to store thousands of files and collaborate on them, too. In addition to its productivity features, the service comes with security and compliance solutions that will help businesses avoid the crushing financial and legal repercussions of data loss. However, even with its comprehensive security tools, the service has some data security risks that need to be addressed. The following tips will keep your business data private and secure. Take advantage of policy alerts Establishing policy notifications in Office 365’s Compliance Center can help you meet your company’s data security obligations. For instance, policy tips can warn employees about sending confidential information anytime they’re about to send messages to contacts who aren’t listed in the company network. These preemptive warnings can prevent data leaks and also educate users on safer data sharing practices. Secure mobile devices Since personal smartphones and tablets are often used to access work email, calendar, contacts, and documents, securing them should be a critical part of protecting your organization’s data. Installing mobile device management features for Office 365 enables you to manage security policies and access permissions/restrictions, and remotely wipe sensitive data from mobile devices if they’re lost or stolen. Use multi-factor authentication Don’t rely on a single password to safeguard your Office 365 accounts. To reduce the risk of account hijacking, you must enable multi-factor authentication. This feature makes it difficult for hackers to access your account since they not only have to guess user passwords, but also provide a second authentication factor like a temporary SMS code. Apply session timeouts Many employees usually forget to log out of their Office 365 accounts and keep their computers or mobile devices unlocked. This could give unauthorized users unfettered access to company accounts, allowing them to steal sensitive data. By applying session timeouts to Office 365, email accounts, and internal networks, the system will automatically log users out after 10 minutes, preventing hackers from opening company workstations and accessing private information. Avoid public calendar sharing Office 365’s calendar sharing features allow employees to share and sync their schedules with their colleagues. However, publicly sharing this information is a bad idea because it helps attackers understand how your company works, determine who’s away, and identify vulnerable users. For instance, if security administrators are publicly listed as “Away on vacation,” an attacker may see this as an opportunity to unleash malware on unattended computers. Employ role-based access controls Another Office 365 feature that will limit the flow of sensitive data across your company is access management. This lets you determine which user (or users) have access to specific files in your company. For example, front-of-house staff won’t be able to read or edit executive-level documents, minimizing data leaks. Encrypt emails Encrypting classified information is your last line of defense to secure your data. If hackers intercept your emails, encryption tools will make files unreadable to unauthorized recipients. This is a must-have for Office 365, where files and emails are shared on a regular basis. While Office 365 offers users the ability to share data and collaborate, you must be aware of potential data security risks at all times. When you work with us, we will make sure your business keeps up with ever-changing data security and compliance obligations. If you need help securing Office 365, we can assist you, too! Contact us today for details. Published with permission from TechAdvisory.org. Source.
When Microsoft stops supporting Windows
Microsoft only supports each version of Window for a certain period and the end of its support for a software product can be a significant challenge for businesses. Currently, Windows 7 is on “extended support” until January 14, 2020. What does it mean when Microsoft terminates support of your Windows version? Let’s have a closer look. No more security updates End of support for Windows means Microsoft stops issuing security updates for that operating system (OS). For example, Windows Vista and Windows XP can no longer receive security updates despite the substantial security holes found in them. On January 14, 2020, the same will be true for Windows 7. From there, you’ll be on your own. You can still use antivirus tools and other security software for protection, but they won’t be enough to defend against bigger threats. Security software will also gradually drop support for older versions of Windows. Large organizations can sign “custom support” contracts to keep getting security updates while they transition to a new OS. But Microsoft will ratchet up the price going forward to encourage those organizations to move to a new version of Windows. Software companies will halt support too When Microsoft ends support for an OS, that’s also the signal for third-party companies to stop supporting that particular version of Windows with their own software and hardware. This doesn’t happen immediately but it does eventually. For example, Windows XP support ended on April 8, 2014, but Chrome didn’t stop supporting Windows XP until April 2016, two years later. Mozilla Firefox stopped supporting Windows XP in June 2018. Steam will officially drop support for Windows XP and Windows Vista on January 1, 2019. On the other hand, software companies dropped support for Windows Vista more quickly, as it was much less popular than Windows XP. New hardware may not work New hardware components and peripherals will stop working on your system too. These need hardware drivers, and manufacturers might not create those hardware drivers for your old, out-of-date OS. Presently, the latest Intel CPU platforms don’t even support Windows 7 and 8.1. However, the operating systems are technically still in “extended support.” You can keep using your old OS with your current software and hardware, but you have no guarantees of future updates or compatibility. When will Microsoft end support? Microsoft has a well-defined support lifecycle for its software products. They come ahead of time so they’re never a surprise. The agreement includes the assurance that Microsoft is committed to providing products with improved security. While they may be unable to provide security updates for older products, they do advise customers to install the latest product releases, security updates, as well as service packs to remain as secure as possible. Upgrading is better than using unsupported Windows The support lifecycle is rapidly fading away as Microsoft shifts to its Windows as a service and Office 365 subscription models. If you want to prevent security frustrations, it’s best to upgrade to a newer version of Windows. Should you need help in upgrading, or have further concerns about your current Windows, give us a call. Published with permission from TechAdvisory.org. Source.
The lowdown on cloud security
If you’re thinking of transitioning your business to the cloud, consider the security of the platform. While providers would like us to believe that the friendly, fluffy cloud image used to market the service means it is automatically secure, the reality is far different. Just ask one of the nearly seven million Dropbox users who had their accounts hacked. This is not meant to scare you, but to make you aware that cloud security needs to be taken seriously especially if you’re a business owner. To help you make a smooth and safe transition, we’ve put together a list of precautionary measures you can take to ensure cloud security. Ask your IT provider what cloud security policies they have in place This is probably the single most important security measure you can take. Find a trusted IT provider and have a candid conversation with them about their cloud security policies. Ask where the physical cloud servers are located When you have “the conversation,” don’t forget to ask about this. Believe it or not, some cloud servers may not even be located in your own country. Wherever they are, it’s wise to make sure they’re located in a safe data center with proper security afforded to them. Create unique usernames and passwords Your login credentials represent one of the cloud’s main security vulnerabilities. Think of a better password than “12345” or “football.” Use industry standard encryption and authentication protocols IPsec (Internet Protocol Security) is a reliable technology choice. Encrypt data before it’s uploaded to the cloud Encryption is a must, and can be done by you or your cloud service provider. Should hackers manage to access your data, they’ll find it useless because they can’t make heads or tails of it. When it comes to trusting the security protocol of a cloud service provider, transparency is key. They should take security seriously, be able to explain their security policies clearly, and be willing to answer any questions. If they can’t do one of these, that’s a red flag telling you to find another vendor. Are you ready to talk cloud security and transition your business into the cloud? Call us today. We’re happy to answer all your questions. Published with permission from TechAdvisory.org. Source.
The right social media platform for your SMB
Facebook leads all social media platforms in terms of daily active users, audience reach, and cultural impact, but is it the best fit for your business? Every business has a unique audience, so what works for one business may not work for another. With all the available social media platforms to choose from, small- and medium-sized businesses should examine their options before they decide which is the best match for them. Facebook Research shows that 77% of consumers in the US have social media profiles and that Facebook is the most utilized social media platform by users younger than 50 years old. With over two billion users, Facebook offers the biggest audience and is the perfect place for companies that are looking to increase their brand awareness. Apart from the huge user base, Facebook also increases customers’ trust by lending otherwise stiff businesses a human touch. Although you don’t have to invest heavily in this platform, you should at least create a basic page. Setting up your company’s page takes only a few minutes and not having one could affect your reputation. YouTube YouTube is the second largest search engine in the world with over 1.9 billion registered users. When properly utilized, it can bring in new customers and help you retain old ones. To increase your brand visibility and help viewers to get to know your company better, create a channel with videos about the products or services that you’re offering. You can also encourage viewers to subscribe to your channel so they’ll be in the loop every time you upload a new video. Another huge advantage of using YouTube is that Google owns it, and videos from the site are more likely to appear on the first page of search results than other organic content. Instagram Launched in 2010, Instagram is one of the fastest growing social media platforms today. It boasts one billion registered users, mostly on the younger end of the scale (18-24 years old). Instagram is primarily for sharing photos and short videos, but it recently launched IGTV, an in-app tool for users and businesses to upload long-form videos. Keep in mind that most users prefer to use Instagram for fun and creative content. The platform is known for beautiful photos, so choose aesthetic content over standoffish or corporate content. To hit two birds with one stone, integrate your Instagram account with your Facebook page so every new picture or video on your profile will automatically post to your Facebook page. Snapchat Another trendy social media platform is Snapchat, which allows its 300+ million monthly users to share photos and videos that disappear within 24 hours. Businesses can use this platform to reach younger audiences through Snap ads, sponsored geofilters, and sponsored lenses. Snap ads are 10-second full-screen videos with embedded links and calls to action that will appear on the timelines of targeted viewers. Sponsored geofilters and sponsored lenses, meanwhile, are custom filters that may contain elements relating to one’s brand. All these marketing options are available through AdManager, the app’s advertising platform. Twitter Twitter has 328 million active daily users. This number may be small compared to the other social media platforms on this list, but that’s precisely its charm: it gives users the feeling of security and coziness that comes from chatting with businesses directly and publicly. In fact, a whopping 85% of SMBs have Twitter accounts that they use to engage with current and potential customers. And because Twitter only allows up to 280 characters per tweet (excluding links), conversations between parties are straight to the point and results-oriented. If you have more questions about social media platforms and how to use them strategically, contact us today. Published with permission from TechAdvisory.org. Source.
Apple’s second product launch for 2018
Apple launched a couple of products in September. As usual, it’s just slim pickings — we were treated to three variants of the iPhone and the latest model of the Apple Watch. However, the trillion-dollar company was apparently not yet done, as it launched yet even more devices on October 30. Check out the additional lineup below. The redesigned and reengineered MacBook Air The new model for 2018 is a breath of fresh air. It has 17% less volume, a quarter of a pound lighter, and 10% thinner than its predecessor, but it is by no means a lightweight when it comes to features and capabilities: Faster performance – features the 1.6GHz/3.6GHz Core i5 processor, has up to 16GB of memory, and SSDs with up to 1.5TB of storage 13.3” Retina display – has over 4 million pixels, making text and images are sharper and more detailed Apple T2 Security Chip – enables Touch ID, permits only trusted operating system software to boot at startup, and encrypts stored data Touch ID – allows user to unlock the device, buy items using Apple Pay, or open other apps in conjunction with a 3rd party password manager with a touch of a finger Butterfly keyboard – each key is more stable and responsive, and is backlit for easier typing Force touch trackpad – now larger, allowing better conveyance of finger gestures Superb sound system – with louder speakers with more bass, and three mics enable clear group facetime call audio and voice recognition Two Thunderbolt 3 ports – has versatile ports that enables fast data and graphics delivery and charging via a single cable The new Mac mini This small-yet-powerful PC packs six processors for five times faster performance than the previous model. Other features include: Up to 64GB of memory All-flash SSDs – four times faster, with up to 2TB of storage Apple T2 Security Chip – just like what the new MacBook Air has Connectivity options – has ports for Ethernet (configurable to 10GB), Thunderbolt 3, HDMI, USB-A, and audio Stackability – use hundreds of Minis together for mission-critical IT processes that run 24/7 The new iPad Pro The October 2018 launch focused solely on the Pro variant, perhaps signaling the discontinuation of the economical non-Pro iPads, considering Apple’s push for PC-level tablets. iPad Pro users can now use resource-intensive programs such as AutoCAD, which is software that lets you tackle millions of objects within one file. Moreover, Photoshop users on the iPad Pro can create huge graphic design masterpieces with hundreds of layers without suffering lag. The main features of iPad Pro include: Liquid Retina display – gives the best color accuracy of any screen to date and shows things as true to life as possible Face ID – use your face to open your device, log onto apps, and use Apple Pay A12X Bionic Chip – contains the Neural Engine, which enables advanced machine learning for smart image and video editing, among others 8-core CPU – run multiple programs simultaneously apart and dynamically together, such as doing multiple-item drag-and-drops across different apps 7-core GPU – offers 1000x faster graphics performance USB-C port – connect directly to your other devices so you can work on your creations immediately Apple Pencil (sold separately) – features tip and slant sensitivity, making it the most intuitive electronic drawing tool in the market today Smart Keyboard Folio (sold separately) – serves as a protective covering and a dual-mode keyboard: one mode lets you type comfortably on a desk, while the other lets you use the Pro on your lap With so many top-of-the-line features that compliment their intuitive designs, it is no wonder that Apple devices command above-average prices. Indeed, Apple truly knows how to stir up demand for its products. To learn how you can take advantage of Apple’s powerful tech to make your staff more productive, efficient, and creative, drop us a line. Our IT experts can help you source the best hardware and software for your business. Published with permission from TechAdvisory.org. Source.
Outdated firmware: An overlooked threat
If most of your company’s computers are obsolete, they double or even triple your chances of experiencing a data breach. This emphasizes how dangerous it is to have outdated applications, operating systems, and even web browsers. Failing to update your firmware could expose your business to major security threats. What is firmware? Firmware is a basic type of software that is embedded into every piece of hardware. It cannot be uninstalled or removed, and is only compatible with the make and model of the hardware it is installed on. Think of it like a translator between your stiff and unchanging hardware and your fluid and evolving software. For example, Windows can be installed on almost any computer, and it helps users surf the internet and watch YouTube videos. But how does Windows know how to communicate and connect with your hardware router to do all that? Firmware on your router allows you to update and modify settings so other, higher-level pieces of software can interact with it. Why is firmware security important? Firmware installed on a router is a great example of why addressing this issue is so critical. When you buy a router and plug it in, it should be able to connect devices to your wireless network with almost zero input from you. However, leaving default settings such as the username and password for web browser access will leave you woefully exposed. And the username and password example is just one of hundreds. More experienced hackers can exploit holes that even experienced users have no way of fixing. The only way to secure these hardware security gaps is with firmware updates from the device’s manufacturer. How do I protect myself? Firmware exploits are not rare occurrences. Not too long ago, a cybersecurity professional discovered that sending a 33-character text message to a router generated an SMS response that included the administrator username and password. Unfortunately, every manufacturer has different procedures for checking and updating firmware. The best place to start is Googling “[manufacturer name] router firmware update.” For instance, if you have a DLink of Netgear router, typing “192.168.0.1” into a web browser will allow you to access its firmware and update process, assuming you have the username and password. Remember that routers are just one example of how firmware affects your cybersecurity posture. Hard drives, motherboards, and even mice and keyboards need to be checked. Routinely checking all your devices for firmware updates should be combined with the same process you use to check for software updates. It can be a tedious process, and we highly recommend hiring an IT provider to take care of it for you. If you’re curious about what else we can do to help, give us a call today! Published with permission from TechAdvisory.org. Source.