Category: Blog

Sign In With Apple

Posted on by Elevate Services Group

 

Sign In With Apple…Should You Use It?

Apple recently reported that its new “Sign in with Apple” feature will be part of the iOS 13 release in the fall of 2019. It promises to protect your privacy, and authentication experts say it could have an enormous impact on data privacy.

What Is Sign In With Apple?

With Sign In With Apple, you’ll be able to log into your applications. It offers a single-sign-on functionality, much like other sign-in buttons such as Facebook’s, Google’s and Twitter’s.

What Are The Benefits Of Using Apple’s Sign In?

When you sign onto apps, Apple will mask your personal information and email address. But the application will still be able to contact you.

Unlike with Google, Facebook and Twitter, your email won’t be passed on to the developer. You can opt not to allow this, but you won’t be able to use their sign-in service. If you do choose to let Google, Facebook or Twitter track your email, they will also be able to see the applications you use.

Aaron Peck from Oauth explains:

“The way most “sign in with [blank]” systems work is that the app you’re signing in to will get your username on that service and likely also your email address,” he explained. “These apps can sell your email address to advertisers, or correlate your activity between unrelated applications by matching your username.”

Apple solved this problem with its single-use anonymous email address. You’ll be able to share the information you choose with the application. Apple creates a random, anonymous, single-use email address for each application. Apple then forwards emails sent to that address on to you. You have the option of deactivating the single-use email address whenever you want.

By using Sign in with Apple and the single-use email address, your true email address won’t be tracked. Apple is offering this to provide a more private option for use. And they are offering developers a way to provide a fast one-step login without forwarding their user’s data to another company. Apple’s button will also work on websites.

Can You Use Apple’s Sign In With Any Application?

No… only applications that integrate their systems with Apple’s Sign In button. Some may opt not to because they won’t be about to use your information for marketing purposes.

What Phones Can Use iOS 13 & Sign In with Apple?

These are the devices that will be able to use iOS 13:

  • iPhone XS
  • iPhone XS Max
  • iPhone XR
  • iPhone X
  • iPhone 8
  • iPhone 8 Plus
  • iPhone 7
  • iPhone 7 Plus
  • iPhone 6s
  • iPhone 6s Plus
  • iPhone SE
  • iPod touch (7th generation)

Is There Anything Else To Consider When Using Sign in with Apple?

If you are a developer, there may be. There are some concerns surrounding Apple’s terms and conditions for application developers. If they offer Google, Facebook or Twitter’s sign in, they must also offer Sign in with Apple.

And there’s more. According to Reuters:

Apple will expect developers to place their login button above Google’s or Facebook’s.

Apple Inc will ask developers to position a new “Sign on with Apple” button in iPhone and iPad apps above rival buttons from Alphabet Inc’s Google and Facebook Inc, according to design guidelines released this week.

The move to give Apple prime placement is significant because users often select the default or top option on apps […]

Apple’s suggestion to developers to place its login button above rival buttons is part of its “Human Interface Guidelines,” which are not formal requirements to pass App Store review. But many developers believe that following them is the surest way to gain approval.

This means that some app developers won’t have an incentive to actually add the Sign in with Apple feature. But Apple is getting around this by mandating that if developers what to place their app in the Apple App Store, and they already offer a third-party sign in, they must offer Apple’s.

Apple’s terms and conditions don’t require this for applications with a dedicated login system, and those that don’t use third-party buttons from Google or Facebook.

What’s The Benefit For Apple?

Sign in with Apple will improve users’ privacy and provide a far better experience than others.

Will LaSala, director of security services and security evangelist at OneSpan, tells us more:

Apple is going one step further than traditional single sign-on, they are forcing their users to use stronger authentication, such as Apple’s FaceID and TouchID,” he said, noting that Sign in with Apple will ask mobile app users to use the biometrics functions.

The use of adaptive authentication is what should be celebrated – the ability to prevent login tracking or protect a user’s information is a secondary benefit. Any way that we can get users to move to adaptive authentication that is easy and portable across many sites and platforms is a security win for the internet.

Apple is positioning themselves as the privacy provider. So when we want more privacy, Apple hopes we’ll choose to use their technology. It’s a great marketing strategy…something that Apple excels at. We think many people will want to use Sign in with Apple due to its privacy features.

How Technology Can Assist CFOs and Their Expanding Job Functions

Posted on by Elevate Services Group

 

CFOs & Technology

 

The CFO role continues to evolve. CFOs used to be considered fairly powerless scorekeepers or merely chief bean counters, but today the role has taken on more responsibility as well as prominence.

 

Of course, any CFO will tell you that the old role is not unimportant, and it has not gone away. The expansion of the CFO into strategy, decision-making, and even IT oversight creates a capacity problem. How can the CFO meet all the new responsibilities without neglecting the old? Technology can assist in a number of ways.

 

Before we dive into how technology can assist CFOs in their expanding job functions, let’s look at what some of those expanding job functions are. Depending on where your organization is in its digital transformation, you may have already taken on some of these. If not, this overview will give you insight into what may be added to your plate in the coming months and years.

 

New CFO and Finance Responsibilities

 

The CFO has traditionally focused on finance and accounting, and these responsibilities remain both significant and important. New areas of responsibility are developing, though, including these.

 

Technology

The CFO role has an increasing responsibility for overseeing technology decisions and spending, along with the CIO. The entirety of the business is dependent on technology, and good choices in this area lead to dynamic transformation. Bad choices can have catastrophic results.

 

Future Focus

CFO and finance responsibilities are evolving from sole focus on the past (compliance and reporting) to include a future focus. CFOs are partnering with managers around the company to improve operations, and they often work with the CEO and the board to help plan company strategy.

 

Financial data and analytics have helped in this aspect of transformation. Another team may be responsible for analytics, but when it comes to the financial aspect of analysis, the CFO and finance team are an essential part.

 

Partnering with CEO

 

Today, CFOs partner with CEOs to develop strategy more frequently than they did in years past. While the roles remain distinct, the line is more blurry than it used to be, and the level of partnership and collaboration is much greater.

 

Partnering with Division Leaders

It’s more frequent than it’s ever been for the CFO to partner with division leaders or line-of-business leaders. These leaders necessarily have other focuses than finance, and they may need or seek guidance from the CFO. This guidance is sometimes finance-related and other times more generally related to business vision. The CFO also plays a role in teaching division leaders to accept financial guidance from the finance group.

 

How Technology Can Assist Today’s CFOs

 

Savvy CFOs will leverage technology to assist them in their expanding capacities. Here are a few technologies empowering CFOs and finance teams.

 

Big Data and Analytics

Data is more powerful than it’s ever been, and CFOs will benefit from technology solutions in this area. Powerful customer data can drive major insights into financial trends as well as business trends. Use analytics to make better-informed predictions on the future of sales. You can often get a better picture of what the customer wants by analytics than you can by traditional means like focus groups or customer surveys. These are powerful tools that can solve many problems and speed up many tasks for the CFO and the finance team.

 

Embrace the Cloud

Cloud-based apps can lower IT infrastructure spending as well as the need for maintenance. Many if not all the major IT applications needed by the finance team are available in cloud format, including ERP and CRM systems as well as planning and reporting systems.

 

Using cloud-based applications and systems allows your company to expand without having to consider infrastructure improvement. With the cloud, you’ve outsourced the infrastructure completely.

 

Finance leaders and CFOs are sometimes wary of the cloud, and this is understandable. Cloud-based services have had their fair share of highly publicized leaks and breaches. These have led some to question whether the cloud is really the right solution for sensitive data, whether financial or privacy-related.

 

The answer to this concern is twofold. First, the track record of these cloud apps is astoundingly good. Second, take a step back and review the landscape. Do you really trust that your in-house IT or InfoSec team is as skilled in protecting you from an internal breach as the team at a cloud service is? Your business is broad, and IT infosec is only one small component. For the cloud service, it’s nearly everything. One breach and they’d be out of business.

 

Mobile Technologies

While mobile technologies are most visible on the sales force and other customer-facing services (like your website), mobile can improve the quality of life for the CFO and finance teams, too. Selecting cloud apps that allow for mobile access gives additional flexibility to where and how work is done and data is displayed.

 

Need A Great IT Company Who Works With Top CFOs

 

This is just the surface of what technology can do to empower CFOs in their expanding roles. For more, or for help implementing solutions, contact us today.

How Can Law Firms Use Microsoft Office 365’s E-Discovery Capabilities?

Posted on by Elevate Services Group

 

 

According to the American Bar Association, it is crucial for attorneys and e-discovery professionals to define the rules of engagement instead of leaving those details to the IT department. Attorneys are being held to much higher standards of knowledge when it comes to technology, especially in terms of electronic discovery. ABA Model Rule 11 states that attorneys bear a duty to provide competent representation for their clients, and translated into today’s language — that means a firm understanding of technology and all of the various implications. Fortunately, there are advanced tools already built into Microsoft Office 365 that can help support the needs of law offices as they create a proactive e-discovery strategy for their offices and for their clients.

 

E-Discovery in a Digital World

 

E-discovery is increasingly complex as you bring globalization and mobile platforms into the conversation. The ability for mobile phones and tablets to access even the most sensitive personal and legal data is an ongoing challenge, not to mention the ability of clients to easily share information that should have remained confidential. SMS text messages, social media chats, in-app notes — these types of interactions must all be appraised for potential inclusion in legal matters in the future. However, the information that is shared between attorneys, clients and other external parties can be more easily managed with tools from Microsoft Office that are already available to your e-discovery team.

 

Advanced Document Analysis in Microsoft Office 365

 

The electronic discovery tools available in Microsoft Office 365 are increasingly detailed and include the ability to identify content that is a near duplicate, perform predictive coding and consolidate information across email threads. While you may still need a dedicated e-discovery platform for more detailed analysis, Microsoft’s cloud-based productivity platform has many advanced features baked into the base functionality. Microsoft has been boosting their e-discovery chops with additions to the platform that will provide professionals with more of the tools that they need to wrangle and report on data and communications that will impact their various cases. Massive regulatory cases are not the only ones whose outcome may depend on a single email — there are also thousands of smaller cases that can be solved more quickly and accurately with access to the correct information gained through intensive e-discovery.

 

Collecting and Preserving Crucial Electronic Data

The ability to easily share information is a boon for attorneys and clients alike, as people are increasingly ready to work from remote locations and while on-the-go. Law offices must take additional measures to ensure the security and consistency of data due to these additional pressures, and Office 365 can create clean transfer records across various mobile platforms, desktops and email. Attorneys and their staff must have a firm understanding of the flow of information throughout their various systems to take full advantage of the ways they can collect and preserve this crucial electronic data.

 

Investing in advanced e-discovery software may be necessary, but there are many ways that law offices are able to streamline their data structures and workflow by leveraging the advanced functionality that is already available within Microsoft Office 365. Speak with your local technology professionals to better understand Microsoft’s options for improved security and deeper data insights.

How to Copy Cells in Microsoft Excel

Posted on by Elevate Services Group

Today’s quick tech tip covers one of the basic functions in Microsoft Excel.

Watch the video below or click here.

 

Here’s how to copy cells in Microsoft Excel, plus one of the advanced copy and paste features available in the application.

 

Step 1: Select the Cell or Cells You Want to Copy

If you want to select a single cell, you simply need to click on it. If you want to select a range of cells—whether that’s a partial or full column or row, or a wider range—click and hold on one of the cells you want to copy and drag to the other end of the range.

You can also select an entire column or row in one click by placing your cursor outside the grid, on top of the letter or number corresponding to the column or row. Your cursor will change to a rightward or downward arrow. Click to select the entire column or row.

 

Step 2: Copy

To copy the selected cells, click the “Copy” button in the Clipboard section of the ribbon. In your default view, the Clipboard section is in the upper left. You can also use a keyboard shortcut to copy: press Ctrl + C on a PC or Command + C on a Mac.

Step 3: Select Destination and Paste

All that’s left is to click on the cell where you want the copied information to go and paste. If you’ve copied a single cell, simply click on the cell where the copied content needs to go. If you’ve copied a range of cells, you don’t have to select an identical range of cells to paste. Simply select the cell that’s in the upper left corner of your range.

To paste your content, click the “Paste” button in the Clipboard section of the ribbon, or use a keyboard shortcut. This time, the keyboard shortcuts are Ctrl + V (PC) or Command + V (Mac). Your content will appear in the new location, and you’re ready to move on to the next task.

 

A Few Notes

 

Now that we’ve covered the basics, here are a few warnings and advanced tips.

 

Formulas

 

If you copy a cell with a formula in it, Excel will automatically copy that formula to the destination. If this isn’t what you want, click the down arrow below the Paste button. Excel gives you a dozen or so special methods of pasting. If all you want is the raw number, no formula attached, then use “Paste Values” instead.

 

Overwriting Content

 

If you copy a range of cells, be aware that pasting that range will overwrite anything in the destination range. Make sure you have enough space there and won’t lose any important data.

Copy Paste Cells Microsoft Excel

Can CMOs and CTOs Unite?

Posted on by Elevate Services Group
Learn about the importance of CTOs and CMOs uniting their efforts to create optimal outcomes for their companies. You can make business better by uniting.  

 

 

Considering the vital importance of digital touch points—including mobile and Web interactions—for the success of most businesses, there has never been a time where it was more necessary for CMOs and CTOs to unite. But what about the way things have been done for so many decades, with CMOs and CTOs occupying very different areas of the organization? Well, the times are changing, and it is up to business leaders to change along with them. It’s that or risk being left behind by the competition.

 

CMOs and CTOs Must Unite

 

Technology is the through-line that connects every aspect of today’s businesses, especially when it comes to management and the creation of content. Data is the foundation for all decisions in the modern business environment, which comes from the core technologies utilized by every organization. Leveraging technologies allow businesses to create content that is extremely personalized and therefore fulfills the needs of the target audience in ways that were not previously possible. According to Adobe, it is this highly personalized content, along with tech like AI, machine learning and more, that have become required in the modern world of business.

 

Powerful tools like the ones mentioned here are only fully utilized by combining the skills and knowledge of the CTO and CMO. The need for tech expertise is obvious since all of the most potent tools in marketing today are enriched or enabled by the latest technology innovations. But the need for marketing expertise is just as important to connect with the customer. Without a human touch and an understanding of what makes people trust a business, technology can only accomplish so much.

 

How Can CMOs and CTOs Combine Their Efforts?

 

Let’s explore some of the ways that CMOs and CTOs can work towards a united front when approaching company objectives:

 

Be equally accountable for the outcomes you are seeking for the company.

 

The CTO and CMO used to operate in individual silos that rarely overlapped. In those days it was understandable to treat the outcomes you were seeking as your own and to avoid taking on responsibility for the outcomes of other departments—especially departments that seemed to have so little to do with your own. But today it is more important than ever to share the responsibility for achieving company objectives. After all, you are in the same boat overall, and you want to make sure that boat experiences smooth sailing for the benefit of all parties.

 

Instead of saying, “That’s not my responsibility,” try discussing with your other stakeholders how you can contribute towards success. You may be surprised at the answers you get, and at how easily you can provide support.

 

Recognize the areas that you can help when developing the content management strategy for your business.

 

While you both need to be responsible for the outcomes sought by your company, you are only going to be most effective if you are certain where your strengths lie. For CMOs, you should be focused on utilizing your resources and expertise to manage communications, brand messaging and overall content strategies. The CMO understands the consumer better than the CTO and understands the way the consumer behaves. It only makes sense for the CMO to look to things like brand messaging and content strategy because of this knowledge.

 

In contrast, the CTO is best equipped to take control of analytics, delivery, and insights for the consumer. The CTO and the team underneath the CTO have the skills and reach necessary to yield the most effective results in these data-driven areas.

 

Learn to think like the other team from time to time.

 

While you definitely want to lean into your strengths, you still need to have a knack for clear communication and predicting what your peers will need in the business. In other words, you need to learn to think like a CMO or CTO, even if you are not one. No one will expect you to take over the other person’s position, of course. But the better you can get into the headspace of the other manager the better equipped you will be to cross-pollinate and predict the needs of others.

 

Not only does thinking like the other allow you to communicate and help each other better, but it also tends to lead to the kind of game-changing ideas that revolutionize the way your organization functions. The CMO can better understand and utilize the power of the tech available, while the CTO can become more aware of how marketing outcomes are achieved and the kind of information that could be most beneficial for marketing efforts can be better understood.

 

Open up lines of communication and foster their growth.

 

As with any new relationship, the first few conversations are often the hardest to get through. Typically, opening up the line of communication is a big effort, and keeping it open is not the easiest thing to do. But it is worth the effort. Realize that you both can greatly benefit from each other’s knowledge and that working together is the key to realizing the full potential of your business.

Honoring Those Who Gave Their Lives

Posted on by Elevate Services Group

On Memorial Day we remember the veterans who made the ultimate sacrifice for our country. These brave men and women have dedicated their lives to honor the living and make our lives better.

Can’t see the video above?  Click Here.

The History Of Memorial Day

Memorial day is the most solemn American holiday. Memorial Day was originally known as Decoration Day. After the Civil War in 1865, America needed a secular, patriotic ceremony to honor its military dead.

In May 1868, the commander-in-chief of the Union veterans’ group The Grand Army of the Republic, General John A. Logan issued a decree that May 30 should be a nationwide day of commemoration for the more than the 620,000 who were killed in the Civil War.

Decoration Day was a day where he said American should lay flowers and decorate the graves of the war dead “whose bodies now lie in almost every city, village and hamlet churchyard in the land.” The federal government began creating national military cemeteries for the Union war dead. Monuments to fallen soldiers were erected and dedicated. Ceremonies were held to decorate soldiers’ graves.

For more than 50 years, the day was only to honor those killed in the Civil War. Finally, after World War I, Memorial Day included honoring those who died in all American wars. And Memorial Day wasn’t officially recognized nationwide until the 1970s, while America was deeply embroiled in the Vietnam War. In 1971, Memorial Day became a national holiday by an act of Congress.

Today

Today we celebrate Memorial Day on the last Monday in May. Many Americans observe Memorial Day by visiting cemeteries or memorials, holding family gatherings and participating in parades. Unofficially, it marks the beginning of the summer season.

Although many of us will be enjoying a long weekend, the opening of the local pool, barbeques and some fun at the beach, it’s a day for honoring military personnel who died in the service of their country, particularly those who died in battle or as a result of wounds sustained in battle.

Today as we enjoy paid leave and ice cream, perhaps a little reflection is in order.

How Best To Remember The Meaning of Memorial Day?

Never forget our fallen soldiers. They have shown us a path to patriotism. We should honor them by our actions. Listen closely to their plea: “Honor us by sacrificing today for a better tomorrow.”

Our office will be closed on Monday for Memorial Day.

We hope that on this day you will make an effort to set aside a quiet moment to honor those who made the ultimate sacrifice.

Memorial Day 2019

Most Small Businesses Pay The Ransom

Posted on by Elevate Services Group

 

Are you willing to pay the piper when it comes to cyberattacks?

 

 

Despite the growing number of cyberattacks on small- and medium-sized businesses, there is still a lack of awareness or proactive defense of the networks, computer systems, applications and devices being used. This inattention means it’s even easier for criminals to attack your business by worming their way into your data, stealing it and threatening to expose it. Other cyberattacks target the business itself, making systems and websites inoperable, costing businesses millions in the process.

 

Freeing the data or access often means paying a ransom, usually in the form of Bitcoin or some other cryptocurrency that’s impossible to trace.

 

How Much of an Issue is Cybercrime?

 

When it comes to cyberattacks on small businesses, the reality is, if you haven’t already been attacked, you will be. What matters is that you have the security protocols in place to make sure your business withstands these attacks and is not victimized by intruders looking to do harm.

 

The scope of cyberattacks, especially on SMBs, is staggering.

 

According to the 2018 HISCOX Small Business Cyber Risk Report, almost half (47 percent) of small businesses suffered a cyberattack in the previous year. Of those attacked businesses, 44 percent encountered a second, third or fourth attack. Eight percent had five or more attacks.

 

Yet the report shows a paradox. Business executives surveyed identified cyberattacks as one of their top two concerns, along with fraud. Sixty-six percent said they were concerned or very concerned about cyberattacks.

 

However, among those executives, the majority haven’t taken even basic steps to protect their businesses.

 

What Does a Cyberattack Mean to My Business?

 

If you do not invest in cybersecurity measures, you are a sitting duck. That means you’ll have to pay a ransom when your business is attacked. You will incur costs as well, including steps to identify and eradicate the intrusion, notify customers and regulators and pay for deep web monitoring or credit monitoring.

 

What is that financial cost? According to HISCOX, it’s $34,600 for small businesses. The 2018 Cost of a Data Breach Study: Global Overview conducted by the Ponemon Institute shows that among SMBs and enterprises, the worldwide average total cost is $3.86 million. The costs are increasing each year, too.

 

The Ponemon study shows some of the other inherent threats and disruptions a data breach can bring upon your business. Among key factors influencing the cost of a data breach, according to the study, are:

 

  • The unanticipated loss of customers after a data breach is reported. Organizations that have established institutional trust and offer identity protection to victims are more successful in retaining customers.
  • The scope of the breach and the number of records lost or stolen. Ponemon calculates the per-record cost at $148.
  • Time. The longer it takes to discover the data breach and contain it, the more costly it is to the affected business.
  • Scope of remediation. When an attack is discovered, your business is going to incur expenses it didn’t plan for, including for independent investigators, forensic analysis, auditing services, crisis PR management and continuing brand and reputation repair initiatives.
  • Service needs. These included the demands for help desk services, marketing and communication, distribution of new account information or credit cards, legal costs, regulatory investigations and fines, product and service discounts to retain customers and increased insurance premiums.

 

The costs, both real and impressionistic, can cripple a small business that does not have the resources to recover from a cyberattack.

 

What Should Our Business Do To Protect Itself?

 

Protection begins with a thorough assessment of your systems and procedures to determine where there are vulnerabilities that need to be addressed. Working with a qualified managed service provider, you can understand where the exposures are and plan to fix them.

 

Your managed service provider will want to look at several components, including:

 

  • Network security that’s based in next-generation firewalls to identify and contain unwanted activity
  • Automated solutions to update anti-malware applications and install updates and patches
  • Policies regarding access, password protocols and authentication

 

With the proper security in place, you can avoid paying a ransom and putting your business at risk.

Critical Update From Microsoft: Remote Desktop Services

Posted on by Elevate Services Group

Impacted Systems:

  • Windows Server 2003
  • Windows XP
  • Windows7
  • Windows Server 2008

Nonimpacted Systems:

  • Windows 10
  • Windows Server 2016
  • Windows Server 2019

If you are still using Windows Server 2003 or XP, Windows 7, Windows 2008 R2, or Windows 2008 you could be in trouble. A wormable virus may be coming your way. The virus is designated as CVE-2019-0708.

 

 

This means that the virus can get into your system without you doing anything like clicking a malicious link. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights without your knowledge.

 

What Should You Do?

 

Microsoft has released a critical update for their Remote Desktop Services that impacts multiple Windows versions. The patches are for devices and systems that are both in and out-of-support, which is rare for Microsoft to do. This shows the importance of these patches.

 

The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. To apply the patches, go to the Microsoft Security Update Guide for in-support systems and KB4500705 for out-of-support systems.

 

Note: Clients & Customers on a valid managed services agreement are being taken care of and there is no immediate action for any computer, server or other devices under a valid managed services agreement.

 

Microsoft recommends that customers running one of these operating systems download and install the update as soon as possible.

 

Does This Mean Even Systems Without Support Can Get The Patch?

 

Yes, Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. This means that you wouldn’t have received any security updates to protect your systems from the CVE-2019-0708 virus.

 

Given the potential impact on customers and their businesses, Microsoft decided to make security updates available for platforms that are no longer in mainstream support.

 

All Windows updates are available from the Microsoft Update Catalog.

 

What Should We Do Before We Apply The Update?

 

It’s recommended that you back up all of your important data first. If you have a reliable backup, if the patch creates problems you can still access your data. You should do this before you install any patches.

 

What If We Can’t Apply The Patches?

 

If you can’t apply the patch for your system there are other things that you can do:

 

  • If you don’t need the Remote Desktop Services, you can disable it.
  • Block the TCP port 3389 (this prevents unauthorized requests from the Internet).
  • Enable NLA (Network Level Authentication) for Windows 7 and Windows Server 2008.

 

Of course, the best thing to do is to contact your local IT services company. They’ll know exactly what to do.

 

What Is A Wormable Virus?

 

This means that any future malware that uses this vulnerability could propagate from one vulnerable computer to another. This is how similar malware like WannaCry spread around the world. Experts are worried that this flaw could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

 

Here’s what Simon Pope, director of incident response for the Microsoft Security Response Center tells us:

“This vulnerability is pre-authentication and requires no user interaction,” Pope said. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.”

 

Have There Been Any Attacks Yet?

 

Microsoft said they haven’t found evidence of attacks against this dangerous security flaw. But one could happen at any time. Right now they are trying to prevent a serious, imminent threat with these patches.

 

Simon Pope goes on to say:

“While we have observed no exploitation of this vulnerability, it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”

 

What Does The Microsoft Remote Desktop Do?

 

You use the Microsoft Remote Desktop application to connect to a remote PC or virtual apps and desktops made available by your admin. You can control your desktop computer and all of its contents from another computer.

 

The app lets you connect to your desktop from wherever you are. The access to the remote desktop happens over the Internet or via another network. It lets you interact as if you were physically working from your desktop.

 

The Remote Desktop application also gives the “master” computer access to all of the contents on the remote computer.

 

What Else Should We Know?

 

If you had updated from Windows 7 to Windows 10 or from Windows Servers 2008/2008 R2 to Windows Server 2016 or 2019, you wouldn’t need to worry. This is why it’s essential to keep your systems up to date.

 

Soon, on January 14, 2020, support will come to an end for all Windows Server 2008, 2008 R2 equipment and the Windows 7 operating system.

 

If you’re still using these servers or operating system, it’s crucial to replace them now so that there’s no disruption to your daily operations or loss of data.

 

Any hardware or software product that reaches its end of life is a potential gateway for hackers to enter through. In addition to the security hazard, there are other reasons why it isn’t a good idea to keep using old equipment such as unresolvable outages.

 

Where Can We Get Help?

 

Contact us to ensure your Microsoft desktops and servers are secure and protected from unauthorized intrusions.

Will LinkedIn Phishing Threats Defeat The Popular Business Social Media Platform?

Posted on by Elevate Services Group

 

The career-centered social media network LinkedIn is the latest victim of phishing efforts on the part of cybercriminals—demonstrating that no organization, no matter how big, is immune to such threats. The phishing attacks are tailored to what LinkedIn users are most likely to be interested in and seek to obtain valuable information from victims. What makes these attacks most concerning from a business perspective is that many LinkedIn users are logging in with their corporate email accounts. When the cybercriminals succeed in getting the information they want, they can gain access to the information of not just the immediate victim, but the organization they work for as well.

 

 

Cybercriminals Targeting LinkedIn Users

 

According to the Security Awareness Training company KnowBe4, a new wave of cybercrime is hitting the LinkedIn community to gain valuable corporate information. Cybercriminals are attempting to get employees to fall for phishing emails—emails that encourage recipients to click a link that leads to a request for confidential information.

 

The phishing emails are designed to appeal to the personal interests of the recipients, a common tactic with phishing attacks. The goal is to excite the recipient enough that they forget to be cautious. According to KnowBe4, the most popular type of phishing email is one that has LinkedIn in the subject line. Messages from LinkedIn are opened around 50% of the time, so it makes sense for the cybercriminals to use what is most likely to work. They know that around one in two users will open an email that appears to be from LinkedIn, so they tailor their phishing emails accordingly.

 

Particular Concern for Those with Business Responsibilities

 

When a phishing attack succeeds against an average person, their personal information and financial information is at risk. But when a phishing attack succeeds against someone who has responsibilities at a business, and therefore security access to protected information of the business, it can lead to damage that harms the business and all of its employees. No one deserves to be the victim of a phishing attack, but there are individuals who, if compromised, can deliver information that will harm more than just one person.

 

It is predictable that the ones that cybercriminals want most to fall for their LinkedIn phishing attacks are those with higher security clearance in businesses. They know that they could strike a gold mine if they get the right person, with the right information, to fall for one of their phishing emails. That is why they are so devious in the way that they construct their traps. They look closely at the areas of interest of their targets to ensure that they have the highest chance of success.

 

Areas Where Cybercriminals Focus on LinkedIn

 

Not just any phishing email will lead to a click from the reader. To get the desired result, cybercriminals must create the kind of emails that recipients are most likely to fall for. KnowBe4 actually conducted tests on LinkedIn to determine which types of emails recipients would click the most often. As mentioned earlier, the most successful phishing emails included LinkedIn in the subject line of the email. According to an article from ChannelFutures, once the recipient looked at the email, they were most likely to click on emails that had the following in the subject line:

 

  • Profile Views
  • New InMail Message
  • Join my network
  • Add me to your network

 

It makes sense that these subjects would attract the most clicks. They all indicate an interest in the recipient, specifically the kind of interest that could lead to an excellent networking opportunity. A desired employer or contact might have looked at their profile or sent them a message. Even better, they might have requested that the recipient become part of their network, or that the recipient allow them to become part of their network. All four subjects target those who are using LinkedIn to further their careers, which explains why they were so successful.

 

What Can LinkedIn and Users do to Fight the Problem?

 

For LinkedIn, the risk of phishing scams and cybercrime is and has always been present. As the company has grown, they have been well aware of the dangers that cybercrime poses to their business and their users. That is why, as with all other major social media platforms, LinkedIn has a dedicated team to identify cybercrime on their platform and to do what they can to fight it. However, there is a limit to what LinkedIn’s dedicated security team can accomplish on their own. Once a platform has millions of users, there will always be criminals who can slip through the cracks. LinkedIn will not be defeated by cybercriminals as a platform. However, the platform’s users do need to be aware of the risks they face.

 

For businesses, it is best to avoid relying on LinkedIn to keep them and their employees totally secure. Companies have to accept that from time to time, their employees will be targeted by cybercriminals. That is why employee awareness training is so necessary. Businesses must train employees to be aware of the risks of cybercrime, including phishing emails. If you are worried about your employees falling for a phishing scam, consider training them in the red flags of social engineering.

 

To learn more about cybercrime risks and how to avoid them, please contact our IT services team. We can help you protect your employees and your business.