Category: Blog

New and heightened digital threats develop every day, and having standard security software may not be enough to protect your personal data and business from exploitation from malware attacks. Businesses across industries are vulnerable to new attacks, as many security software lags behind. Hackers find ways to work around the most common security platforms to find new ways into systems to gain access to all sorts of information, and the only way to ensure that you are as protected as possible is to work with an IT expert who knows how to take the preventative measures to keep up with the latest malware developments.

One of the latest bugs causing a lot of damage to businesses is a vulnerability to the Microsoft-based cloud office platform, Microsoft 365. This platform allows businesses to push their productivity almost entirely online, giving employees access to their data from literally anywhere in the world while still collaborating in real-time. The use of cloud platforms allowed businesses to stay productive during the 2020 shutdown. The use has grown exponentially in popularity as everything from law firms, doctors’ offices, and schools have shifted as much business as possible over to the virtual platforms.

Hackers recently exploited a bug present in the multi-factor authentication system for access into the Microsoft 365 platform, which meant that there was a somewhat easily accessible back door into the otherwise secure cloud system. There is a lot of damage done when a hacker can get access to your business or personal data. Information can be stolen or deleted, which could lead to costly repairs as you spend time re-collecting data or ensuring that your employees and clients are protected from additional attacks on their finances and identity based on the type of information accessed by the hackers.

System flaws happen, and typically patches are issued to fix bugs that may allow hackers into programs — especially in the case of well-funded, popular programs like those owned by Microsoft. However, that doesn’t mean that there isn’t a chance of an attack before that patch being issued. Also, if your employees aren’t receiving guidance on keeping up with regular updates and maintenance on their work computers, they could be putting everyone at risk as those updates are how patches are installed. A single point of access through an outdated computer can allow hackers to access all sorts of data.

In the case of the latest vulnerability that impacted Microsoft 365, the issue was present in the WS-Trust, an OASIS standard that delivers security extensions and is used to renew and validate security tokens, thus ensuring identity. A bug in this system could be disastrous, allowing for the easy manipulation of security tokens and identity, allowing hackers in. The attacker could easily access mail, files, data, contacts, and more — depending on the amount of information stored on the cloud.

Working with a strong IT support team is the best way to ensure that you are protected from the latest developments in malware. Keep your computers up to date and your employees knowledgeable on the best ways to stay protected by having a strong IT support team to rely on.

What Is The Dark Web?

Are your company’s data and network secure? Solidly secure? Or, are you worried you may have been hacked, putting sensitive data at risk? You may be wondering about the latter if you’re looking up information on the dark web and how it may impact your business. Because, indeed, if you were hacked, that information is likely on the dark web and it can deeply and detrimentally impact your business.

An ongoing study series most recently released in 2019, Into the Web of Profit by Dr. Michael McGuire, explored the Dark Web and shed light on just how serious and dangerous it is to businesses throughout the nation and the world. From bespoke malware to hacking services targeted at FTSE 100 and Fortune 500 companies, the Dark Web has gone deeper underground to thwart law enforcement as much as to share new and advanced ideas with fellow hackers on how to best to hack businesses.

So, if you are thinking that your data and network system aren’t secure enough, or––alternatively––think it is secure enough: (1) you need to get it secure immediately; and (2) you should know that secure enough won’t cut it ever again. Having a comprehensive security plan that evolves with the changes and advancements in security is key to protecting your data, your identity, your company, your company’s brand, your clients, your customers, among other things. Read more to learn about the Dark Web and how to protect yourself.

What is the Dark Web as opposed to the Plain Ole’ Internet?

The internet isn’t plain at all, and it’s made up of three parts:

1. The surface web, also known as the clear web, which makes up the websites and webpages of the Internet that are indexed by search engines (e.g., Google, Yahoo!, Bing, Wikipedia, etc.);
2. The deep web, which consists of pages that you can find and access by using login information (e.g., your bank account or medical records); and
3. The dark web, also referred to as the DarkNet, which is the part of the Internet not indexed by search engines and which cannot be accessed unless done anonymously by using special anonymizing software.

Due to its anonymity, the dark web has been used for good in some respects. Importantly, people who live in countries where access to the internet is restricted can communicate more openly on the dark web. Mostly, however, it has been infiltrated by criminals. They deal in drugs, illicit firearms, and child pornography. They also, however, deal in things like malware, stolen data, and stolen identities.

So, in that respect, the dark web is a source of serious concern for businesses.

What Do We Know About the Dark Web’s Impact on Businesses?

If statistics matter to you, then your business needs to up its game. Below are facts providing an overview of what we know about cybercrime generally and the dark web specifically and its impact on or threats to businesses.

Hackers Attack Businesses

• According to Security magazine, there is a hacker attack approximately every 39 seconds.
• Stale user accounts, like those that are unused or with outdated permissions, are easy targets for hackers to exploit, and according to Varonis, 65% of all companies have more than 1,000 stale user accounts.
• Hacker groups are making millions by selling millions of business data on the dark web––for example:
  • ShinyHunters breached ten companies in the Spring and sold more than 73 million user records on the dark web; and
  • More than 600,000 users of Email.it have their data placed and sold on the dark web.
  • At the start of 2020, more than 30 million stolen credit cards were sold to cybercriminals on the dark web after a gas station and convenience store chain were breached.
• Hackers are constantly scouring the dark web for the next best way to hack.

The Consequences of Stolen Data on the Dark Web are Costly

• Cybercrime on the dark web is incredibly profitable––according to Cybersecurity Ventures, it’s more profitable than even the global illicit drug trade.
• According to RSA, a consumer account could go for as little as $1.00 on the dark web––this means just about anyone can purchase at least one stolen account; it also means that the hacker needs to obtain a significant amount of your data to reap the benefits, which could be good or bad for you.
• SecurityIntelligence’s 2019 report on the Cost of a Data Breach Report found that the “global average cost of a data breach … is $3.92 million, a 1.5 percent increase from its 2018 study.
• According to SeurityIntelligence’s reporting, the average total cost of a data breach for a U.S. business is $3.86 million.
• Also, according the SecurityIntelligence’s reporting, it takes on average 280 days before a company identifies and contains a breach.
• What’s probably most troubling is this: according to Fortune, 66% of businesses experiencing a hack lacked the confidence that the company would recover from it.

The Dark Web is Creating the Need for More Cybersecurity Experts

Because the demand is high, the need for cybersecurity experts is high––in 2019 alone, there were more than 715,000 cybersecurity experts as reported by Cyberseek. Meanwhile, Cybersecurityventures estimates that will be more than 3.5 million cybersecurity jobs come 2021.

What Can You Do About the Dark Web’s Threats to Your Business

Many of us have taken for granted network solutions and cybersecurity. Further, many businesses have limited resources to address cybersecurity comprehensively and on an ongoing basis. But this needs to change. Priority must be given to a comprehensive security system that can aptly and proactively protect your business’s data.

So, what can you do about the dark web’s threats to your business? Things like changing passwords regularly, training employees, choosing the right ISP, monitoring spyware, encrypting client and customer data, among other things are necessary. But it all must be included in a customized plan that is always reviewed, updated, and addressed the new concerns of the day.

Remember: hackers are constantly changing and advancing their methods, so your business needs to do the same to stay on top of it. If you don’t have your own team to address these issues specifically, then you may want to consider outsourcing it to a professional group. With 2021 upon us soon and the economy hit hard by the coronavirus pandemic, the time is now to ensure the safety and integrity of your data.

What Exactly Is NIST?

No matter what industry you work in, chances are you’ve encountered the term NIST at one time or another.

It’s most often used in relation to technology and, specifically, in relation to cybersecurity.

Like many things related to these fields, NIST is both complicated and simple. It’s complicated because you have to have a bit of background to fully understand what it represents. It’s simple because once you understand this background, NIST actually makes a lot of sense.

What Is NIST?

NIST is a federal agency within the United States Government (specifically, the U.S. Department of Commerce). The acronym stands for National Institute of Standards and Technology.

As an agency, NIST was founded by Congress in 1901. Basically, it was established as a way to standardize and promote competitiveness within the fields of science and technology in the U.S. A simultaneous mission was to promote the harnessing of science and technology to improve quality of life in the U.S. and protect our economic security.

What Does NIST Have to Do With Cybersecurity?

Essentially, the National Institute of Standards and Technology has its hands in many areas of industry. But more recently — from the late 20th century up until today — it has particularly impacted how we create, use, and disseminate technology.

As computers and the Internet became more ubiquitous in recent decades, it became apparent to the government that some standardized practices needed to be established. NIST became the authoritative body that would create and disseminate these standardized practices.

According to the NIST website, “Congress has given NIST responsibility to disseminate consistent clear, concise, and actionable resources to small businesses.” That goes for all other sizes of businesses too.

In addition, NIST standards generally apply to all industries. Most importantly, where cybersecurity is uniquely concerned, NIST 800-171 was created to control unclassified government information that is being stored and/or handled by non-governmental organizations.

What Is NIST 800-171?

NIST 800-171 is a special publication that was created and is mandated by the National Institute of Standards and Technology. The goal of this publication is to maintain uniformity in how organizations handle data — especially sensitive government data.

Both small to mid-sized businesses and large enterprises should know about NIST 800-171. As a business owner or C-level executive, it’s important that you, specifically, know about it. And if you work with the federal government — either directly or indirectly — it’s absolutely critical that you know about it.

Essentially, any business that works with the government or with government information needs to be NIST 800-171 compliant. But even companies that don’t work directly or indirectly with government information can find it useful as well.

Here are the basics:

Special publication NIST 800-171 was created to protect something called “Controlled Unclassified Information.”

What is “Controlled Unclassified Information,” you ask?

Controlled Unclassified Information, or CUI, is information that is relevant to the federal government but not necessarily classified. A good example would be legal documents or technical drawings of government projects.

This is important information to keep secure, and though it is not technically “classified” and doesn’t include “state secrets,” the government has an interest in protecting it and making sure it doesn’t fall into sinister hands.

How Does a Business Stay Compliant With NIST 800-171?

We’re not going to tell you that it’s impossible to stay compliant with NIST 800-171 on your own — without the help of a managed service provider.

However … it’s much harder.

NIST compliance is not simple.

First, you have to know which information is CUI and where it is located (all copies). You then have to classify and categorize that information. After that, you have to limit access to the CUI so that only authorized workers can see and use it. You also have to encrypt it.

Once that’s done, you should implement a system of monitoring to ensure that all CUI access dates and times are logged. From there, you need a system of training that can educate your employees on all of this information and how to reduce the risk of CUI access across the board.

Interested in Discovering More About How to Stay NIST Compliant?

As we said, NIST 800-171 compliance is not simple.

It’s far easier to have a managed service provider handle it for you. If you already work with an MSP you trust, talk to them about NIST compliance. If not, get in touch with a reputable MSP in your area today. Managing your NIST compliance is something that shouldn’t wait.

Exactly a year ago today, no one would’ve thought that this many people would be working from home.

Yet, here we are.

The numbers are truly astounding. In June, the estimate was that 42% of the United States’ labor force had transitioned to full-time at-home work.

For a while, most of us thought it would only last for a few weeks … maybe a few months.

Now, it’s been half a year. And many people are beginning to ask themselves: Is there an end in sight to the working-from-home-economy?

A recent survey of 317 finance leaders and CFOs in the United States says no.

Will Working From Home Be a Permanent Transition for the Labor Force?

The survey, performed by Gartner Inc., has revealed that 74% of the surveyed leaders intend to permanently shift at least some of their employees to remote work. After all, there are many advantages to employees working at home — both for employers and employees.

Some businesses had already noticed these benefits and were already making a slow transition to this employment style. Google, for example, would often let their employees do some of their work at home. The rise of the gig economy allowed freelancers to essentially start their own businesses by finding clients on their own or going through brokers like Fiverr.

Now, the pro-work-at-home mentality is on fast-forward.

If you’ve been thinking about transitioning some of your employees to permanent at-home work, there are some things you need to know. Most notably, you’re going to need to step up your IT game as you will be relying even heavier on technology and your IT support provider.

Here are several questions you should be sure to ask yourself as you go about this shift.

1. Are we backing up?

Every business needs to back up their data. It needs to be backed up properly, often, and securely. With the proper backup solutions, even if someone accidentally deletes a file, you’ll have it duplicated somewhere else. More importantly, though, you’ll have security knowing that even if a security breach occurs, it can’t break your company entirely.

2. Do our employees know how to avoid a security breach?

Most breaches in security happen through employees. Often, phishing emails are the culprit. Your IT company should help you train your employees so that they know exactly how to avoid falling victim to a phishing email scam. Moreover, you need to teach them what to look out for and where to go if they do see something that makes them suspicious.

3. Who has access to which files?

Often, when employees work in only one area and only access networks and data storage through clean and secure access points, upper management doesn’t really confine file access. Not only should this change even if all of your employees are still working in your brick-and-mortar space, but it should definitely change now that more employees are working at home.

Whether you like it or not, many employees will be using unsecure networks and devices that do not have the proper security to keep your files safe. Therefore, you need to start limiting the number of employees with complete access to all of your data.

4. Do we have multifactor authentication enabled?

Multifactor authentication makes passwords more secure. Inevitably, you and your employees will be using passwords every day, all day. You probably have multiple passwords that you use interchangeably between home and work.

First of all, it’s important not to reuse passwords. You should have a new password for every account that you have. This goes for you, all other upper management employees, and other workers.

Second, multifactor authentication should be enabled wherever possible. This ensures security for all of your accounts and data because it requires that the individual puts both their password and the second proof of identity into the login fields when logging into a given account or device.

Which Is Better: In-House IT or Outsourcing IT to a Managed Service Provider?

All companies will have different needs concerning their IT. For some companies, having in-house IT support has historically been the best option. It allows IT workers to be there on-demand, and in-house relationships can be formed between the IT department, upper management, and workers at large. In some cases, in-house IT is absolutely necessary, even now.

For the vast majority of companies, however, the updated circumstances of 2020 have proven the value of outsourcing IT to a managed service provider. Not only are MSPs already “at-home workers,” in effect, because they aren’t directly in your employ, but they’re also used to working outside of the clients they serve.

They have all of the proper channels set up for you to communicate effectively with them at any time. In some cases, managed service providers can offer even better on-demand service as they are often available 24/7 to answer your questions or address concerns or security breaches.

One thing to keep in mind is that well-managed service providers are being nabbed up fast. Organizations across the U.S. are quickly realizing that they need reliable IT service and enhanced support for the new systems and subsequent risks that have been presented during this time of COVID-19.

Find your reliable and trustworthy managed service provider today, and start building a relationship that you can grow into. Despite these challenging times, your business still has the opportunity to grow and prosper. The right technology and the best IT support will help.

Exciting New Features Found In Microsoft Teams

It feels like an understatement to say that 2020 has ushered in a “new normal” in the workplace, and it’s undeniable that this year has fundamentally changed the way we use business tech tools. Microsoft Teams is just one example of a platform that seems perfectly poised for this moment. Offering a suite of professional collaboration tools, including video conferencing and document sharing, Teams also has robust security protections baked right into the design. Not sure if Teams are right for your team? Read on to get the details on the latest features available in Microsoft Teams:

• Multi-Factor Authentication. We’ll get right to the heart of the matter; with more work happening online than ever before, it’s essential to have powerful security measures in place. While Multi-Factor Authentication (MFA) may not spark immediate delight and interest from front line workers, tech managers must encourage consistent utilization of these tools–and Microsoft Teams makes it easy to do so. In short, MFA simply requires more than a password to connect to your integrated Microsoft account. Users are prompted to provide this authentication via text message, a dedicated authenticator app, or by pushing a button on their machine. This additional step for cybersecurity protection is well integrated into Microsoft Teams, which makes changing the culture around security at any workplace easier to execute.
• Video Conferencing Updates. Microsoft recently published a report on the “future of work” that highlights several key trends. Among them, video conferencing burnout is a real concern affecting productivity and remote worker engagement. In response, the latest Teams updates include several options to make the video conferencing experience more akin to connecting in person. These updates include:
  • Large Gallery view. Once limited to displaying just 9 participants, the latest Teams updates include the ability to show up to 49 participants at a given time using the “Large Gallery” mode.
  • Dynamic view. Offering interactive tools like virtual hand raising and the ability to adjust the size of various video feeds to maximize the use of the screen, this tool is especially helpful for longer meetings or presentations that focus on a few speakers and/or those using the screen share tool.
  • Together mode. When this view is activated, Teams users will see other meeting participants as if they are sitting together in spaces such as an auditorium or coffee shop. As an article in Business Standard puts it, this display is more than just a fun alternative to the typical square display. It’s specifically “designed to help people feel connected and, thereby, reduce meeting fatigue.”
• Whiteboard. A new tool that seems to hint at the possibility of additional collaboration features in the future, the whiteboard update allows Microsoft Teams users to collaborate in real-time, even if they don’t have a touch screen. The use of “sticky notes,” plus drag and drop functionality, allows greater participation from multiple users on projects that can’t come to life over email alone.

Making the most of remote work and collaboration opportunities means finding ways for colleagues to authentically connect and keep shared work protected from data breaches. Microsoft Teams appears to be dedicated to constant improvement on both of these fronts, making their latest Office product a great go-to, with enough flexibility to engage employees who are working from home, as well as those on-site. The key to successful integration is to lead with the security features like Multi-Factor Authentication first; once the organization’s data is truly safe, real work can begin.

Microsoft Word users have been relying on third-party plugins and services to check their work for similarity issues. However, the tech giant recently announced that plans are underway to include an in-built plagiarism checker in its Word program. How will this improve your writing experience?

The internet has provided a broad range of reference material to the present-day content creator, from students to career writers. In the same breath, we cannot fail to acknowledge that identifying contents that need attribution and how to cite them properly has gotten more challenging.

Microsoft Editor’s Similarity checker feature not only helps you identify plagiarism issues but also suggests solutions. It is designed to recommend correct ways to attribute contents to their sources. The fact that it does all these during the writing process enables you to write more confidently. You can now concentrate more on the quality of your work as the Editor does the rest.

How Does The In-built Microsoft Word’s Plagiarism Checker Work?

Bing Search powers the Editor’s Similarity checker in Microsoft Word. It helps writers achieve originality in two simple steps:

• Scanning Word documents for similarity to other content on the internet.
• Where the tool identifies plagiarism, Bing Search suggests appropriate insertions of relevant citations.

This is a departure from traditional similarity checkers that are more punitive than corrective. The in-built Word’s plagiarism-checking software does not function to ‘punish’ you for getting your content elsewhere. It seeks to help writers find their voices by building on similar works done before, leveraging appropriate attributions and citations. So, your focus shifts from the mechanics of writing to the quality of the content.

Getting Started With Microsoft Editor’s Similarity Checker

The tool was officially announced on March 30, 2020. Since then, Microsoft has launched it in phases, with the initial beneficiaries being users of premium Microsoft 365 Education. Soon, the feature will also be available to Microsoft 365 Home and Business subscribers. Currently, it is only usable for English language texts. Given that it’s a megaproject, covering millions of Word users globally, it may take some time before it finally reaches your account.

Having a plagiarism checker that works alongside MS Word improves the usability and user experience. To enable the feature:

1. Choose Editor on Microsoft Word’s Home tab.
2. Select Similarity on the Editor pane, then tap/click Check for similarity to online sources. The tool automatically begins an in-depth plagiarism check. Once done, it shows you the percentage of your text similar to other content on the internet. The search results also indicate the number of individual passages in your document that should be reviewed.
3. To amend the passages, click on Similarities reviewed. The tool takes you from one passage to the next, suggesting where it would be appropriate to insert a citation. It also includes links to the online texts for you to decide whether attribution is necessary or not. In some cases, you may choose to Ignore.

After a paragraph has been edited, it is underlined in green. You can always revisit it, re-read the online sources, look at the citation suggestions, and even add attributions to texts you previously chose to ignore.

How Do You Insert Citations?

You can use either APA, Chicago, or MLA citation style based on your preference or the type of content you’re working on. When you switch from one style to the other, the Editor won’t automatically change citations already in the document. You can update an existing citation by deleting it and starting the attribution process afresh.

All you have to do is to instruct the software to place a citation just after the passage. At times, the Editor’s AI systems will automatically add quotation marks to a passage. Again, you have the discretion to retain or delete them.

In case you decide to add a citation to a passage of more than 40+ words, the tool formats it into a block-quote. Here, you have the volition to add an introductory statement or an ending commentary of your own words to the passage.

Are you creating a bibliography to cite all the works done? Well, you can make use of Copy full citation. This feature allows you to copy and paste links to all attributed works at once.

Microsoft Editor’s Similarity checker works just like other conventional tools, and better. If well implemented, it will sure give the likes of Grammarly a run for their money.

Microsoft Edge Vs. Google Chrome

 

Google Chrome is undoubtedly the most popular web browser available on the market. As of June 2020, Chrome boasts a 70 percent market share, while Microsoft Edge is the second most popular option. Microsoft is working tirelessly to boost Edge’s competitiveness in a tight market. The tech giant is looking to challenge Chrome and Mozilla Firefox with innovative new features.

 

Judging by the reaction given to Edge’s latest update, it is increasingly becoming possible for the new kid on the block to topple Chrome in the browser market. Microsoft Edge recently displaced privacy-focused Firefox from the number two spot in a show of superiority. The latest update provides the strongest indication of Microsoft’s intentions.

 

It is no surprise that many analysts view Edge as a valid alternative to Google Chrome. The introduction of the new features comes at a time when the remote work trend is growing.

 

 

Comparison

 

Microsoft introduced several innovative features aimed at professionals working from home in Edge 85. The browser now allows users to synchronize browser settings and favorites with profiles in Active Directory without cloud sync. Additionally, remote workers can move Edge collections to Excel, MS Word, and One Note. The browser still compares favorably with Chrome on multiple fronts.

 

Performance

 

Chrome and Edge provide superior performance in terms of speed. Users are unlikely to notice the minor difference between the two, which is detectable when comparing the browsers using Jetstream and Kraken benchmarks. Chrome is faster by a small margin.

 

Meanwhile, Edge outperforms Chrome in memory usage as it uses fewer resources. Chrome uses more than double the RAM required to render web pages by Microsoft Edge. This aspect is crucial for users working on systems with limited memory.

 

Design

 

The two web browsers share similarities in design, and Edge has undergone significant changes as it ditched the old-school design elements for sharper, cleaner interfaces. Icons and buttons look different in both browsers but search or URL bars are identical. On the other hand, the positioning of symbols for addons and extensions is similar.

 

The most significant similarity is that Microsoft Edge and Chrome are both Chromium open-source browsers. They employ the Blink rendering engine, which means they render web pages in the same way.

 

Security and Privacy

 

Edge comes with an increased number of privacy settings, which users can track easily than Chrome. Edge prevents sites from sharing users’ personalized information and blocks tracking from both visited and new websites. It provides three levels of privacy settings to suit the user’s preferences. In addition, the browser employs the Microsoft Defender SmartScreen to protect users from malicious content.

 

Google Chrome only focuses on blocking third-party cookies. Users need to tweak the settings to maximize protection from cybersecurity threats found in downloads, extensions, and websites.

 

Features

 

Edge Collections is one of the features that differentiate the two browsers. It allows users to group web pages based on specific categories or themes to improve various applications’ accessibility. Both Chrome and Edge come with an advanced writing assistant known as Editor, which is identical to the popular Grammarly tool.

 

Although Chrome has a more extensive selection of extensions, Edge users can install native extensions via Windows Store or opt for more from the Chrome Web Store. This capability enhances the appeal of Microsoft Edge in an area that enabled Chrome to stand out.

 

Final Thoughts

 

Many consumer and business users searching for a browser that offers robust privacy and security features are turning to Microsoft Edge. The browser now comes with a dark mode option for all web pages to help reduce eye strain.

 

Some of the new features that are more likely to bolster its market share include interoperability with other Microsoft 365 tools. Remote teams can benefit from moving Edge Collections to MS Word, One Note, and Excel. The Read-Aloud feature for PDFs also helps improve the browser’s overall appeal.