Short on resources but still need to improve data security? Here are the steps you should consider. A very typical attitude exists among growing companies that are upgrading their data security systems. It goes something like, “We would love to improve our IT security – but we don’t have room in our budget for anything big.” Given how sensitive data security currently is to business survival, we’re not sure that’s the right attitude to have, but the fact is that many companies just don’t have many resources available to invest in new security licenses or services. That’s fine: Here are key steps you can take without making significant budget changes. 1. Use Available Biometrics and Manage User Identities Biometrics may sound like a high-tech field, but biometric devices have fallen in price and become commonplace, removing budgetary concerns about upgrades. In fact, if you have a device made within the last couple years, it probably comes with a fingerprint scanner or similar device without any extra charge (how long has it been since we’ve been logging into our phones with fingerprints?). Even if you are using older desktops or laptops, biometric devices are a quick, affordable purchase that will allow your company far more efficient login tracking and device protection. Passwords have problems – especially when they are poorly chosen or never changed. Biometric logins don’t have these problems and are generally more employee-friendly to use. 2. Maintain a Dedicated Security Administrator Services like Microsoft’s Office 365 Threat Intelligence use automatic threat detection services to sift through data and watch for any signs of malware or hacking. Threat Intelligence can alert companies about suspicious behavior or logins, as well as keep businesses updated on the latest threats and necessary precautionary steps to take. The good news is that Threat Intelligence is typically offered as a free security perk. However, it requires an experienced security administrator who can receive regular alerts and who knows what to do about them. Creating an entirely new position is unlikely with budget constraints, but consider shuffling responsibilities if necessary so that a trusted IT hire or manager can hold this responsibility for the long term. 3. Practice Consistent Access Management All data systems come with ways to manage access: Unfortunately, not all companies use access control to the proper extent. Some sensitive data simply cannot be available to everyone without inviting serious security risks. Even data held behind authorization walls can be compromised if that authorization is handed out too quickly, or at the wrong time during workflow. For a low-cost way of shoring up your data security, take a look at access management practices and how easy it is for people to improperly access sensitive data. This isn’t just a systems question, either – it’s also an environmental and practices issue. No business should leave computers open in lobbies or common areas with access to sensitive data enabled. 4. Fix Compatibility Issues and Implement Security Updates ASAP Security updates and patches are designed to counter malware or close vulnerabilities that could later be exploited. It may seem like Security 101 to apply these patches, but many companies struggle with this simple step. It’s best tackled in two stages: Go through operations and check to see if updates will cause any compatibility problems. This is an IT specialty, and IT experts should have no problem finding any potential problems.If any software or systems run into issues when you try to update, then fix them first or find alternatives that are up to date. Do this regularly with security patches, and you will end up with flexible, fast systems that can be updated in a day or two. Don’t do it, and you’ll be stuck with compatibility issues that will keep getting worse. Set your update schedule, and make updates on work devices automatic so that no one has the choice to just ignore the patch. Remember, time is of the essence, so even if you need to wait on vendor updates or switch to a different app, think in terms of days or weeks instead of months. 5. Change to Mobile-Capable File Servers This is probably the most cash-heavy option on the list, but if you already have the right server hardware or flexibility in switching hosting services, it doesn’t cost much to make a server upgrade, especially if you are already paying for a license/service. Today’s mobile-friendly business world benefits far more from adaptable, streamlined, and mobile-capable systems that eschew external hard drives (another cost-saver) for cloud sharing and virtualization. Cut back on hardware, revamp your data services, and the company may come out the other end with fewer long-term costs. 6. Enable All Two-Step Verification Everything from Gmail to O365 offers multi-factor authentication. All businesses should allow this type of the audit: It makes data theft far more complicated and doesn’t come with any associated costs (other than a bit of your time). 7. Make Employee Education Part of Your Daily Meetings Educating employees isn’t always easy, but it’s very cost effective! The problem is that a single education or training session has minimal impact. Over time, without reinforcement, employees tend to get lazy about security, so you can’t just tell them once. A better idea is to devote a portion of your daily or weekly meetings to talking about general data security. You can give tips about how to treat mobile devices before a business trip, updates on new security initiatives, and reminders about logging off computers in public areas. As long as you make it part of the continued conversation, it will stay in employee’s mind and become a part of the workplace. However, always try to explain the impact on the company itself, and why security rules exist so that employees understand what’s at stake. A short news brief about data attacks in your industry can make a compelling point if there are any good recent examples. There are also online resources available to help out. Do you have more specific questions about your

The world is a more dangerous place for kids than ever before in history. Here is how to keep your kids safe online.   Kids spend an average of nine hours a day online, using social media, playing games, engaging in chat rooms, looking at videos, and generally browsing the web. While the Internet can be educational and informative, it is also where danger lurks. Not speaking to strangers used to be a standard, basic instruction that parents gave to their children. Now, however, parents are oblivious to the incessant online “chat,” which is simply a virtual version of talking to strangers. There are many inherent dangers in giving kids unfettered access to the internet. Among the dangers is that kids will grow up too fast, be traumatized or confused by images they see and text they read, become a victim of bullying or some other crime, or be swayed to think in a way that is dangerous to their well-being. Following are some examples, and how parents can keep kids safe online. Traumatized by Images and Text Young kids who are given tablets, phones, and laptops to “play” with while the parent is busy are easily traumatized by images and text encountered on the internet. Simple and innocent sounding keyword searches that a child might enter can quickly bring up raunchy material that is sometimes purposely formatted to come up in a minor’s online search. There are people who get a thrill out of posting unseemly images and formatting them with kid’s cartoon character names, for example. Preventing young kids from being traumatized by such images and text is as simple as keeping devices out of the hands of youngsters. There are plenty of electronic toys available that don’t include internet access to kids under a certain age. Bear in mind that phones, tablets, and laptops are not toys. Grooming by Pedophiles As with any hunter, pedophiles hang out where their prey is, and kids are the prey of pedophiles. That means that pedophiles hang out in kid’s chat rooms and they set up user accounts on kid’s online games like Minecraft and Roblox. An online gaming environment allows other users to comment as they play. Public comments are visible by everyone, and it’s easy for a child to become a target of a pedophile during game play. Once the target is identified, the pedophile uses sophisticated techniques to garner trust, sympathy, and friendship. At that point, the pedophile may then suggest having a more private conversation that invariably leads to a sexual nature. Over time – and pedophiles are very patient – they can actually have a child consent to a sexual encounter, which is orchestrated by the pedophile. The best and most effective way to prevent your child becoming a target like this is to deny the child access to online games where they play with other, real players. Your child will resist this, especially if their friends get to play online games, so it’s a good idea to form a parenting group where all parents in the community agree to restrict online gaming. There are lots of fun alternative games for kids to play that don’t involve real players, including some that have virtual players so it can feel like a live gaming experience – without the danger. Being a Victim of Phishing Not every internet criminal is after your child. They may use your child to obtain personal information they use for identity theft. Kids and teens are poor gatekeepers of personal information. Their young, innate sense of immortality also makes them feel like they are too smart for a scam like phishing. When it comes to personal information that can be used to obtain financial and identity records, kids simply can’t be trusted to keep it safe. To prevent you or another family member from identity theft, it’s not enough to warn your kids. Kids hear the same news that we do. Repeating stories of kidnappings or people being taken advantage of online won’t work, because kids, like adults, never think it can happen to them. Instead, explain how hackers and “bad people” use the information we provide. For example, explain that many of the same questions that Facebook users divulge are the same as the “security” questions on a typical financial institution’s website. Your high school, favorite teacher, first pet’s name, maiden name, favorite sport or game; all are common knowledge to your Facebook friends. Agree on a fictitious set of answers and information for use in online situations. That way, if a scam artist does try to use those answers, they won’t work in a secure online environment, such as on a credit card application or bank website. Becoming a Victim of Bullying Online bullying is increasing. 52% of young people report that they’ve been bullied online. The actual figure is probably higher because kids are often embarrassed about being bullied. Bullying can lead to anxiety, poor academic performance, depression and can even have fatal consequences. Bullying usually happens on social media, but it can also take place on online gaming platforms. Parents can’t prevent online bullying, but you can monitor your child’s online accounts. Insist on having usernames and passwords and check them frequently to ensure your child hasn’t changed them. Monitor online conversations to nip bullying in the bud. If bullying does occur, contact the relevant authorities. Since bullying is so prevalent, it is recommended to counsel your child about bullying, even if it hasn’t yet occurred. Maintain an environment of open communication with your child so they will feel free to share their concerns. Make time to listen, and above all, watch out for signs of bullying. These include a reluctance to go to school, loss of appetite, angry outbursts and a change in social behavior. If you notice anything suspicious, the first place you should look is on their social media accounts. The world is a more dangerous place for kids than ever before in history. There

Incorrectly hardening servers are one of the biggest challenges in cyber security. Watch from the driver’s seat to see what (ethical!) hackers are looking for so you can protect against vulnerabilities. Security experts on both sides of the house recognize that bringing up a new server improperly can create a wide open door for cybercriminals, but how can you know for sure that you’re closing every nook and cranny and completely hardening your server? Small- to medium-sized organizations are particularly vulnerable, as they may not have the full complement of IT staff required to specialize in cyber security and are likely following a set of directions instead of fully understanding the challenges they’re facing. With the rapid pace of change and the complexity of technology today, it can be difficult to keep up with the myriad options available for your network. {company} agrees, so we’ve put together a first-hand view of how an ethical hacker quickly takes down a business Avaya server in a very short period of time. This cautionary tale may offer you some ideas for keeping your organization’s data such as your customer and employee personal information safe from cybercriminals. Types of Attacks There are some standard types of attacks that we see on a regular basis, many of which are perpetrated when an unethical individual gains access to a key internal server: DoS: Denial of Service attacks can cause a web server to come to a halt, making your website(s) completely unavailable to users. Phishing: Perhaps the most well-known type of attack, phishing occurs when individuals within your organization click on a link or navigate to a website that is fake. Individuals are then tempted to enter personal information or passwords so the hacker can gain entrance to your company. Defacement: A scare tactic that is often used towards politicians or large corporations, defacement occurs when a hacker gains access to a web server and replaces the company’s website with a different page that includes a message, music or even the hacker’s name. DNS Hijacking: Hijacking your domain name server (DNS) redirects all web traffic from your site to another location on the web. Sniffing: Hackers attempt to “sniff out” sensitive information that is being passed internally and externally to your organization through an intercept, in an effort to gain unauthorized server access. Cybersecurity Risks Let’s say your organization’s servers have been hacked. What does this really mean in terms of data loss and security? Not only can your organization’s reputation be ruined by a DNS hijacking that sends your customers to a nefarious website, but cybercriminals can also install malicious viruses that can utilize your systems as a replication tool, sending viruses out to all your clients and contacts. Additionally, a true data breach could be incredibly expensive in terms of lost business and even lawsuits against your organization if the personal financial information is breached and then utilized by hackers. However, perhaps the most troubling and damaging effect of an attack is the loss of trust from your customers, which can have a long-term negative impact on your organization. Let the Hacking Begin The penetration testing was done against three different Avaya servers, exploiting different vulnerabilities each time. In all three instances, the white-hat security tester was able to gain access to all three servers. LDAP Scenario The first activity was to run a Nessus vulnerability scan, which showed that anonymous LDAP queries were a possibility: a hacker’s goldmine of data. Once this was determined, the hacker determined it was an easy step to scan for an Avaya phone tree by using JXplorer and looking for an LDAP tree with root “vsp” with a branch labeled “People”. After that, it was simple enough to scan for the two important entries: “cust” and “admin”. After determining that the passwords within the entries were hashed, it took only a moment to break the encryptions using a software tool called John the Ripper, even with the default settings. Turns out, the passwords were still the default passwords for the system “admin01” and “cust01”. After trying a few different tactics to get a full shell, the hacker eventually was able to utilize a combo of a Meterpreter reverse tcp payload via a Linux binary executable file delivered by msfvenom to essentially backdoor into the system. Next, the hacker was able to gain access to a second box that was tied into the first one, simply by following root SSH keys — which can indicate a way for users to log into the system remotely without a password. An additional find was user passwords on the second server, none of which were difficult for the hacker to guess using easy counter-encryption methods. Two Down . . . On the final server on the same subnet, the security expert quickly got a bonus find: easy logins with a full shell using the default “cust” and “admin” passwords. While they did receive a full shell from the system, the passwords and usernames uncovered in the first two servers also worked on the third. However, the shell would not allow access to the root directory and this third server was proving a difficult nut to crack. After utilizing linuxprivchecker.py script to identify any potential locations to run a binary, the hacker uncovered that the majority of locations on the box were covered with noexec commands — effectively halting binaries from executing to protect the server. Eventually, however, the white hat hacker noticed that there was a diag program setuid binary that was only available to a few users within the group, and not the users whose accounts were already compromised. Getting to the Root After several circuitous attempts, the security expert managed to gain access to a shall as a secondary user, by running through voice-only setup binaries and leveraging the diag command, which runs as root regardless of where the command is executed. The meterpreter reverse payload was used again in this instance, to gain access to the /msg/database/vm/tmp directory,

Reports have begun to pour in regarding a new ransomware infection currently wreaking havoc in Russia, Ukraine, France, Spain, and several other countries. This highly sophisticated Russian strain is known as Petya or Petrwrap, and it has been advancing on a scale comparable to the recent WannaCry ransomware infection. However, unlike WannaCry, this strain lacks both the errors WannaCry contained as well as lacking a kill-switch. A wide range of businesses have reported being hit with this infection, with victims receiving the following message: “If you see this text, then your files are no longer accessible because they are encrypted. Perhaps you are busy looking for a way to recover your files, but don’t waste your time. Nobody can recover your files without our decryption service.” Sources state that the message appears as red text on a black background, and demands $300 worth of bitcoin in exchange for the decryption key. While it has not been completely confirmed as of yet, Petya/Petrwrap looks to be taking advantage of the EternalBlue exploit, which was leaked by a group known as The Shadow Brokers. If EternalBlue sounds familiar to you, it should – it’s the same exploit WannaCry took advantage of. If you haven’t already, you should be taking steps to protect your business against this exploit by installing the MS17-010 security update from Windows (which you can find here) and checking to see that your systems are fully patched. Like WannaCry, Petya/Petrwrap has the ability to compromise systems that are firewall protected. As this is a true worm, if the infection is able to reach a single computer within your network all of your systems and servers are at risk of becoming infected. Take a moment to remind your staff that they need to be exercising extreme caution at all times when checking their email. If anything even slightly suspicious finds its way into an employee’s inbox, they need to know how to handle the situation and who to alert. All it takes is one mistake for your business to suffer serious damage, and events like this serve as an ugly reminder that a certain level of vigilance is required at all times to keep your business secure. If you have concerns or want to find out more about what you can do to protect your business in the wake of this latest ransomware attack, please contact {company} right away at {email} or {phone}. Our team is here to help.

Unless you happen to be a cyber criminal, ransomware is bad news. So for the rest of us who might have a run in with a cyber criminal who uses ransomware as a method for extortion, it’s important to know what to do and how to handle such situations. Thankfully, we’re going to provide such tips to stop an individual from holding your data ransom and how to prevent them from getting away with their crime. What’s Ransomware? Ransomware is known as a form of malware that either blocks access to your files (via encryption) or holding your computer hostage. Once a person is infected with ransomware, they’re usually ordered to pay a ransom in order to retrieve their data. Since the ransom can usually range between hundreds or thousands of dollars, many individuals who are unprepared for such attacks end up paying the amount and suffer the financial setback – regardless if get their data after paying the ransom. How Ransomware Is Spreading & Evolving With ransomware finally receiving national attention on the news, it’s safe to say that it’s only evolving and becoming more common in the future. This is mostly due to the fact that cyber criminals are utilizing modern technology that make the most dangerous links seem completely harmless. One specific ransomware strand that has been causing concern has been CDT-Locker. Being incredibly hard to detect, CDT-Locker is capable of hiding in files and going unnoticed by security software. To make them even more threatening, hackers have managed to get people to download such files by utilizing tricks that make them seem harmless. An excellent example would be a hacker (posing as your utility company) claiming that they are about to shut off your power if you don’t fill out a form. Another example could be a hacker utilizing social engineering tactics (to pose as a contact you know) to get you to click on a link via email. To make matters even more bothersome, cyber criminals will even use newsgroup postings and social media to post their malicious codes. By taking advantage of human reactions, cyber criminals have no problem benefiting making money at another’s expense. What To Do In A Ransomware Attack There’s a few guidelines one should follow in the event of a ransomware attack. Such guidelines are: Regardless if you’ve found a questionable file or received a pop-up window demanding payment, the first thing you’ll want to do is to contact law enforcement. Although it’s likely that they might not be able to offer immediate assistance, they should be notified of what’s going on in regards to your attack. Once you’ve contacted the police, contacting the FBI is necessary so they can begin to take action on the matter. The next thing you’ll want to do is to contact your service provider. Make them aware of your situation so they can take action and rectify the issue. Doing so not only makes it easier for them to solve your problem, but this helps them prevent ransomware attacks in the future. The third thing you’ll want to do is to turn off the infected computer and disconnect it from any networks that it could be connected to. By containing the malware, you can prevent further damage to other computers within your network. Many individuals do not know that ransomware can take down an entire network of computers if the infected computer remains on the same network, so removing the infected computer from the network is necessary to stop the problem. The final step is up to you – if you weren’t prepared for a ransomware attack beforehand. If you end up paying the ransom, it is possible that you might not receive your data and end up with a financial setback that could happen again. for example: the cyber criminals already got you once, what would prevent them from attacking you once more? In addition to this, cyber criminals tend to want payment in bitcoins or over the Tor network, since these methods of payment are virtually untraceable. Caving in to the ransom not only makes their illegal acts easier in the future, but it allows ransomware to become much larger problem in the future. However, if you have been backing up you files and information via the cloud or through physical drives, you won’t have to suffer such traumatic experiences. By having this upper hand in a ransomware situation, the cyber criminals remain powerless since they don’t have anything that you don’t already have in your possession. So regardless if you happen to be a small business or a large corporation in {city}, it’s important to back up your files to avoid such severe circumstances. Thankfully, {company} is here to solve your problem. Since a few hours of backing up information on other platforms can save you hundreds of dollars (and time lost medicating headaches during the ordeal), preparing for such situations is one of the the best ways to combat and prevent the event of a ransomware attack. Contact us by {email} or {phone} today so we can save your business a lot of hair pulling in the future.

Technology is an essential part of the modern business in large part due to the way that it helps bring people together. Since the beginning, Microsoft solutions like OneDrive and SharePoint have been founded on this simple fact – by making it easier for people to collaborate and communicate with one another, organizational leaders can create an environment where everyone can contribute towards the goal of working “smarter, not harder” whenever possible. At Microsoft’s recent SharePoint Virtual Summit, company officials debuted a number of new features for both platforms that seem to double down on this simple-yet-critical goals. The features, which will begin making their way to users later on this summer, are intended to improve the way that organizations can connect both internally among employees and externally with clients. OneDrive Updates The centerpieces of Microsoft’s summer update spree in terms of OnePoint is undoubtedly the new “file sharing experience,” a feature designed to improve OneDrive’s integration with the built-in file management tools found in the Windows 7, Windows 10 and MacOS operating systems. When users navigate to an Office 365 file or folder using either the “File Explorer” file management system on Windows or “Finder” on a Mac, a new OneDrive-centric “Sharing” option will appear. This is similar to the way services like Dropbox already work in that employees can now share files and other documents with one another WITHOUT navigating away from the file manager or opening a different piece of software. The same window will give users the option to create Web links for colleagues from external organizations or even from their clients. What sets OneDrive apart from their competitors, however, comes by way of the far deeper level of control that it provides. Users can set an expiration date on all links that they create, for example, and can even modify the permissions they give to any particular shared file. If someone is sharing a proof of concept document with a client that they want them to SEE but not EDIT, it is now simple to make that happen in just a few quick clicks of a mouse. One specialist described the OneDrive updates as “collaboration on my own terms.” He said that Microsoft is going deeper than just allowing people to share documents – instead, it’s now possible to truly connect with someone in a meaningful way the same way you would if they were sitting beside you in an office. People can connect anyWHERE, anyTIME with anyONE – something that will be of particular value to the collaborative environment with many employees working remotely. Because OneDrive sharing permissions will also be tightened, end users will have a far superior level of visibility over who can view, modify or even access certain documents. This will also go a long way towards maintaining a much-needed level of security in a digital age that is growing more dangerous by the day. The Future of SharePoint During the same event, Microsoft also announced that a new feature called “communication sites” are coming to SharePoint later this year. They’re designed as an alternative to the existing “team sites,” offering employees a much better and more user-friendly way to distribute content more broadly across and organization than ever before. If a certain piece of information needs to be seen by as many employees as possible as quickly as possible, users can create a “communication site” in seconds to do exactly that. If the venue of an upcoming company picnic has suddenly changed due to unpredictable weather issues and people are already in transit, the “communication site” can bring together elements like Bing Maps, an image gallery, a general messaging service and more – all in an effort to spread the word as far as possible as fast as you can. Microsoft also announced a new feature that administrators have been clamoring for in particular – the new “Site Management” page. Viewing and managing all SharePoint sites is no longer a time-consuming and frustrating experience. Instead, administrators can navigate to a single page that serves as a comprehensive destination for viewing and managing all sites, no exceptions. That noise you just heard was the collective sigh of administrators around the country enthusiastically awaiting this release. Another upcoming feature that will allow admins to rest easy – a newly designed “Device Access” page, distilling all of the various access controls for mobile collaboration down to a single window. Businesses can now quickly set policies restricting file sharing based on users, devices, and location characteristics, helping to cut off small security incidents before they have a chance to become much bigger (and undoubtedly more expensive) ones down the road. More Features on the Horizon In related news, Microsoft also took the opportunity to announce changes to PowerApps – the company’s “no fuss, no muss, no-code” business app builder. End users will soon have the option to create custom forms that appear in SharePoint lists and libraries. Approval flows are also on the horizon, which are built on the Flow automated workflow platform and are intended to speed up the approval process at many different organizations. Microsoft has taken a lot of flak over the years for releasing “solutions in search of a problem” or for making “changes just for the sake of it” with many of its products. The company’s flagship operating system seems to have been a particularly notable culprit of this, though Windows 10 has undoubtedly gotten things back on track. Regardless of what has happened in the past, one thing is for sure – Microsoft’s summer update spree to both OneDrive and SharePoint, in particular, reaffirm its commitment to its customers and their own workflows moving forward. Microsoft seems to genuinely want to make it possible for organizations to work “smarter, not harder.” While the company’s definition of “smarter” is often up for debate, steps like these show that the tech giant is at the very least moving in the right direction. {company} is incredibly proud to be your

Microsoft Teams is a chat-based work hub destined to change the way you communicate with team members. Follow these tips and tricks to make the most of your Office 365 experience. The goal of Office 365 developers is not only to make better productivity applications, but they also want to allow for a more collaborative experience among users. To achieve this goal, they have developed a new application for their suite of products called Microsoft Teams. The driving force behind Teams is to get everyone working together in the most efficient way possible. Microsoft Teams Overview With Microsoft Teams, users have a digital hub for all their most important workplace applications. The service comes with Office 365 and the new chat element allows for easy collaboration for team projects. Teams was created as a competitor to the very popular service Slack. With Teams, real-time messaging with application integration makes the service a must have on any compatible device. Unlike Slack, Teams uses threaded conversations in order to avoid the confusion of searching through too many messages on your screen. As long as you’re an enterprise-level Office 365 subscriber, the application is completely free. It’s very important to have a business-level Office 365 subscription. Otherwise, Teams is unavailable on single subscriptions. Tips and Tricks of Microsoft Teams Toggle between private chat and team chat. You are in control of who sees your messages. Write to the entire team or send an individual message from the application. You can schedule and create as many group chat sessions as you like. All chat history is saved to help you go back and review previous messages. This is helpful if you need to locate a shared URL, image, or attachment. With messaging taking place in the cloud, you never have to worry about any information exchanged within the program being lost. Give access to all of the tools your team needs to success. Microsoft Teams is more than just a chat room. Microsoft has enabled all of their most popular applications to be shared within Teams. Your team will be able to exchange information via OneNote, SharePoint, and Skype for Business. Using Microsoft Teams can be overwhelming at first. The interface is fairly simple to figure out, but Microsoft offers plenty of tools to help navigate the interface. Within Teams is a new assistive feature referred to as “bots.” These bots are ready to answer any questions you pose to them. For instance, a “Whobot” will help you find team members based on their skill set or previous work assignments. Bots are expected to pop up from top companies such as Trello and SAP. These bots will help you better organize your current and future projects. Calendar integration is another feature you should be using within Teams. All team members can schedule meetings within the application including the addition of recurring events. There is also a free and busy calendar option to let others know your current and future availability. Although chat is a quick and easy form of communicating among teams, you may also choose to go live in real-time. With Skype for Business, you can begin a live video chat session in high-definition with premium sound. Bring Microsoft Teams with you wherever you go. The application works on all computers running Windows 10, but also can run on iOS devices. Android and Windows phones and tablets can also run Microsoft Teams. Accessibility is very important to Microsoft developers and this is why options include keyboard only navigation, higher contrast resolution, and support for screen readers. The most important feature is the high level of security offered with the Microsoft Teams framework. Teams abide by all global security practices and standards to keep your data confidential within the cloud. Don’t miss out on this exciting new rollout from Microsoft 365.

Cyber insurance helps ensure business profits in case of data attacks: Here’s what you need to know. Cyber insurance is business insurance that covers costs associated with data attacks, offered by insurers and via plans with certain vendors. When many companies here about that, the automatic thought is, “Yes, that is exactly what I need!” That may be true – but it’s important to note that cyber insurance is not cyber security. It will not actually protect you, and there are strict limits to what it can do. So let’s go over some facts about this type of data insurance that you need to know about. Coverage Does Vary Based on the Policy Cyber insurance isn’t as strictly codified as some types of insurance, and its coverage can vary greatly between policies. What one standard policy covers may be very different from what another insurer or vendor offers (we’ll talk more about this later). In other words, you can’t really count on any particular coverage without reading the fine print, so get ready to put on your glasses. Fortunately, like other types of insurance, you can usually attach various riders and clauses to create coverage for the specific events or costs that you are worried about. This will, however, raise the price of the coverage. Human Error Is Not Covered Basically, cyber insurance doesn’t really cover people being dumb, and this can cause a whole lot of problems with making claims. For example, let’s say that one of your employees opens a phishing email and downloads some really nasty malware. Will cyber insurance cover that? Quite possibly your claim would be declined because the problem has its roots in a human mistake instead of an attack that your company couldn’t avoid. It’s even more unlikely to find coverage for poor password management or leaving a computer unattended and logged in. Take this as an important reminder that employee education should be a best practice no matter what type of insurance you have or what you want to protect again. Known Vulnerabilities are Rarely Covered Here is where matters of liability become tricky. You see, few cyber insurance policies will cover problems that result from known vulnerabilities. That means that if a security policy is known, and the provider or manufacturer announces a patch to fix it, it is on you to download the patch and fix your security. If you do that, coverage shouldn’t be a problem. But of course, a vast number of data attacks happen because businesses have not patched known vulnerabilities (just look at WannaCry) even though patches have been made available. There may be additional, customizable add-ons for protection even from known vulnerabilities, but it’s going to be a lot more expensive. So, once again, even with cyber insurance, you still need smart security practices and a strict update policy to protect your company. Are you getting the theme here? Data Restoration May Not Be Covered, Either Yeah, this one throws a lot of companies off balance: Isn’t cyber insurance supposed to recovered data restoration? Isn’t that the point? Well no, it isn’t. “Data restoration” is a complex process that may or may not work, no matter how much money you throw at it. It usually relies on things like proper data backup, which is a company responsibility, not an insurer responsibility. It’s not really an area that an insurance policy is well-equipped to deal with. So cyber insurance focuses primarily on interruption costs – on “refunding” you the profit that your company lost while dealing with the data attack. Don’t make the mistake of thinking that all associated costs will be covered. Third Party Insurance is Different From First Party Typical cyber insurance covers the first party – that is, your company. And that’s it. If data is lost, mishandled or attacked while with a partner or third party, your insurance coverage won’t touch it. However, there is a second type of cyber insurance that is specifically designed to protect your data when it is in the hands of third parties. This is particularly useful in sectors like the healthcare industry, which finds itself transferring sensitive data to other organizations regularly. Cyber insurance or not, it’s pretty obvious you will need a robust data security plan in addition to any coverage you may choose (or be required to have). We can help here! {company} provides IT services in the {city} area for a variety of different data goals. Let us know what you need by contacting us at {phone} or {email}.

When someone thinks of spam they typically think of unsolicited bulk commercial email they receive in their inbox. However, the concept of spam started a little earlier than you might think. How far back? How does 1864 sound? Spam in 1864 you say? Yes, in the form of a telegraph, advertising a local dentistry actually. The Telegraph was so much news that the local paper even reprinted the telegraph that was sent to many households, further propagating the message. More recently, people consider the first spam email coming out of Digital Equipment in 1978 which went to a total of 393 people promoting their latest computer model. You can thank a Monty Python sketch based on a cafe that only served the canned spiced ham SPAM for the origin of the name. Another early spammer was the lawyers Canter and Siegel posting their “Green Card Lottery” message to USENET, a shared messaging system. What does all this have to do with today? You don’t want to be known as a spammer. There are three ways to attack the spam problem. First off, you don’t want your marketing emails to be classified as spam. Secondly, you don’t want your mail server to be abused where someone sends spam through your hardware. While this wasn’t sent to you directly, your hardware could be blacklisted, thus affecting your own emails. Lastly, you don’t want your employees to respond to spam. There are ways to filter this at the mail server to prevent them from seeing the messages, or at least classify messages as fishy before their opened. Our company {company} can help you to protect your business from being labeled a bad apple in the email business. Starting with the most important avenue, ensuring your marketing messages get through, there are some best practices to know about. For starters, don’t just send emails directly to your clients. Putting everyone’s email in the “To:” field of a message is bound to cause problems when someone does a reply-all. If you absolutely have to send a message to LOTS of people, it is better to use the BCC (for blind carbon copy) field of a message. Better yet, rely on a mailing list management package like that offered by Constant Contact. Typically, you don’t want to add people to the mailing list yourself. Instead, people should opt-in. More importantly, with each message you send, there should be unsubscribed instructions. Protecting your mail server is not an easy task. There are some simple steps you can do like requiring that users are authenticated before sending a message, but someone can just spoof the email headers to make it appear messages came through your server. To best protect your server, in 2012 DMARC, or Domain-based Message Authentication, Reporting, and Conformance was introduced. Combined with the earlier introduced SPF, Sender Policy Framework, this makes sure that any messages appearing to come from your mail server actually came from your mail server. {company} can help you keep up with the latest ways to protect your email servers and thus getting your marketing messages through. Lastly, it is important to look at the inbound side of spam. With all the talk of Russians hacking servers and the release of inappropriate celebrity photos, most of these attempts are triggered by phishing attacks of targets. You still need to worry about viruses being sent through email, but phishing involves fraudsters sending what look like real emails in the attempt to reveal personal information like passwords and bank account info. You don’t want your employees giving away the farm so that others can then get into your company network or your employees worried about identity theft. {company} can help protect your mail servers from letting these unsolicited emails through. Contact us at {email} or {phone} to learn more about how we can help you.

Need a fast Windows screenshot? We’ll show you how to do it! Do you need to take a quick Windows screenshot for work or fun, but can’t figure out how to do it? Don’t worry: Our guide will show you just how it’s done. Copy the Screen for Posts Traditionally, the “Print Screen” option is the quickest way to take an easy screenshot that you can use later on as desired. The only problem here is that these days Print Screen looks a little different based on what type of keyboard you may have. These steps may not all be available on some keyboards, especially more compact keyboards or non-Windows keyboards. First, look at the top rows of buttons on your keyboard. Look for a button that says “PrtScn” or “Print Scr” or any other abbreviation (it may also be lurking around the Ctrl key, there are several places that they appear. If there’s a dedicated key, all you have to press it. This will instantly copy a snapshot of the screen. You can then go into any document and paste the screenshot wherever space is available. Note that sometimes this feature is on a dual-purpose key, and you may have to access it by pressing the Ctrl or Fn key at the same time. Automatically Save Screenshot as File Let’s say that you don’t want to just copy a screenshot for pasting, but that you actually want to save a screenshot as its own photo file. In that case, you may need a combination of buttons. If your keyboard has both a Print Screen button and a Windows logo key, you can press them both at the same time: This will usually take a screenshot and then automatically save it as a separate file, typically in the desktop or its own screenshots folder. Of course, it’s not always that simple. If you have a Windows key, an Fn key, and a Ctrl key, you may need to push some combination of these keys along with the Print Screen key to create an automatic save. A little bit of experimentation may be in order, but if you’re using a built-in keyboard (like on a laptop) then you can probably look up the best method. Choose a Single Window as a Screenshot This is a common case in many of today’s larger screens, where you have several windows open at the same time but only want to take a screenshot of one window, not the whole screen. There’s a way to do this, too: Click on the window you want to copy so that it’s highlight. Then press the Print Screen key and the Alt key at the same time. If your keyboard has an Fn key, you have to press Print Screen, Alt, and Fn at the same time to get this to work. “Snipping” Screenshots Windows also lets you select a particular area of the screen through a dedicated screenshot tool called the Snipping Tool. It’s not as fast as other methods, but it is very effective. Just type in “snipping tool” into your Windows search box and it will bring up the right link to select. This opens up a small bar that allows you to create a “New” screenshot and change the shape of the shot. You can then drag your mouse to create whatever size you need. Looking for more information on how to use Windows 10? Remember to take a look at {company}’s Wisdom Wednesday series for continued advice. If our {city} readers have any further questions or need help figuring out a problem, contact {company} at {phone} and {email}.