Let’s face it, keeping yourself free from online threats can be a pain: using different passwords for every site, changing them every three months, using advanced encryption, the list goes on and on. You either end up paranoid of being online or giving up altogether. We’ve organized 5 simple cybersecurity measures that we promise anyone can implement.
1. Two-Factor Authentication
Did an attacker get your password? With two-factor authentication they’ll still need your mobile device to do any damage. Here’s how it works: every time you log into a service that requires a password, the service will send a code to your mobile device for another layer of authentication. Nowadays, most internet services have this option: Google, Facebook, Twitter, Instagram, Skype, Slack, etc. Check a full list here to see if you could be using two-factor authentication on any of your online accounts.
2. Password Manager
Say goodbye to the bygone era of memorizing a long list of different passwords for the various websites and services you use. Password manager software may have been around for a long time, but it’s still a viable solution for improving your login integrity. After installing it, all you need to do is create one secure master password and let the software do the rest. It will store and encrypt all of your passwords in one place for future reference and help generate random, more secure passwords for any new logins.
3. Keep All Software Up to Date
Update all of your software and your operating system as often as possible — it’s that simple. New versions come with better protection and fix any newly discovered loopholes. If you are too busy or can’t find the time to do it, check for an automatic update option. Any excuse for postponing updates will feel a lot less valid when it means a security breach or system crash.
4. Disable Flash Player
Adobe Flash Player may be what allows you to play Candy Crush during your work breaks, but it has boasted such a poor security record that most experts recommend that users block the plugin entirely. Most internet browsers have the option to block Flash by default, while allowing you to enable blocked content you deem acceptable by simply right-clicking and selecting Run this Plugin.
5. HTTPS Everywhere
When dealing with technology, long acronyms tend to scare off novice users before they even make it to step two. But don’t panic, there’s only one step to this trick. ‘HTTPS Everywhere’ is a browser extension that forces your browser to automatically navigate to sites using a secured encryption, if the site allows it. The thing is, a significant percentage of websites offer HTTPS connections but don’t present them as the default. When that’s the case, ‘HTTPS Everywhere’ gives your browser a gentle nudge in the right direction.
While in-depth security measures need to be implemented and managed by experts, little steps like the ones listed here can be just as important. Check back often for more helpful cybersecurity tips, but if you have more urgent security needs for yourself and your business, our experts are ready and waiting to offer a helping hand.
Traditional mobile calling plans may not be heading the way of the dodo bird quite yet, but there is a viable threat to their existence. The challenge comes from VoIP, and while it’s only in its nascent stages, it is foreshadowing a dark future for Telecoms’ costly monthly plans, spotty call quality, confusing invoices, and questionable customer service.
In technical terms, VoIP is a broadband phone service that uses the internet instead of a public switched telephone network (PSTN). In simpler terms, VoIP stands for “Voice over IP” which is another way of saying “making phone calls over the internet instead of over traditional telephone lines.”
Here are some statistics on internet-based communications that really show where the trend is heading:
- Telecom companies are losing an average of 700,000 landline customers per month
- Skype’s 300 million users spend an average of 3 billion minutes per day on calls
- During its annual stockholders meeting, Apple CEO Tim Cook stated that there are 15 to 20 million FaceTime calls every day — and this was back in 2014
Why the big numbers?
Surely you’ve noticed that you incur no charges when using an application like FaceTime for that quick face-to-face with your associate who’s away on business, or for the video conference with your clients who are stuck at LAX after a cancelled flight. But phone calls for free aren’t the only advantage of VoIP. Many of us utilize it because it has features and benefits that make it a more attractive alternative to the phone company’s usual mobile calling plans.
Take the VoIP functionality in Apple’s latest version of its iOS operating system (iOS 10). Apps like Skype and Facebook Messenger are so well incorporated that they work just like the iPhone’s own phone application. Incoming/outgoing calls interface just like your regular phone, your contacts are fully integrated…You can hardly tell the difference.
So as consumers and businesses continue to recognize the benefits of VoIP and default to applications like FaceTime, Skype, Facebook, Line, or Viber for their calling needs, will conventional providers like AT&T, Verizon, Rogers, Bell Canada, etc. get squeezed out?
Can you ditch your legacy voice plans altogether?
It’s food for thought, and even if you don’t abandon them entirely, there are plenty of reasons to make broadband internet phone service a part of your day-to-day operations. And not only on your smartphones and other mobile devices.
Did you know that small businesses that change over to a VoIP network can save up to 40% on their local calls and up to 90% on their international calls? Or that a recent piece in PC World indicated that a business with 30 users on its calling plan saves nearly $1,200 per month when switching to VoIP?
Add in features like call recording, call-routing, conference call bridges, auto attendants, and virtual faxing and it’s easy to see why roughly 31% of all businesses now employ some type of internet-based VoIP telephone system.
So if you have a good-quality internet connection and you’re intrigued by the prospects of moving your business away from your local phone company’s services, we’re here to help. Call us today and together we’ll develop a robust VoIP solution that delivers cost savings, provides state-of-the-art functionality, and presents a professional image to the world.
There are a lot of web-based email platforms in the marketplace. Many come and go, but there’s a reason Gmail has crossed the 1 billion monthly active user milestone and is still standing strong as one of the world’s most popular web-based email clients. It’s extremely easy to use and is always up-to-date and secure, courtesy of Google. But if you’re just using Gmail for sending and receiving emails, you’re really missing out on some of its nifty features that allow you to manage your email more effectively. Here are some tips to make the most of Gmail.
Ever had that moment when you’re in a hurry to type up an email and send it off only to notice a few seconds later there were a couple of mistakes? Maybe you’ve forgotten to attach a file or misspelled a word. Heck, you may have even sent it to the wrong recipient! Don’t worry, we’ve all been there. This is the moment where Gmail’s ‘Undo Send’ feature will become your new best friend. You can activate this by clicking on the gear icon on the top right hand corner of Gmail, then go to Settings. Scroll down to ‘Undo Send’ and hit the ‘Enable’ box. Now you have up to 30 seconds to click the ‘Undo’ button that will pop up once your email’s been sent.
Create to-do lists
Gmail provides an easy way to create a task list that you can use to keep track of all the things you have to do in a minimizable window. This way you won’t have to send yourself an email and clutter your inbox every time you need to remind yourself to do something. Adding a to-do list is easy; simply click the ‘Mail’ menu in the upper left corner of the Gmail window and choose ‘Tasks’. A small window will appear in the bottom right corner of the page, and here you can type in your tasks and check the boxes once you’ve completed each of them.
Some emails are too important to be buried in a crowded inbox. This is where you can use Gmail’s Star feature to your advantage. Adding stars is a way to single out emails that need to be read later or require a follow-up. You might already know that clicking the yellow star beside the email will highlight the line and makes the message easier to find. But there’s a way to take things up a notch. Navigate to ‘Settings’ and scroll down to the ‘Stars’ section. Here you can drag the stars from the ‘Not in use’ row up to the ‘In use’ row to make them active. Once you’re done, hit ‘Save’. You could use the blue star for emails that need a follow-up, red for problems, question mark for the ones that require clarification and so on.
Use canned responses
Have you ever had to answer the same questions sent by clients over and over again? Well you’re in luck. Gmail has a productive hack that allows you to create and send off repetitive messages in just a few clicks. Activate it by heading over to ‘Settings’, ‘Labs’ and click the ‘Enable’ button in the ‘Canned Responses’ tab. Now type up a response email. Click the arrow in the lower right corner of the message box and select ‘Canned Responses’. You can add common phrases, sentences or email bodies that you find yourself using a lot, whether for marketing inquiries, sales pitches or client requests.
With these Gmail features you can save time, get more things done and become more productive. If you want to learn more about Gmail or any other Google apps, please get in touch with us today.
Here on earth, clouds are relatively simple phenomena: visible masses of water vapor making their way across the sky. But in the world of IT, “the cloud” is a bit more complex, referring to technology that allows businesses to take a more hands-off approach to managing their IT resources. And the “hybrid cloud” is rapidly becoming the most popular variety.
Hybrid clouds are a combination of private clouds (where data and applications that require tighter controls are hosted either internally or privately in the cloud space); and public clouds (which are operated externally by third-party providers with the express purpose of reducing a company’s IT infrastructure).
A recent “State of the Cloud” report indicates that 71% of all cloud users are now implementing hybrid cloud solutions, mainly because the ways in which they benefit small- and medium-sized businesses are so numerous. Here we’ve highlighted what we consider to be the 4 most significant benefits of hybrid cloud solutions.
Does your industry go through seasonal workload increases? With a hybrid cloud solution, you’ll be able to easily handle spikes in demand by migrating data from maxed-out on-premise servers to scalable, pay-as-you-go “servers in the sky” whenever needed, without incurring any extra hardware and maintenance costs.
Having the ability to choose between on-site/privately-hosted cloud servers and ones on the public cloud gives you more than just cost flexibility. It also gives you the capacity to pair the right IT solution with the right job, like keeping smaller projects on your local or private cloud, while utilizing the more robust computing resources on offer from the public cloud for your bigger projects.
What exactly does this common IT buzzword mean for your organization? In a nutshell, it means that the hybrid cloud allows you to “scale up” or “scale down” on an as-needed basis. So if there are last-minute demand increases that your hardware can’t support, or if you’re simply planning for future expansion, hybrid cloud solutions allow for on-demand increases or decreases in capacity.
Last, but certainly not least, are the security advantages of a hybrid cloud solution. SMBs are able to host within the private cloud their more sensitive data such as an e-commerce website or HR platform, while using the public cloud space for less sensitive data where it’s more cost effective and there is less likely to be major problems should there ever be a security breach.
SMBs can set up their hybrid cloud model in a few different ways, depending on their precise needs and the types of providers available to them:
- By employing one specialized cloud provider who offers “soup-to-nuts” hybrid solutions
- By integrating the services of a private cloud provider with those of a public cloud provider themselves
- By hosting a private cloud themselves and then adopting a public cloud service which is incorporated into their infrastructure
So as more of our customers’ IT infrastructure moves to the cloud, we’re adapting and developing innovative ways to maintain hybrid cloud environments. What this means for you is we’ve got the know-how to provide outright cloud solutions, or at the very least the expert consultation you need, to ensure that your day-to-day operations transition to a hybrid cloud solution without interruption and in a cost-effective manner. Contact us today to learn more about the benefits that the hybrid cloud can bring to your business.
According to several reports, the volume of malicious cyber attacks has significantly increased recently. And even though our devices have the latest network security systems, hackers have a cunning trick up their sleeves — social engineering. Unlike malware and other viruses, social engineering tricks people into divulging sensitive data to hackers. Unfortunately, businesses are also vulnerable to various social engineering tactics. As a business owner, you should be vigilant of these common scams used by hackers.
Phishing scams are perhaps the most common type of social engineering attack. Usually seen as links embedded in email messages, these scams lead potential victims into seemingly trustworthy web pages, where they are prompted to fill in their name, address, login information, social security number, and credit card number.
Phishing emails often appear to come from reputable sources, which makes the embedded link even more compelling to click on. Sometimes phishing emails masquerade as government agencies urging you to fill up a personal survey, and other times phishing scams pose as false banking sites.
What’s the best way to infiltrate your business? Through your office’s front door, of course! Scam artists can simply befriend an employee near the entrance of the building and ask them to hold the door, thereby gaining access into a restricted area. From here, they can steal valuable company secrets and wreak havoc on your IT infrastructure. Though larger enterprises with sophisticated surveillance systems are prepared for these attacks, small- to mid-sized companies are less so.
Quid pro quo
Similar to phishing, quid pro quo attacks offer appealing services or goods in exchange for highly sensitive information. For example, an attacker may offer potential targets free tickets to attend a sporting event in exchange for their login credentials. Chances are if the offer sounds too good to be true, it probably is.
Pretexting is another form of social engineering whereby an attacker fabricates a scenario to convince a potential victim into providing access to sensitive data and systems. These types of attacks involve scammers who request personal information from their targets in order to verify their identity. Attackers will usually impersonate co-workers, police, tax authorities, or IT auditors in order to gain their targets’ trust and trick them into divulging company secrets.
The unfortunate reality is that fraudsters and their social engineering tactics are becoming more sophisticated. Nevertheless, the best way to avoid these scams is knowing what they are and being critical of every email, pop-up ad, and embedded link that you encounter in the internet.
To find out how you can further protect your business from social engineering attacks, contact us today.
A number of clever, yet common techniques have been the basis for several social engineering attacks we’ve seen lately. Hackers are registering domain names similar to authentic domains in an effort to make the e-mail recipient believe that the sender’s request is legitimate.
These techniques can consist of one or more of the following:
- Homoglyphs – A homoglyph is one or more characters with shapes that appear identical or very similar. For example, a capital O and the number 0, a number 1 and lower-case l, a lower-case g and q, you get the idea. Believe it or not, it’s quite common for someone to mistake these letters for one-another when spoofed and replaced in a domain name. (e.g., ahrconsu1ting.com (yes, that’s a number one in place of the letter l))
- Transposition – Simply put, its swapping letters that are adjacent to one-another. most people won’t notice this in a domain name when quickly glancing at a senders e-mail address. (e.g., ahrconsutling.com)
- Repetition – Repeating one of the letters in the domain name (e.g., ahrconsultting.com)
- Replacement – Replacement of one of the letters in the domain name, usually with a letter in proximity of the original letter on the keyboard (e.g, ahrconsilting.com)
- Omission – Removal of one of the letters from the domain name (e.g., ahrcnsulting.com)
- Insertion – Inserting an extra letter into the domain name (e.g., ahrconsiulting.com)
So how is this used by phishers (read: hackers)?
- A hacker will research a company on any number of corporate information sites (Manta, Spokeo, etc.) to gather data about its structure, owners, website, email addresses, revenue, and any other publicly available information
- They will then privately register a domain similar to the target’s domain using the above techniques
- They will immediately send an e-mail from the CEO or President (or similar) to a mid- or high-level employee, preferably in finance, with an official-looking request
- The e-mail will typically request a money wire transfer or some other type of urgent monetary request be sent to a particular account or recipient
- The request may also have what appears to be an official-looking e-mail signature compiled from the information gathered above
Don’t fall victim to this fairly common attack, be sure to double check authenticity of e-mail name and domain name spellings.
When in doubt, make sure a verbal approval is acquired before doing ANYTHING involving company capital.
To read more about Malicious Social Engineering, see our other blog post: Can you expand a bit more on the threat posed by malicious social engineering?
ESPN recently reported that a laptop containing the medical records of thousands of NFL players was stolen from the car of a Washington Redskins’ trainer. And while the team released a statement saying no health information protected under HIPAA guidelines was at risk, the incident shows that EMRs are vulnerable no matter the size of your company. That’s why you need to have all medical records completely protected no matter where they are being stored.
And while the Redskins’ situation was bad, an NFL spokesperson did state that the NFL EMR system was not compromised and the league believes the thief was unable to gain access to the intercepted computer or its files. However, this does not mean the situation is resolved and the team is now in the process of informing every person who could be affected.
Not only is this embarrassing but the Redskins could also be vulnerable to civil lawsuits from players affected even if no HIPAA protected information was accessed. If this sensitive data had been breached the team would have faced a significant fine from the federal government in addition to these lawsuits.
According to Bloomberg Business News, a Massachusetts hospital was required to pay the federal government $850,000 for HIPAA violations last year after a laptop containing private health information was stolen. This event triggered a system-wide analysis which revealed several other areas of non-compliance. Not only was the hospital required to pay the fine, but it also had to invest heavily to upgrade their technology systems.
These two stories can serve as a valuable learning tool for any organization that stores documents or files that are regulated under HIPAA guidelines. For starters, it is important to understand that while email threats like phishing are very real and dangerous, the easiest way for a person to gain access to medical records is to simply take the device they are physically stored on.
That is why it is absolutely vital to have any device, be it a smartphone, a computer or tablet, password protected and encrypted should it store or transmit medical information of any sort. This, however, is simply the bare minimum and you might want to consider additional security measures such as two-factor authentication to add an extra level of protection to your devices.
Another thing to consider is storing your EMR data in the cloud. When files are stored on the cloud, it means you have complete control over who is able to access these documents and where they can be accessed from. In the case of a missing laptop, once it has been reported as lost, you can immediately block it from retrieving any files and perform a remote wipe which will erase anything currently stored on it.
It is important to remember that every device, even those at companies that use the cloud for document access and storage, still need to have strong passwords and encryption in place. Also, it should be noted that transferring HIPAA-protected data to the cloud is a process that must be handled with care. There are several things which must be addressed to ensure your data is protected in line with all government regulations. Bringing in a cloud service provider who specializes in HIPAA storage can make this process a smooth one for you, your staff, and your patients.
Need help protecting your EMR? Interested in learning more about utilizing the cloud to store your documents? Contact us today. We’re experts in HIPAA-related matters and will guarantee your information remains safe and compliant.
Following the let-down that was Windows 8 and 8.1, Microsoft is keen to impress – so much so that it’s skipped number 9 and jumped right to Windows 10. Now the new operating system’s release has been confirmed for July 29, and Windows-based small businesses are clamoring to try out its impressive new features. Here is the rundown of the things you need to know before you spend your fall upping the ante with Windows 10.
You can get it for free
They say the best things in life are free, and that might just be the case with Windows 10. Microsoft has kept its word about making its newest operating system free to access – at least if you’re currently running an authentic version of Windows 7 or 8.1, its two most recent releases. You’ll enjoy a free lifetime upgrade to Windows 10 provided you make the move within the next year and, better still, it’s an automatic upgrade directly from your existing Windows 7 or 8.1 interface. If you’re running an older version of Windows, you’ll need to make a fresh install and you’ll also need to pay – the various available versions of Windows 10 are expected to retail starting at $119.
It’s being launched in phases
Although the official release date was July 29, in reality Microsoft pushed out Windows 10 in a phased launch. This explains why you might not have been prompted for the Windows 10 on July 29 itself – instead, Microsoft has made the new operating system available to desktop and laptop users first, and only later to mobile and other devices. What’s more, the firm already has its next move in the pipeline. Upgrade and update plans for Windows 10 are anticipated to be on the way in two phases, in June and October 2016. But we are expecting these changes, codenamed Redstone, to come in the form of more minor tweaks to the Windows 10 infrastructure rather than a full overhaul.
It’s the last you’ll see of Windows
Microsoft has made no secret of the fact that it sees Windows 10 as the operating system’s final release. But that’s not quite as ultimate as it sounds – this is not really the end of Windows. Instead, what we’re seeing is the transition of Windows from a product to a service. Microsoft envisions a future where, instead of major new versions of Windows emerging every few years, there are regular improvements and updates – far beyond the Windows Updates that we know at the moment.
It’s likely that version numbers will come to play far less of a role in system updates in the future – in much the same way as mobile apps operate, we’ll instead settle into enjoying a frequently updated service that incorporates the latest features Microsoft has developed. And while some have expressed fears that this could lead to home and business users being tied into a subscription model in order to stay up to date, Microsoft appears committed to ensuring that ongoing upgrades are free.
Ready to make the leap to Windows 10? Want to find out how best to make the transition with minimal disruption to your business? Give us a call and let us walk you through it.
At TECHLINQ, we clearly love technology… but even WE advise you to unplug from the hectic world and leave the gadgets behind while on vacation. Unfortunately, if you’re like most of us, you need to stay connected to some degree.
We’ve compiled a list of good technology practices and safety tips to keep in mind while traveling.
- Don’t bring your laptop! Try to use your smartphone or tablet instead to read emails, browse the internet, and access social media while on vacation. No need for the extra weight and risk of loss or damage. If you must bring your laptop consider the following before you leave on your trip:
• Make sure that your software updates and antivirus settings are up to date
• Back up all of your files and important documents
• Password protect your valuables with complex passwords that are hard to crack
• Encrypt important data
- Create a VPN so you can securely access your home network anywhere you go (this is especially helpful when visiting countries with censorship or internet restrictions).
- Avoid logging in to any public or shared computers and unsecured networks. Don’t let even the swankiest hotel lobby PC fool you! Public computers can be littered with malware so avoid logging into anything that requires you to enter passwords or personal information. To stay on the safer side, see if the hotel offers a WPA¬2 protected wifi network for guests that you can access on your phone or tablet.
- Make sure that your technology and gadgets are equipped with well-fitting protective gear. It helps to bring extra plastic bags to protect your gear in case of sudden downpours or unexpected moisture. There are also countless designs of waterproof cases you can also choose from if you’re going to be spending a lot of time near water.
- Back up your files often throughout your vacation. This will enable you to have enough room for plenty of new photos and ensures that each day’s memories will be safe! Not sure how to back up your files on the go? You can use SD cards, an external hard drive, a USB thumb drive, or if you have internet access, a cloud based service such as Dropbox, OneDrive, iCloud for Apple, or Google+ Auto Backup for Android phones.
- Pack a good quality power strip so you can charge all your devices at once. If you’re going overseas you’ll want to include a universal power adapter.
- Bring a portable cell phone charger. For a lot of us, our phones double as our digital cameras. A portable charger will give you a chance to charge your phone if you don’t have access to an electrical outlet.
- Make use of the countless apps created to make travel easier. There are apps to keep your devices secure with alarms, help you find locations with wifi, or apps that will allow you to explore the land like a local!
- Avoid roaming charges and high rates on your cell phone and use a wifi based calling system such as Skype or WhatsApp.
- This one might be the most important tip of them all. Make the best of your time and memories by opening your eyes to the world around you. After all, those are the moments that add to your life and make your vacation memorable.
When looking for Computer or Networking Support we advise businesses to investigate the “Critical 5”. This is an outline of attributes your IT Support company should possess in order to give you the best level of service and support. We’ve adopted these elements based on the best-practices we’ve seen employed by the most adept, committed technology firms in the industry. We regularly put ourselves to the test to see how we stack up against the “Critical 5”.
- References & Business Structure: Can they provide you with more than five client references? Do they have a strong and reputable business structure?
TECHLINQ is a highly service-centric and overwhelmingly referral based firm. We provide service for many businesses in northern New Jersey, and prefer to rely on our constantly growing client base to communicate their satisfaction with the quality of our services to others. TECHLINQ is also legally structured as an LLC in the state of New Jersey, has an A+ BBB rating, and carries full business and professional liability insurance.
- Longevity & Reliability: How long have they been in business, and what is their typical response time?
TECHLINQ was established in 1989 as a full-service technology consulting firm specializing in computer and networking solutions for small to mid-size businesses. With relentless innovation, we anticipate providing our exceptional proactive systems management well into the future. Typical phone response time for clients under a TECHLINQ plan is less than one hour, with emergency response available 24 x 7 x 365.
- Scope of Service & Process: Can they manage your company’s specific technology requirements, not only now, but moving forward?
TECHLINQ has a clearly defined “Scope of Service” document which outlines all of the hardware, software, and networking technologies with which we have proficiency. Prior to establishing any formal relationship, we conduct a thorough systems and network analysis so we may provide a proposal detailing our assessment and any associated recommendations and estimates. We are process-driven, and pride ourselves on our proactive approach to technology support
- Skills & Experience: What are their technicians’ proficiencies and certifications, and how long have they been in the industry?
TECHLINQ’s technicians all hold multiple industry-recognized certifications, as well as having proficiencies in the technology areas as presented in our “Scope of Service” document. Our founder and Chief Operating Officer has been a professional in the computer industry since 1986, and our technicians have an average of over 10 years of computer and networking experience.
- Authorizations & Affiliations: What manufacturer authorizations do they hold, and what affiliations do they maintain?
TECHLINQ currently holds authorizations from: Microsoft, Hewlett Packard, Lenovo, Dell/SonicWall, Cisco, Digium Switchvox, Symantec, Western Digital, Acer, Adobe, Netopia, D-Link, Intuit, ViewSonic, and many more. We are actively affiliated nationally with the Better Business Bureau (BBB), CompTIA, and the ConnectWise Partner Network, and regionally with the NJBIA, and the Tri-County Chamber of Commerce. Our COO regularly speaks on business technology issues and information security. TECHLINQ also periodically donates refurbished computer systems and peripherals to interested local charities.
If you are having difficulty staying on top of properly maintaining your systems, contact the experts at TECHLINQ to see how we can help ease the burden with an innovative TECHLINQ Support plan.