Better yet, it’s super easy to setup multi-factor authentication of your Office 365 account, and all accounts associated with your company. Follow these steps and you’ll be done before you know it. First, you’ll want to log into the Office 365 Portal with your administrator credentials. Then, click on the users and groups tab. From here, go to the Setup link, located to the right of Set Multi-factor authentication requirements. This will show a display featuring all of the usernames associated with your Office 365 account. Select the box to the left of the user that you’ll be applying multi-factor authentication to. Then, go to the information box to the right of the user and select Enable, located under quick steps. A box should open called About enabling multi-factor auth. Make sure you check out these links if you need more information concerning multi-factor authentication. When you’re ready to proceed, all you have to do is click enable multi-factor auth. Office 365 will inform you that your settings have been applied. You can click close to end the process. Now that you’ve finished the setup process for multi-factor authentication in the administrator settings, users will be asked to make certain changes to their accounts the next time they log in. After the initial login process, a user will need to verify their identity and set up multi-factor authentication on the user-end. The user will be required to select which MFA method they prefer, like their mobile phone number, so they can receive a call or SMS messages from Microsoft. After entering the preferred phone number, click verify. Next, Microsoft will contact your phone with a unique code that you will enter in order to verify the number. Depending on if you’re using a browser-based MFA setup, you may be asked to change your password too (it’s a best practice to regularly adopt new passwords). After creating and implementing a new password, multi-factor authentication will be set up for all the Office 365 accounts that you desire to have an extra layer of protection for. For more information about multi-factor authentication, and how you can take advantage of similar services for all of your online accounts, give SRS Networks a call at (831) 758-3636.
The Next Generation of Wireless Communications When we say 4G, we’re talking about the fourth generation of wireless technology solutions. Thus, the first generation of wireless technologies, 1G, would be the primitive cell phones from the 1980s, and each generation sees an increase in the power and mobility of wireless devices. 2G was a step up from 1G, making all transmissions digital rather than through analog, 3G was a further improvement to the wireless transfer of data, and 4G is the current technology. We’ll give you three guesses as to what comes next. You’ll be happy to hear that 5G will probably be the next step in enhancing wireless communications. However, it’s not necessarily “here” yet; in fact, it’s likely 5G won’t arrive for at least five years from now. The reasoning is that it’s not entirely clear at the moment how this type of wireless technology can be effectively delivered to the mobile device users of the world. Processor magazine says that researchers are looking into “what technical advances can achieve goals like minimum 100Mbps data rates, 45 b/s/Hz [bits per second per Hertz] spectral efficiency, 100Tbps per square kilometer density.” In other words, when we do actually get 5G, we can expect it to be pretty fast. The Next Generation of WiFi With so many new devices connecting to the Internet, it’s natural that networks grow more powerful to accommodate the increase in traffic. One standard that will see some improvement is the Wave 2 802.11ac, which is designed to handle multiple devices at the same time. It’s thought that this will become the most accessible type of connection available in the near future. In the next two years or so, we should expect to see improvements in the way wireless networks deliver quality service to users. As reported by Processor: Peter Crocker, founder and principal analyst at Smith’s Point Analytics, says “the reality is that Wi-Fi will be part of 5G, and it’s going to bring together a bunch of different transport technologies from Bluetooth to Wi-Fi to LTE and 3G, making all these things work together.” Regardless of how and why wireless technology is created, there’s no doubt that it’s shaping the way that the modern business functions. If you’re ready to take advantage of the numerous benefits that mobile technology can provide for your business, contact SRS Networks. We’ll assess your current wireless networks and identify points where you can improve its functionality. Give us a call at (831) 758-3636 to learn more.
David Gewirtz of ZDNet performed what he calls a “thought experiment” to determine what would happen if a cyber war were to knock the United States back to the proverbial “Stone Age,” a term he uses to describe the era of computing that directly precedes the Information Age: when computing wasn’t commonplace or central to our everyday lives. One scenario Gewirtz explores is the possibility of the Stuxnet virus (an extremely complex virus that targets nuclear reactors) being exploited against the United States, alongside several other digital attacks that are designed to weaken the infrastructure. Since some systems rely on older technology, flaws in security can be found and exploited relatively easy if they’re being looked for. Furthermore, the United States’ reliance on electronic payments means that an attack on financial systems could potentially leave it in disarray. However, most scenarios that were considered came to the conclusion that within a few days, normal life would once again commence; primarily because of the assumption that society would “regroup, rebuild, and recover.” Then, Gewirtz takes a darker approach by assuming that the prior statement simply doesn’t happen. These scenarios rely on the assumption that the government’s carefully laid out plans also fall through, and are compromised by hackers. While these might be some dramatic events, Gewirtz urges the reader to “remember that this is a thought experiment, and that clever enemies are capable of playing a long game.” For instance, what would happen if hackers used the files stolen from the U.S. Office of Personnel Management, which was breached recently, to infiltrate the government, implant threat actors, and fake information within the system to suit their needs? With personal information, including fingerprint records, at their disposal, hackers would have everything they need to take down systems that everyday society requires to function; all from the inside. With so many vital points hit at once, it’s safe to say that the financial systems and communications infrastructure would be among the first to go down. Without electronic transactions, businesses wouldn’t be able to run. This would be exacerbated by a lack of communications. Since most people don’t use landlines, and instead are opting for mobile phones or simple Internet communications, it’d be difficult for anyone to contact one another without waiting several days for messages. In Gewirtz’s own words: Without financial support and communications, our supply chains would be toast. Goods and services would no longer move across the country. There would be mobs storming supermarkets, hardware stores, and gun shops. Gasoline for vehicles would run out in a matter of days. National government would cease to function. Instead, the primary governance touch points would be some responsible local law enforcement officers. More likely, we would see feudal governance take hold, where those with the most firepower, survival resources, and physical strength would take power. The end result would probably be what would be akin to a technology age of around World War II, though for several reasons, Gewirtz states that society would regress further than that. His reasoning is that society is more structured around technology than it was in the past. Even amidst war, nations were able to communicate with each other because of this sound structure. Would today’s society be able to hold up to these standards? Probably not, simply […]
We’re not here to chastise Ashley Madison users, we’re sure their spouses are already doing a fine enough job of that. Instead, we want to explain that every Internet user needs to hold themselves accountable for their online actions, like web browsing. If you’re not taking careful steps to keep your identity anonymous while online, you could face serious consequences. For starters, you should never assume that any one site is invulnerable to hacking attacks. Just last June, even the United States federal government was hacked and the confidential records of 4 million employees were compromised. No single site is capable of warding off all attackers, especially sites which exhibit a high profile. Essentially, if a skilled hacker wants to find out what you’ve been doing on the Internet, they’ll probably be able to do so. Although, if you take measures to prevent hackers from tracking your online endeavors, you can minimize the chances that they’ll uncover dirt on you. Granted, you may not have anything to hide, but it’s still important that you keep as much sensitive information hidden as possible. You never know who might be watching. Here are five ways you can minimize how much of your sensitive information can be found online: Clear Your Browsing History Clearing your browsing history is often perceived as a sign of sketchy browsing activity, but it doesn’t necessarily have to be. Did you know that deleting your browser’s history is one way to keep hackers from finding your frequently-visited online accounts if your PC were ever to be hacked? Bonus Tip: Many web browsers allow you to have private browsing sessions that don’t store your history locally, like Google Chrome, Mozilla Firefox, and Microsoft’s Internet Explorer and Edge. Just keep in mind that your history can still be seen by your Internet Service Provider. Don’t Use Your Real Name Easily one of the best ways to keep your online activity from biting back is by not using your real name. This is easier said than done. Although, many websites like Facebook require real names in order to keep people accountable for what they post. Whenever you can conceal your real name, be sure to do so. Don’t Use Personal Photos For much the same reason why you don’t want to use your real name, you should avoid using personal photos. This is especially true if you don’t want an account to be traced back to you. Be sure to post a generic image of interest, rather than your kids, house, car, or other personal photos. Protect Your Credit Card Information If a hacker is able to capture your credit card information, they may also be able to access to your purchase history. This can be problematic if you’ve purchased something that’s better kept to yourself. Cryptocurrencies like Bitcoin are an anonymous way to shop online, but not all online accounts will accept them. Therefore, using prepaid credit cards that can’t be traced back to you is always a secure online shopping strategy. Don’t Use Your Personal Email Account Finally, using your personal email to sign up for accounts online can not only be risky, but it can also be annoying when you have an inbox full of spam. Prevent this by creating a “burner” email account from a free online […]
One of the best ways your business can approach mobile devices is by consulting SRS Networks’s technology experts. We can work with you to build the ideal Bring Your Own Device (BYOD) solution, designed to protect your business and approach mobile devices in an organized, secure way. In fact, with the cloud increasing access to data and mission-critical applications, it’s no wonder that businesses are skeptical of this yet-emerging technology, despite the incredible advantages it brings to the table. The largest reason that businesses invest in a cloud IT solution is to make their company’s resources more accessible for their entire organization, from approved devices that adhere to a BYOD policy. This means that your end-users can access documents and files from any of their mobile devices, including laptops, smartphones, tablets, and more. With all of these devices capable of accessing information both in and out of the workplace, it’s reasonable to treat the BYOD trend with a level of skepticism. Take, for example, the average virus infection. An employee visits a site on their smartphone, which infects their device with a virus or some sort of spyware. If this device connects to your network, this infection can become much more widespread. This kind of risk to your network’s integrity is a worst-case scenario, but is completely avoidable under the right circumstances. The best way to protect your network and its cloud infrastructure is to make security a priority for your BYOD policy. A good mobile device management solution should be capable of limiting certain applications’ access to confidential information. It helps if you’re able to blacklist certain apps from accessing your data, and whitelist approved apps that can do so without risking the integrity of your network. This should be done, especially if you’re the one providing your team with mobile devices. The basics will be better than nothing, but to truly optimize your network’s security from the BYOD menace, you need to integrate a much more comprehensive security solution. By limiting access to data based on user permissions, you’ll be more likely to minimize data leakage and keep your network relatively free of potential threats. Give SRS Networks a call at (831) 758-3636 to learn more about how you can protect your network.
What’s the Exploit and Who Does It Affect? The vulnerability in the CISA’s emergency directive affects all supported Windows Server operating systems. It’s been named Zerologon, and If left unpatched, it could allow an unauthenticated threat actor to gain access to a domain controller and completely compromise your network’s Active Directory services. The vulnerability gets its name because all the hacker has to do is send a series of Netlogon messages with the input fields filled with zeroes to gain access. Once in, this essentially gives the hacker a lot of control over your network, and it’s a publicly available exploit (since Microsoft has released a patch for it) which means cybercriminals will be taking advantage of it. The attacker doesn’t need any user credentials to use this exploit. If your business network is running Windows Server, you need to have updates applied to your servers to ensure that this vulnerability is patched. If you aren’t actively keeping all the devices on your network maintained with the latest updates and security patches, you are essentially leaving the front door wide open. The Department of Homeland Security (the parent department of the CISA), has issued a directive for all government agencies in the United States that they have until today (September 21st) to apply the patch, to prevent giving hackers control over federal networks. This means all state and local government agencies are required to apply this today and report back to the CISA. Not having this patch installed will also affect other compliance standards throughout other industries, and of course, leave your business and your data at high-risk of a breach. It is highly recommended to apply this patch today, as soon as possible, regardless of the industry you are in. We can’t stress this enough. Apply this patch as soon as humanly possible. The Good News If you have an active managed IT services agreement with SRS Networks that covers the maintenance of your Windows Servers, you have likely already received the patch, or will be having it installed today. The patch was released by Microsoft as part of their August 2020 Patch Tuesday Update. If you don’t have an agreement with us, or you aren’t sure if your agreement covers fixing the Zerologon vulnerability, we urge you to reach out to us by calling (831) 758-3636. This is definitely not something you want to risk. The Department of Homeland Security and the US Cybersecurity and Infrastructure Security Agency don’t issue emergency directives casually. This needs to be taken seriously for all businesses and organizations. If you need help, or you are unsure about how to protect your organization from the Zerologon vulnerability, don’t hesitate to reach out to SRS Networks at (831) 758-3636.
“What’s the Weather Like?” Unlike real people, who might judge you for asking about the weather and direct you to the closest window, Cortana will be slightly more helpful and provide an answer for you. In order to use this function, your location service has to be enabled. Also, you can ask Cortana about the weather anywhere else in the world, too. “What’s On My Schedule?” If you’ve ever wondered what it’s like to have a real-life personal assistant, Cortana is probably the next closest thing. Cortana can access your Calendar app or your Outlook calendar to inform you of scheduled events. She can even give you specific information about different dates on your calendar. For example, asking Cortana something like, “What do I have planned this weekend?” will provide you with the information you’re seeking. “How Long Will it Take Me to Get to [Place]” Cortana can help you determine how long it will take you to get from your current location to another by using your map application and your location services. You can even ask her for something as simple as how to get from point A to point B, even if it’s nowhere near where you are. “Show Me My Notes” Cortana can pull information from Microsoft OneNote with this command. You can also have Cortana open a specific note by attaching a date to your command. For example, try asking Cortana to show you your notes from last year. “Set a Reminder” Cortana has the ability to drop you a quick reminder for an upcoming event or time, which is way better than writing it down on a piece of paper or your hand. Cortana is flexible enough to understand what you’re trying to say, so the wording of the command isn’t so important. For example, you can say something natural like, “Remind me to pick up dinner at five.” Also, Windows Phone users can have Cortana notify them of a task they need to do if it’s associated with a location they come across. “Create an Alarm” In the same way that you can set a reminder, you can easily have Cortana set an alarm. Cortana can set the alarm to go off only once, or at a regular time. Cortana is shaping up to be a great new tool that can used in the professional environment. For more tips on how to take advantage of technology, subscribe to SRS Networks’s blog for helpful tips each week.
Numbers are still coming in as far as how widespread this issue is. As of Monday, cybersecurity firm Kaspersky Lab said potentially thousands of Asus computers were infected, but on Tuesday that number has potentially broken a million. How Could My Asus Laptop Get Hacked? This type of attack is called a Supply-Chain Compromise and is one of the most frightening kinds of cybersecurity threats out there. Asus’s software update system was compromised by hackers, putting a backdoor into consumer devices. The scariest part is that this backdoor was distributed last year and it’s just being noticed now. The good news is this has given Asus plenty of time to plug up the security holes on their end, but if you own an Asus device there is still a chance that it is infected with malware from the initial attack. What Do I Do Now? First and foremost, no matter what brand of computer or laptop you have, you need to make sure you have antivirus, and that antivirus needs to be licensed and kept up-to-date. If you have an Asus device, Asus has released an update in the latest version of their Live Update Software. They’ve also patched their internal systems to help prevent similar attacks from happening in the future. You’ll want to make sure you have Live Update 3.6.9 installed. Asus has also released a security diagnostic tool that will check your system to see if it has been affected. Click here to download the tool. We HIGHLY encourage you to reach out to SRS Networks if you are running any Asus hardware. It’s better to be safe than sorry.
To ascertain whether or not the cloud is right for your business, consider these suggestions. Assess Your IT Infrastructure Business owners will often come across times when they need to do a cost-benefit analysis of integrating new solutions. Many cloud computing solutions state that they only need an Internet connection to transform the profitability of your organization. These claims are often completely overstated. The first element your organization will have to consider is if it has the bandwidth to implement a solution properly. Any cloud service will have a point of contact. Take your concerns about implementing new cloud services to your cloud representative to get a more succinct idea about how easy it is to implement a cloud solution into your organization’s IT infrastructure. If you don’t have the right connectivity, your cloud solution’s effectiveness could be significantly limited. Don’t Jump Right In Face it, cloud computing is cool. Being able to receive the computing power, storage space, applications, and integrated cooperative abilities are likely the factors that have you looking to switch to the cloud. The problem is that if you have years of information that you need to virtualize, a cloud computing implementation gets rather difficult. This is one reason why implementing one function to the cloud, like email or backup, can be the best way to go about making the cloud work for your business. Traditional IT delivery, whether it be processing, storage, applications, or communications needs to be configured and managed in order to maintain it’s effectiveness. Now, with cloud computing, you can deliver your organization all the dynamic capabilities of a full-scale IT infrastructure with very little overhead cost. The tendency to immediately commit to an overhaul of the computing infrastructure should be tabled. Implement one solution at a time to get a good feel for how the cloud is working for your organization. Security is Always Important One element that keeps many organizations from seriously considering implementing a cloud solution is the perceived lack of security that cloud platforms have versus the traditional IT delivery methods. This is a falsehood. The cloud has distinct potential to produce scalable and secure computing platforms. The issue for many business owners is hosting your company’s most integral information, and often the financial information of your customers, in the cloud. If management of these computing systems is done by a third party, how can it be as secure as it needs to be to give them the peace of mind they need to trust the solution properly? The answer is that by having a dedicated security conversation with your cloud provider, you will learn that many cloud platforms are more secure than IT systems that you house at the office. Who Maintains the IT? One of the major advantages of moving your organization’s computing resources to the cloud is that maintenance is no longer your responsibility. The problem is that even though many of the issues you’ve typically had to address are already taken care of for you, IT problems are not eliminated altogether. Before you decide to jump on the cloud bandwagon, determine the computing needs of your organization and plan how you are going to take care of the issues that do pop up. If something does happen and your cloud provider responds with indifference, […]
Here’s what we know: Capital One has admitted that the personally identifiable information (PII) of over 100 million American and Canadian credit applicants’ information has been exposed. The company did admit that no credit card account numbers or authentication credentials were compromised in the hack. They also go on to mention that in 99 percent of the files, social security numbers were not compromised. The largest category of information that was accessed were individual and small business credit applications that span from 2005 to 2019. The perpetrator, Paige Thompson of Seattle, Washington, was a former software developer for Amazon Web Services (AWS), which took advantage of a firewall misconfiguration to gain access to the information, AWS confirmed Monday. The flaw came as a result of a setup error and not a flaw within the massively popular AWS. The breach happened on March 22 to 23, 2019. Thompson was apprehended as a result of being reported to Capital One for storing incriminating evidence on her Github and Slack accounts. Capital One contacted the FBI on July 19, 2019 and after a short investigation, Thompson was arrested and indicted by the Western District of Washington. The CEO of Capital One, Richard Fairbank released the following statement: “While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened. I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.” For a full report of the event, visit: https://www.capitalone.com/facts2019/ Capital One has said that it will inform you if you have been a victim of this massive attack, but if like many of us, too much is at stake to wait for the company to reach out to you, you can take some immediate steps to safeguard your personal information. Check your accounts – Account monitoring and fraud detection should be a major part of any action you take to secure personal information. Change passwords – One great way to at least feel more secure after a major hack like this is to immediately change your passwords. Freeze your credit report – One option you can take to protect yourself is to freeze your credit report, this won’t let any credit reporting services check your credit, meaning if someone were to try to take money out in your name that the banks wouldn’t be able to authorize credit. Avoid scams – A big part of keeping any data secure is to not give unauthorized parties access to it. That means avoiding phishing attacks and other scams. Continued vigilance – Vigilance over your account information, your personally identifiable information, and your overall financial health is more important than ever. As mentioned above, credit monitoring and fraud detection services give users tools to combat unauthorized access. Keeping yourself and your business secure online is more difficult than ever. To learn more about data security, subscribe to our blog.