Wearable Technology Has Been a Successful Mixed Bag Crunching the numbers, it is clear that wearables as a whole are a successful and appreciated technology by consumers. The number of connected devices around the world, which had reached the not-inconsequential amount of 526 million in 2016, is anticipated to exceed 1.1 billion in 2022. 167 million units of smartwatches and their wristbands are also projected to be shipped that same year. Clearly, wearable technology has been a commercial success, so there is no reason to anticipate that manufacturers will slow down on their research and development anytime soon. However, it must also be said that wearables have created a few concerns that hadn’t needed to be addressed in the past – especially when it comes to security. The Dangers of Data It has been clearly demonstrated that wearables can also create considerable security concerns – in more ways than one might initially think. One only has to look back to the beginning of last year, when the heat mapping feature of the Strava fitness application revealed the classified locations of military bases, thanks to the activity trackers the soldiers would wear during their workouts. Wearables are also notorious for being updated very infrequently (if ever), which makes them perfect devices to be taken over and used as part of a botnet, or as an easy access point into the rest of an otherwise protected network. One also has to consider what is being done with the data that these devices collect, and how that data could potentially be used to the possible disadvantage of the consumer. The Regulations that Have Been Put in Place (and Which Matter) Naturally, such a potentially explosive technology ought to be subject to some regulations. However, the governing bodies and organizations typically responsible for imposing these regulations may not be in a position to do so. The FD&C Act The Federal Food, Drug, and Cosmetic Act likely has no power to regulate wearables, as the Food and Drug Administration doesn’t include wearables in its classifications of medical devices, instead describing them as a “low-risk general wellness product.” Basically, the manufacturer’s intended use of a device is what designates it as a medical device or not, which means that (unless wearable manufacturers make the call) these consumer-focused devices won’t need to meet the FD&C Act’s standards. HIPAA The Health Insurance Portability and Accountability Act is intended to secure an individual’s rights to their health information. However, while it does provide some protections, HIPAA’s scope doesn’t really cover wearables, which are considered non-covered entities. Furthermore, wearable manufacturers are probably untouched by the secondary use of health data, which is the use of personal health information beyond the direct delivery of healthcare. Because all data is produced by a consumer, and not by a covered entity, secondary use of health data doesn’t apply. The FTC Act This act allows the Federal Trade Commission to go after companies that are carrying out deceptive practices, including a failure to comply with their own privacy policy. As it covers entities both covered and not covered by HIPAA, the FTC Act serves as the primary federal statute that dictates how non-covered entities handle their health information-related security practices. The FTC itself is also capable of bringing legal action against those organizations who […]
Security Of course, any business that hopes to have any success is going to need to have effective security to keep its resources safe. The first step to doing so is to evaluate your IT so that you can identify any shortcomings that exist in your infrastructure as it is. An IT risk assessment is an effective way to do so, as it provides insight into where the biggest, riskiest security flaws are. Both enterprise organizations and SMBs can then leverage similar tools to resolve these flaws, including firewalls, antivirus, and multi-factor authentication measures. With the increased use of cloud service providers in the SMB space, much of this should be attended to by the provider. Having said that, any business that leverages the services of a third-party needs to ensure that the third-party is meeting their end of the service-level agreement. If they are, an SMB can find that they can accomplish comparable security as an enterprise could without expending an enterprise-sized portion of their operating budget. Data Storage While their budgets put enterprise businesses in a much more favorable position to create an infrastructure that can contend with their operational needs, this is not to say that SMBs are left without any options. Any good data storage solution will perform well based on a few benchmarks: how well it works, how often it works, how easily it can be accessed, and how easily its contents can be searched. The enterprise business has quite a few options to leverage, such as data tiering (where data of differing importance is stored on different servers) and higher-performing data storage solutions. If this is starting to sound expensive, it is – but again, thanks to the cloud, SMBs aren’t left without options, either. With scalable Infrastructure-as-a-Service and Platform-as-a-Service being available for a much more affordable rate, SMBs are able to leverage the advanced tools that would otherwise only be available to corporate-level businesses. Interested in leveraging some of these capabilities in your business, or want to find out more? Reach out to the professionals at SRS Networks! We have the experience necessary to bring your information technology to the corporate level. Reach out to us at (831) 758-3636 to learn more.
Regardless of the industry you are in, your business’ storage situation needs to be taken into account. You wouldn’t want unsightly cleaning supplies out in the open because you lacked the space to keep them, would you? Or, consider the inventory that you might need to store. Either having too little or too much space will have some impact on your business’ finances, and it won’t be good. The same can be said of your business’ data, and how you store it. How to Manage Your Business’ Data Data plays a key role in every aspect of your business, which means that a lot of it will need to be stored – and more so than that, it needs to be stored in a purposeful way that will ultimately benefit your organization. As technology has advanced, so have data storage solutions… a trend which shows no sign of stopping. Traditionally, there has been a three-tiered model for data storage. There are the storage facilities themselves, the servers that enable users to leverage these facilities, and the networking that allows access to the stored data. In order to leverage these solutions, a business would need to have a precise understanding of what their data storage needs would be for up to the next five years. Of course, with business moving as quickly as it does today, it can be hard to predict the next five hours, let alone five years. This is a large part of why businesses are shifting to better, more modern alternatives. The hyperconverged IT framework was designed to simplify data centers and make the physical hardware businesses rely on more scalable, and cloud computing provides businesses with access to their needed resources for what can be a very reasonable, budgetable monthly payment. In short, today’s businesses have options, but it is also crucial that these options are weighed properly. Make sure you take the following four considerations into account: What is my needed capacity? – While today’s solutions are far more easy to scale to a business’ needs than in the past, it will help to have some idea of how much storage you anticipate to be necessary. Having too little or far more than you need are both situations you will want to avoid. Where does my IT currently stand? – As you plan for your business’ future, it will be helpful to fully appreciate where you are starting from. Analyzing your current infrastructure and determining what needs to be improved will help you to gain this invaluable perspective. Which configuration will best meet my performance requirements? – Between speeds and storage capacities, the solutions available to you can vary wildly. Keeping your intended use of these solutions in mind will help you to select your best option. What about my backups? – Any business that depends on data (which means any business) should have some kind of backup plan to protect this data and, by extension, the business itself. Your data backup strategy will have considerable influence on the storage solution you select. Any solution you adopt in your business, data storage or otherwise, should be selected with care and consideration. After all, you need these solutions to work for you, not against you. The professionals at SRS Networks have plenty of experience in dealing […]
January BlurA January 2nd data breach of an unsecured server at a password management company called Blur exposed a file containing the personal information of 2.4 million users, including names, email addresses, IP addresses, and encrypted passwords. BenefitMallAn outsourced HR provider like BenefitMall is bound to have a ton of personal information stored on its infrastructure, and a security breach due to a phishing attack proved that to be the case. Over a period of four months, the names, addresses, Social Security numbers, dates of birth, bank account numbers, and even more information was exposed for over 110,000 users. AscensionA data analytics company called Ascension experienced an online database breach, leaving the personal information of over 24 million clients unprotected for over two weeks. The data revealed contains names, addresses, dates of birth, Social Security numbers, and financial information. Other January breaches: Oklahoma Department of Securities, Managed Health Services of Indiana, Fortnite, Alaska Department of Health and Social Services, Rubrik. February 500pxThe online photography community 500px was hacked, affecting 14.8 million users. The breach revealed full names, usernames, email addresses, dates of birth, locations, and more. Dunkin’ DonutsDunkin’ DonutsDunkin’ Donuts’ DD Perks rewards members found themselves victims of a data breach for the second time in three months, giving hackers access to customer accounts. Coffee Meets BagelThis dating website announced that they were hacked on Valentine’s Day, revealing the names and email addresses of six million users who had been registered since before May 2018. University of Washington Medical CenterAlmost one million patients have had their medical, personal, and financial information breached as a vulnerability on the organization’s website exposed sensitive information. Other February breaches: Houzz, Catawba Valley Medical Center, Huddle House, EyeSouth Partners, Advent Health, Coinmama, UConn Health. March Dow Jones2.4 million records by government officials and politicians were leaked online. This database was made up of individuals who could possibly embezzle money, accept bribes, or launder funds. Health Alliance PlanThe electronic protected health information (ePHI) of over 120,000 patients was exposed following a ransomware attack. This ePHI contained names, addresses, dates of birth, ID numbers, claim information, and other identifiers. FacebookFacebook was forced to admit that they weren’t able to properly secure passwords of nearly 600 million users. These passwords were stored in plain text and could be accessed by any of the company’s 20,000 employees. Federal Emergency Management Agency (FEMA)Survivors of hurricanes Maria and Irma, as well as survivors of California’s wildfires, have all had their personal information exposed to a data breach. About 2.5 million victims have had their names, addresses, bank account numbers, and birth dates shared and left unprotected. Verification.ioThis particular breach is one of the largest in history, and it was found that Verification.io left a database filled with almost one billion email accounts and personal information on an unprotected server. The company has since closed down. Other March breaches: Rush University Medical Center, Pasquotank-Camden EMS, Spectrum Health Lakeland, Rutland Regional Medical Center, Zoll Medical, MyPillow & Amerisleep, Oregon Department of Human Services. April Facebook (Again)Two third-party applications containing Facebook datasets were left exposed online, resulting in over 540 million records, including account names, Facebook ID, and user activity being compromised. City of TallahasseeNearly $500,000 was stolen from the city of Tallahassee employees’ paychecks, accomplished via redirecting direct deposits into unauthorized accounts. Georgia […]
Here, we’ll review the various scams that frequently appear on social media to help you better identify problematic content on your feeds. Many of these may not seem to apply to your business’ social media presence at first glance, but it is important to remember that your personal social media and your professional representation on social media are closely linked. As a result, a breach of your personal account could easily put your business’ representation at risk as well. Gossip Scams “See PHOTOS of the celebrity that secretly lives in your area!” “You’d never believe who DWAYNE JOHNSON spends his free time with!” “You’ll be SHOCKED to learn which beloved ‘90s sitcom cast formed a blood cult!” You’ve likely seen ads pop up on your Facebook (or have had some of your connections share stories on their Newsfeeds) making claims similar to these. People like to live vicariously through the celebrities they admire, but these scams more often than not fool them into downloading malware after visiting a page. Fortunately, avoiding these scams is fairly simple – all you have to do is take in gossipy headlines with a grain of salt and avoid downloading programs from anywhere but the actual source. Nigerian Scam/Stuck Abroad Scam “Hello Dearest Friend, I am Prince Akinola. During the recent uprising in my country, my father was murdered in his sleep. To protect his riches, I seek a trustworthy Person to help me transfer 3 million US dollars into an account for a time. Helping me, you will be able to keep 35% of it to use as you see Fit. Please reply to me immediately with your name and phone number so I can leave this country and transfer the money to you.” These scams are perhaps some of the most famous, originally appearing in Nigeria but quickly spreading the world over. Basically, instead of netting a large percentage of a fortune, the victim usually is scammed out of their banking credentials or are asked to pay “processing fees” before their “payment can be delivered.” “I’m so glad I got the chance to send this message. I’m overseas in Europe and my wallet was stolen! I need $1,300 to get home. Could you wire over the money for me?” In the more personal version of the Nigerian scam, a cybercriminal will hack into someone’s account and start spreading a facetious sob story among their friends and relatives, hoping that someone will wire money in an attempt to help. While we would all want to do anything, we could for a friend, it is important to verify their story with them via some other means of communication. Lottery Scams/Who Viewed Your Profile Scam/IQ Scam “Congratulations! A gift card worth $1500 is reserved for you!” Wouldn’t it be nice, right? Quite a few of the scams that appear on social media come up in the form of pop-up messages, offering a generic prize in exchange for some personal information. Some will ask for a mobile number so they can charge data fees from you, while others will ask for your banking credentials to steal from you that way. While winning anything like what these scams offer would be undeniably awesome, you can’t win a contest that you didn’t enter. “Want to know who’s been looking […]
Organization like this is best accomplished through the strict adoption of certain file management practices on your network. We recommend the following: Keep All Documents Within a Root Folder Whether you’re organizing documents on your own workstation, or are developing a file sharing environment, every document should be contained in a single folder (known as the root folder) and divvied up into various sub-folders to keep them organized. This will simplify the process of finding your files later. Use Folders to Your Advantage As mentioned, you will want to create various sub-folders to create a more granular organizational system. Let’s say you keep your contracts with your clients in a particular folder. Calling this folder “Contracts” lets you know what it contains and can be divided up into folders for each of the years that these contracts were agreed upon. All of your files should be easily located based on the folders you create. Determine Specific Naming Conventions You will want to make sure that all of your files are given descriptive names to simplify finding them later on. Simply naming a file ‘invoice’ will not be enough to help you identify which invoice is contained in that file and will only make it more difficult to find at a later date. This is why it is so important to be specific as you name your files. The Windows operating system allows a total of 260 characters to be used – including the name of the drive, all folders, and the end file name. Therefore, being succinct while specific is crucial. Try to name your files in a way that clearly communicates what their contents are, so that both you and anyone you share a file with can get a clear sense of what it contains at a glance – even without the path hierarchy to tell them what it means. You can also use your file names to make it more convenient to find the ones you need. Adding a character to the beginning of the name will make it default to the top of the list of files. Create Files Where You Want Them It is far easier to initially create a document where you want it stored than it is to relocate it later. Don’t hesitate to do so, using the naming conventions that you established. Enable Collaboration In today’s cooperative business environment, the capability for your entire team to accomplish productive work in a shared digital workspace is key. This is why it is strongly encouraged that businesses utilize the cloud for these file management capacities. For assistance in creating this kind of hierarchy, supported by the capabilities of cloud technologies, reach out to SRS Networks. Our IT experts can help you design a workable and intuitive resource for your business to leverage. Call (831) 758-3636 to learn more.
Then there is the story that came out of the College of Saint Rose in New York’s capital city of Albany early in April, 2019. An alumnus of the postgraduate school, Vishwanath Akuthota, was charged with, and pled guilty to, using what is known as a “USB killer” to fry the components of 59 Windows computers and seven Apple computers on campus. In all it has cost the college $58,371 to replace the computers. A Indian national, in the United States on a student visa, Akuthota filmed himself destroying the machines on his iPhone. For his misdeeds, he faces as much as ten years in prison and a $250,000 fine for repeat. What is USB Killer? The “USB Killer” is a thumb drive that works by drawing power from the USB port to charge a capacitor in the USB, then discharging the power into the USB port, frying essential components inside the machine, leaving it broken. The device itself is available online and is usually advertised as a tool meant to test a devices surge protection. Sabotage and Critical Mistakes Every business wants to avoid situations like this. While there isn’t much you can do against the “USB Killer”, there is plenty you can do to help you ward against employee-induced catastrophe. According to an independent study, in 2018 more than two-out-of-every-three data breaches were the result of employee negligence, direct employee theft, or straight sabotage. You read that right. You have a better chance of being put behind the eight ball by your employees than you do by any other person. That’s not to say your employees are out to get you, as only about a quarter of data breaches were a result of a current or former employee’s deliberate action, but rest assured you need to protect your network and computing infrastructure against situations in which there could be data loss triggered by your team. How to Protect Your IT from Your Staff? The first thing you should do is put together a strategy to snuff out potentially disastrous situations before they happen. That means training and monitoring. By training your staff on the best practices of using the systems they come into contact with, they’ll have a better understanding of how they work, and therefore will likely make fewer egregious errors. On the other hand, if they understand the systems and are versed in solid practices, some of them will want to take liberties that they maybe wouldn’t have if they were less informed. This is why a thorough monitoring strategy is important. While this strategy will work to keep your data and infrastructure safer, it might just save you some time and money in lost productivity. If your organization would like more information about how to train your staff properly, or how to sufficiently protect your network and infrastructure from all manners of threats, contact the IT pros at SRS Networks today at (831) 758-3636.
Modern VR In 2019, after some thirty years of development of the technology, not many organizations have made the investment in VR. To be fair, however, VR has finally established itself as an entertainment platform. Some of the most powerful organizations in the world made that happen. Samsung and Google both created VR experiences using mobile devices, while Sony developed a VR platform for their Playstation 4 game console. These have been marginally popular, but when we talk about future VR-for-business function, these options likely won’t be on anyone’s radar. Two options that are clearly at the top of the commercial virtual reality space are the HTC Vive (and Vive Pro) and the Oculus Rift. Oculus, which is owned by Facebook, currently has the lead in true VR sales, but as with the HTC Vive (and Vive Pro) the platform needs a high-end computing rig connected to it to run the software. These two will provide users with the most immersive experience that isn’t only designed for gaming (even though a majority of the applications for them are games). Both VR options present users with the capacity to immerse themselves in their virtual worlds, providing developers with unprecedented opportunities for software creation. The applications that are being built for VR allow users to explore the earth (and space) in a manner that may be completely immersive, but it is only a simulated reality. The Immediate Future of VR The future of VR presents less in the way of simulations, and more in the way of reality. Obviously, people aren’t likely going to be able to walk on the moon, or swim to the bottom of the Marianas Trench, but with VR-supported systems running educational and training software, people will finally be able to use virtual reality to experience lifelike experiences that they wouldn’t typically have access to. Many manufacturers have begun to work on Microsoft’s Mixed Reality (MR) devices with an eye for business integration by 2020. The platform is much like virtual reality, but it uses elements of virtual reality and elements of its sister technology, augmented reality, to produce a construct built specifically for business professionals who work in technical jobs. Jobs that current IT haven’t been able to find solutions for. There is an expectation that VR will move past its entertainment-only profile sometime in the very near future. Since developers are hard at work creating software that takes advantage of the seemingly limitless ways in which a virtual sandbox will help business professionals improve their performance and the way that they look at their work. What are your opinions of VR? Do you think it can ever be a viable business tool, or do you think it’s only ever going to be a gimmick technology used to play games on? Leave your thoughts in the comments section below.
As we proceed, it should be noted that these steps will require you to have administrative control over a Page on Facebook. As such, you will have a few options to exercise. Use the Profanity Filter The Profanity Filter is more or less what it sounds like… Facebook has used feedback by its users to create tiered lists of words and phrases deemed offensive, enabling you to block these words and phrases from appearing on a Page you run. This can help you to keep your business’ Page looking appropriately professional. From your business’ Page, access Settings. In General, you will find the Profanity Filter option. There are three available settings, Off, Medium and Strong, to filter through these offensive terms. Once you have selected your preferred filter strength, make sure you save your changes. This effectively signals to Facebook that you don’t want words or phrases that have been democratically deemed offensive to show up on your page. As a result, any comments or posts using such language are prevented from successfully posting. Blocking Specific Words Of course, not everything that is offensive will necessarily be stopped by the filter. This is where the ability Facebook grants you to block particular words on your Page comes particularly in handy. Let’s run through this process, using a word that many vocally find despicable: moist. From your Page, access the Settings, much like we did before. This time, under General, we want to access Page Moderation. There, you can input words that you don’t want to have on your page, each separated by a comma. Don’t forget, you will need to input all forms of your word in order for them all to be blocked. So, to block moist, you will also need to input moistest, moisten, moisting, and moisted. While this will be an ongoing process, using these tools will help you keep your Facebook presence up to your personal standards. For other handy IT tips, make sure you subscribe to our blog.
How Can BYOD Manifest Issues?Despite the benefits of BYOD, there are considerable drawbacks that need to be mitigated if you want to maintain an adequate control over your network security. Here are just a few of the drawbacks. Business and Personal Data Shouldn’t MixAn employee that uses a mobile device is almost certainly going to also use it for personal aspects of their lives. With all this in mind, it’s important to remember that combining personal and business data will only result in a further blurring of the lines, particularly in regard to employees that have access to sensitive company data. You need a policy that will help you eliminate the majority of the risk associated with BYOD. Your Business Will Be Vulnerable to More ThreatsA poor-quality BYOD policy will open your business up to a number of threats that could create considerable issues for your organization in the near future. If an employee isn’t careful, they may find themselves exposing devices to unsecured networks or other vulnerabilities. Malware and viruses are also issues that could take root on your organization’s network if they are allowed to sprout. Your Infrastructure Will Need ReworkingYou’ll need to take into account all of the new devices being brought into your infrastructure, which is likely to add more traffic and could potentially create problems as it grows. You’ll need to take this into account when planning out your infrastructure from a BYOD policy standpoint. How to Put Policies in PlaceBYOD needs to be governed by very strict policies. Your employees should need to opt in to your BYOD policy before being allowed to use their devices for work purposes. Here are a couple we like to recommend: Mobile Device Management and Endpoint Protection: This technology allows your business to place a partition between their data and the business’ data, ensuring data privacy for users. If a device is stolen, the business’ data can be safe. Endpoint protection software is also important, as any device accessing your network represents a threat. This software should scan a device and identify if it has been infected. Access Control: Not all employees need access to the same data. Role-based access controls can help an employee access data they need based on their job description and work duties. Some solutions even prevent devices that aren’t up-to-date from accessing a network, forcing users to think twice before accessing the network with out-of-date software or hardware. Exit Strategies and Safeguards: What happens if the devices used by your business are lost or stolen? Do you have ways to cut off access to them? Can you remotely wipe them? You should be able to. Whether it’s an employee leaving your business for good or a hacker stealing the device, you should have the option of remotely wiping the device to prevent data from falling into the wrong hands. SRS Networks can help your business plan for a BYOD policy. To learn more, reach out to us at (831) 758-3636.