Latest Post

Blog

Chrome to mark HTTP as ‘not secure’

Google Chrome currently marks HTTPS-encrypted sites with a green lock icon and “Secure” sign. And starting in July, Chrome will mark all HTTP sites as “not secure.” Google hopes this move will nudge users away from the unencrypted web. Read on to learn more about the forthcoming changes.

For several years, Google has moved toward a more secure web by strongly advocating that sites adopt the Secure HyperText Transfer Protocol (HTTPS) encryption. And last year, Google began marking some HyperText Transfer Protocol (HTTP) pages as “not secure” to help users comprehend risks of unencrypted websites. Beginning in July 2018 with the release of a Chrome update, Google’s browser will mark all HTTP sites as “not secure.”

Chrome’s move was mostly brought on by increased HTTPS adoption. Eighty-one of the top 100 sites on the web default to HTTPS, and the majority of Chrome traffic is already encrypted.

Here’s how the transition to security has progressed, so far:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

HTTPS: The benefits and difference

What’s the difference between HTTP and HTTPS? With HTTP, information you type into a website is transmitted to the site’s owner with almost zero protection along the journey. Essentially, HTTP can establish basic web connections, but not much else.

When security is a must, HTTPS sends and receives encrypted internet data. This means that it uses a mathematical algorithm to make data unreadable to unauthorized parties.

#1 HTTPS protects a site’s integrity

HTTPS encryption protects the channel between your browser and the website you’re visiting, ensuring no one can tamper with the traffic or spy on what you’re doing.

Without encryption, someone with access to your router or internet service provider (ISP) could intercept (or hack) information sent to websites or inject malware into otherwise legitimate pages.

#2 HTTPS protects the privacy of your users

HTTPS prevents intruders from eavesdropping on communications between websites and their visitors. One common misconception about HTTPS is that only websites that handle sensitive communications need it. In reality, every unprotected HTTP request can reveal information about the behaviors and identities of users.

#3 HTTPS is the future of the web

HTTPS has become much easier to implement thanks to services that automate the conversion process, such as Let’s Encrypt and Google’s Lighthouse program. These tools make it easier for website owners to adopt HTTPS.

Chrome’s new notifications will help users understand that HTTP sites are less secure, and move the web toward a secure HTTPS web by default. HTTPS is easier to adopt than ever before, and it unlocks both performance improvements and powerful new features that aren’t possible with HTTP.

How can small-business owners implement and take advantage of this new interface? Call today for a quick chat with one of our experts to get started.

Published with permission from TechAdvisory.org. Source.

The dangers of app overload in businesses

Businesses today rely on countless apps and software for day-to-day operations. However, too many of these programs can do more harm than good. App overload brings confusion among employees, and a recent study shows that this costs more than companies realize.

How app confusion occurs
A new study conducted by CITE Research shows that a surplus of apps is causing a great deal of confusion in the workplace. Among the 2,000 workers from the US, UK, and Australia surveyed, 69% wasted as much as 32 days a year navigating between apps — that’s an hour of productivity lost every single day.

The same research — entitled From Work Chaos to Zen: How Application Overload Redefines the Digital Workplace — reveals the biggest problem is with communication apps and channels. On average, a single worker juggles four communication apps every day, which is pretty much like holding four conversations at one time. It’s even worse for 20% of the respondents who said they use six or more.

Furthermore, the average worker flips between apps as frequently as 10 times per hour, which means more time wasted. 56% of respondents felt that searching for information stored across different apps was disruptive while 31% said it caused them to lose their line of reasoning. It’s tempting to see each individual app as a problem-solver, but when looking at the bigger picture, it could be causing problems.

Coming up with a solution
Clearly, app overload has an immense effect on productivity, and the gap between executive perception and employee perception doesn’t help. Before signing up for yet another app, give your workflow a second look and consider the impacts of disruptive activities and employee preferences.

In the CITE Research study, workers agree that having only one communication app would clear up all the confusion. Regardless of what the best solution is, it’s probably more affordable than most small business owners realize. A managed IT services provider like us can provide guidance that puts you on track for long-term success. Give us a call today for more info.

Published with permission from TechAdvisory.org. Source.

Flash to be stopped in Office 365

If you are one of the few Office 365 users who embeds Silverlight, Shockwave, or Flash content in your documents, your pastime will soon be a thing of the past. Over a week ago, Microsoft announced that Office 365 would completely block said media by January 2019.

Microsoft recently announced plans to eventually stop the activation of Silverlight, Shockwave, and Flash content in Office 365. This is not just the developers disabling bugs with an option to click a link or button to look at content. Within a few months’ time, Flash will be gone from Office 365 for good.

What media will be affected once this is implemented?

Microsoft Silverlight and Adobe Flash or Shockwave content that uses Microsoft’s OLE (Object Linking and Embedding) platform and the “Insert Object” feature will be blocked. However, media that uses the “Insert Online Video” control via an Internet Explorer browser frame will not be affected by this change.

The following timeline shows the various changes that will take full effect by January 2019:

  • Controls in the Office 365 Monthly Channel will be blocked beginning June 2018.
  • Controls in the Office 365 Semi-Annual Targeted (SAT) Channel will be blocked beginning September 2018.
  • Controls in the Office 365 Semi-Annual Channel will be blocked beginning January 2019.

Why did the developers choose to take out the embedded content?

Microsoft pointed out various reasons for making their decision. It cited that malware authors have been exploiting systems through Word, Excel, and PowerPoint files with embedded content, and that most Office 365 users did not use or rarely use the controls anyway.

Aside from this, the developers at Microsoft decided to take action after Adobe announced that Flash would reach its end-of-life cycle by 2020. Silverlight was discontinued in 2016, where enterprise customers would have support for the medium until 2021.

For businesses that still need to look at or embed Silverlight- or Flash-based content in an Office 365 document, Microsoft has provided a support page to guide users on re-activating the controls.

As more websites are transitioning away from Flash in favor of HTML5, Microsoft’s once-popular platform has experienced a steady decline over the years. According to Google, Chrome users who loaded a single web page per day that has Flash media had gone down from an estimated 80% during 2014 to below 8% in early 2018.

For more information about utilizing Office 365 features and other IT related concerns, feel free to get in touch with us today!

Published with permission from TechAdvisory.org. Source.

Little-known Windows 10 tips and tricks

Are you making the most out of your Windows 10 computer? If you haven’t tried adjusting system and battery performance, silenced notifications, or used the night light function, then you’re missing out on minor but useful features.

Performance/Power slider

There are two kinds of computer users: those who value battery longevity and those who prefer optimized system performance. The Performance/Power slider in Windows 10 lets you easily toggle between the ‘Best battery life’ (when you’re trying to save battery) and the ‘Best performance’ (when you need your system to perform optimally), or set a balanced battery and system performance setting.

Just click the battery icon in the taskbar and adjust the slider based on your preference.

Night Light

Those who use computers late at night can turn on Night Light to reduce the amount of blue light emitted from the screen. This feature substitutes the blue light with warmer colors, which reduces eye strain and helps you sleep easily.

Night Light is disabled by default, so you need to enable it by following these steps:

  • Click the Start Menu
  • Click the Settings app (or press WIN + I to quickly open Settings)
  • Click the System icon>Display
  • Set Night light to ‘On’ or ‘Off’

Taskbar pin

It takes only a few seconds to open a browser and type a website’s address or click Bookmarks and choose from a list of websites you frequently visit. But Windows 10 offers an even quicker way to access your go-to sites by allowing you to pin websites on the Windows 10 taskbar.

Simply click “Pin this page to the taskbar” on the Microsoft Edge menu, and the site’s icon will appear on the taskbar for easy perusal.

Drag to pin windows

Need to organize your screen but can’t help having many open windows? Reduce screen clutter by dragging any window to a corner so it can take a quarter of the screen. For multiple screens, drag a window to any border and wait for the prompt that tells you to put the window in the selected corner.

Focus Assist

Notifications can be distracting, but Windows 10’s Focus Assist feature can manage the notifications you receive from contacts and applications. This function also lets you customize the list of notifications you wish to prioritize.

To enable Focus Assist, go to:

  • Settings
  • System
  • Focus Assist
  • Adjust the notifications settings based on your preference

If you wish to disable it and receive all notifications, click ‘Off.’

The features we’ve included here are just some of the many Windows 10 functions that save time and add value to business-users’ lives. For more software and productivity recommendations, give our IT consultants a call today.

Published with permission from TechAdvisory.org. Source.

How to defend against insider threats

First off, what is an insider threat in healthcare? An insider threat is an individual inside an organization discovered to have been accessing healthcare records without authorization. Healthcare companies must take steps to reduce the potential for insider threats, which is their top source of security incidents.

#1 Educate – The workforce (meaning all healthcare employees) must be educated on allowable uses and disclosures of protected health information (PHI) and the risk associated with certain behaviors, patient privacy, and data security. For example, when a celebrity is admitted to hospital, employees may be tempted, just out of curiosity, to sneak a look at their medical records, so this must be emphasized as a definite no-no.

#2 Deter – Policies must be developed to reduce risk and those policies must be strictly enforced. The repercussions of HIPAA violations and privacy breaches should be clearly explained to employees. They can be penalized huge amounts of money and violations can also carry criminal charges that can result in jail time.

#3 Detect – Healthcare organizations should implement technology to identify breaches rapidly and user-access logs should be checked regularly. Organizations need to have a strong audit process and ensure that they are regularly monitoring and updating access controls so only authorized personnel are looking at sensitive patient data, and that attempts by unauthorized personnel don’t go unpunished.

#4 Investigate – When potential privacy and security breaches are detected, they must be investigated promptly to limit the damages. When the cause of the breach is identified, steps should be taken to prevent recurrence.

#5 Train – Healthcare employees must undergo regular comprehensive training so employers can eliminate insider threats. From a privacy standpoint, training and education often start with the employees themselves; they learn all about data privacy right off the bat, from the first day of orientation. Still, organizations must remain vigilant and ensure that they are properly prioritizing privacy and security as cybersecurity threats continue to evolve. Healthcare organizations’ IT departments should send out different tips covering a variety of topics regularly throughout the year. And to keep these tips top-of-mind among employees, IT departments should send them via a variety of media, including emails, printed newsletters, and even memos.

Is your healthcare data secure? What other steps can you take to ensure protection for your healthcare provider from insider threats? Call today for a quick chat with one of our experts for more information.

Published with permission from TechAdvisory.org. Source.

Malware hits 500k IoT devices, Talos reports

A week ago, leading cyber threat intelligence team Cisco Talos reported that no less than 500,000 IoT devices in up to 54 countries were infected by new malware called VPNFilter. An earlier version, believed to be launched by a nation-state, targeted Ukraine.

How VPNFilter Works

Talos cited the vulnerable devices as Linksys, MikroTik, Netgear, and TP-Link networking equipment, as well as network-attached storage (NAS). Upon infecting a small office home office (SOHO) router, VPNFilter deploys in three stages.

In stage 1, the malware imposes its presence by using multiple command-and-control (C2) infrastructure to capture the IP address of the existing stage 2 deployment server. This makes VPNFilter so robust that it can deal with any unpredictable changes in C2. This stage of the malware persists through a reboot, which makes preventing reinfection tough in stage 2.

Stage 2 involves deploying modules capable of command execution, and data collection and exfiltration. According to the United States Department of Justice (DOJ), this can be used for intelligence gathering, information theft, and destructive or disruptive attacks. Moreover, stage 2 malware has a “self-destruct” feature that once activated by the hackers will overwrite a critical area of the device’s firmware so it stops functioning. This can happen on almost every infected device.

In Stage 3, a module with packet-sniffing capabilities is added to enable monitoring of internet traffic and theft of website credentials. And yet another module is installed to deploy communication support for the Tor network, which can make communicating with the C2 infrastructure harder.

Taking Action

According to Talos, the likelihood of the attack being state-sponsored is high, something the DOJ later backed up. The DOJ attributed it to a group of actors called Sofacy (also known as APT28 and Fancy Bear), the Kremlin-linked threat group believed to be responsible for hacking the Democratic National Committee computer network two years ago.

On the night of May 23, the FBI announced that they have seized a domain which is part of VPNFilter’s C2 infrastructure used to escalate the malware’s effects. This forces attackers to utilize more labor-intensive ways of reinfecting devices following a reboot. With the seizure, the government has taken a crucial step in mitigating VPNFilter’s impact.

Stopping the Malware

Researchers agree that VPNfilter is hard to prevent. While vulnerability has been established, patching routers isn’t easy, something average users might not be able to do on their own. But as with any malware, the impact of VPNFilter can be mitigated, which is done by terminating the C2 infrastructure used.

To minimize exposure, the FBI recommends all SOHO routers be rebooted, which, according to a statement from the DOJ, will help the government remediate the infection worldwide. The justice department, along with the FBI and other agencies vowed to intensify efforts in disrupting the threat and expose the perpetrators.

For their part, Talos offers the following recommendations:

  • Users of SOHO routers and/or NAS devices must reset them to factory defaults and reboot them in order to remove the potentially destructive, non-persistent stage 2 and stage 3 malware.
  • Internet service providers that provide SOHO routers to their users should reboot the routers on their customers’ behalf.
  • If you have any of the devices known or suspected to be affected by this threat, it is extremely important that you work with the manufacturer to ensure that your device is up to date with the latest patch versions. If not, you should apply the updated patches immediately.
  • ISPs will work aggressively with their customers to ensure their devices are patched to the most recent firmware/software versions.

Combat the VPNFilter malware by rebooting affected devices. For more tips, contact our team.

Published with permission from TechAdvisory.org. Source.

“Black Dot of Death” locks iOS messaging app

People who use iPhones, iPads, and Macs are at risk of encountering a Unicode attack that can cause the messaging app to crash and lock up the device. The good news is a workaround has been found which can restore the state of said Apple products.

What is going on?
A bug, known as “Black Dot,” is locking the messaging app on Apple devices running iOS 11.3 and 11.4 beta with Apple TVs and Apple Watches also at risk.

Black Dot is activated when an iOS user sends another user an iMessage (this is not an SMS) with an emoji of a black dot with a finger pointing at it. Loaded with plenty of invisible Unicode characters, this emoji will overwhelm the CPU and memory, forcing the messaging app to stop functioning and possibly lock up the device.

The affected user may be lucky enough to close the app, but the bug will remain when the program is opened again, causing everything to crash.

How do I squash this bug?
Apple’s development team is still working on a patch to address the issue, but you can apply a temporary remedy to keep your device going.

For devices that have Siri installed:

  • Force close the program.
  • Tell Siri to reply to the sender of the bugged message.
  • Make Siri send replies until you do not see the black dot on the screen.
  • Run the messaging app, tap Back, and remove the message that has the black dot from the list.

If your iPhone has 3D Touch installed:

  • Force close the messaging app.
  • Run 3D Touch on the program. Choose the new message option.
  • When you see the new message window, tap Cancel to see the conversations list.
  • Delete the message with the black dot from the list.

If your Apple device does not have 3D Touch or Siri installed:

  • Try using a different Apple product that is synced to your iCloud account to run and log in to iMessage.
  • Remove the message with the black dot from the conversation list in the former device. Make sure that you do not accidentally open the message in that app.

While this bug is a major issue, it has not infected many Apple products yet. Once the final version of iOS 11.4 is released, the problem should be resolved. If you need more information on properly maintaining your iPhone, iPad, or Mac, feel free to give us a call today!

Published with permission from TechAdvisory.org. Source.

Setting up your new laptop with Windows 10

First things first, what should you do with your brand new laptop? You go through the Windows 10 setup, and you’re all done, right? Not really. Your notebook isn’t ready — until you do some tweaking. Let’s get the ball rolling.

#1 Check for updates

Your new laptop should check for updates automatically, but you can also check manually. Just click the gear icon above the Start button to go to the Settings, choose Update & Security > Windows Update and then click the Check for updates button. (Or, just type “updates” into the search box and click Check for updates.)

#2 System restore

If something goes wrong with your laptop, you can save a lot of time and hassle if you have a “restore point,” which is like a backup of your entire operating system. To set up a restore point, search for “restore” from the taskbar and click Create a restore point. You’ll be taken to the System Protection tab of the System Properties window.

From there you can choose what you want to be included in the back and then click the Configure button. Select the radio dial to Turn on system protection if it’s not already on. And then you can choose how much disk space to reserve, usually no more than 2 or 3 percent.

#3 Power plan

If you want to prolong your laptop’s battery life, one of the best things you can do is switch the Power Saver, High Performance, and Balanced power plans based on your needs. To choose a plan, right click the battery icon in the lower-right corner of your screen and click Power settings. Next, click Additional power settings to select a power plan.

#4 App installation tolerance level

To restrict which apps can be installed on your laptop, you can disallow anything that isn’t in the Windows Store. Go to Settings > Apps > Apps & features and you can choose whether to permit installations from only the Windows Store, any app installations (with a warning), or unrestricted app installations.

#5 Remove bloatware

Vendors package new laptops with lots of trial apps, which are mostly unnecessary and unwanted software called bloatware.

Windows 10 offers an easy way to see which apps are installed on your new laptop and a quick way to uninstall those you don’t want. Head to Settings > Apps > Apps & features and peruse the list. If you don’t want an app and are 100% certain your computer doesn’t need it, click the Uninstall button.

#6 Anti-ransomware

Ransomware is a form of malicious software (or malware) that makes all your data inaccessible until you pay a fee to hackers.

To combat it, type ‘Windows Defender Security Center’ into the search bar at the bottom of your screen, click it and go to Virus & threat protection > Virus & threat protection settings. Here, you’ll be able to enable a new option called Controlled folder access, which protects you against ransomware attacks. By default, the Desktop, Documents, Music, Pictures, and Videos folders are protected, but you can add others too.

Do you know what settings to change and update to optimize your laptop? This article barely scratches the surface of Window 10’s security and efficiency settings. Call us today for quick chat with one of our Microsoft experts about taking yours to the next level.

Published with permission from TechAdvisory.org. Source.

How AI improves customer service

Exceptional customer service should be solution-driven, accurate, and fast. For many companies, that means recruiting the best crop of talents who can quickly learn their systems. But nowadays, businesses are turning to artificial intelligence (AI) to improve customer service.

How AI capabilities enhance customer service

AI has two capabilities that enhance customer service: machine learning and natural language processing.

Machine learning studies historical customer data in your systems and equips your customer service staff with all the information they need to address concerns much faster and provide personalized product suggestions, discounts, and offers. It’s the same mechanism that enables Facebook to suggest friends and brands to add or follow, and allows Amazon to personalize product recommendations.

On the other hand, AI’s natural language processing capabilities make it possible for businesses to deploy computerized customer service systems that don’t require human support staff. AI-enabled systems can ‘talk’ to customers via software similar to that of Apple’s Siri, Google’s Alexa, and Windows’ Cortana.

Automated, accurate, and agile responses

Although well-trained employees can multitask and solve customer problems, humans make mistakes. Automated systems like chatbots provide accurate and quick responses because they can be programmed to respond rapidly and accurately, handle large volumes of queries, and be available 24/7.

For example, a restaurant chain that often receives queries about a branch’s opening hours can use a chatbot to handle questions about store hours, reservations, and other simple concerns. A retail store chatbot can also make online ordering seamless by answering questions about product sizes and/or availability.

Overall, AI-enabled chatbots can reduce or eliminate pain points commonly encountered with human customer service representatives, such as long wait times, inefficient escalation of complex concerns, and negative human emotions from irate customers, all of which affect customer satisfaction levels.

Cost-efficient support

Businesses spend thousands of dollars to hire and train customer service representatives. But based on studies, the high attrition rates in the call center industry cost them a lot of money. Some companies even let operations staff handle customer support, which then affects productivity and reduces profitability.

AI-powered platforms reduce the time and money spent on customer service because you don’t need to hire more support staff in case of business expansion. Instead, you can reprogram customer service software so that queries about new products or new business locations can be easily addressed.

Many customers still prefer to have their problems solved by humans. And for banks, hotels, hospitals, and businesses where complicated concerns require human customer service agents, an AI-powered support system can facilitate seamless issue resolutions.

Fortunately, there are plenty of technology options to make customer service and other functions more efficient. Call us today for innovative business technology solutions.

Published with permission from TechAdvisory.org. Source.

5 new features for Outlook

Lately, Microsoft has given some love to Outlook — not just the desktop app, but also the web and app versions. In fact, they just released a bunch of new and improved features. Let’s take a look.

#1 RSVP
Outlook makes it fairly simple to invite people to a meeting, but now it will also keep tabs on who’s coming. Just click the new “Tracking” option under “Meeting Occurrence” and see who has committed to the meeting and who hasn’t. RSVP isn’t just available for the meeting organizer, but the attendees, too.

#2 Multiple time zones
Traveling internationally and trying to sync appointments on different continents? Not fun. But now you can set up event start times and end times across different zones.

Outlook now allows you to show multiple time zones – three within Windows, and one within Outlook for Mac. In Outlook for Windows, add one by clicking File > Options > Calendar Time Zones and clicking “Show a second time zone”. In Mac, add one additional time zone under Outlook > Preferences > Calendar Time Zones. For Outlook on the web, click the “Time Zone” drop-down arrow in your Calendar meeting invite to add an additional time zone.

#3 BCC warning
If you’re on the receiving end of a blind carbon copy (bcc) email, that means the other recipients didn’t know you were copied on it. In Outlook for Windows, you’ll now get an alert if you attempt to reply to that message, such as “You were bcc’d, so perhaps you should reply only to the sender?” That way you’ll remain anonymous.

#4 Office Lens for Android
If you use Outlook for Android, the app will integrate the Microsoft Office Lens feature.
When that happens, you can tap the photo icon while composing a message, then take a snapshot of a whiteboard, document, photo or the like. Outlook will optimize it and then embed it into the email.

#5 Bill-pay reminders
What about your bills? Outlook will identify them in your inbox, show you a summary card at the top of your email each day, send an email to remind you two days before the due date, and automatically add an event to your calendar so you don’t forget to pay on the actual day.

If you want to learn more about these new and improved features, with more on the way, just call us today for a quick chat with one of our Microsoft Office experts.

Published with permission from TechAdvisory.org. Source.