Latest Post

Blog

Android introduces Fast Pair

As seen with Apple’s AirPods, people today are quickly growing accustomed to wireless pairing between their smartphones and headphones. Of course, Google has been working on a solution of its own, and it has just made it to the market.

What is Fast Pair?

Fast Pair is Android’s new connectivity solution which uses Bluetooth technology and the smartphone’s proximity to let you connect to Fast Pair-enabled Bluetooth devices with just a single tap.

How does it work?

When a Fast Pair-enabled device is nearby, your Android smartphone will automatically retrieve the device’s product image and name from Google’s servers and display it on the screen. After tapping the image, a confirmation message will appear to let you know a pairing has been made successfully.

Fast Pair also comes with useful companion apps. An example would be the equalizer app that comes with certain Bluetooth headphones. It lets users optimize their sound experience whenever using Fast Pair to connect to Bluetooth devices.

Note that Fast Pair only works with Google Play Services version 11.7. And while Google may not have introduced a completely new technology, you can expect a broader range of wireless coverage and faster connectivity as more wireless devices get Bluetooth 5 features.

Does it support all existing Bluetooth gadgets?

Not for the time being; Bluetooth device manufacturers will need to adopt Fast Pair by registering with Android first. Currently, the following headphones are Fast Pair compatible: Google’s Pixel Buds, Libratone’s Q Adapt On-Ear, and Plantronics Voyager 8200-series wireless headsets.

Support for Fast Pair extends back to Android Marshmallow. And as more Android phones are losing the headphone jack, Google has made the right move to support the change in demand.

As the world of technology moves forward, you can expect even more hardware designed to make life easier. And as always, you can count on us to keep you up to date about all of it. If you have any other questions, just give us a call.

Published with permission from TechAdvisory.org. Source.

Hackers exploit vulnerable Office feature

As the world’s most popular productivity suite, Microsoft Office tends to receive much attention from cybercriminals. Generally, hackers embed malware in authentic Office files to trick users into unleashing it onto their machines. However, the most recent exploit proves to be much more dangerous than any Office hack we’ve seen.

What’s the new Office threat?
The Office exploit takes advantage of Microsoft’s Dynamic Data Exchange (DDE), a protocol that sends messages and data between applications. For example, DDE can be used to automatically update a table in a Word document with data collected in an Excel spreadsheet.

The problem with this is hackers can create DDE-enabled documents that link to malicious sources rather than to other Office apps. Theoretically, this allows hackers to launch scripts that download Trojan viruses from the internet and execute it before the user is even aware of the attack.

And unlike most malware-embedded Office files, which are usually blocked by security protocols from Microsoft, DDE exploits are instant. Once a compromised Word file is opened, it automatically executes the hack.

Outlook at risk
What’s even more alarming are the DDE vulnerabilities in Outlook. Recent reports found that hackers can embed malicious code in the body of an email or calendar invite, allowing them to perform phishing scams without a file attachment.

Fortunately, Outlook DDE attacks are not as automated as Word or Excel DDE attacks. Two dialog boxes will usually appear when you open the email asking if you want to update a document with data from linked files and start a specific application. Simply clicking ‘No’ on either of these boxes will stop the attack from executing.

Defending against DDE attacks
Beyond saying no, you can protect yourself by following these security best practices:

  • Evaluate the authenticity of unsolicited emails before interacting with them and don’t open attachments from unfamiliar contacts.
  • View emails in plain text format to completely stop DDE attacks embedded directly in emails from running. Note that this will also disable all original formatting, colors, images, and buttons.
  • Use a strong email security system that prevents phishing emails, spam, and other unwanted messages from reaching your inbox.
  • Get in the habit of checking for Microsoft updates, as they’re usually quick to release patches after vulnerabilities have been discovered.

Last but not least, consider working with our team. We’re Microsoft Office experts who can keep you safe from the latest threats. Call us today to get started!

Published with permission from TechAdvisory.org. Source.

Navigate Windows 10 easily with ‘Follow Me’

According to a Microsoft tipster, a proposed new feature in Windows 10 will allow users to navigate the system with the help of its virtual assistant (VA), Cortana. ‘Follow Me’ is an enhancement that will make navigating the operating system much easier, which will be particularly useful to those who find it a bit challenging.

Possible new Cortana features

Cortana can perform several tasks, including answering basic questions, sending reminders, and adjusting your music player’s volume. With the introduction of ‘Follow Me,’ it will provide an audiovisual-guided navigation within your Windows computer.

Currently, Cortana is capable of providing voice prompts when providing search results. Based on this short video clip, the improved version will perform more complicated tasks such as providing users with visual prompts for pairing a Bluetooth device with their PC.

The new feature looks easy to activate and deactivate, too. To quit, users can simply press the escape key.

Follow Me for businesses

Many business users haven’t fully embraced VA technology. In fact, those who work in corporate environments don’t find them particularly useful, as they’re often seen as an unnecessary add-on that doesn’t do much beyond performing voice-prompted searches, taking notes, placing or answering Skype calls, and doing other negligible tasks.

However, VAs are becoming standard features in modern operating systems, which means they’re likely to see substantial improvements in the future.

Moreover, assistants like Cortana are useful to some business users that require quick assistance in finding information on their computers. And although they perform mostly small tasks, they also help speed up things like calculating and setting schedules.

What’s in store for the MS assistant

In early 2017, Microsoft demonstrated that Cortana was capable of performing complex tasks when it introduced the ability for users to set up their PCs with the help of its digital assistant. When “Follow Me’ is launched, it will be a logical next step to this recently introduced functionality.

Since the Fall Creators Update was recently launched, ‘Follow Me’ will likely be featured in upcoming Windows 10 updates. As of now, Microsoft tipsters continue to speculate about the digital assistant’s new capabilities as they wait for an official announcement from the software company.

If you wish to explore time-saving and productivity-enhancing tools for your company’s Windows computers, contact us today.

Published with permission from TechAdvisory.org. Source.

KRACK hacks: What you need to know

You’ve heard of ransomware, denial-of-service attacks, and even phishing, but one hacking technique you may not have heard of is the KRACK exploit. This attack takes advantage of a vulnerability in WiFi networks, which puts any device with a wireless connection at risk. Here’s everything you need to know about KRACK.

What is KRACK?
Simply put, KRACK, short for ‘key reinstallation attack,’ allows hackers to bypass WPA2 — a security protocol used by routers and devices to encrypt activity — and intercepts sensitive data passing between the mobile device and the wireless router, including login details, credit card numbers, private emails, and photos.

In extreme cases, KRACKed devices can be remotely controlled. For example, hackers can log in to your surveillance systems and shut them down.

What’s worse, Internet of Things devices — like smart thermostats and IP cameras — rarely receive security fixes, and even if some are available, applying patches are difficult, as these devices tend to have complex user interfaces.

The good news, however, is you can do several things to mitigate the risks.

Download patches immediately
According to recent reports, security patches have already been released for major platforms, including iOS, Windows, and Android. Router manufacturers such as Ubiquiti, Mikrotik, Meraki, and FortiNet have also issued firmware updates, so make sure to install them as soon as possible.

Although IoT patches are rare, consider getting your smart devices from reputable vendors that push out updates regularly. It’s also a good idea to contact a managed services provider to install the updates for you.

Use Ethernet connections
Some wireless routers don’t yet have a security patch, so while you’re waiting, use an Ethernet cable and disable your router’s wireless setting. Turn off the WiFi on your devices as well to make sure you’re not connecting to networks susceptible to KRACK.

Stay off public networks
Free public WiFi networks — even ones that are password-protected — in your local cafe should also be avoided because they usually don’t have holistic security measures in place, making them easy targets for cybercriminals.

Connect to HTTPS websites
If you do need to connect to a public WiFi hotspot, visit websites that start with “HTTPS,” and stay away from ones that are prefaced with “HTTP.” This is because HTTPS websites encrypt all traffic between your browser and the website, regardless of whether the connection is vulnerable to KRACK

Hop on a Virtual Private Network (VPN)
You can also use a VPN service to hide all network activity. Simply put, VPNs encrypt your internet connection so that all the data you’re transmitting is safe from prying eyes.

Although the potential impact of a KRACK hack is devastating, security awareness and top-notch support are the best ways to stay safe online. Want more security tips? Contact us today.

Published with permission from TechAdvisory.org. Source.

How does Apple Pay work and is it secure?

Apple Pay is a way for iPhone and iWatch users to make credit card payments using only their mobile device. Although it’s incredibly simple to use, some small businesses are worried about whether accepting these digital payments will add to their data security burdens. However, once you understand how it works, you’ll see just how easy it is to manage.

How does it work?

Credit card transactions are more complicated than most people realize. There are a few middlemen between the merchant you purchase from and the bank that issues your credit card. Apple Pay simplifies the payment process by reducing the number of middlemen who have access to credit card numbers.

When you add a new card to the digital wallet on your mobile device, Apple works with the card issuer to create something called a Device Account Number (DAN). Once the DAN has been stored on your phone, with your bank, and on Apple’s servers — Apple erases your credit card number from its database.

To make a payment at a merchant that accepts Apple Pay, you place your phone near the payment terminal and your iPhone or iWatch will transmit your DAN over an encrypted connection (after scanning your fingerprint).

The merchant sends the purchase amount, your DAN, and a unique transaction code to the bank to be approved and checked against the records saved on your phone.

The time it takes to request authorization and approve the transaction is on par with swiping the magnetic strip in your wallet, but keeps your credit card number out of the merchant’s recorded history. And even if hackers were to decrypt and steal your DAN, it is totally useless without your fingerprint.

What do businesses need to accept Apple Pay?

All that is required to process a transaction is a payment terminal with Near Field Technology (NFC), which allows your phone to transmit encrypted information wirelessly. Apple Pay transaction fees are quite a bit lower than those of traditional card readers and NFC terminals range from $300-$500. Depending on what you sell, this method could pay for itself in a matter of months.

Aside from installation and integration with your existing sales and accounting software, Apple Pay requires little to no IT support. As an SMB ourselves, we view it as a way to improve the customer experience — and that’s what we care about most. If you need help with more technical support issues related to Apple products — just give us a call today.

Published with permission from TechAdvisory.org. Source.

Cisco introduces new AI services

Modern IT systems are generating more data than ever before, and humans can’t keep up. Thankfully, certain tasks have already been offloaded to machines. Even better, Cisco may have a long-term solution to IT management complexities.

Artificial intelligence (AI) and machine learning are extremely useful in helping us sift through massive amounts of information, and networking behemoth Cisco recently announced that they will be incorporating these technologies with two of their services.

Business Critical Services

This suite of services uses AI-powered automation, compliance, security, and machine learning analytics tools to reduce the complexity of IT systems management. It helps monitor the health of your business services and mitigate risks via automated compliance and remediation audits.

You can also replicate your network to improve reliability between your hardware and software components, and deploy features with automation capabilities.

Cisco High Value Services

This product support model provides network, software, and solution support using advanced analytics and best practices to access infrastructure performance and remediate issues. Cisco aims to improve business continuity and reduce resource constraints with remote monitoring, automated incident detection, and high SLAs.

Some of the services you can expect include software analysis, workflow integration, customer benchmarking, and predictive network analysis.

Using cutting-edge technologies as well as networking and hardware expertise, Cisco is gearing up its attempt to predict IT failures before they happen. That said, we assume it’s only a matter of time before other major developers follow suit, and when they do, you’ll be the first to know.

If you’d like to learn more about how to predict IT failures before they happen, or stay protected and operational when they do, just give us a call.

Published with permission from TechAdvisory.org. Source.

Guest Wi-Fi 101

No matter who they are, people today expect Wi-Fi access when they’re guests of your office. Setting up your Wi-Fi the wrong way can create a tedious experience for them and even expose your confidential information. So what’s the right way to do it?

Never give guests access to your primary Wi-Fi

While giving guests password to your company’s main Wi-Fi might be the easiest way to get them connected, you should avoid this at all costs.

Anyone with a little technical know-how can potentially access everything on your company network, including confidential data. Not to mention, guests’ devices connected to your business network increase the risk of a malware infection or cyber attack since you can never be sure that they’re safe and secure.

Ways to create secondary Wi-Fi for guests

If you router has built-in guest Wi-Fi support (you can check this feature through a quick web search) you could use it to create a separate “virtual” network. This means guests will have access to the internet without connecting to your main company network.

If your router doesn’t support multiple Wi-Fi networks, you can implement a separate wireless access point that bypasses the rest of your network and connects directly to your Internet service provider (ISP) connection.

Both options will keep your guests’ connectivity separate from your company network so you’ll never have to worry about unauthorized persons accessing your company data.

Keep in mind that guest Wi-Fi still uses your ISP connection so you should limit bandwidth usage on your guest network. The last thing you want is a guest streaming videos that slow down the Internet for your employees. With that in mind, you can even have your employees use guest Wi-Fi for their personal devices too. This minimizes the chance of employees hogging company bandwidth for personal use.

Your guest Wi-Fi should only provide outsiders with internet access, nothing more. While proper setup isn’t rocket science, it can be a tedious process. Having said that, if you need a team of experts to take care of it all for you, or simply have questions about how else to leverage your hardware for better efficiency and security, just give us a call.

Published with permission from TechAdvisory.org. Source.

Office 2019 is on its way

As a convenient cloud solution, Office 365 boasts nearly 30 million users. But that’s nothing compared to licensed versions of Microsoft’s productivity suite, which have more than one billion users. Office 2019 was announced in September and it will mean big changes for businesses that want simpler versions of Word, PowerPoint, Excel and more.

Microsoft Office 2019: release and features

For the past ten years, Microsoft has updated its suite of productivity software every three years. The current version is Office 2016, and in sticking with the schedule Office 2019 will be available for purchase at the end of next year. However, previews of the next version will become available several months before the final release.

According to Microsoft, the newest version of Office will include:

  • The usual Office applications (Word, Excel, PowerPoint, etc.)
  • Office server programs (Exchange, SharePoint and Skype for Business)
  • Security and IT management enhancements
  • Improved “inking” features for touchscreen usability
  • Streamlined data analysis features in Excel
  • New PowerPoint presentation features like Morph and Zoom

Office 2019 vs. Office 365

The biggest difference between Office 2019 and Office 365 will be price. For the former, users pay a one-time fee to acquire a software license. Once users have a license, they own that version of Office forever (although Microsoft will stop providing support 10 years after the product is released).

With Office 365, users pay a monthly subscription fee and can use applications as long as they don’t fall behind on the bill. Programs included in the Office suite can be accessed online or installed locally (as long as you connect to the internet at least once per month).

Thanks to cloud technology, Office 365 can be updated much more easily than other versions of Office. O365 users will probably have access to Office 2019 features around the same time as its release, possibly sooner.

Much like an O365 subscription, our managed IT services are charged based on a flat monthly rate. We can help your small- or medium-sized business enjoy all the benefits of the cloud. Just give us a call today.

Published with permission from TechAdvisory.org. Source.

Microsoft Ignite 2017: What’s new

For Microsoft fans, the company’s biggest IT conference, Ignite 2017, has revealed many exciting updates, especially for teachers, students, and professionals. We’ve gathered information that’ll surely ignite your interest.

Good news for schools and educators

Microsoft recently rolled out Microsoft 365 for Education, which combines Office 365 for Education, Windows 10, Enterprise Mobility and Security, and even Minecraft: Education Edition — a game that teaches kids how to code. This new bundle will provide more advanced tools for learning, increase classroom communication capabilities, and improve security.

Note that Office 365 for Education is already free and this will not change. However, the new Microsoft 365 for Education is equipped with more educational apps such as 3D and data virtualization tools, plus Microsoft Teams. While this makes it more tempting to use, all the goodies come with a cost — a per-user, per-month subscription.

In terms of hardware, Microsoft’s Windows 10 S laptops, which are already aimed at school users, will come with free Minecraft Education, Office 365 for Education, and Microsoft Teams — all for a price starting as low as $189.

What’s new for business people

Microsoft is targeting “firstline workers” such as clerks and sales reps with a new enterprise plan called “Microsoft 365 F1.” This software bundle combines Office 365, Windows 10, Enterprise Mobility and Security, and Microsoft Staffhub to enhance employee productivity.

The company also partners with hardware providers and has come up with Windows 10 S laptops for businesses. These ultra-slim laptops have enhanced security since they only run apps from the Window Store. But the glamor of it all is their wallet-friendly pricing.

HP Stream 14 Pro, Acer Aspire 1, Acer Swift 1, and Lenovo V330 ranges from $275 to $349. The first model is available now, while the rest will be released later this year and in February for Lenovo.

Goodbye Skype for Business

Microsoft officially announced that it will phase out Skype for Business and focus instead on developing “Microsoft Teams,” a communication tool the company launched earlier to compete with Slack.

This is not as dreadful as it may sound, since Skype and Teams share similar architecture, meaning we’ll probably get a better collaboration tool that still retains some of the Skype features we know and love.

New software and gadgets are exciting, yet in reality, not everyone can rush out to buy a new product every time it comes out. A more practical way would be to make use of what you already have. And you can do so with the help of our IT staff; they’ll be more than happy to help you maximize the performance of your current Microsoft software and hardware, or deploy new solutions if you wish. Call us today!

Published with permission from TechAdvisory.org. Source.

Re-secure your passwords!

In 2003, a manager at the National Institute of Standards and Technology (NIST) authored a document on password best practices for businesses, federal agencies, and academic institutions. Now retired, the author admits that his document was misguided. Find out why and what great passwords are made of.

The problem

The issue isn’t necessarily that NIST advised people to create passwords that are easy to crack, but it did steer people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.”

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone, including you and your colleagues, to use passwords that are hard for humans to remember but easy for computers to guess.

The solution

One cartoonist pointed out just how ridiculous NIST’s best practices were when he revealed that a password like “Tr0ub4dor&3” could be cracked in only three days while a password like “correcthorsebatterystaple” would take about 550 years.

Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to make sense of.

Even better, you should enforce the following security solutions within your company:

  • Multi-factor Authentication – which only grants access after you have successfully presented several pieces of evidence
  • Single Sign-On – which allows users to securely access multiple accounts with one set of credentials
  • Account Monitoring Tools – which recognize suspicious activity and lock out hackers

When it comes to security, ignorance is the biggest threat. If you’d like to learn about what else you can do to fortify security, just give us a call.

Published with permission from TechAdvisory.org. Source.