Android mobile security threats today

June 21st, 2017

As bring your own device policies becomes common practice for companies today, business owners must keep in mind the possible cyber security implications of deploying more devices connected to the company network. If your employees are using Android devices, here are the top five security threats they need to be aware of as well as how to steer clear from them.

Unsafe devices

Sometimes, the device itself might not be safe due to faulty production or configuration. In fact, Checkpoint found 36 Android devices earlier this year at a telecommunications company and multinational technology company that were infected out of the box. This means that the infection was not caused by users, but the malware was pre-installed via apps somewhere along the supply chain before users even received them.

Malicious apps

Judy is an Android app, and although it sounds completely harmless, this software is actually designed to infect a device and activate an auto-clicking command used for malicious advertising campaigns. Believe it or not, this malware got 18.5 million downloads.

Information leakage from useful apps

Many applications are installed for legitimate uses. But don’t let that fool you, as these apps can be used to extract confidential information such as contact information from your mobile device. According to recent research, 0.3 percent of the 20 million Android transactions resulted in some level of privacy leakage. This is primarily due to cybercriminals tapping into an organization's network traffic, which requires skills but isn’t impossible to do.

Banking malware

This is when cybercriminals use phishing windows to overlap banking apps so that they can steal credentials from mobile banking customers. But that’s not all, as cybercriminals can overlap other apps and steal credit card details, incoming mobile transaction authentication number, and even redirect calls. Even worse, file-encrypting features now allow them to simultaneously steal information and lock user files.

One such banking malware that Android users need to look out for is Faketoken. According to Kaspersky Lab, Faketoken is designed to generate fake login screens for more than 2,000 financial applications in order to steal login credentials. The app also displays phishing pages to steal credit card information, can read and send text messages, and even has the ability to encrypt user files stored on a phone’s SD card.

Ransomware

Ransomware is a type of malware that blocks a device and demands for a payment in order for the device to be unlocked. The latest ransomware, WannaCry, spread like a wildfire and greatly affected the global healthcare industry. Ransomware continues to be a cyberciminal’s weapon of choice and attacks targeting Android devices have increased by over 50 percent.

If you think ransomware is bad enough, ransomworms can be your worst nightmare. Basically, it’s ransomware attached to a network that copies itself to every computer on a local network it could reach  with no warning whatsoever.

All this sounds horrific, but the worst is yet to come if you don’t act fast. Having said that, we’ve rounded up some security best-practices that will help keep your Android devices secure:

  • Enforce device passcode authentication
  • Monitor mobile device access and use
  • Patch mobile devices quickly
  • Forbid unapproved third-party application stores
  • Control physical access to devices
  • Conduct application security assessment to ensure compliance
  • Implement an incident response plan for lost or stolen mobile devices
While it’s easy to turn a blind eye against cyber threats, the question is are you willing to take that chance? If you’re looking for an advanced security solution to keep your Android device safe, give us a call and we’ll be happy to help.
Published with permission from TechAdvisory.org. Source.

Topic android
June 17th, 2017

Business owners barely had time to acquaint themselves with virtualization before the next trend stormed onto the scene. Although container and virtualization applications both allow users to divvy up software and hardware more efficiently, containers have many advantages over virtualized machines. There are a number of misunderstandings though, and it’s time to set the record straight.

Containers are made up of the bare minimum hardware and software requirements to allow a specific program to run. For example, if you want to give employees access to a single Mac-based server application, but everything else you run is in Windows, it would be a waste to build a new machine for just that program. Containers allow you to partition just the right amount of hardware power and software overhead to run that Mac program on your Windows server.

Misconception #1: There is only one container vendor

Traditional virtualization technology -- which creates entire virtual computers rather than single-application containers -- has had two decades for vendors to enter the market and improve their offerings. Containers, however, didn’t break into the mainstream until a few years ago.

Fortunately, there are still more than enough container vendors. Docker dominates the industry and headlines, but there are at least a dozen other programs to choose from.

Misconception #2: Containers require virtualization

In the early days, containers could only be created and managed in the Linux operating system. This meant complicated and sometimes unreliable improvisation was required to benefit from container technology on Windows and Mac servers.

First, you would need to virtualize a full-fledged Linux install on your Windows or Mac server, and then install container management inside of Linux. Nowadays, container management software can run on Windows and MacOS without the confusing multi-layer systems.

Misconception #3: You can’t create and manage containers in bulk

Separate programs, known as Orchestrators, allow you to scale up your use of containers. If you need to partition more hardware power so that more users can use a container, or if you need to create several identical containers, orchestrators make that possible.

Misconception #4: Containers are faster than virtual machines

Obviously, virtualizing an entire operating system and the hardware necessary to run it requires more management and processing requirements. A lot of people tend to think this means containers are faster than virtualized machines. In reality, containers are just more efficient.

Accessing a container is as simple as opening it and using the application. A virtualized machine, however, needs to be booted up, a user needs to log in to the operating system, and then you can rummage through folders to open an application. Most of the time containers are faster, but there are instances when that's not true.

Virtualization and containers are complicated technologies. For now, just remember that 1) Virtualization and containers are separate technologies, each with pros and cons; and 2) you have plenty of software options to manage containers (sometimes in bulk). For anything more specific than that, give us a call!

Published with permission from TechAdvisory.org. Source.

June 16th, 2017

It’s undeniable that keyboard shortcuts can activate computer commands faster than dragging a touchpad or a mouse. To that end, if you’re using Windows 10, there are a couple new keyboard shortcuts worth trying.

Windows Snapping

If you’ve never used Windows Snapping, you’re missing out on one of Windows 10’s key features. Previously known as Aero Snap on Windows 7, the snapping feature allows you to snap windows vertically on top of each other. You can even snap windows to a 2x2 grid for better multi-tasking. Simply use these keyboard shortcuts:

  • Windows Key + Left - Snap current window to the left side of the screen.
  • Windows Key + Right - Snap current window to the right side of the screen.
  • Windows Key + Up - Snap current window to the top of the screen.
  • Windows Key + Down - Snap current window to the bottom of the screen.
You can also combine these shortcuts to snap your current window into a corner like top left, top right and more.

Task Views

This window management feature allows you to see all your opened windows so you can quickly return to a specific program or document. This is particularly useful if you have multiple windows opened at once. In addition to clicking the “Task View” button on the taskbar to open it, these keyboard shortcuts will do the trick:

 

  • Windows Key + Tab - Open a new Task View interface with windows from your current virtual desktop appearing in the Task View list. To switch between virtual desktops, simply use the virtual desktop switcher at the bottom of the screen.
  • Alt + Tab - While not a new keyboard shortcut per se, it now allows you to switch between open windows on all virtual desktops.
Virtual Desktop

A great way to stay organized, this nifty feature lets you use unlimited number of virtual desktops so you can dedicate each of them for certain functions. For instance, one could be used solely for work with all your business software and the other for entertainment. Some keyboard shortcuts to help you quickly manage your virtual desktops include:

  • Windows Key + Ctrl + D - Create a new virtual desktop and switch to it.
  • Windows Key + Ctrl + F4 - Close current virtual desktop.
  • Windows Key + Ctrl + Left / Right - Switch to virtual desktop on the left or right.
If you’re looking for ways to boost productivity, or have any questions about how Microsoft Windows can help streamline your operations, just give us a call. Our IT experts are more than happy to help.

 

Published with permission from TechAdvisory.org. Source.

Topic Windows
June 15th, 2017

By now, you’re probably familiar with popular Office 365 productivity features like Skype for Business, and real-time collaboration in Word, Excel, and PowerPoint. You might even remember a few time-saving keyboard shortcuts that will make your Office 365 experience a lot smoother. But even after all that, there’s still much to learn about Office 365. Here are some more tricks that can boost your productivity.

Declutter your inbox If you’re having trouble managing the overwhelming amount of emails in your inbox, then using Office 365’s “Clutter” feature can clear up some space. To enable this feature go to Settings > Options > Mail > Automatic processing > Clutter then select Separate items identified as Clutter. Once activated, you need to mark any unwanted messages as “clutter” to teach Office 365. After learning your email preferences, Office 365 will automatically move low-priority messages into your “Clutter” folder, helping you focus on more important emails.

Ignore group emails Are you copied on a long email thread you don’t want to be part of? If so, simply go to the message and find the Ignore setting. Doing this will automatically move future reply-alls to the trash so they never bother you again. Of course, if you ever changed your mind, you could un-ignore the message: Just find the email in your trash folder and click Stop ignoring.

Unsend emails In case you sent a message to the wrong recipient or attached the wrong file, Office 365 has a message recall function. To use this, open your sent message, click Actions, and select Recall this message. From here, you can either “Delete unread copies of this message” or “Delete unread copies and replace with a new message.” Bear in mind that this applies only to unread messages and for Outlook users within the same company domain.

Work offline Whenever you’re working outside the office or in an area with unstable internet, it’s a good idea to enable Offline Access. Found under the Settings menu, this feature allows you to continue working on documents offline and syncs any changes made when you have an internet connection. Offline access is also available in your SharePoint Online document libraries.

Use Outlook plugins Aside from sending and receiving emails, Outlook also has some awesome third-party plugins. Some of our favorite integrations include PayPal, which allows you to send money securely via email; and Uber, which lets you set up an Uber ride reminder for any calendar event. Find more of productivity-boosting plugins in the Office Store.

Tell Office applications what to do If you’re not a fan of sifting through menus and options, you can always take advantage of the Tell Me function in your Office 2016 apps. When you press Alt + Q, you bring up a search bar that allows you to look for the functions you need. Suppose you need to put a wall of text into columns on Word but can’t find where it is specifically. Just type ‘column’ and Microsoft will help you with the rest.

These tricks and features themselves will definitely increase productivity. And fortunately, there’s, there’s more coming. Microsoft continues to expand Office 365’s capabilities, and if you truly want to make the most out of the software, don’t be afraid to explore its newly released features.

For more Office 365 tips and updates, get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Topic Office
June 13th, 2017

Last October, Pinterest launched its first paid advertising service, “Promoted Pins,” which is geared toward large enterprises. Recently, a similar product named “DIY Promoted Pins” was released for small- and medium-sized businesses. This shows how popular social media has become in helping to establish an online presence for your business, and here are some tips to get you started.

Know your audience According to a study conducted by Ahalogy and AcuPOLL Precision Research, Inc., Pinterest is largely used by women, mostly “Millennial Moms.” If your typical customer demographic is predominantly male, your marketing efforts would probably be better spent elsewhere. But if your business caters to women between the ages 15-29, you should consider creating an online presence on Pinterest.

Think like a content marketer Users are looking for engaging content, which is why 59% of active Pinterest users go for Pins that lead to blog posts, articles, and even photos. The most popular topics on the platform are more visual (e.g., food, fashion, decor, etc.), so if you don't have highly visual content, then infographics, images from blog entries, and even photos of staff members also do the trick.

Look for inspiration Getting stuck in a creative rut happens to the best of us, so check out the boards that are saving your Pins to get some fresh insight. There's a good chance that people saving your Pins have related content that can help you gain insight into what your typical customer is interested in. Not only that, it also helps you identify trends and come up with new ideas for a marketing campaign.

Categorize your boards By creating and properly labeling multiple boards -- one for each of your products or services -- your users are able to engage not only with your general content but also with content they’re more interested in.

Determine posting frequency Excessive pinning might overwhelm or simply annoy your audience, but not pinning enough might cause followers to lose interest. Create a posting schedule and gauge audience reaction before making any changes to the frequency of Pins.

In order to surpass the stiff competition, you’ll need all the help you can get, and that includes social media marketing. If you have any questions about Pinterest and how it can help your business grow, don’t hesitate to give us a call.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
June 10th, 2017

When your employees seek your IT security staff’s help to fix their personal computer (PC) problems, it’s often perceived as a productive use of everyone’s time. After all, employees must have working computers and IT professionals are expected to resolve any technology issues. What doesn’t get acknowledged, however, is that instead of troubleshooting technical problems, your technology support staff could be spending their time on more productive tasks.

Cost of fixes

According to a survey of technology professionals, companies waste as much as $88,660 of their yearly IT budget as a result of having security staff spend an hour or more per work week fixing colleagues’ personal computers. The ‘wasted amount’ was based on an average hourly salary of IT staff multiplied by 52 weeks a year. Other than knowing how much time is wasted, what makes things worse is that IT security staff are among the highest paid employees in most companies.

The fixes have mostly to do with individual rather than department- or company-wide computer problems that don’t necessarily benefit the entire company. The resulting amount is especially staggering for small- and medium-sized businesses (SMBs) whose limited resources are better off spent on business intelligence tools and other network security upgrades.

Other costs

All those hours spent on fixing personal computers often means neglecting security improvements. The recent WannaCry ransomware attacks, which successfully infected 300,000 computers in 150 countries, demonstrate the dangers of failing to update operating system security patches on time. It should be a routine network security task that, if ignored, can leave your business helpless in the face of a cyber attack as formidable as WannaCry. It didn’t make much money, but had it been executed better, its effects would have been more devastating to businesses, regardless of size.

Profitable projects could also be set aside because of employees’ PC issues. For SMBs with one or two IT staff, this is especially detrimental to productivity and growth. They can easily increase their IT budgets, but if employees’ negligible computer issues keep occurring and systems keep crashing, hiring extra IT personnel won’t do much good.

What businesses should do

The key takeaway in all this is: Proactive IT management eliminates the expenditure required to fix problematic computers. Bolstering your entire IT infrastructure against disruptive crashes is the first step in avoiding the wasteful use of your staff’s time and your company’s money.

Even if your small business has the resources to hire extra staff, the general shortage of cyber security skills also poses a problem. Ultimately, the solution shouldn’t always have to be increasing manpower, but rather maximizing existing resources.

Having experts proactively maintain your IT eliminates the need to solve recurring small issues and lets your staff find a better use for technology resources. If you need non-disruptive technology, call us today for advice.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 8th, 2017

The chances of your business being hit by a hurricane are slim. But this year, the odds are actually alarming -- the National Oceanic and Atmospheric Administration (NOAA) predicts up to four unusually active hurricanes. If you don’t want to fall victim to data loss and tarnish your business’s reputation in the process, read on.

The NOAA forecasts 11 to 17 tropical storms in the Atlantic, the Caribbean Sea, and the Gulf of Mexico. Hurricane season has officially begun and is expected to last until the end of November. The four allegedly active hurricanes are presumed to be Category 3, 4, or 5 on the Saffir-Simpson Hurricane Wind Scale (Category 1 is the weakest and 5 the strongest).

But don’t panic just yet; here are five steps you can take to protect your business during hurricane season.

1. Schedule a DR drill

Despite having a DR plan, many companies don’t test their plan, at least not as often as they should. So if you’re one of those companies, it’s crucial to conduct a DR drill now. A lot can change in the months or years since you have last tested your plan -- systems updates, infrastructure upgrades, employee turnover and more. By scheduling a drill, you’ll be able to make sure everyone knows their roles and that all critical systems are covered.

Note that you should try to perform desktop walkthrough exercises, operational tests, and simulated recovery exercises on a regular basis.

2. Make sure your staff are prepared

All your staff should know what the evacuation procedures are as well as their responsibilities in the DR process. If not, coordinate with HR to make sure everyone in your company understands what the plan of action is for hurricane season. Staff with specific responsibilities need to get the documentation needed to effectively manage their roles in the event of a hurricane.

Set meetings with your DR team and schedule training for new team members. Your DR team should be able to quickly mobilize other employees to the DR site before bad weather hits. Don’t forget to touch base with any providers you are supposed to work with in case of an emergency, too.

3. Secure your backup site

In addition to a secondary location for data storage, your DR plan should also include another backup site so that you can continue your operations. In the event of a hurricane, dedicated space is imperative since your backup sites will likely be occupied with employees.

You should also consider the redundancy of utilities at your DR site, making sure you have enough power feed, fiber carriers, and anything else you’ll need to remain operational.

4. Check for amenities at your DR site

Whether your DR site is in the hurricane zone or in the nearest city, chances are hotels will be overbooked as people fight for a place to stay. This means your staff will likely be stuck onsite around the clock, so you need to make sure there is enough amenities to get them through this hectic period. Is there a place for employees to shower and sleep? Is there enough food and water to last them for at least a couple of days? These amenities will help your staff pull through as they restore your operations.

5. Update your DR plan’s appendix

Your DR plan should have an appendix with contact information, SLAs, and systems inventories information. More importantly, this information needs to be up-to-date; the last thing you need is calling your IT vendor when a server goes down only to reach the wrong number.

Go through all critical information in your DR plan and add any other information as needed. Vendors and shipper's contact information are a must as they will guarantee that you get hardware and power supplies backup without any hassles.

Unlike a fire drill which can be conducted on a yearly basis, your business continuity and disaster recovery plan needs to be tested regularly to meet your company’s changing needs. If you don’t already have a DR plan, or have any further questions, don’t hesitate to give us a call.

Published with permission from TechAdvisory.org. Source.

Topic business
June 7th, 2017

When working with web platforms like WordPress, there are three letters that induce anxiety in any business owner: SEO (search engine optimization). It’s one of the most confusing aspects of running a modern business, and web apps that rate your SEO with no more than a red or green light don’t make it any easier. Read on to find out whether your site’s images are the cause of that annoying red light.

Do my images really affect my SEO?

One of the reasons images tend to be overlooked when auditing SEO is because it’s easy to forget just how many your website has. Maybe when you first built your site you had a few photos on your homepage, but nowhere else. Over time however, you probably added countless visual elements in blog posts, landing pages and team photos -- drastically increasing the influence of your images on your SEO.

Image resolution and load speed

The first thing to check is how your images affect your site’s speed. If you’re using ultra high-resolution photos, users on mobile devices or satellite data connections will have trouble loading your site. Site load times affect your site’s ranking on Google, so make sure to pare them down to a more reasonable resolution and save them as web-friendly file types (GIF, JPEG and PNG).

Keywords and image title

The days of keyword-stuffing are long gone, but that doesn’t mean you can get away with uploading images with filenames like DSC2558.jpg. Before uploading an image to your site, make sure to name it something relevant to the content, such as gym-trainer-helping-lift.jpg or call-center-customer-service.jpg. This makes it easier for search engines to derive information about the content from the images on a page.

“Alt text” and title text

Even though Google is getting better at recognizing image content without any help from text identifiers, describing your images in your website’s backend is still important for SEO. Every image on your site should have as much text-based information as possible without disrupting the user experience.

To see how this works in WordPress, open up your site dashboard and click on Media. This will display all the images, videos and audio on your site. Select any photo and click “Edit more details.” Whatever you include in the Caption field will be shown below the image, so make sure it corresponds with your content. If it doesn’t work with the content, skip it. In this case user experience takes priority over SEO.

The Alternative Text and Description fields will be shown to visitors only if the image doesn’t load or if they select it manually. They may not seem all that important, but these should be considered non-negotiable for SEO purposes.

Check that your site is doing all these things before requesting another SEO report. If your score changes, start regularly auditing your image optimizations. If you’re still seeing red, there are a number of web- and cloud-based platforms that can help you improve your content. Give us a call today to find out more!

Published with permission from TechAdvisory.org. Source.

Topic Web & Cloud
June 3rd, 2017

Bluetooth technology helps simplify our daily lives -- it allows for hands free communication, a quick and easy way to share content with friends, family, colleagues, and more. In fact, 45 percent of Americans have Bluetooth enabled across multiple devices. This raises the question: Does using Bluetooth leave our doors opened to hacker attacks?

Google paid a settlement fee of $7million for unauthorized data collection from unsecured wireless networks in 2013. While their intention likely wasn’t theft, many disagreed and called them out for Bluesnarfing, a method most hackers are familiar with.

What is it?

Bluesnarfing is the use of Bluetooth connection to steal information from a wireless device, particularly common in smartphones and laptops. Using programming languages that allow them to find Bluetooth devices left continuously on and in “discovery” mode, cybercriminals can attack devices as far as 300 feet away without leaving any trace.

Once a device is compromised, hackers have access to everything on it: contact, emails, passwords, photos, and any other information. To make matters worse, they can also leave victims with costly phone bills by using their phone to tap long distance and 900-number calls.

What preventive measures can you take?

The best way is to disable Bluetooth on your device when you’re not using it, especially in crowded public spaces, a hacker’s sweet spot. Other ways to steer clear of Bluesnarfing include:
  • Switching your Bluetooth to “non-discovery” mode
  • Using at least eight characters in your PIN as every digit adds approximately 10,000 more combinations required to crack it
  • Never accept pairing requests from unknown users
  • Require user approval for connection requests (configurable in your smartphone’s security features)
  • Avoid pairing devices for the first time in public areas
Bluesnarfing isn’t by any means the newest trick in a cybercriminal’s book, but that doesn’t mean it’s any less vicious. If you’d like to know more about how to keep your IT and your devices safe, give us a call and we’ll be happy to advise.
Published with permission from TechAdvisory.org. Source.

Topic Hardware
June 2nd, 2017

There’s a lot of buzz surrounding Google’s latest Android operating system known as “Android O.” Whether it will continue the trademark snack-theme name is yet to be confirmed, but what we do know is users can expect longer battery life and an improved notification system. Besides that, here are six other OS changes you don’t want to miss.

Picture in picture This is one of the so-called "fluid experiences" coming to O devices. You'll be able to watch a YouTube or Netflix video in a small window while using another app. The small window can even be used for a video call. Simply swipe it away when you're done.

Notification dots If an app is trying to get your attention, a dot on the icon will appear. You can pull them down from the top of the screen to view the notification or press down on the app icon to view the notification in place.

Autofill Reminiscent of autofill on computers, this feature will be available for apps on O devices. This makes it easier to log in and set up phones and applications since personal information like your name, address, and credit card details will be automatically filled in.

Better copying and pasting Another component of O device's fluid experience is the enhanced copy-and-paste feature, which will be based on machine learning. You won't have to drag handles to highlight everything you want to copy -- just tap once on names, phone numbers, or addresses and Google will automatically highlight the rest.

Vitals This is the group of optimizations that will improve your device's battery life, startup time and performance, stability and security.

Android for the entry level Normally, the latest operating systems are exclusive to the most powerful phones. However, Google doesn't want to reserve O to state-of-the-art devices. That's why Google developed a variant called Android Go, which aims to provide a seamless Android experience for affordable O phones, including those with fewer components and/or less storage.

Android Go includes a customized set of Google apps that require less memory, storage, and mobile data. Google Play Store will also highlight the apps that will work better on such entry-level phones (regular apps will still be available). The operating system is being designed for O phones with limited memory: anywhere between 512 megabytes and one gigabyte.

The OS will be available this summer. In the meantime, if you want to know more or have any questions about Android O, feel free to contact us today!

Published with permission from TechAdvisory.org. Source.

Topic android