fbpx

Monthly Archives: December 2020

are-apps-dangerous

Are Your Apps Dangerous?

Apps make the modern technology world go ‘round. If it weren’t for apps, smartphones and other mobile devices wouldn’t be nearly as useful. Of course, there are many factors to consider before using an app. You should ask yourself, could this be a potentially dangerous app? This is especially true if you’re using a device for business purposes.

Earlier this month, we asked and concluded that allowing cookies is safe in most circumstances. In this week’s blog, we will be delving into using apps for business purposes and whether or not they pose a risk to your safety.

Apps for the Business Place 

There is literally an app (or 50) for just about anything you can think of. However, even helpful apps can be a breeding ground for people who want to steal your information.

Generally speaking, most app makers are honest and ethical. However, because it is so easy to make an app, you may find less than trustworthy creators offering new apps. Securitymagazine.com stated that  “71% of healthcare and medical apps have at least one serious vulnerability that could lead to a breach of medical data.” Of course, other general business apps often have similar vulnerabilities.

Additionally, some people create apps specifically so they can steal your personal data. When you download and install an app, it will typically ask for various permissions. It may ask for the ability to use your microphone or have access to your contacts. Some apps ask for just about every piece of information you have available. You may find yourself simply handing over all of your personal data without even realizing it. This is where apps can become very dangerous. Even if you come to this realization and delete the app, your device could already be infected with spyware.

Personal Apps Can Be Dangerous

On the other hand, even if you only use trusted apps for business or no apps at all, you need to be careful of the apps you download for personal reasons. Just like with business apps, you may find that people have created an app for a particular reason — and that reason may be to gain access to the data on thousands or millions of mobile devices.

Be honest with yourself: how many times have you downloaded an app that you’ve never heard of just because someone told you it was the greatest app ever? Later, when you feel uncomfortable with how the app works you immediately delete it. We’ve all been there at some point. The scariest part is that the damage is already done once the app is successfully installed. Any information you use for your business (such as emails and customer information) is now freely available to the app developer.

Data Breaches

Another potential threat is using a legitimate app from a valid organization that becomes hacked and breached. As an example, this past year, the Walgreens app was victim to a major data breach. The hack allowed access to private conversations containing personal information. This breach was exposed through various apps that were designed to track COVID-19 cases. This happened to a major corporation using high-security apps. Many people wouldn’t think a pharmacy app from a well-known company could be dangerous. Nonetheless, hackers breached highly sensitive information victimizing paying customers. On that note, it’s important to be aware that anyone can fall victim to a data breach if security measures aren’t closely examined.

Hackers have targeted major apps like Instagram, Tinder, Tik Tok, and Snapchat recently. How many of you have at least one of these apps installed on your phone or other mobile devices? While most of us know not to use Tinder on a work phone, you may have some of these apps on your devices. Even if you only use these apps on your personal time, they can lead to major consequences with your private business data. What is fun for you may compromise the security of your customers.

Create A Solution That Works 

Let’s say you personally avoid all these pitfalls and have never had any issues with apps on your phone or other mobile devices. If you have an organization with multiple people, there’s a very good chance that somebody is going to download an app that may have damaging security implications in the future. While these people may have good intentions and never mean to do any harm, we all know that life can change in an instant in this modern world.

By creating and implementing a plan among your employees, you can help control security breaches. Increase your security measures by not allowing devices to download random, potentially dangerous apps. It’s important to have security policies and other measures in place. Maintain mobile device management, effective policy, and as many security protocols available.

If you want to make sure your organization is as safe as possible from unexpected risks, contact us today. We’ll set up your organization’s devices to keep them safe while still allowing your employees to do their job effectively.

ssl-security-concerns

SSL & Security Concerns for 2021

Anyone with a computer is well aware of security concerns on the Internet. As time goes on, security and internet safety becomes more and more of an issue. It’s clear that hackers are becoming more advanced and will continue to find ways to steal our data. With a large part of our lives spent online, it’s just a matter of time before hackers affect you. If you own a business, the sheer amount of valuable information you are responsible for is something to be concerned about. Moving into 2021, data safety will continue to be a growing issue. In this blog, we will discuss SSL and security concerns for your company’s website and the types of sites you may be visiting. 

What’s an SSL? 

SSL stands for Secure Sockets Layer, also known as Transport Layer Security. This may sound like nerdy talk that doesn’t matter much, but the fact is that you interact with SSLs every day.  They are specific technology designed to keep your Internet connection safe, especially when secure data is involved. SSLs run a protocol of data encryption to make sure third parties can’t see what either party is viewing or sending. 

This includes sensitive and non-sensitive information, such as passwords, names, banking information, and more. This setup uses a handshaking procedure that both the parties involved agree to use. The data transaction creates a cipher so information can be sent from one to the other in an encrypted format. Theoretically, even if a third party were to intercept your data, it would be gibberish since they don’t have the means to decipher it. 

This is essential for safe Internet communication these days. You and your company likely send highly-sensitive information back and forth online all day long. What used to be something kept safe in a drawer can now become public information because of a malicious hacker. This layer of safety is so standard we don’t even notice it. Sites that have an “HTTPS” in front of their address use some form of SSL or TLS.  

Managing a TLS/SSL 

Not only do you want to keep your company’s information private, but you need to make sure that customer information stays private as well. Unfortunately, SSLs and TLSs are not a one-and-done procedure. Like any other security protocol, SSLs change over the years. Make sure that any certificate your company’s website uses is up to date and effective. You can do this by installing updates as they are released. 

Think of the SSL protocol like a deadbolt. Having a deadbolt on your door is much safer than a locking doorknob. Yes, there are always people who know how to compromise it, but it is still much safer. Over the years, deadbolt technology has improved and evolved as people learn to bypass obsolete technology. Sometimes, however, it takes working with an experienced locksmith to have it installed correctly. 

SSLs/TLSs are certainly much better options than nothing at all. However, these protocols, particularly older versions, are still prone to many vulnerabilities. There are numerous common attacks that hackers use to break this encryption. And some of these threats have very colorful names. For example, POODLE, BEAST, CRIME, BREACH, and HEARTBLEED are commonly used attacks, and they are highly successful. 

Keep Yourself and Your Customers Safe 

Having your company’s private information exposed to the highest bidder can have devastating effects on your operations. Stolen customer information due to a lack of care in your communications could result in lawsuits and legal trouble. Customers have well-deserved expectations: when they share information with you, it needs to be kept confidential and secure. 

This can be especially true in organizations that deal with sensitive information regularly, such as financial institutions and medical centers. In the hacking community, there is a highly lucrative market for personal information. The dark web is flooded with people selling private information databases to the highest bidder — and there is always “a highest” bidder.  

If you want to avoid liability, make sure your security protocols are up to date. It is also critical that you maintain them professionally. A relatively small investment in this area of security can end up saving large amounts of money and possibly your business itself. 

We regularly report on attacks that businesses like yours face daily. But we don’t always mention that many of these attacks are successful because the victim has a lax security protocol. The last thing we would want is for you to be another statistic. If your SSL/TLS certificates are getting old and dusty, or (even worse) you don’t have any at all, now would be the best time to contact us. As 2021 quickly approaches, these threats are only going to be more significant and more challenging to handle.  

Our team of security professionals is one of the most experienced in the business. The web can be a scary place, and the last thing you want is to be caught unprepared! By making sure your SSL/TLS certificates are in perfect order, you can rest a little bit easier at night. 

Mobile-vs-Virtual

Mobile vs Virtual Office – What’s the Difference?

Being mobile has never been easier. Technology makes it so you literally have your entire office within your pocket these days. The idea of being virtual and mobile might seem like one and the same. However, these ideas are a little different, and more than the technology itself makes them both possible. This week covers mobile vs. virtual offices and the advantages therein.

The entire landscape of the business world is unrecognizable from just a generation ago. How can a smartphone, paired with virtual office solutions make you unstoppable?

Expectations of the Modern World 

A vacation/away email message used to mean someone was unavailable, and you’d have to wait for a response. Simply being out of the office was enough to be off the hook from client and employee expectations.

That all started to change with the Blackberry and the Palm Pilot. Then, with the iPhone and its successors, the idea of being unavailable went out the window.

Nowadays, employers and clients expect you to be available just about any time of day regardless of where you’re located. In fact, you might be surprised by the actual location of some of the people you work with. It isn’t uncommon for people to not only be on vacation but living overseas and still performing the tasks expected of someone in an office down the street.

While this may seem like an invasion of privacy, the fact is clients are serviced more completely and quickly. Those providing the services also have the freedom to be wherever they want at any given time while doing their job well!

Modern Solutions to Modern Problems: Mobile vs Virtual Office

The start of doing business anywhere is a smartphone, but it’s not that simple. Certain software and services need to be in place to ensure security and efficiency. So for this portion, we’re going to discuss the ideas of mobile and virtual separately.

Mobile Business

This simply means that you are able to do something while not in your office. This may include accessing and responding to emails and documents, conducting online research, and maintaining text and voice communication.

To do this well, you may want to consider getting a phone with a larger screen or even using a tablet with mobile capabilities. This will ensure that you’ll be able to read the messages easily and have space to type comfortably and quickly. Also, you’ll probably want to set up your phone so that you can be aware of notifications as soon as you receive them. Finally, ensure that you install mobile security protection and work with your IT provider on mobile device management in case your device is ever lost or stolen.

Virtual Business

While in the same vein is a mobile business, this requires you to be able to do more than just be available. For example, you may need to create and edit documents or log into an important line of business application.

To get the most out of a virtual environment, you would most likely want to use a computer or an advanced tablet, as the environment will mirror exactly what you use in the office. When set up well, you will not be able to tell the difference between work on your tablet or your machine with multiple monitors.

Similar to using mobile devices, security is the biggest factor when operating in a virtual environment. You want to make sure that any information that you are sending, receiving or creating cannot easily get into somebody else’s hands. For this, we highly suggest not trusting in an unmanaged VPN. While they do offer a measure of security, they pale in comparison to a managed VPN connection or a true hosted desktop. Your connection may be secure with the VPN, but your origin or destination may be compromised. Proper management increases your security level. An equipped IT service provider can effectively determine the proper solution and deploy it for your staff.

Bottom Line: Mobile vs Virtual Office

In short, mobile business can be conducted fully on your smartphone and be taken anywhere your phone goes without the need for intense line of business applications or documentation. A virtual business requires deeper access and connection to your office systems but still allows you to work from anywhere at any time, securely.

Whether you work from a physical office or from a beach in Tahiti, mobile and virtual businesses are here to stay. Even if you currently don’t feel it’s necessary for your operations, just look at everything that happened in 2020. How quickly things can change. Creating a flexible work environment now can make any changes in the future much easier.

If you find that your organization isn’t as mobile or virtual as you feel it could be, contact us today. The results seem simple but the setup can often be more complicated than it looks. You’ll want to be sure to use someone with the experience and know-how to determine mobile vs virtual office for you and to implement the right solution.

Are Cookies Safe

Are Your Cookies Safe?

The holiday season is upon us and we have many things to look forward to — even if this year will be a little bit different than others. This time of year the things that come to mind include: family, holiday festivities, and of course cookies! As a Managed Service Provider, people often ask us, are cookies safe?

But we’re not talking about the kind of cookies your grandma bakes for you. In technological terms, cookies typically pop up on your internet browser. They track and store data in the deep corners of your hard drive. With lots of controversy surrounding cookies, many people don’t know if they’re a good or bad thing. You probably have seen notices regarding cookies on most major sites you visit asking permission to use cookies. This is in response to privacy laws in Europe and in many states to protect people’s personal information and browsing habits. We expect to see these notices pop up more and more frequently as privacy laws become more stringent.

In this article, we delve into what exactly these oddly-named, annoying items on your browser are. And we discuss whether or not you should be worried about them.

What is a Cookie Anyway?

Sweet and tasty cookies have been around since the 17th century. But the type of cookie we are talking about today has been around since the mid-90s. The official name is an “HTTP Cookie”. Designers at the time referred to this as a magic cookie of information. And ever since then, the name has stuck.

But what exactly does a cookie do? Cookies gather information when you browse the internet. They track what you are doing on a particular site or what you are doing while browsing in general. There are multiple forms of cookies so here are the more common types that you’ll run into on the Internet:

Session Cookie

This appears on your web browser when you visit a website and tracks information such as your login, products you view, how long you were on a particular page, and other browsing habits. These are called session cookies because they terminate as soon as you close your browser or move to another page. 

Persistent Cookie

Also known as tracking cookies, these cookies stay active even after you leave a site or close your browser. In general, these will track the sites you’re visiting, but usually have an expiration date in which they become inactive. This is one of the most controversial form of cookies since they track your information outside of their original range. However, there are benefits to these cookies, such as storing your login info so you don’t have to enter your information every time you visit your favorite sites.  

Third-Party Cookies

In general, the cookies on your computer are from the sites you visit. For example, if you visit Amazon.com, Amazon will create a cookie on your browser. Third-party cookies differ in that they attach themselves to your browser even if you’ve never visited their site. This may happen if there is a banner or another form of an advertisement on a site that you visit, even if you do not click on them. Many pop-up blockers disable this feature, although it’s not uncommon to have more than 10 third-party cookies attached to your browser after visiting a site without any sort of cyber protection. 

Should You Worry? Are Cookies Safe?

Cookies are an essential part of the ecosystem of the web, but are cookies safe? Massive amounts of small packets of information are passed around every second, and these packets usually play a role in marketing, sales, or captured analytical data. In general, cookies are harmless, or at most a nuisance. 

You might be surprised by how much of your daily life on the Internet is dependent on cookies. Don’t believe us? Go ahead and delete all your cookies on your web browser and then go about your daily business to see how many sites you now have to log into that were automatically accessed before. You’ll be surprised at how much information you’ll have to put in compared to before. 

Cookies are not as invasive as they used to be. They typically contain tiny kilobits of information that take up almost no space on modern computers. Older Internet users may have been in the habit of deleting their cookies to save space, back when computers had very small hard drives.  

Many browsers automatically block third-party cookies, so the only cookies on your computer are from sites that you’ve visited. Sometimes hackers can use certain cookies to gain access to your computer, and since third-party cookies are often weak entry points they become easy targets. Make sure your firewall and internet security is blocking hackers who might try to sneak in through these pathways. 

Bottom Line about Cookies Safety

So, now that we have a better understanding of cookies, can we conclude that cookies are safe? In short, cookies shouldn’t be an issue in most circumstances and you should be fine when accepting them. The amount of memory they use is a nonissue these days. 

However, few things in life are always straightforward, so there are two caveats. The first issue you should be aware of is that while cookies are mostly safe, there is always the chance that a cookie can be hacked and used nefariously. Second, certain operations do not allow cookies on their systems. For example,  government and medical organizations may require absolute security and prohibit cookies.

If you have any questions about cookies on your system, contact us and we’ll ease your mind. As a Managed Service Provider, we will consult with you on any restrictions your organization is required to have in place. We’ll offer you a solution that will work for you in the long run.   

Remember: there’s always the possibility that the wrong cookie may be bad for your computer or your diet!