It’s time to say goodbye to traditional passwords
Did you ever imagine a world where the lengthy, complicated passwords people often forget would become a thing of the past?
It seems that day might be arriving sooner than we anticipated.
Google has officially made Passkeys the default sign-in method for all personal accounts on its network, signaling the beginning of a new era in online security.
What's a Passkey, you ask?
It's the next big thing in internet safety. And as a business owner with staff, you should pay attention to this game-changing innovation.
Here’s everything you need to know.
What are Passkeys?
Imagine logging into your account using just a four-digit PIN or your biometric data like fingerprints or facial recognition. That's precisely what a Passkey is.
Simple, isn't it?
But don't let the simplicity fool you. This new technology significantly reduces the likelihood of having your credentials stolen or your account taken over by cyber criminals.
How do Passkeys work?
Creating a Passkey is easy. Head over to Google's official Passkeys website, create a PIN or connect your biometrics (fingerprint or face), link your smartphone, and you're done.
Just remember, your PC needs to run at least Windows 10, or your Mac should have macOS Ventura or above. And on your phone, you need Android 9 or iOS 16.
As of now, this tech works only on Microsoft Edge, Safari, and Google Chrome browsers.
What are the benefits of Passkeys?
According to Google, 64% of people find Passkeys easier to use than traditional login methods.
Not only are they simpler and more secure, they're also faster. Logging in with a Passkey is 40% quicker than using a regular password.
What's next?
Google's decision to make Passkeys the default sign-in method is just the beginning. The tech giant is already working with select partners to make this new login usable across Chrome and Android. It's already available on Uber and eBay, with plans to expand to WhatsApp soon.
So, it might be wise to start thinking about how Passkeys can benefit your business. After all, Google could soon roll out this feature for business accounts too.
Meantime, if you're not quite ready to embrace Passkeys, you can still opt-out. Just head to the Sign-in options page, find "Skip Password When Possible", and toggle off the switch.
We’d recommend you give it a try and see how much easier – and more secure – it can make things. And of course, if you need any help, get in touch.
Are you using the all-new Teams yet?
Microsoft is rolling out a brand-new version of Teams, its video conference, collaboration, and chat platform. We’re being promised a faster and easier way to work. And we all could use a bit of that, couldn't we?
The new Teams is like the superhero of apps for Windows and Mac. It's faster than a speeding bullet… well, at least twice as fast as the classic version. Plus, it's on a diet, using up to 50% less memory and disk space.
Microsoft went back to the drawing board to reimagine it, make it simpler and more flexible. Now Teams:
- Plays better with third-party apps
- Is happier calling phones outside of Teams
- Gets you into meetings quicker than you can say “not another meeting”
This pumped-up version of Teams uses some tech which allows it to share resources with your browser. That reduces how much memory and disk space it needs.
And the initial test results? Teams is twice as quick when loading the app, joining meetings, and switching chats and channels.
This isn’t just for businesses using Windows. Teams on Mac is also getting this performance boost.
Microsoft promises this update will be a game-changer for your productivity. They've improved the user interface, adding in a "mark all as read" feature in activity.
Plus, they're introducing Copilot, an AI assistant that can summarize key points from your chats and calls. Sort of like having your very own personal assistant, just without the coffee runs.
Are you ready to switch to the new and improved Teams? It's rolling out now. Look at the top left corner of your Teams app… if you see “try the new Teams”, then you can flick the switch and try it out.
If you need help with Teams for your business, get in touch.
Never mind “can’t teach an old dog new tricks”…
New research has uncovered an unexpected twist in the tale of cyber security risks – your tech-savvy younger employees may be your biggest vulnerability.
Shocked? Let's dive into the details.
More than 6,500 employees across the globe were surveyed, with an almost equal representation of demographics. The results were rather alarming.
The study found that younger office workers, those 40 or under, are more likely to disregard standard password safety guidelines. Can you believe that 34% admitted to using their birth dates as passwords, compared to just 19% of those over 40?
And it doesn't stop there.
The habit of using the same password across multiple devices was also more prevalent among younger workers, with 38% admitting to doing this.
And let's not even get started on phishing scams. A whopping 23% of the younger demographic didn't report the last phishing attempt they received. Their reasoning? "I didn't think it was important".
But surely they understand the gravity of security threats against businesses, right? Well, not quite.
While ransomware and phishing were acknowledged as critical threats by 23% and 22% of employees respectively, the overall attitude towards cyber security leaves much to be desired.
Here's the kicker: a staggering number of those surveyed revealed that their organizations did NOT provide any mandatory cyber security training.
From the US (30%) to the UK (17%), Netherlands (32%), Japan (35%), India (31%), Germany (22%), France (43%), Australia (29%) and China (65%) – the numbers speak for themselves.
So, are we really to blame our young workforce when it's clear that businesses aren't doing enough to equip their employees with the necessary cyber security skills?
It's high time we stopped treating cyber security as an afterthought and started investing in regular cyber awareness training for everyone in our businesses. Yes, EVERYONE. Not just the tech team or the executives, but every single employee.
At the end of the day, it's not just about protecting your business; it's about creating a safer digital world for us all.
We can help you do that. Get in touch.
That long password isn’t keeping you better protected
How secure do you think your passwords are? Do you believe that longer is always better? Well, we have some news for you. It's time for a serious talk about password security.
New research has revealed a sobering truth – even passwords that are 15 characters long can be compromised. Yes, you read that right. It's time to face the stark reality… length doesn't always mean strength.
The eight-character password reigns supreme as the most compromised length of password. But don't breathe a sigh of relief if yours is a longer one. The 15-character password also makes an appearance in the top ten most compromised lengths.
You might ask, "How could this be?" The answer lies not only in the password length but also in the content of the password and whether you use the same password on multiple sites.
The most compromised eight-character password is none other than "password" itself, while the most compromised 15-character password is "Sym_newhireOEIE".
Doesn’t exactly feel secure, does it?
It's not just about individual people. Businesses like yours are at high risk too. An alarming 86% of all cyber attacks start with stolen credentials. That's nearly nine out of ten attacks. Can you afford to be complacent?
Sure, longer passwords do offer more resistance to brute force cracking. An eight-character password can be cracked in five minutes, while a good 15-character one could take up to 37 million years if it’s not following any obvious pattern (i.e., it’s random and uses many types of character). Impressive, isn't it?
But remember, this is just one piece of the puzzle. Length alone won't save you from stolen credentials via phishing attacks.
Use a robust business password manager. Not only will it randomly generate long passwords for you, but it will also remember them and fill in the login box for you.
You should also use two factor authentication, where you generate a code on a separate device to prove it’s you. Even if cyber criminals crack your password, they still won’t be able to access your data.
If you need help keeping your business better protected, get in touch.
Get ready for another game-changer from Teams
Picture an AI-enhanced experience that streamlines your business communication and improves overall productivity to unprecedented levels.
Sounds a little like science fiction, right? But with Microsoft's latest announcement, this future is closer than you think.
Microsoft Teams is launching an ‘AI library’ that promises to revolutionize our Teams experience.
The goal?
To empower developers to integrate Large Language Models (LLMs) into their Teams apps. The most famous LLM right now is ChatGPT.
You might wonder how that will help your business. Well essentially, it could mean you have a sophisticated AI at your beck and call during your Teams meetings.
The AI library, rolling out right now, will provide developers with a suite of code functionalities making it easier for them to integrate LLMs into their apps. This means creating Bots, Message Extensions, and Adaptive Cards for more engaging conversational experiences will be a breeze.
Microsoft assures us that the AI library will also aid the seamless migration of existing Bots, Message Extensions, and Adaptive Cards functionalities into Teams.
Isn't this the same company that gave us the Copilot tool? Yep! Back in March 2023, Microsoft introduced GPT-4 integration across Microsoft 365 with its Copilot tool, which can whip up emails, compile reports, and, as Microsoft claimed very grandly, "rediscover the soul of work". Who knew AI could be so poetic?
And let's not forget the recently unveiled tool which uses AI to generate meeting notes, suggest follow-up actions, and even provide timeline markers for instant access to relevant parts of a call.
Microsoft Teams is on a mission to redefine our experience with AI. This isn't just about making our lives easier; it's about unlocking new possibilities for productivity and efficiency. Honestly, we can’t wait to see what the new AI library will bring.
If you need help getting more from Teams across your business, get in touch.
Are you ready for Windows 11 to get even better?
As if Windows 11 wasn’t already packed with enough goodies, it’s about to get even better.
Are you ready for a major upgrade to your favorite tools included with the operating system?
First, let's talk about the Snipping Tool. This humble screenshotting tool has been quietly serving us for years, capturing our screens one snip at a time. But now, with a new text capture and recognition capability, called 'Text Actions,' we're looking at a drastic game-changer. You can copy and paste text straight from a screenshot. No more typing out information from an image like a caveman (or a more modern version of a caveman anyway).
And that's not all. A new 'Quick Redact' function, lets you hide sensitive information right in the screenshot. Gone are the days of awkwardly scribbling over confidential data with a digital marker.
With integration from Windows 11’s Phone Link feature, your Android devices and PC are going to be best friends too. Syncing will be so much easier.
Now, let's talk about the Photos app. Just when we thought it couldn't get any better, Microsoft pulls another rabbit out of the hat. Based on community feedback – yes, they do listen to us – the Photos app is getting a makeover complete with a new Background Blur option.
Want to make your subject pop by blurring out the background? No problem. Need to control the intensity of the blur or select specific areas to blur? They've sorted it.
The new ‘Content Search’ capability for photos backed up on OneDrive is a game-changer as well.
Ever wished you could search for a photo based on its content? Wish granted! Using intelligent image detection software, Microsoft will now scan and label your photos with searchable tags. And yes, you can also search for photos based on location, across local files, OneDrive, and even Apple’s iCloud. That's right, iPhone users haven’t been left out.
Now, we know some people are still smarting from the changes to the Windows 10 Photos app, notably the removal of the Video Editor feature. But it looks like Microsoft may be making amends. The vague mention in Microsoft’s announcement that "Edit and Create Video options are now easily accessible at the top of the gallery view" suggests some video editing functions might be heading our way. We’ll just have to wait and see what that means.
As we eagerly await these updates, one thing is clear: Microsoft is not resting on its laurels. They're working tirelessly to make our lives easier one update at a time. I’m thrilled, and as a business owner, you should be too. After all, who doesn't love a good upgrade?
If you’d like to get started with Windows 11 or need a hand spreading its productivity features to your team, we can help. Get in touch.
That phishing site? Gone in 600 seconds
Did you know that a staggering 60% of phishing websites are only online for a fleeting 10 minutes?
Yes, you read that right. Just ten minutes.
This surprising fact underlines just how rapidly cyber threats are evolving and how vital it is for us to stay ahead of the game.
Phishing sites are fake sites that try to trick you into entering your login details. Or to get you to download malware.
The idea is that cyber criminals drive huge amounts of traffic to them… scam people… then take down the site before it can be detected.
Wouldn't it be great if we could spot these threats before they vanish into thin air and pop-up elsewhere? Well, Google Chrome has a trick up its sleeve to help us do just that.
Imagine this: You're running your business, constantly on the move, making split-second decisions. You absent-mindedly visit a website which looks a little… odd. But you don’t panic. You’re using Google Chrome and it scans websites you visit against its list of malicious URLs.
But uh oh. Google’s list of bad websites is only updated every 30 to 60 minutes. That 60% of phishing domains that are active for just 10 minutes may slip through the net.Enter Google Chrome's new security tool, Enhanced Safe Browsing.
As part of a recent update, Chrome has switched it on for everyone. It will now check URLs against a list of domains in real time. Think of it as a cyber bodyguard who can spot and neutralize threats at lightning speed.
Google has confirmed that Enhanced Safe Browsing will continue to offer features like deep scans for files and protection from malicious extensions.
So, does this mean Google will know every URL you visit?
Well, yes. But whilst this new feature does share all visited URLs with Google, the information won’t be used to power other features, including advertising. It's a trade-off between security and privacy. Given the increasing sophistication of cyber threats, isn't it worth having an extra layer of protection?
We say embrace these new tools and stay one step ahead of the cyber criminals. After all, the safety of all our businesses depends on it.
If you need additional support protecting your business from phishing scams – or anything else – get in touch.
The end of an era: Goodbye WordPad
Can you believe it? After 30 years of faithful service, Microsoft is finally pulling the plug on WordPad. The app that debuted with Windows 95, and lets you open a .doc file if you don’t have Word installed, is being shown the door.
But why now and what does it mean for your business?
Microsoft recently announced plans to stop updating WordPad and eventually remove it from Windows altogether. It was a quiet reveal, and it's unclear when this will happen, but it's in the works.
Let's be honest though… how many times have you accidentally opened a document in WordPad when you were aiming for Notepad?
Notepad is what you use for plain text. WordPad is more like a word processor. Everyone gets them confused.
Could this common mix-up be the reason behind WordPad's impending demise? Or perhaps Microsoft is trying to nudge more people towards paying for Microsoft Word, a key part of its Microsoft 365 suite.
In an excerpt from Microsoft's recently updated Windows deprecated features list, they recommend using Microsoft Word for rich text documents and Windows Notepad for plain text documents. So, in other words, "WordPad who?"
But let's not get too sentimental here. As a lifelong Windows user, I can confess that I've mostly opened WordPad only by mistake. And if it does vanish, I won't be losing sleep. There are plenty of other word processors out there, and I'm quite fond of Word.
However, if you're a diehard WordPad fan, don't despair just yet. Microsoft is asking for feedback via the Windows Feedback Hub app. So, if there's an outpouring of support, who knows? Maybe Microsoft will reconsider and allow WordPad to stick around, even if it's just as an optional, rarely-updated app from the Microsoft Store.
If we can help you discover the best apps for your business, get in touch.
Beware these “too good to be true” Facebook ads
We’ve all been there. You're scrolling through your Facebook feed, and an ad pops up promising to help you grow your business with some AI-powered software…
Sounds tempting, doesn't it? Without giving it much thought, you click to see what it’s about.
Bad news: This is a big red flag.
Cyber criminals have been found creating Facebook ads that promise to supercharge your productivity and revenue. But when you click, there's a catch.
The software they ask you to install is actually malware (malicious software).
And when it’s on your computer it can give the criminals access to your Facebook data, including your ad budget.
You might think, "Who'd fall for such an obvious trick?"
But let's be real. When you're a small business owner juggling a million things at once, it's easy to take the bait. And these hackers are smart. They know how to make their phoney offers look legit, and how to hide the malware on your computer so it’s hard to spot.
How do you stay safe? First, be skeptical of offers that seem too good to be true, because they often are. You can verify ads by Googling the advertiser before clicking on them.
And above all, take steps to secure your Facebook account. Use two factor authentication, where you use a second device to prove it’s really you logging in.
Remember, these cyber criminals might be sneaky, but they're not infallible. For instance, the researchers who uncovered this scheme found several Vietnamese keywords in the malicious script.
This is another stark reminder of the importance of good cyber security. Yes, running a business is a juggling act, and adding another ball to the mix might feel overwhelming.
But think of it this way: Would you rather spend a little time now securing your account or a lot of time later dealing with the fall out of a breach?
As the saying goes, "Prevention is better than cure." So, stay safe, stay alert, and protect what you've worked so hard to build. If you need some help doing that, get in touch.
What You Should Know if Your Business Is Targeted by Ransomware
It may not be news to you that ransomware is on the rise, but the numbers may leave you shocked. In 2020 alone, there were close to 300 million ransomware attacks worldwide.1 The cost of ransom payments demanded by hackers are also increasing in tandem with the increase in attacks. According to a recent projection, the global annual cost of ransomware attacks will touch $20 billion by the end of 2021.2
Offerings like ransomware-as-a-service have made it easier for criminals with little technical knowledge to become threat actors. These attackers are less predictable and seem to lack a code of ethics. For example, groups in the past had lists of organizations they wouldn’t attack, such as cancer treatment facilities. That’s often not the case anymore.
A ransomware attack can affect any organization, regardless of size or industry. However, SMBs are the most vulnerable since cybercriminals count on these businesses to lack the resources to battle cybercrime or the IT teams to frequently evaluate cybersecurity measures. Even though SMBs continue to be disproportionately affected by these nefarious attacks, reporting and notifications rarely make the news unless a huge corporation experiences a breach.
With ransomware expected to hit businesses every 11 seconds2, always remember that it isn’t a question of IF but rather WHEN your business will come under attack. Keep in mind that with the right security solutions and measures in place, your business won’t have to experience a devastating breach. But first, there are a few things you should know if you experience a ransomware attack.
Before Reacting to a Ransomware Attack, Remember:
1. The FBI advises against paying a ransom because spending money does not guarantee the hackers will share the keys to decrypt your data. While the FBI is an American organization, they raise a good point for businesses all across the globe.
It doesn’t make any sense to place your trust in cybercriminals who have already demonstrated that they aren’t afraid to break the law and take advantage of you for financial gain. However, many businesses find themselves in this situation because they don’t have sufficient security, backup or compliance measures, and are desperate to get their data back.
Keep in mind that another reason the FBI advises against giving in to ransomware demands is that you are encouraging criminals to conduct further attacks. If nobody ever paid ransom, it’s likely there wouldn’t be as many ransomware attacks. Criminals would have to find new ways to make money and would disregard ransomware as a viable venture.
2. In case you fall victim to a ransomware attack and have no option other than paying, “ransomware negotiators” are available for hire.
In ransomware negotiations, the most crucial moment occurs long before the victim and hackers discuss the ransom. This is because by the time both sides start to discuss, hackers have already gained considerable control over the organization’s network by encrypting access to sensitive business data and other digital assets. The more data they encrypt, the greater the negotiating power they have.
So, even before you begin negotiations, you need to know how much data has been compromised and what negotiating methods have been employed in the past by the criminals. Professional ransomware negotiators can help at this stage. Although a ransomware negotiation rarely results in a ransom demand being totally withdrawn, it can significantly bring down the asking price.
3. Victims of ransomware should expect the following:
- The data will not be erased in a trustworthy manner. It will be sold, improperly handled or stored for future extortion attempts.
- Multiple parties would have handled the exfiltrated data, making it insecure. Even if the hacker deletes a large portion of the data once the ransom is paid, other parties who had access to it may have made duplicates to make payment demands later.
- Before a victim can respond to an extortion attempt, the data may get leaked either intentionally or inadvertently.
- Even if the threat actor explicitly promises to release the encrypted data after payment, they may not keep their word.
Make Your Move Before It’s Too Late
You’re probably wondering what steps you can take right now to combat the menace of ransomware targeting vulnerable systems. Our best recommendation is layered security.
Since no security technology or measure is flawless or guaranteed, layered security assumes that attackers will infiltrate different layers of an organization's defenses or have already done so. The goal of this approach is to provide multiple security measures so that if an attack gets past one security tool, there are others in place to help identify and stop the attack before your data is stolen.
If the idea of protecting your business is overwhelming, don’t worry. You don’t have to do it alone. Collaborate with an experienced partner like us to do the heavy lifting for you. Our cybersecurity expertise and knowledge will help you pave the way to a more secure future. To get started, contact us for a consultation.
Sources:
- Statista
- Cybersecurity Ventures
Tempted to test new features before everyone else? DON’T BE!
Ever been tempted to download the beta version of your favorite app, ready to test out all the cool new features before everyone else?
STOP!!
The FBI has some news that might just make you think twice.
Cyber criminals have come up with a brand new trick to lure us into their lair. They’re hiding malicious code in fake beta versions of popular apps, turning unsuspecting people’s mobiles into their personal piggy banks.
Now, don't get us wrong, we love innovation as much as the next team of tech enthusiasts. But whilst beta versions have a certain allure, they haven't gone through the rigorous security checks that apps in the official app stores must pass.
Criminals send fake emails pretending to be the developers of popular apps, offering early access to new beta versions.
But of course they’re fake too. Once installed, they can do all sorts of bad things, including accessing data from your finance apps and even taking over your mobile
If your staff download them onto company devices, could your business be compromised?
There’s a moral to our story. And it's a simple one: Patience is a virtue.
Hold off on downloading beta versions of apps. Wait until they're stable and officially released in app stores. Good things come to those who wait, and that includes secure apps.
If you have downloaded beta versions in the past, keep an eye out for red flags like faster battery drain, poor performance, persistent pop-up ads, and apps asking for unnecessary permissions.
In this digital age, we must be as smart and savvy as the technology we use. So, before you hit download, take a moment to think: is this app worth the risk?
Train your staff to think the same way. And if you do give them business mobiles, consider a Mobile Device Management solution to control what they can do with them.
We can help keep all your devices better protected. Get in touch.
5 Reasons to change IT Support Companies and is beneficial to your Company
Certainly, here are five common reasons why companies might choose to change their IT support companies:
1. Poor Service Quality: If the current IT support company consistently delivers poor service, slow response times, or inadequate issue resolution, it can disrupt the company's operations and hinder productivity. Switching to a company that provides better service can lead to smoother IT operations and improved user satisfaction.
2. Cost Inefficiency: If the current IT support company's pricing structure is no longer cost-effective for the company's budget, or if the company believes they are not getting value for the money they're spending, switching to a more competitively priced provider or one with a more transparent pricing model can lead to cost savings.
3. Technological Obsolescence: Technology is constantly evolving, and if the current IT support company is not keeping up with the latest advancements, it can result in outdated systems, security vulnerabilities, and missed opportunities for innovation. Switching to a provider with a stronger focus on emerging technologies can help the company stay competitive.
4. Security Concerns: If the current IT support company has experienced security breaches or lacks the expertise to effectively address cybersecurity threats, the company's sensitive data and operations could be at risk. Switching to a provider with a robust cybersecurity approach can enhance data protection and reduce the likelihood of security incidents.
5. Lack of Industry Expertise: Certain industries have specific IT requirements, regulations, and compliance standards. If the current IT support company lacks experience or understanding of the company's industry, it can lead to non-compliance, inefficiencies, and missed opportunities. Switching to a provider with industry-specific knowledge can ensure that IT strategies align with the company's industry needs.
Before deciding to switch IT support companies, it's important for a company to thoroughly evaluate its current and future IT needs, and plan for a smooth transition to minimize disruption. Download “The 2023 IT Services Buyer’s Guide” to set expectations and help eliminate frustrations with your new IT support provider.