The must-read IT business eNewsletter

“There is no such thing as perfect security,” says Jim Waldron, Senior Architect for Platform Security at HP. If you can access a website or server, consider it vulnerable to security breaches. That’s why so many businesses account for fraud in their business models—they expect to lose a certain amount each year to security leaks, lost IP, and more.

While you can never be 100% secure from hackers while connected to the internet, there are steps you can take to help protect your personal and professional data. All you need to do is activate features that are increasingly common (or easy to manage) on modern business-class PCs: Multi-factor authentication, client-based user authentication, and password best practices.

Multi-factor authentication
Multi-factor authentication is a simple but effective security system that involves the use of at least two factors (or methods) of authentication. It groups different factors together so that even if one is compromised, the data remains protected. Under this system, factors are divided into three domains:

• Something you know: Password, PIN, etc.
• Something you have: ATM card, smartcard, etc.
• Something you are: Fingerprint, iris, etc.

For multi-factor authentication to be successful, you want to pull from at least two different domains, with a maximum of three domains. A common example of multi-factor authentication is when you withdraw cash from an ATM. To do so, you insert your ATM card (something you have) and enter your PIN (something you know). Without both factors you can’t access your account—and neither should anyone else.

Businesses are taking notice too, and multi-factor authentication’s popularity is rising. In 2014, 37% of enterprise organizations surveyed used multi-factor authentication for the majority of their employees, and that number is expected to grow to 56% by 2016.

What you can do now
If you have a business-grade PC, chances are your PC already includes the technologies you need to start using multi-factor authentication. In fact, HP offers multi-factor authentication on all of its business PCs. Consult your manual or HP Support, and identify the factors your PC supports in addition to traditional passwords, such as fingerprint or smartcard readers. Just make sure to choose factors from separate domains.

Client-based user authentication
Every time you log into a system, your identity needs to be authenticated by that system. This process occurs one of two ways: server-side authentication or client-based authentication. With server-side authentication your unencrypted information—such as your password or fingerprint—is sent to a server where it is compared against that server’s records. With client-based authentication, the authentication process—e.g., “Does this fingerprint match the one in our records?”—is performed on the client device, such as your work PC.

While client-based authentication is not as common as its counterpart, it is far more secure. In fact, “In almost all authentication scenarios it is preferable to perform the direct authentication on the client and then communicate an ‘Identity Assurance’ to the relying party,” says Waldron.

Everyone wins when it comes to client-based authentication. The client no longer has to send unencrypted, private information over the internet or store that information on another party’s server, while the relying party no longer has to store sensitive client information on their server—reducing the amount of information that can be stolen if and when a hack occurs.

What you can do now
One of the easiest ways to use client-based authentication is with a hardened fingerprint sensor. The sensor authenticates your fingerprint directly in the hardware, rather than sending it to a server or hard drive, and returns a key that can be used to decrypt password vaults.

Password best practices
As we’ve mentioned before, passwords aren’t perfect. While implementing and using the above features might not seem practical for some of us, everyone can benefit from following basic password best practices. They are quick to implement, and can save you a lot of hassle down the line.

To make the most of your password security, your passwords should be:

• Long—at least 16 characters. Use a password manager to store unique passwords and fill out log-in forms so that you don’t have to memorize them.
• Complex—containing symbols, numbers, uppercase letters, lowercase letters, and spaces (if possible)
• Unique—only use a password once, don’t recycle or repeat across accounts
• Short-lived—the National Cyber Security Alliance suggests changing your password every 60 days
• Difficult to guess—avoid common words found in a dictionary, all or part of your name, repeated letters, or combos that align to your keyboard layout, such as “QWERTY” or “123456”

If you are uncertain whether your password is secure enough or if it meets enough of the criteria above, there are several reliable services that will check your password strength for you. Microsoft’s Safety & Security Center offers a free password checker you can access through your browser, while Mac users can access Apple’s Password Assistant through the Keychain Access utility.

What you can do now
The first thing you can do—right this second—is revise your most important passwords to align with password best practices. That includes your work accounts, personal email, bank accounts, and any other services that contain sensitive data. If you need help remembering your new passwords, consider using a password manager such as HP Password Manager. That way you only have to authenticate once to gain access to all your systems. You can also adopt a system to make your passwords easier to remember. Using acronyms, for example, you can turn the phrase “I was born in 1986 and my parents still live on Lake Street!” into “Iwbi1986ampsloLS!”—creating a strong password that’s easy to remember.

Passwords are changing, and while they will never be perfect, they can still provide an effective first layer of defense against hackers and ne’er do wells. The above features and techniques are increasingly common on modern business PCs, making it easier than ever to protect your private data. All you have to do is use them.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Exclusive offer from: BigBeagle.com  |  24/7 Support: 8885051532
Amit Shah — Customer Number: 57156051

BigBeagle is a reseller of GoDaddy and offers GoDaddy products at a discounted price. Don’t forget to visit our coupon page at http://bigbeagle.com/coupons for the latest and greatest promotions.

Looking to Save money on Web projects? Make a purchase of $90 or more with BigBeagle and get GoDaddy products at 15% off. Offer valid for limited period only.

Use promo code rs51228a in your cart when you order.

*Some limitations apply. Applicable to new purchases only. Enter promo code into shopping cart to see full details. Minimum purchase of $50 required. Offer expires Sunday, December 20, 2015 at midnight (Mountain Time).

Copyright © 2015 BigBeagle.com. All rights reserved.

Think back to the last time you bought a new PC or laptop for your business. Did you approach the purchase the same way you would for a personal device? And if you had a problem, were you satisfied with the level of service you received?

Many small and medium-sized businesses purchase consumer-grade PCs and notebooks by default, not realizing the amount of difference a business-class model can make. Consumer-grade devices can work fine for many organizations, but businesses with more stringent performance, reliability, and support needs can save time and frustration by moving up to business-class devices.

Think of it this way: when you purchase an economy-class plane ticket you know there’s going to be a marked difference between your experience and the experience of someone flying first class. More legroom, better menu options, more responsive service—the benefits are clear, and for many business travelers it makes sense to upgrade, especially if the flight is long.

When it comes to technology, the difference between consumer-grade and business-class PCs is just as marked as for flights—and for many businesses, the upgrade is just as worthwhile. Here’s the difference a business-class device can make for you:

• Performance: Many modern consumer-grade processors and mobile operating systems prioritize battery life over processing power. Business-class PCs often offer both better performance and longer battery life, allowing users to work faster and longer while on the road.

• Reliability: HP Elite PCs are designed to pass MIL STD testing and are tested for 115,000 hours to HP’s own testing standards to help ensure durability. New HP EliteBook 700 series notebooks are also made with Corning^® Gorilla^® Glass and a magnesium alloy chassis that’s 18 times stronger than plastic.

• Support: Every HP Elite PC comes with HP Elite Premium Support, providing 24/7/365 dedicated service from U.S.-based specialists who are dedicated solely to supporting HP Elite products.

• Software and security: Business-class devices help their users take advantage of their advanced features with free, bundled software that is not available (or requires an additional purchase) on consumer-grade PCs. For example, HP Elite family products come with security software and features that protect at the data, identity, and device levels to help keep proprietary data safe.

On average, small businesses hold on to their PCs for five to seven years. Your next device purchase will likely be with you for years to come. So when you consider that many of us are quick to upgrade our airline tickets—even though flights don’t last more than a day—upgrading to a business-class device can make a lot of sense. Weigh the benefits, and choose the device with the level of support and reliability that meets your business needs.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

To achieve its goal of getting one billion people onto Windows 10, Microsoft is getting more forceful in how it pushes Windows 7 and 8.1 users towards its new OS.

Microsoft wants Windows 10 on one billion devices by 2018 – and its tactics for hitting that ambitious goal are about to get more aggressive.

From next year, Microsoft will be more direct in pushing Windows 7 and 8.1 users to upgrade to its latest OS, in an attempt to bolster the 110 million-strong Windows 10 userbase.

Here’s how Microsoft is about to crank up the pressure to make the switch.

1. Windows 10 will automatically begin installing itself

From “early next year”, Microsoft will change the status of the free Windows 10 upgrade so it is classified as a Recommended Update.

Given that most home machines are set up to install Recommended Updates automatically, the change to Windows 10’s update status will lead to most Windows 7 and 8.1 machines beginning the upgrade.

However, Microsoft says that before Windows 10 is installed users will need to manually confirm the installation, giving them a chance to pull out.

Business users should be able to prevent the upgrade from automatically starting using tools such as Windows Server Update Services.

For those on metered connections, Terry Myerson, Microsoft’s executive VP of the Windows and Devices Group, said people “have the option of turning off automatic updates” before going on to say that such a move is unwise because of “the constant risk of internet threats”.

Those who don’t like the new OS will have 31 days to roll back to their previous version of Windows. To go back, select “Start Button->Settings->Update and Security->Recovery and Uninstall Windows 10”.

2. Upgrade notifications will be made more obvious

Despite Microsoft sticking a ‘Get Windows 10’ icon on the taskbar of most Windows 7 desktops, many customers apparently still can’t figure out how to initiate the upgrade.

Myerson says since launching Windows 10 the number one complaint has been ‘How do I get my upgrade?’.

To address the difficulty some users are having, Myerson said Microsoft will change “our notifications to be more approachable and hopefully clear, and sometimes fun”.

3. Upgrades will happen immediately

The process of initiating the upgrade to Windows 10 has also been streamlined.

In the weeks after Windows 10’s launch earlier this year, Microsoft required users to first reserve a Windows 10 upgrade, which would then be installed at a later date.

Microsoft has now replaced that two-step process with an immediate upgrade. Users clicking on the ‘Get Windows 10’ icon will now be given the option to ‘Upgrade Now’ to begin the upgrade process straightaway.

4. Simpler upgrade from unsanctioned copies of Windows

Myerson admits surprise at how many people running copies of Windows 7 and 8.1 that have not been authenticated then go on to buy Genuine copies of Windows 10.

Based on this experience, Microsoft plans to make it a “one-click” process for people running unsanctioned copies of the OS to “get Genuine” via the Windows Store or by entering an activation code bought elsewhere. The offer will be trialled in the US and, if successful, may be extended to other countries.

5. Upgrading multiple machines to Windows 10 will be easier

Those looking to upgrade several Windows 7 and Windows 8.1 machines to Windows 10 will soon find the process gets more straightforward.

Microsoft’s Media Creation Tool is used to create an image that can be run off a DVD or USB stick to upgrade qualifying machines to Windows 10.

According to Myerson, you will soon be able to use the tool to create a single image that will allow any number of 32-bit or 64-bit, Home or Pro machines to be upgraded and which will also allow for clean installs “wherever you have a Windows license”.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Ashley Madison (2015)

All data breaches are scary, but some just have that extra scream factor.

In arguably the most embarrassing data breach of the bunch, a group calling itself “The Impact Team” stole 37 million records from adultery website Ashley Madison, including many records that customers had paid to have deleted.

Virtually all of the company’s data was stolen in the hack, including records that suggest most female accounts on the site are fake, and that the company used female chat bots to trick men into spending money.

LivingSocial (2013)

Daily deals company LivingSocial had its network compromised in 2013, with hackers stealing roughly 50 million names, email addresses, birthdays, and encrypted passwords from its SQL database.

Sony PlayStation Network (2011)

Game over, man. In April 2011, hackers raided Sony’s PlayStation Network (PSN) service, stealing personally identifiable information from more than 77 million gamers.

Sony was further criticized for delaying the release of public information about the theft and for storing customer data in an unencrypted form.

The attack took Sony’s PSN out of service for 23 days.

Internal Revenue Service (2015)

Nigerian scammers pilfered more than $50 million from the U.S. Treasury via an embarrassingly simple 2015 hack of the Internal Revenue Service website.

Information scraped from previous data hacks was used to steal Americans’ identities and request copies of past tax returns on the IRS website. The crooks then filed new tax returns with falsified data, requesting big refunds.

The hack caused massive nightmares for the estimated 334,000 people whose records were stolen before the IRS shut down the transcript request service.

Target (2013)

Hackers installed point-of-sale malware on Target’s computer network sometime in 2013, resulting in the theft of more than 70 million customer records. Stolen data included payment card numbers, expiration dates, and CVV codes.

The retailer reached out to affected customers by offering free data monitoring (standard practice) and a 10% off discount on a future shopping trip. But it was too little, too late; same-store sales slid in the quarter following the hack.

Anthem (2015)

Anthem, the United States’ second largest for-profit health insurer, disclosed in February 2015 that it had lost 78.8 million unencrypted customer records to criminals. Names, social security numbers, email addresses, and income data was stolen.

The rare piece of good news: Financial and medical records were not affected.

Adobe (2013)

Adobe revealed in October 2013 that hackers had stolen 38 million active customer IDs and passwords, forcing the company to send out a wave of password reset warnings.

Weeks after, the news got worse for the company: The thieves also made off with the source code for its popular Adobe Photoshop software.

eBay (2014)

Talk about an inside job: In 2004, online auction house eBay suffered the largest hack in U.S. history, losing 145 million login credentials to a hacker using an internal eBay corporate account.

Names, email and street addresses, phone numbers, and birth dates were compromised, but thankfully, passwords were stored in encrypted form.

Home Depot (2014)

In September 2014, Home Depot admitted that it fell prey to hackers who installed antivirus-evading malware on its self-checkout registers. An estimated 56 million sets of customer payment card data were stolen in the attack.

The company’s losses related to the event are expected to top $1 billion when all of the lawsuits are finally settled. Only $100 million of that will be covered by insurance.

JP Morgan Chase (2014)

The September 2014 breach of JP Morgan Chase proved that even the largest U.S. banks are vulnerable to data theft. Online banking login details were not stolen, but crooks did get their hands on 76 million sets of names, emails, addresses, and phone numbers of bank customers, creating serious phishing concerns.

A group of Russian hackers is believed to be responsible for the attack.

PNI Digital Media (2015)

PNI Digital Media, the company that handles online photo printing for CVS, Walgreens, Rite Aid, Costco, and many more national chains, lost an unknown number of customer records to hackers in 2015.

Given that the company boasted more than 18 million transactions in 2014, it’s likely that this breach affected tens of millions of Americans.

Heartland (2008)

Credit and debit card processing firm Heartland Payment Systems became one of the largest data breach victims in U.S. history when hackers compromised more than 130 million accounts in 2008.

The criminal ring involved in the Heartland data theft was also found to be responsible for the 2005 hack of TJX Companies involving 94 million records.

TJX Companies (2005)

In a 2005 scheme dubbed “Operation Get Rich or Die Tryin,” a group of hackers used an unsecured Wi-Fi network at a Marshalls store to break into parent TJX Companies’ computer system and steal 94 million customer records, including payment card data.

Albert Gonzalez, the ringleader of the hack, is serving a 20-year sentence in Leavenworth.

U.S. Office of Personnel Management (2015)

Earlier this year, the United States Office of Personnel Management admitted that hackers had taken 21.5 million records belonging to those who had undergone government background checks or otherwise applied for federal employment. The hackers stole a wealth of sensitive data, including security clearance information and fingerprint data belonging to secret agents.

The Washington Post reported that the attack is believed to have originated in China.

Zappos (2012)

In January 2012, online shoe retailer Zappos stated that cybercriminals had stolen data of 24 million customers, including names, addresses, and the last four digits of their payment cards.

After the announcement, Zappos had to disconnect its phone lines to keep upset customers from calling in and overloading its phone system.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

BYOD means you must make a few extra preparations to protect your organization in cases of litigation and eDiscovery.

It’s a fact that we live in a litigious world. Bring Your Own Device (BYOD) and even corporate-owned mobile devices often are caught up in legal cases. Chris Gallagher, national director for Adecco eQ, a nationwide eDiscovery firm gives an overview of how businesses can navigate eDiscovery when a business has BYOD devices seized as part of a court case.

eDiscovery and mobile devices

BYOD and corporate-owned devices can be put a litigation hold (sometimes called a “preservation order”) when an organization must preserve all forms of relevant information when there’s the anticipation of litigation.

Gallagher’s firm helps legal counsel with data forensic collection, acquisition on mobile devices and PCs. His company processes the data on these devices and uses advanced analytics to locate information pertinent to the litigation

eDiscovery and BYOD: The blurred line

BYOD is still, from a legal perspective, in its infancy, Gallagher said. He said every time his firm does a customer survey, they still hear about strong BYOD activity in the market.

He said, “Of course, from a discovery perspective, from a litigation hold perspective, it makes both the general counsel’s life that much more difficult as well as the law firm’s life more difficult because number one, there’s that blurred line, what is corporate data versus what is personal and individual data, where does that line cease?”

Gallagher points out that anytime you have devices entering and leaving a network there’s a control factor. Companies who master that control have a better (but still not perfect) time when they get called into discovery.

“When you have a device that is not a corporate-owned device that is accessing corporate information, the ownership of that information always comes into question,” Gallagher said.

“When dealing with eDiscovery, part of discovery requests are information that is under your direction and control,” he said. “It’s on a personal device, it’s not owned by the corporation, but it’s corporate-owned data, so is that under your control? Absolutely.”

Litigation holds on BYOD devices can be an added nuance and one more gray area that corporation have to deal with when it comes to BYOD in their enterprise.

Gallagher said you need to ask, ” How do you get that data back? How do you ensure that you’re not losing, not only from a litigation perspective, but the other major issue is corporate information, trademark secrets, corporate secrets, confidential information that you wouldn’t want to enhance?”

He further explained that a litigation hold over a BYOD devices means going beyond the normal things like a desk drawer, files, email, and shared devices. It means you have to ask “Okay, what else have you used to access the corporate network in the last year?

Wearables and eDiscovery

Wearable tech would have minimal impact on eDiscovery. Gallagher said, “Now, if you’re a corporate attorney, if you’re a defense counsel, one of the things you’re going to argue is “Well, the watch, everything that’s available on the watch, it’s just email, weather, that’s available on the server anyway, so you have another place to get it.”

The wearable is a highly discoverable type of device because most of that information is just replicating from somewhere else, Gallagher said. Usually, you are replicating wearable data from your phone so if you have the phone then everything’s replicated.

“For smaller cases, for cases at a location, for criminal cases, or matrimonial cases, where location is important, wearables could come into play,” he said.

Onboarding BYOD devices and eDiscovery

Much of what Gallagher said around BYOD policies is standard fare. I asked Gallagher how a company could protect themselves in the cases of salespeople (the “original BYOD”users) contracts and non-compete agreements. Competitors in highly competitive industries sue each over this kind of stuff all the time.

Career salespeople have their contacts (built from years of selling in an industry) that they keep on their phones. They may have sold to these customers over the years.

From a legal perspective in this scenario, Gallagher recommends that corporations have an addendum added to their standard employment agreement. The addendum should state, “I certify that I am not bringing anything from my former employee. We are hiring you for your knowledge of the industry in general and not any specific contacts that you may or may not have from former employees.

Gallagher said this sort of contract boilerplate puts the responsibility on their shoulders and that you aren’t hiring them for a particular contact.

He also advised that you want to make sure that they abide by their previous non-compete, but you don’t want them downloading or taking anything with them from their previous employer. Gallagher cautioned that you should not place any data from their previous employer on your corporate-owned system. Take, for example, syncing a personally owned smartphone to a corporate-owned laptop. Along with that sync can come corporate data from your competitor. eDiscovery can detect that data.

He further recommends that you have that new sales rep come to you with a clean slate of a cell phone.

Bringing contacts along on a personal device has become much easier legally speaking according to Gallagher. He said, “One of the recent things that’s come out of court cases is if you look at LinkedIn profiles, if you look at customer information but the sales rep proved that most of the information that he had from his ‘client’ was available publicly on their LinkedIn profiles.”

You don’t want them backing up their tablet to their new computer that could result in a breach of their non-compete, and now it’s backed up on your servers according to Gallagher.

Conclusion

Above and beyond the usual BYOD and challenges that enterprises face each day, you may also be navigating a blurred legal line so prepare yourself accordingly with BYOD policies and advice from your counsel to ensure that you are prepared if and when BYOD devices get put on a litigation hold.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

The Microsoft Surface Book is the computer you always wanted to have but couldn’t. So now that it is here, will you buy it?

The latest line of Microsoft Surface personal computers is now available from both the virtual and the bricks-and-mortar Microsoft Store. By most accounts, the Surface Pro 4 and the flagship Surface Book offer impressive performance without sacrificing style or that illusive awe factor typically missing from PCs in general.

With the Surface Book in particular, Microsoft is attempting to change the narrative of the personal computer—to change perceptions in the marketplace. The Surface Book is an aspirational computer and it is intended to inspire desire in the overall PC and computing device market.

Strategic reasons

There are some solid strategic reasons why Microsoft has brought the Surface Book to market.

Giving OEMs a reference for their own hardware and increasing participation in Microsoft cloud services and the ecosystem that goes with it are certainly notable goals of the Surface Book.

But there is even more to it than that.

Hardware

It is important to understand the hardware inside the Microsoft Surface Book. These are the technical specifications of a powerful computing device. You do not buy a Surface Book so your kids can watch movies in the car while you run errands.

With a high resolution screen, SSD storage up to 1TB, up to 16GB RAM, an Intel I5 or I7 CPU, and a customized discreet GPU from Nvidia, the Surface Book is designed for performance and productivity. This is some serious computing power delivered in a small package.

Of course, that power comes at a premium price, but that is where the aspirational part of the strategy comes into play. Microsoft knows it will not sell millions upon millions of Surface Books. That is not its purpose. Instead, Microsoft wants millions upon millions of people to want a Surface Book—to aspire to own one someday.

Microsoft wants the Surface Book to be the notebook computer you would buy if money were not an issue. It wants the Surface Book to be a status symbol PC.

Marketing

This is a bold move by Microsoft and it goes hand-in-hand with the “PC does what?” marketing campaign produced in conjunction with its OEM partners like Dell and Lenovo. These companies are trying to make PCs cool again. They are trying to steal some of the thunder so often associated with Apple.

And while the “PC does what?” campaign gets mocked, mostly by fans of Apple, it is more effective than many believe. Remember the Mac versus PC commercials? People often mocked those as inaccurate oversimplifications of fact, but they still seemed to elevate the “cool” factor of the Mac. It didn’t matter what everyone thought of them; what mattered was the perception they produced.

Bottom line

The Microsoft Surface Book sets a high bar for every other notebook computer that comes to market. Microsoft has carefully crafted a powerful computer with hardware, features, and style no other company can currently match. In a single stroke, Microsoft has made owning a PC cool again. It has made the Windows 10 ecosystem cool again.

Let’s punctuate the point with anecdotal evidence. A number of people have spent much of their professional lives complaining about Microsoft and PCs. They have been working in the Apple’s ecosystem and hating every minute of it. They have been looking for more than what Apple offers for years now. The day Microsoft announced the Surface Book, they ordered one. They haven’t been this excited about buying a computer for a decade.

With this lineup of Surface products, Microsoft has changed the tide and established market momentum. It will be interesting to see how Google and Apple respond. We should see some serious competition now. It also wouldn’t be surprised to see a resurgence in Windows 10 mobile devices later this year. It looks to be an exciting time for consumers. Hang on to your hats.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Phishing emails flow into inboxes year-round, especially during the holidays. Here are some clues to help your users spot “fishy” emails.

Every day countless phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so outlandish that they are obvious frauds, others can be a bit more convincing. So how do you tell the difference between a phishing message and a legitimate message? Unfortunately, there is no one single technique that works in every situation, but there are a number of things that you can look for. This article lists 10 of them.

1: The message contains a mismatched URL

One of the first things I recommend checking in a suspicious email message is the integrity of any embedded URLs. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address (at least in Outlook). If the hyperlinked address is different from the address that is displayed, the message is probably fraudulent or malicious.

2: URLs contain a misleading domain name

People who launch phishing scams often depend on their victims not knowing how the DNS naming structure for domains works. The last part of a domain name is the most telling. For example, the domain name info.brienposey.com would be a child domain of brienposey.com because brienposey.com appears at the end of the full domain name (on the right-hand side). Conversely, brienposey.com.maliciousdomain.com would clearly not have originated from brienposey.com because the reference to brienposey.com is on the left side of the domain name.

3: The message contains poor spelling and grammar

Whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, and legality, among other things. So if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation’s legal department.

4: The message asks for personal information

No matter how official an email message might look, it’s always a bad sign if the message asks for personal information. Your bank doesn’t need you to send it your account number. It already knows what that is. Similarly, a reputable company should never send an email asking for your password, credit card number, or the answer to a security question.

5: The offer seems too good to be true

There is an old saying that if something seems too good to be true, it probably is. That holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, the message is probably a scam.

6: You didn’t initiate the action

If you get a message informing you that you have won a contest you did not enter, you can bet that the message is a scam.

7: You’re asked to send money to cover expenses

One telltale sign of a phishing email is that you will eventually be asked for money. You might not get hit up for cash in the initial message. But sooner or later, phishing artists will likely ask for money to cover expenses, taxes, fees, or something similar. If that happens, you can bet that it’s a scam.

8: The message makes unrealistic threats

Although most of the phishing scams try to trick people into giving up cash or sensitive information by promising instant riches, some phishing artists use intimidation to scare victims into giving up information. If a message makes unrealistic threats, it’s probably a scam.

9: The message appears to be from a government agency

Phishing artists who want to use intimidation don’t always pose as a bank. Sometimes they’ll send messages claiming to have come from a law enforcement agency, the IRS, the FBI, or just about any other entity that might scare the average law-abiding citizen. But here, government agencies don’t normally use email as an initial point of contact. That isn’t to say that law enforcement and other government agencies don’t use email. However, law enforcement agencies follow certain protocols. They don’t engage in email-based extortion—at least, not in my experience.

10: Something just doesn’t look right

In Las Vegas, casino security teams are taught to look for anything that JDLR—just doesn’t look right, as they call it. The idea is that if something looks off, there’s probably a good reason why. This same principle almost always applies to email messages. If you receive a message that seems suspicious, it’s usually in your best interest to avoid acting on the message.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Microsoft Office 365 has taken market share from Google Apps and Google isn’t taking it lying down. Are we looking at the start of a price war?

According to an August 2015 report, Microsoft Office 365 has surpassed Google Apps and now controls more than 25% of the enterprise market—triple the enterprise market share the company held just a year ago. That is some serious growth and it hasn’t gone unnoticed by the folks at Alphabet (aka Google).

Details

On October 19, 2015, Rich Rao, head of global sales for Google Apps for Work announced a new program specifically designed to turn the tide against Microsoft Office 365’s advance.

In a nutshell, enterprises with preexisting contracts for a competitor’s office suite (read Office 365) looking to switch to Google Apps can do so and not pay any additional fees until the competitor’s contract has run its course. In essence, switching enterprises will pay Microsoft’s contract while they use Google Apps.

When the preexisting contract is over, enterprises sign a new contract with Google Apps. The announcement also suggests that Google will pay some of the transition costs through a special program offered by its Google for Work Partners service.

This is a bold move by Google and it signals that the company is reeling from the sudden surge of Microsoft Office 365. I don’t think Google was expecting this level of competition for its Google Apps suite.

Microsoft’s response

The ball is now in Microsoft’s court. There should be some kind of serious strategic response offered by Microsoft—that is, if it intends to maintain the growth of Office 365 in the enterprise market. Letting the tremendous advances in its market share over the last year erode would be irresponsible.

One strategy Microsoft may consider is lower subscription prices.

The basic enterprise version of Google Apps carries a subscription price of $5 per user. The basic enterprise version of Office 365 carries a subscription price of $8 per user. That $3 difference can really add up for a large enterprise and there may be some wiggle room for Microsoft to lower the per-user price for its service.

Cola wars. Pizza wars. We have seen major international companies take part in price wars in the past, and in the end, not much has been resolved. So I don’t think lowering their subscription prices is really the best strategy for Microsoft.

There is another way.

It’s all about collaboration

The basic applications offered by Office 365 and Google Apps—word processing, spreadsheets, emails, calendar, etc.—are similar. Office 365’s applications do have more features and deeper capabilities. Of course, Google Apps claims its lack of features is a good thing because its apps are simpler to use.

However, in this day and age, the real battleground for enterprise markets exists in features outside the basic office suite. The real battleground lies in cloud and collaboration services, including collaboration tools, storage, video communication, and document sharing. The cloud is where Microsoft and Google are going to fight their battle for productivity suite superiority.

And cloud is where Microsoft has been winning handily for the past year or so. I believe the new cloud and collaboration emphasis of Office 365 has taken Google by surprise. I think Google has realized that Microsoft has upped its game and that it can’t coast into increased enterprise market share by merely offering a lower-price, simpler productivity suite.

It may have been an indirect battle before, but Microsoft and Google are now engaged in a mano a mano fight for enterprise market share in the productivity software category. It will be interesting to see how this strategic battle between two superpowers plays out. I just hope each side takes appropriate steps to avoid collateral damage.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Anna Kournikova (2001)

The Anna Kournikova virus is so named because it tricked its recipients into thinking they were downloading a sexy picture of the tennis star. Financial damages associated with Kournikova were limited, but the virus had a big pop culture impact: It became a plot point in a 2002 episode of the sitcom Friends.

Sasser (2004)

In April 2004, Microsoft issued a patch for a vulnerability in Windows’ Local Security Authority Subsystem Service (LSASS). Shortly after, a teenager in Germany released the Sasser worm to exploit the vulnerability in unpatched machines. Multiple variants of Sasser took out airline, public transportation, and hospital networks, causing $18 billion in damage.

Skulls.A (2004)

The Skulls.A is a legitimately spooky mobile trojan that affected the Nokia 7610 smartphone and other SymbOS devices. The malware was designed to change all icons on infected phones to Jolly Rogers and disable all phone functions, save for making and receiving calls.

F-Secure says Skulls.A caused little damage, but the trojan is undeniably creepy.

Zeus (2009)

While many malware programs on this list are little more than nuisances, Zeus (AKA Zbot) was a tool used by a complex criminal enterprise.

The trojan uses phishing and keylogging to steal online banking credentials, draining a cumulative $70 million from the accounts of its victims.

Melissa (1999)

Named after a Florida stripper, the Melissa virus was designed to propagate by sending itself to the first 50 contacts in its victims’ e-mail Outlook address book. The attack was so successful that the virus infected 20 percent of the world’s computers, causing an estimated $80 million in damage.

Virus creator David L. Smith (shown) was caught by the FBI, served 20 months in jail, and paid a $5,000 fine.

Sircam (2001)

Like many early malware scripts, Sircam used social engineering to trick people into opening an email attachment.

The worm chooses a random Microsoft Office file on victims’ computers, infects it, and sends it to all the people in the victims’ email contact list. A University of Florida study pegged Sircam cleanup costs at $3 billion.

Stuxnet (2009)

Stuxnet is one of the first known viruses created for cyberwarfare. Created in a joint effort between Israel and the U.S., Stuxnet targeted nuclear enrichment systems in Iran.

Infected computers instructed nuclear centrifuges to physically spin until they broke, all while providing fake feedback that operations were normal.

SQL Slammer/Sapphire (2003)

Taking up just 376 bytes, the SQL Slammer worm packed a lot of destruction into a tiny package. The worm slowed down the Internet, disabled 911 call centers, took down 12,000 Bank of America ATMs, and caused much of South Korea to go offline. It also crashed the network at Ohio’s Davis-Besse nuclear power plant.

Storm Trojan (2007)

Storm Trojan is a particularly sinister piece of email-distributed malware that accounted for 8 percent of all global infections just three days after its January 2007 launch.

The trojan created a massive botnet of between 1 and 10 million computers, and because it was designed to change its packing code every 10 minutes, Storm Trojan proved incredibly resilient.

Code Red (2001)

The Code Red worm, named after the Mountain Dew flavor preferred by its creators, infected up to one-third of all Microsoft ISS web servers upon release.

It even took down whitehouse.gov, replacing its homepage with a “Hacked by Chinese!” message. Estimated damages due to Code Red were in the billions of dollars worldwide.

Nimda (2001)

Released just after the 9/11 attack, many thought the devastating Nimda worm had an Al Qaeda connection (never proven).

It spread via multiple vectors, bringing down banking networks, federal courts and other key computer systems. Cleanup costs for Nimda exceeded $500 million in the first few days alone.

ILOVEYOU (2000)

The ILOVEYOU worm, AKA Love Letter, disguised itself in email inboxes as a text file from an admirer.

But this Love Letter was anything but sweet: In May 2000, it quickly spread to 10 percent of all Internet-connected computers, leading the CIA to shut down its own email servers to prevent its further spread. Estimated damages were $15 billion.

Cryptolocker (2014)

Computers infected with Cryptolocker have important files on their hard drives encrypted and held at ransom. Those who pay approximately $300 in bitcoin to the hackers are given access to the encryption key; those who fail to pay have their data deleted forever.

Netsky (2004)

The Netsky worm, created by the same teen who made Sasser, made its way around the world by way of email attachments. The P variant of Netsky was the most widespread worm in the world even more than two years after its February 2004 launch.

Conficker (2008)

The Conficker worm (AKA Downup, Downadup, Kido), first detected in December 2008, was designed to disable infected computers’ anti-virus programs and block autoupdates that may otherwise remove it from computers.

Conficker quickly spread to numerous important computer networks, including those of the English, French, and German armed forces, causing $9 billion in damage.

Michaelangelo (1992)

The Michelangelo virus itself spread to relatively few computers and caused little real damage. But the concept of a computer virus set to “detonate” on March 6, 1992 caused a media-fueled mass hysteria, with many afraid to operate their PCs even on anniversaries of the date.

Sobig.F (2003)

The Sobig.F trojan infected an estimated 2 million PCs in 2003, grounding Air Canada flights and causing slowdowns across computer networks worldwide. This tricky bug-in-disguise cost $37.1 billion to clean up, making it one of the most expensive malware recovery efforts in history.

MyDoom (2004)

In September 2004, TechRepublic called MyDoom “the worst virus outbreak ever,” and it’s no surprise why. The worm increased the average page load time on the Internet by 50 percent, blocked infected computers’ access to anti-virus sites, and launched a denial-of-service attack on computing giant Microsoft.

The worldwide costs associated with cleanup of MyDoom is estimated to be just shy of $40 billion.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design Services, Server Support, Network Consulting, Internet Phones, Cloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.