Don’t Get Hooked by Vishing Attacks

Cybercriminals are motivated and creative, which is not a great pairing for their victims. Just when we think we know what to watch out for, there’s something new to worry about. Right now, voicemail phishing (vishing) attacks are on the rise. Find out more about vishing and what you can do about it.

First, a reminder: phishing refers to bad actors sending fraudulent emails. They use social engineering to get you to reveal personal or sensitive information. For example, employees might get an email that looks like it’s from your IT team. It might ask them to renew their access credentials in the next 24 hours, but they need to enter their existing credentials into an online form to make the change.

Vishing also relies on social engineering – it targets our impulse to trust or help – but, vishing does this using voicemail. Cybercriminals use this approach to attack individuals and businesses, and they aim to obtain the information they need to perpetrate further crimes.

 

How does vishing work?

Cybercriminals prepare in advance to make vishing more convincing. They’ll call from what looks like a local number, as you’ll be more likely to answer. They learn enough about their victim or the organization they claim to be from to appeal to human nature.

A vishing attempt will:

  • use urgency to encourage you to act;
  • leverage false credibility to convince you they’re legit (e.g. calling from the government, tax department, IT support, or HR);
  • employ persuasive language to make you want to help;
  • take a threatening tone so that your fear you will be arrested or have your bank accounts shut down to override your suspicions;
  • reference current events to tap into your worries (e.g. during the tax season, criminals might spoof tax collection agencies; or during COVID, people were promised testing kits for sharing their bank information).

 

Avoid falling victim to vishing

Make vishing awareness part of your security training for employees. Communicating how to avoid falling victim can help your business stay safe.

The number-one rule is to never provide or confirm personal information by phone. A bank, hospital, tax office, or the police are not going to call you on the phone to ask for personal details. And they are definitely not going to call and try to motivate you to act urgently.

It is also unlikely that your manager or human resources would call you at home to ask you to transfer funds, provide confidential data, or email documents from your personal account.

Always ask for proof that you can use to verify the caller is who they say they are and works where they claim to. If you’re given a number to call to confirm the caller is legit, look it up. Call on a different phone to check that it’s a real number.

Stay aware of the latest trends. For instance, a new take on vishing sends emails claiming to share links to voicemail messages on LinkedIn- or WhatsApp-type services. If the recipient clicks on the link, they go to a convincing page (complete with CAPTCHA for added legitimacy) where crooks try to capture their access credentials.

This latest iteration of vishing aims to evade your cybersecurity solutions. There’s always something to keep up with. Need help? Our experts can set your business up for network security success. Contact us today at 317-497-5500.

Securing Your Legacy Architecture: Why and How

Some business applications are so essential they are always on, 24/7. That makes them difficult to update or replace. You may also have hardware or software that has been getting the job done for decades. Taking an “if it ain’t broke, don’t fix it” perspective, you continue to rely on this technology. But how secure is this legacy architecture? Convenience could be undermining essential cyber protection.

Legacy systems are common in many industries, including energy, healthcare, manufacturing, and government. Take this high-profile example of the dangers of relying on legacy architecture. American taxpayers got an extension on their 2018 filings due to a legacy tech outage. The Internal Revenue System’s critical systems went down for over 10 hours … on national tax day!

Legacy architecture includes software, hardware, and other tech that is not internet-enabled. It may all still work as intended, but that doesn’t mean it’s secure.

 

The Risks with Legacy Architecture

The longer you rely on an application, the more critical it may be to your day-to-day operations. This can make it more challenging to upgrade or replace. Downtime would be damaging, and costs could be prohibitive. It could be part of a custom deployment, making mapping what you need to update and secure as challenging as untangling all the electrical cords in the equipment closet.

Yet continuing to run legacy architecture leaves you open to many problems:

  • You could be running outdated software that you can’t control because the original developers are gone.
  • The technology may no longer be supported, so the vulnerabilities are growing every year it is left unpatched or not updated.
  • You risk noncompliance with industry or other cybersecurity regulations.

 

How to Protect Legacy Architecture

Your budget may not allow you to replace legacy equipment or overhaul it to provide more advanced cyber protection. Still, you can take action to protect legacy architecture.

Get to know the problem – Part of the issue with legacy architecture is that it has morphed beyond the original design. No one knows all its external dependencies and internal integrations with other equipment. That means you don’t know the threats or vulnerabilities and can’t design effective countermeasures and protections. Thus, protection begins with a deep dive to understand what that technology does and how it does it.

Build protections around it – Enhance security by making it more difficult for hackers to get at your legacy tech. It’s like putting a moat and high walls around a castle to protect it from marauders. Using firewalls can slow down the bad guys, plus, if you keep an eye on the security logs, you may be able to see them trying to break in.

Isolate legacy architecture – Another solution is to separate legacy equipment from other systems. This helps you limit the number of entry points a bad actor has to exploit vulnerabilities. You can also minimize collateral damage by keeping the attack contained.

Use multi-factor authentication – Better protect access to legacy systems with multi-factor authentication. This makes it more difficult for cybercriminals to get in. They’d need more than stolen access credentials for authentication.

Also, limit each user to applications or hardware that is essential for their role. This is a least-privileges-access approach. It keeps a bad actor from having carte blanche access to your systems.

Migrate workflow to modern systems – If part of a workflow doesn’t have to be done on the legacy architecture, move it to the more modern system. Transition to cloud technology to benefit from current systems with built-in redundancy. That can help you bounce back sooner if something does go wrong.

Develop a security mindset – Your people are often the weakest link in cybersecurity. When working with legacy tech, encourage your people to patch often and update always. Demonstrating you care about security can encourage caution. That can help you avoid costly mistakes or give the criminals a way in.

 

Partner with a managed service provider

By working with an external IT provider, you can enjoy a fresh perspective. An outsourced IT expert is skilled with legacy architecture and the latest tools, too. We can provide the know-how you need to protect what you want to hold on to a little longer. Contact us today at 317-497-5500!

Data Breaches Are Getting Worse: Know the Basics

The exposure of sensitive information can be disastrous for individuals, businesses, or governments. Yet data breaches aren’t going away. The first data breach compromised more than a million records in 2005. Since then, we’ve seen ongoing news of breaches. But there are some basic steps you can take to avoid falling victim to an attack.

Let’s look just at August 2022:

  • A breach at communications giant Twilio exposes 1900 users’ phone numbers and SMS verification codes.
  • Researchers discover at least 9000 virtual-network computing endpoints exposed online without a password.
  • CISCO confirms a ransomware gang has exfiltrated 2.8GB of data.
  • An American neurology practice notifies 363,833 individuals of a data breach.
  • 4 million Twitter users are thought to have been affected by a data breach at the social media firm.
  • And that’s all during a 10-day period!

In its annual Cost of a Data Breach study, IBM found the cost of a breach hit a record high this year, at nearly $4.4 million.

How does a data breach work?

A data breach involves any unauthorized access to confidential, sensitive, or protected information, and it can happen to anyone. Data breaches happen mainly when hackers can exploit user behavior or technology vulnerabilities.

The threat surface continues to grow exponentially. We are increasingly reliant on digital tools such as smartphones and laptops. With the Internet of Things (IoT), we’re adding even more endpoints that unauthorized users can access.

Popular methods for executing malicious data breaches include:

  • Phishing – emails in which hackers persuade users to hand over access credentials or the data itself;
  • Brute-force attacks – hackers use software and sometimes even hijacked devices to guess password combinations until they get in;
  • Malware – infects the operating system, software, or hardware (often without the user knowing) and steals private data.
  • Disgruntled employees or political hacktivists can also be behind data breaches. However, more often than you would hope, the breach is due to human error.

Basic steps to avoid data breaches

Too many data breaches trace back to people using weak access credentials. Yes, there are still people out there using “password” or “123456” to log in at work! Thus, an important step to counter data breaches is enforcing strict password policies.

Multi-factor authentication can also help. This way, even if the employee uses a poor password, or their strong password is stolen, the hacker has to work to get access. They might need the user’s physical device to confirm a one-time-use code sent to verify identity.

It’s also important to patch and upgrade software as soon as asked to do so. Manufacturers support security by keeping abreast of hacker attacks throughout the world. They’ll also watch for bugs and any vulnerabilities. Disregarding that message to upgrade or patch could leave your computers at risk.

Encrypting all sensitive data can also cut the risks of a data breach. That way, if the bad guys do get inside your systems, they can’t do anything with the information they access.

With more people working remotely, the number of users doing business on their own devices is also up, which represents another data breach risk. Enforce strict Bring Your Own Device (BYOD) policies to minimize exposure. You might require virtual private networks and professional-grade antivirus protection.

Don’t risk data breach damage

Data breaches cause business downtime and can cost your reputation and bottom line. You may lose customers and also have to pay legal fees or compliance fines. Don’t let this happen to you. A managed services provider can install protection and take precautions against data breaches. Call us today at 317-497-5500.

Get More Unplugged Laptop Time with These Battery-Saving Hacks

One of the big draws of a laptop computer is that you can use it anywhere. You don’t need to have it plugged in all the time because it has an internal battery.

Your laptop may start out with several hours of battery life when you first buy it. But the lifespan can get shorter as time goes by and battery health takes a hit. Sometimes this can be due to a lack of PC maintenance. Other times, it’s due to the environments the laptop is subject to (such as a hot car).

Seeing your laptop’s battery capacity shrink can be frustrating. But there are several things you can do to increase the time you can go without needing to plug it in

 

Lower the Display Brightness

The brighter your display is, the more battery power it’s taking. Have you ever hit the automated low battery mode on a laptop? Then you know you immediately notice a difference in brightness. This is because that setting turns down the brightness. It’s one of the ways to reduce battery consumption.

You can turn down the brightness of your screen in your display settings. You can also use the brightness keys that are usually in the top row of keys on a laptop keyboard.

Reduce PC Battery Use in Power/Sleep Settings

Here’s one way to increase the time you can use your unplugged laptop without a power source.  Adjust some of its power and sleep settings.

If you’re using Windows, open the search on the Task Bar. Type in “power settings.” This directs you to the power, sleep, and battery settings in your system settings.

Look for any tips at the top for increasing battery longevity. Such as, making the time your screen goes dark after inactivity and the time it goes to sleep the same.

Then review the settings, such as Screen and sleep, and Power mode. Find the ones that will reduce your PC’s battery consumption. This will extend the time you can go without a new charge.

Enable Battery-Saver Mode

You don’t have to wait until your PC hits 10% for it to go into battery-saver mode. You can control this and enable it yourself in your system settings.

Do you know you’re going to be without a power source for a while? Put your PC in power-saver or battery-saver mode right away, so you can extend the charge as long as possible.

Use the Manufacturer’s Battery Calibration Tool

Manufacturers will have their own PC maintenance tools installed. You can use for battery calibration. Sometimes calibrating the battery can correct an issue with a battery life. Especially if life has gotten shorter than when you first purchased your laptop.

Look for a manufacturer’s built-in maintenance app. It will usually be on the Task Bar unless you’ve hidden it. When you open that, you may find that you need to do a calibration or other maintenance task.

Get a Computer Tune-up

If you have processes running in the background it can zap your battery life. Processes that aren’t needed can often run anyhow. Getting a computer tune-up from your IT provider can solve a lot of different issues. This includes such as computers that get sluggish, and often, the battery life too.

Consider Using Microsoft Edge Browser for Its Efficiency Settings

If like most people, you keep a lot of browser tabs open while you’re working on your PC. They could be zapping your battery power.

Consider trying Microsoft’s Edge browser.  It has been gaining in popularity ever since it incorporated the Chromium engine. This is same one Chrome uses.

The browser has several power-saving features that you can enable in your settings. Search “sleeping tabs” in Edge settings to find these. They include:

  • Enable efficiency mode (choose from the available options)
  • Enable Sleeping Tabs and fade them when asleep
  • Choose when you would like to put inactive browser tabs to sleep to conserve battery power.

Turn Off Unnecessary Apps Hogging Battery Power

Check the apps that are running on your PC in the Task Manager. Do you really need them all to run when you’re unplugged and trying to conserve battery power?

Often processes that aren’t 100% necessary all the time will be running. Such as an update service or cloud storage syncing app. Close the apps you don’t need to use at that time to lengthen battery life.

Keep Your PC Out of Too Much Heat or Freezing Temps

Both excess heat and freezing temperatures can be bad for a computer. This includes shortening the battery life.

You should never leave your laptop in a car on a hot day or when it’s freezing outside. Also, it might not seem particularly hot to you, but if it’s sunny, the inside of a vehicle can heat up pretty quickly. Be aware of the temperature extremes that your laptop is subject to.

Looking for a PC Tune-Up or Battery Replacement?

We can help you with a full system tune-up or a laptop battery replacement if needed. Don’t struggle with short battery life when you can have that fixed in no time! Contact us today and let’s chat.

Article used with permission from The Technology Press.

How Using the SLAM Method Can Improve Phishing Detection

There is a reason why phishing is usually at the top of the list for security awareness training. For the last decade or two, it has been the main delivery method for all types of attacks. Ransomware, credential theft, database breaches, and more launch via a phishing email.

Why has phishing remained such a large threat for so long? Because it continues to work. Scammers evolve their methods as technology progresses. They use AI-based tactics to make targeted phishing more efficient, for example.

If phishing didn’t continue working, then scammers would move on to another type of attack. But that hasn’t been the case. People continue to get tricked. They open malicious file attachments, click on dangerous links, and reveal passwords.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Studies show that as soon as 6 months after training, phishing detection skills wane. Employees begin forgetting what they’ve learned, and cybersecurity suffers as a result.

Want to give employees a “hook” they can use for memory retention? Introduce the SLAM method of phishing identification

What is the SLAM Method for Phishing Identification?

One of the mnemonic devices known to help people remember information is the use of an acronym. SLAM is an acronym for four key areas of an email message to check before trusting it.

These are:

S = Sender

L = Links

A = Attachments

M = Message text

By giving people the term “SLAM” to use, it’s quicker for them to check suspicious email. This device helps them avoid missing something important. All they need to do use the cues in the acronym.

Check the Sender

It’s important to check the sender of an email thoroughly. Often scammers will either spoof an email address or use a look-alike. People often mistake a spoofed address for the real thing.

In a phishing email, the email address domain is “@emcom.bankofamerica.com.” The scammer is impersonating Bank of America. This is one way that scammers try to trick you, by putting the real company’s URL inside their fake one.

It is very convincing. It has likely fooled many people into divulging their personal details. People applying for a credit card provide a Social Security Number, income, and more.

Doing a quick search on the email address, quickly reveals it to be a scam. And a trap used in both email and SMS phishing attacks.

It only takes a few seconds to type an email address into Google. This allows you to see if any scam warnings come up indicating a phishing email.

Hover Over Links Without Clicking

Hyperlinks are popular to use in emails. They can often get past antivirus/anti-malware filters. Those filters are looking for file attachments that contain malware. But a link to a malicious site doesn’t contain any dangerous code. Instead, it links to a site that does.

Links can be in the form of hyperlinked words, images, and buttons in an email. When on a computer, it’s important to hover over links without clicking on them to reveal the true URL. This often can immediately call out a fake email scam.

When looking at email on a mobile device, it can be trickier to see the URL without clicking on it. There is no mouse like there is with a PC.  In this case, it’s best not to click the URL at all. Instead go to the purported site to check the validity of the message.

Never Open Unexpected or Strange File Attachments

File attachments are still widely used in phishing emails. Messages may have them attached, promising a large sale order. The recipient might see a familiar word document and open it without thinking.

It’s getting harder to know what file formats to avoid opening. Cybercriminals have become savvier about infecting all types of documents with malware. There have even been PDFs with malware embedded.

Never open strange or unexpected file attachments. Use an antivirus/anti-malware application to scan all attachments before opening.

Read the Message Carefully

We’ve gotten great at scanning through text as technology has progressed. It helps us quickly process a lot of incoming information each day. But if you rush through a phishing email, you can miss some telltale signs that it’s a fake.

Phishing emails can contain small errors in grammar.  They can say things like, “We confirmation that your item has shipped,” instead of “We confirm that your item has shipped.” These types of errors can be hard to spot but are a big red flag that the email is not legitimate

Get Help Combatting Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Contact us today to discuss your email security needs.

 

Article used with permission from The Technology Press.

Did You Just Receive a Text from Yourself? Learn What Smishing Scams to Expect

Phishing by SMS is “smishing,” and it’s becoming a major problem.

Case in point, in 2020, smishing rose by 328%, and during the first six months of 2021, it skyrocketed nearly 700% more. Phishing via SMS has become a big risk area. Especially as companies adjust data security to a more remote and mobile workforce.

How many text messages from companies do you receive today as compared to about two years ago? If you’re like many people, it’s quite a few more.

This is because retailers have begun bypassing bloated email inboxes. They are urging consumers to sign up for SMS alerts for shipment tracking and sale notices. The medical industry has also joined the trend. Pharmacies send automated refill notices and doctor’s offices send SMS appointment reminders.

These kinds of texts can be convenient. But retail stores and medical practices aren’t the only ones grabbing your attention by text. Cybercriminal groups are also using text messaging to send out phishing.

Smishing: How Can I Text Myself?

If you haven’t yet received a text message only to find your own phone number as the sender, then you likely will soon. This smishing scam is fast making the rounds and results in a lot of confusion. Confusion is good for scammers. It often causes people to click a malicious link in a message to find out more details.

Cybercriminals can make it look like a text message they sent you is coming from your number. They use VoIP connections and clever spoofing software.

If you ever see this, it’s a big giveaway that this is an SMS phishing scam. You should not interact with the message in any way and delete it instead. Some carriers will also offer the option to delete and report a scam SMS.

Popular Smishing Scams to Watch Out For

Smishing is very dangerous right now because many people are not aware of it. There’s a false sense of security. People think only those they have given it to will have their phone number.

But this isn’t the case. Mobile numbers are available through both legitimate and illegitimate methods. Advertisers can buy lists of them online. Data breaches that expose customer information are up for grabs on the Dark Web. This includes mobile numbers.

Less than 35% of the population knows what smishing is.

It’s important to understand that phishing email scams are morphing. They’ve evolved into SMS scams that may look different and be harder to detect.

For example, you can’t check the email address to see if it’s legitimate. Most people won’t know the legitimate number that Amazon shipping updates come from.

Text messages also commonly use those shortened URLs. These mask the true URL, and it’s not as easy to hover over it to see it on a phone as it is on a computer.

You need to be aware of what’s out there. Here are some of the popular phishing scams that you may see in your own text messages soon.

Problem With a Delivery

Who doesn’t love getting packages? This smishing scam leverages that fact and purports to be from a known shipper like USPS or FedEx. It states that there is a package held up for delivery to you because it needs more details.

The link can take users to a form that captures personal information used for identity theft. One tactic using this scam is to ask for a small monetary sum to release a package. Scammers created the site to get your credit card number.

Fake Appointment Scheduling

This scam happened to a community in South Carolina. They had recently had an installation of AT&T fiber internet lines in their neighborhood. Following the installation, AT&T did a customer drive to sign people up for the service.

During this time, one homeowner reported that he received a text message. It pretended to be from AT&T about scheduling his fiber internet installation. He thought it was suspicious because the address they gave was wrong. The scammer had wanted him to text back personal details.

Get Your Free Gift

Another recent smishing scam is a text message that doesn’t say who it’s from. It says, “Thank you for your recent payment. Here is a free gift for you.” It includes a link at the bottom of the message.

This is a widespread scam that many have noted online. And it’s an example of a scammer using a common fact. The fact that most people would’ve paid some type of bill recently and mistake the text to be from a company they know. It also lures people in with the promise of giving them a free gift.

Does Your Mobile Device Have the Security It Needs

Smishing scams are very clever and can easily infect your device with malware. Do you have the proper security precautions (mobile antivirus, DNS filtering, etc.)?

If not, contact us. We can help!

 

Article used with permission from The Technology Press.

5 Exciting Ways Microsoft 365 Can Enable the Hybrid Office

“Hybrid office” is the new buzzword you’ll hear used in business discussions. It’s the mix of having employees both working at the office and working from home. This has become more than a buzzword and is now the reality for many companies.

There was a survey of employees with remote-capable jobs. The survey found that as of February of 2022, 42% of them were working a hybrid schedule. And 39% were working from home full time.

The global pandemic brought on this hybrid office transition. It forced companies to operate with teams that could no longer safely come to the office. During this time, employers and employees experienced the benefits of hybrid work firsthand.

These benefits of remote teams included cost savings for both workers and employers. It also allowed the company to operate with more flexibility. Improved worker morale was another advantage.

One fact surprised many employers that feared remote work would tank productivity.  It actually increased in many circumstances.

63% of high-growth companies use a “productivity anywhere” hybrid work approach.

In order for hybrid teams to be productive they need to stay connected.  No matter where they work, the right technology tools should enable them.

One of the leaders in this space has been Microsoft. The company plans to add several exciting updates this year. These will provide more tools for companies to enable their hybrid teams.

Here are some of the ways you can use Microsoft 365 to optimize a productive hybrid office. Note, that some of these features are already out, and others should release later this year.

Microsoft Teams & Expanded Features

Microsoft Teams is much more than a team messaging app. The application combines the best features of virtual video meetings and messaging channels. It brings them together into a platform designed to be a secure online work hub.

MS Teams has come a long way in the last five years. And the company continues to add more features to enable hybrid offices. Some of the recent feature updates include:

  • The ability to do webinar registration
  • Presenter modes that provide a more professional virtual presence
  • Increased security through features like smart links and smart attachments
  • A full business VoIP phone system add-on
  • The addition of a “metaverse” component called Mesh for Teams

New Meeting Options for RSVP in Outlook

One of the challenges, when everyone isn’t working in the same place, is how to know when to “clock in” and “clock out.” As well as how to let colleagues know whether you are working at home next week or the office.

To help hybrid teams better coordinate, Outlook is getting an update. It will allow users to RSVP to meetings. This can let team members know whether they are attending virtually or in person.

Better Framing for More Engaging Meetings

One thing that can distract from the purpose of a meeting is someone’s background at home. Positioning of the camera can also be problematic. One person might have their face taking up 80% of the video screen. Another may only take up 20% because they’re sitting farther away from their PC’s camera.

A new Surface Hub 2S Smart Camera will allow for better face framing. This will affect when people are meeting virtually in Microsoft Teams. Features include adjusting the room view so people’s faces will be clearer. As well as having more consistent sizing.

The video display will also automatically adjust as people join or leave a physical room.

Get Better Control of Your Video Using PowerPoint to Present

People often share a screen in a video call and present a PowerPoint presentation. It can be difficult to keep everyone as engaged as when you’re presenting in person.

For example, in person, you can maintain eye contact. People can clearly see your facial expressions as you emphasize various things. That’s not always the case when presenting virtually. The app may push your video feed into a tiny box.

There’s a new upcoming feature for Teams called Cameo. It will allow you to seamlessly integrate PowerPoint with MS teams. You can decide exactly how you want your video feed to appear in relation to your presentation.

Another addition is Recording Studio. This new feature for PowerPoint allows you to record professional-looking on-demand videos. You can do it right inside the app.

Get Help With Your Presentation Skills

Microsoft has poured a lot of AI capabilities into Microsoft 365 over the last several years. One that will soon help you deliver better virtual presentations is Speaker Coach.

This is a private and personalized coach. It can help you hone your presentation skills. This improves your switch to the differences between presenting online versus in person.

Some of the feedback it can provide include:

  • Use of repetitive language
  • Use of filler words (Ummm)
  • Speaking pace
  • Pausing for input
  • Intonation
  • Speaker overlaps
  • And more

 

Ask Us About Improving Your Hybrid Office Capabilities with Microsoft 365

Microsoft 365 has a ton of helpful features. But it does help to have an expert guide to help you navigate these capabilities. Contact us today to set up a chat about how Microsoft 365 can help your business grow.

Article used with permission from The Technology Press.

Making the Most of Microsoft Lists

If you have Microsoft 365 but aren’t using Microsoft Lists, you could be missing out. This useful feature, which is included with your 365 subscription, helps businesses work more efficiently.

Lists is a productivity feature on Microsoft 365 (MS365), formerly Microsoft Office. This app is a more recent addition to the MS365 app store, so you may have missed it. This article shares some advantages of this tracking and work management app.

An upgrade of SharePoint lists, which has been with MS365 all along, Lists integrates with Microsoft Teams. This means Lists help you collaborate and cooperate better. In fact, all users in a Teams channel with a List can access and edit that List without leaving Teams.

With Lists, you can create, distribute, and track data in a configurable way. Yes, it is good for helping you make a simple list of, say, things to do, but you can do much more with Lists.

Added functionality of Lists

Lists comes with templates to get you started quickly. You can also configure the lists to suit your specific business needs. Plus, you can set the lists to display in the way that works best for you. Maybe you want to look at Lists as a calendar, a grid, a gallery, or in a custom view. You can do that but in real-time, with everyone using that list getting the same updated data when they’re logged in.

In Lists, you set up tables of information to track extensive amounts of data. For example, you might track a project in Microsoft Lists by adding all the tasks to a List. You could add columns for the person responsible, task status, project priority, and more. You can also use colors within the List to help sort information more easily.

Additionally, since Lists is part of MS365, you can use Lists wherever and on whichever device you access the software. You can also integrate Lists with other powerful tools on the MS365 platform. You might extend forms with Power Apps or customize workflows with Power Automate. With automation, you get even more from your Lists.

Taking advantage of Lists

There are many business applications with Lists. Besides project management, you might organize an event itinerary and speaker info in a List, or track assets, or manage a new employee onboarding checklist. If you have an idea of something you want to create, configure, watch, and share, you can probably do it within Lists.

Lists is a default feature in MS365 Teams, but you can switch it on or off in the Teams admin center at any time. You can even permit or ban certain users from Lists.

If you’re not yet using MS365, our IT gurus can help you get started. If you’re on the platform already, let our experts help you get the most you can from your license. Contact us today at 317-497-5500.

Automated Data Backups Still Need Management

Your business is backing up its data in case of cyberattack or other disastrous disruption. Yes, you can pat yourself on the back for that, but don’t get too complacent with backing up. Automated backup still needs monitoring and management.

Having decided to back up data, you may feel confident you can withstand an attack or recover from unexpected downtime. But if you simply trust the backup to run at a certain time, you might be surprised. Automated backups can make the job easier. Still, you should be monitoring these backups and checking them, too. There’s nothing worse than finding out months later that something went wrong with your automated backup.

 

Why you need to monitor backups

A technician can set an automated backup to run on a set schedule. They select a time that causes the least interruption while ensuring up-to-date data. Yet this is too important a process to leave unattended.

Things change. The automated backup is set up for the technology configuration when originally installed. A lot can happen in the meantime as the IT environment evolves.

Blindly trusting automated backup could leave you unaware of problems such as:

  • an unplugged backup device;
  • an altered device letter, which means it isn’t found;
  • moved folders;
  • software updates that might have changed what needs done and how;
  • the original plan not accounting for new servers or migration from on-premises to the cloud;
  • insufficient capacity for the backup.

If no one is monitoring that backup, your business could assume it went smoothly. Then, when you need that backup, you could find out the hard way it didn’t go as planned.

 

Keeping an eye on automated backup

It’s not that you can’t automate backup, and there is convenience in doing so. Automating the backup of a computer, network, or IT environment can save time and money.

Yet you need someone to pay attention. Monitoring backups ensures that the process is running smoothly.

A managed service provider (MSP) will take a hands-on approach to your automated backups. If there is a failure, they have the skills to address the issue quickly and alert you of any bigger issues. Plus, with an MSP in your corner, you gain IT experts skilled at data recovery, too.

The MSP’s techs can even run data-restore drills, helping you to prepare for challenges such as ransomware attacks or accidental data deletion.

Process automation helps business, but don’t rely on it unattended. Optimize data backup by adding a human element. An MSP can ensure quality and fully protect your business. Contact us today at 317-497-5500.

Top 5 Mobile Device Attacks You Need to Watch Out For

Smartphones and tablets are often the preferred device for communications, web searching, and accessing many types of apps. They’re more portable and can be used from anywhere.

We’re seeing the takeover of many activities that used to be performed on traditional computers. Now, people are using mobile devices instead.

For example, Microsoft estimates that up to 80% of the workload in many enterprise organizations is now done via mobile devices. Over half of all web searches are also now conducted from a mobile device rather than a desktop PC.

This has caused mobile devices to become more targeted over the past few years. As hackers realize they’re holding many of the same sensitive information and app access as PCs, they’ve been creating mobile malware and other exploits to breach mobile devices.

In 2020, approximately 36.5% of organizations were impacted by mobile malware and 2.5 million people unknowingly downloaded multiple mobile adware apps.

It’s important to start treating mobile devices in the same way as you do computers when it comes to their security. Smartphones and tablets need the same types of security precautions in place, including:

  • Antivirus/anti-malware
  • DNS filtering
  • Automated OS and app updates
  • Managed backup

You need to be on the lookout for the most prevalent mobile device threats that allow your data to be leaked or breached. Here’s a roundup of what those are.

1. MOBILE MALWARE HIDDEN IN APPS

It’s not easy at first glance to tell the difference between a legitimate free app and one that has malware hidden inside.

Scammers will use the same types of flashy graphics, and the app may even have a high star rating (most likely boosted through suspicious means). The app may even do what it says it will do when downloaded.

But malware can be hidden in the background, infecting a device as soon as the app is installed. And many of these apps will hide once on your phone or tablet by using the icon of a common default system app (like settings or calendar).

Mobile malware can include all the same types of malware that can infect a computer, such as ransomware, adware, spyware, trojans, and more.

2. UNPROTECTED COMMUNICATIONS

Have you ever sent someone a password or credit card details over a text message or messaging app? Did you check to see if the communication was encrypted?

Many users will use various methods of communication from their mobile devices without knowing how secure those methods are. If sensitive information is transmitted and it’s not encrypted, then a hacker could easily intercept it.

3. PUBLIC WI-FI & MAN-IN-THE-MIDDLE ATTACKS

Public Wi-Fi has long been known to be non-secure, yet people still use it when it’s available. They want to save their mobile minutes or get a faster connection.

75% of people admit to connecting to email when on public Wi-Fi. Other activities people will do is sign into apps (even sensitive ones like online banking), and shop online, entering credit card details.

If you’re on public Wi-Fi, then you’re at high risk of a man-in-the-middle attack. This is when a hacker connects to the same network and looks for victims with unprotected communications. They can then capture any type of data they’re transmitting.

One way to safely connect to public Wi-Fi is to use a VPN app, which will encrypt your communications.

4. JUICE JACKING ON PUBLIC USB CHARGING STATIONS

Another public mobile breach danger is public USB charging stations. These are often welcome sights especially if you’re low on battery power. However, hackers can infect public USB charging ports with malware and set up fake charging stations in public areas.

Then, when you insert your USB cord to charge your device, the malware is copying all the data on your phone and/or infecting it with malicious code. See, USB cables aren’t just for charging, they are also used for data transmission.

It’s best to avoid public USB charging ports and charge with your power adapter that plugs into an outlet instead. You can also buy a “charge-only” USB cord to use if USB charging is your only option.

5. NON-UPDATED DEVICES

Approximately 40% of Android devices are running outdated operating systems that no longer get vital security updates.

When your mobile device is not kept updated, then it’s easier for a hacker to use an exploit that takes advantage of a code vulnerability in the OS or one of the installed apps.

Many companies aren’t paying attention to how many employees’ work devices are running current operating systems, which puts their networks at higher risk of a breach.

You should ensure that all your apps and your OS are kept updated because many of these updates include critical security patches.

ASK US ABOUT MOBILE DEVICE SECURITY SOLUTIONS

With mobile devices handling so much of the computing workload these days, it’s vital they’re properly protected. Contact us to discuss mobile security and management solutions.

 

Article used with permission from The Technology Press.