Crazy for Crypto? Don’t Get Burned Like Me!

Like many others, I was curious about the cryptocurrency craze. I wanted to know more about Bitcoin and how to invest in it, but I didn’t know where to turn.

Crypto Currency

Last year, one of my family members made over USD 200K off a Bitcoin investment. Plus, a friend of his made over USD 900K in the same time frame trading Bitcoin and new cryptocurrencies. When I asked them what their secret was, they said, “dumb luck”. Bitcoin took its largest jump just a few weeks after they bought it, and they were both smart enough to grab their money and get out.

Unfortunately, investing in any cryptocurrency is just like gambling. Be wary of investing money you can’t afford to lose. And this is especially true if you buy it with credit cards. Many banks in Canada and the US won’t honour cryptocurrency credit card purchases. Canadians who want to use their TD Bank credit cards to purchase cryptocurrency are out of luck. Toronto Dominion Bank just announced that they would no longer allow this. In the US, Capitol One blocked their customers from using their credit cards to buy Bitcoin. Citigroup and Bank of America still allow purchases, but they are revisiting their policies, so this might not last.

If you want to buy cryptocurrencies like Bitcoin, Ethereum, Litecoin, and others, do your homework. If the bank that issued your credit card won’t verify your purchase, the transaction won’t go through.

Why Are Banks Prohibiting Cryptocurrency Credit Card Purchases?

According to the Wall Street Journal, 18% of Bitcoin purchases are made with credit cards. Of these, 22% don’t pay off their statements. They often wait until the price of the cryptocurrency rises and say they’ll use this profit to pay off their debt. Banks worry that people will purchase more than they can pay back and that if the value of the cryptocurrency drops, they won’t have enough money to cover their credit card debt.

Credit Cards and Exchanges That You Can Try

If you decide to make a purchase, Coinbase, a widely used currency exchange accepts Visa and MasterCard for a 3.99% fee. Bitstamp and CEX IO do as well. If you want to use an American Express card, try going to Coinmama (however they charge a 5% transaction fee). You should also know that American Express limits cryptocurrency purchases to $200 a day, and $1,000 a month.

Investing Is Like a Ride on a Rollercoaster

Bitcoin’s value has increased over 300 percent since the start of 2017. In the middle of December 2017, it was valued at over USD 19K per coin. However, just a few days after it peaked, it dropped below USD 14K. Today (3 months later) it’s down to USD 10,670. If you bought at the top, you’re hurting today. Welcome to the world of crypto volatility.

Purchasing any cryptocurrency comes with risks. Many have made a lot of money, and many have lost a lot of money. When considering a purchase, only invest money you can afford to lose.

I must admit that after my relative made so much money on Bitcoin that I decided to invest a small amount myself. My husband advised against it (he trains executive bankers in negotiation strategies and is on the faculty of two renown US banking schools). But, I didn’t listen, and as it turns out, I wasn’t as lucky as my family member. To this day, I’m still waiting to recoup my losses. Who knows how long I’ll need to wait, or if I’ll ever get this money back. Don’t get burned like I did.

The “Wild West” of Cryptocurrency Investing

Bill Gates gives us his “two cents” on cryptocurrency investing:

The main feature of cryptocurrencies is their anonymity. I don’t think this is a good thing. The Government’s ability to find money laundering and tax evasion and terrorist funding is a good thing. Right now, cryptocurrencies are used for buying fentanyl and other drugs, so it is a rare technology that has caused deaths in a fairly direct way. I think the speculative wave around ICOs and cryptocurrencies is super risky for those who go long.

He believes that these markets will eventually be shut down. However, he did reveal that his daughter invested in Bitcoin.

Now, entire governments like China and South Korea are prohibiting cryptocurrency trading. South Korea bans foreigners and minors from trading. According to Kang Young-soo of the Financial Services Commission cryptocurrency response team:

The government is concerned about manipulation of market conditions and injection of illegal funds while market funds are leaked into speculative investments. We view that foreigners’ and minors’ investments contribute to our areas of concern.

Much of South Korean’s concern stems from the fact that Chinese investors have flooded their cryptocurrency market since China banned cryptocurrency trading. The digital coins from China enter Korean exchanges where they are illegally changed into foreign currencies and sent back to China.

This hasn’t stopped Chinese investors from trading in cryptocurrencies. Hundreds of millions of dollars were raised in the banned Initial Coin Offering (ICO) market. It seems Chinese investors are buying cryptocurrencies in offshore accounts and investing them in start-ups. They do this to bypass the rigorously regulated capital-raising process required by venture capitalists or banks. Over USD 3.2 billion was raised via ICOs in 2017.

The good news is that the ICO industry is working to develop standards for a compliant framework for their projects like the SAFT (Simple Agreement for Future Tokens) to help navigate US laws.

Canadians Mining Bitcoin?

Even though the Canadian banks are trying to shut down bitcoin trading (at least via credit cards), Canada is quickly becoming a powerhouse for Bitcoin mining. Several regions across the country such as Quebec, Manitoba, and British Columbia have all seen an increase in attention from Bitcoin mining firms. This is the infrastructure of Bitcoin. Miners use computing power to identify a sequence of data called a “block.” But it’s relatively useless until they use a Bitcoin hash algorithm (a converter) to match a block, where they then receive a particular number of bitcoins. The Bitcoin hash that’s created is stored with the block at the end of the blockchain where it validates the block and the transaction.

Cryptocurrency Funds

According to an article in Forbes Magazine, ICOs may be cooling down, but cryptocurrencies are here to stay. Worries about China’s banning of trading has put a damper on the ICO market. But this isn’t keeping the blockchain and crypto community at bay. There are other ways to make money on cryptocurrencies – funds for example. Coinbase recently launched an index fund for digital currencies. Ameritrade and other trading sites offer cryptocurrency funds like GBTC (Bitcoin Investment Trust).

Be Smart. Be Wary.

The cryptocurrency and ICO markets have grown rapidly and are constantly changing. They comprise local, national and international products and participants. Before you invest, the U.S. Securities and Exchange Commission suggests you ask these questions:

  • Is the product legal? Is it subject to regulation, including rules designed to protect investors? Does the product comply with those rules?
  • Is the offering legal? Are those offering the product licensed to do so?
  • Are the trading markets fair? Can prices on those markets be manipulated? Can I sell when I want to?
  • Are there substantial risks of theft or loss, including from hacking?

In Conclusion

Don’t be like me and get burned by the Crypto Craze. Do your research first and take a deep breath before “jumping into the trading pool”. As you can see, it “ebbs and flows” from many underlying currents.

Microsoft Is Calling Every Single User For Feedback

Are you an expert at using Microsoft products? Microsoft wants to hear from you — and wants to make your feedback part of an update — but first, they need to know what you think. How can they find out?

Microsoft Feedback

How often do you use a Microsoft product? Are you a daily Microsoft Word user? Is your primary email client Microsoft Outlook? What about SharePoint? The list goes on (Teams, Flow, you get the idea). And those are just the software products! Maybe you have a Surface Book, too? Or a Surface Book 2?!

One of the great things about Microsoft is they love user feedback. Software updates are often based entirely on suggestions from users on what features they’d like to see, what improvements can be made, and how to make daily use easier for users in general. The main goal is to increase efficiency with the Microsoft product while increasing productivity at the end user perspective. This is a win-win-(win). That last “win” was in parentheses because it’s silent – Microsoft sees increased dependence and therefore long-term customer loyalty, which translates into an ongoing revenue stream. That’s understandable.

What’s often less clear is how Microsoft tries to collect user feedback. No, they don’t really call users at home. Well, actually, they might – but in this case, the most effective way to communicate a suggested feature is through the Microsoft Excel Community, a forum of over 16,000 members in which to communicate about all things Microsoft Excel. If you’re in search of a feature, this is the place to peruse. Formula got you flummoxed? Need help with a pesky pivot table? Is a macro making you crazy? You’re most likely to find your answers here. The best part is that this community has super users, and we don’t mean users who wear capes. One such super user has over 400 posts, and these users can be found under “Experts” – a clear indicator they know what they’re talking about in Microsoft Excel!

There is also an active Blog, where Microsoft posts content about Excel. Content ranges from posts aimed at beginners, like how to use general features for newbies, to content focusing on new features released to satisfy the needs of super users (“experts”). These Blog posts are great for deeper insights and step-by-step instructional processes, but the forums are the better space for finding tips and suggestions for specific needs.

Microsoft loves to hear from users about what’s working and what can be improved and encourages engagement through a custom portal on their Community page. Roughly halfway down this page, on the right-hand side, users will see a vivid green box — the green will be instantly recognizable as “Excel” green — with “Submit your ideas”. Clicking on this will open a dialogue menu for users to submit as a digital version of a suggestion box.

Trust us when we say, Microsoft listens. This is their way around getting you on the phone for a personal interview. Recent updates have been made that actually result from feedback in this manner. Users can submit ideas, and other users can “vote up” suggestions. The recent features that have been added to Microsoft Excel have gotten anywhere between 200 to over 1,000 votes from users supporting the suggestion. This is one of the most effective ways to communicate directly with Microsoft – because they’re watching this forum closely.

Stalker Level: Microsoft

Based on user feedback, Microsoft recently updated Excel to include features expanding the use of foreign languages. Before the update, users would attempt to import a CSV file that included text strips that did not contain traditional Latin characters, like Arabic. Users would then get an error message that this information would be lost in the text encoding process upon opening the file. Users affected by situations like this need no longer worry as CSV UTF-8 file formatting is now permitted.

  • This error dialogue used to pop up all the time in situations like this, no matter how many times a user followed the same process. Excel now allows you to select “Don’t Show Again” to disable this warning for the same user. But even if a user only accidentally clicks the “Don’t Show Again” option, this can be toggled on again. Microsoft is trying to allow users to cater their Excel experience to their custom preferences, and it’s starting to show.

Another feature that came into existence through user feedback via the Community is the improved pivot table experience. Users can now alter pivot table settings and then establish these as the default settings for pivot tables at the user level. No more re-formatting pivot tables with each file! Users can even create a pivot table in a new worksheet and import the settings from the existing table data, to save time. Microsoft realized how big of a time saver this would be, and jumped at the opportunity to satisfy a huge community user base with this update.

A cool feature Microsoft just released for Excel Online is an improved search experience. Remember when you would open the “Find” dialogue box, enter your search parameter, and then Excel would show you the next location? And then to find the next location, you had to repeat the process? Well – good news! The search window no longer disappears with each search query. BONUS: users can search within the pivot experience, as well! These filters work on Excel Online just like in the desktop version.

When Microsoft makes an update to any of their products, the goal is to improve efficiency and productivity, as already stated. That’s why they began including the Quick Access icons in the toolbar at the top of the application window several versions of Microsoft Office ago.

  • Did you know the Quick Access toolbar is customizable? Users can change the icons that live in this section, at the very top of the document window. This is where your magical “undo” button is, by default. If you select the drop-down arrow just to the right of the last icon, there is a short list of actions you can include, and an option for “More” under these. Imagine the possibilities!

Microsoft also likes to share lesser-known features with users to make sure they are getting the most out of their Microsoft products. One of their recently-highlighted features was the Document Location Information, where users can toggle on the ability to see the full address for the location of a file, should the user need to access the file, perhaps for sharing.

  • One cool workaround for file sharing is that you can click on the icon next to the file name at the very top of the window on the desktop version and use a drag-and-drop feature this way to attach a file to an email or to cloud storage platforms.

Visit the Community to check out all the top features that are packed into Microsoft Excel to see how to simplify your day-to-day tasks, automate reporting processes, and improve overall efficiency. And remember – if you think of something else, tell Microsoft. You never know, the next Microsoft Excel feature that gets announced may be your suggestion!

How Much Is Your Life Worth?

With cybersecurity efforts increasing and becoming more sophisticated in approach, cybercriminals are resorting to extreme tactics. What measures can you take to protect yourself and your identity?

Healthcare Technology

Healthcare is a hot topic these days. Costs are skyrocketing, and fewer skilled workers are entering the medical profession. There are often more questions than answers to any health situation. Time can be critical and limited to successfully diagnose a patient and begin treatment, and the care process is expedited with increased risks from this hurrying.

To get a clear picture of the patient as a whole, medical professionals ask for a full patient history before treatment, including vaccinations, surgeries, allergies, and other pertinent details for the current situation. This is all incredibly helpful for both the patient and the provider. Doctors rely on transparency and communication to diagnose and treat.

All of this information is stored in a patient “chart”. The word “chart” is not as applicable today as it was 20 years ago, when folders or binders with prongs and dividers, etc., held paper copies of test results, physician notes, reports, and anything related to a patient’s health, as well as medical history forms and basic information forms filled out by the patient with personal information like full name, address, and contact details.

A recent trend, begun in the last decade, is the conversion of this data to electronic records. The brilliance of this transition is the ability for a provider to access a patient’s medical records and information from any location – especially in case of an emergency. Gone are the days when a doctor will need to request a patient’s chart from another provider to aid in making a diagnosis and care action plan, possibly delaying treatment for a week or more. The ability to access electronic health records gives care providers a wealth of patient records at their fingertips for more accurate diagnoses and treatment plans and expediting care.

As with anything digitally maintained and transmitted, security is a concern. The healthcare industry seems always to be playing catch-up since its very nature is reactive. Preventive medicine is the ultimate goal, but predicting illnesses like sinus infections or the flu is a near-insurmountable challenge. Patients can minimize the likelihood of symptoms and risks with daily multivitamins, a balanced diet, moderate exercise, and maintaining optimal conditions, like taking an antihistamine for allergies in the case of preventing a sinus infection. Preventing the flu comes down to environmental factors, like ample hand washing and clean surroundings – and, of course, getting your vaccination (the “flu shot”) each year.

Healthcare technology has focused on advancements in diagnosis and treatment rather than recordkeeping and billing, and as such the industry lags behind others, like banking, retail, and entertainment. Unfortunately, the combination of struggling technology and personally identifiable information (PII) speaks to a weakness in cybersecurity. It’s vulnerabilities like these that cybercriminals — hackers — seek to exploit for personal gain.

Why would hackers target medical offices or hospitals for health records? For the same reasons, hackers target any cybersecurity vulnerability: to exploit a weakness for personal gain. Stop and think for just a moment what your health records contain. Aside from your home address, forms likely include your employer, your social security number, the names and details of your family members, and very personal information that someone else could use to completely duplicate your life for illicit purposes.

Have you ever had your credit card used for a fraudulent transaction? Have you ever had your bank account compromised? Have you ever been notified that your personal information was affected by a security breach? These are all fundamental elements of identity theft, but in each situation, there is a credible party whose responsibility it was to protect you and your information with a security guarantee. Think back to what we said about healthcare technology. If security breaches can happen to financial institutions, where maximum cybersecurity protocols are deemed essential for day-to-day operations, it’s scary to think of healthcare data being electronically stored. You can change your bank, and a credit card company can re-issue you a card with a new number to protect your account, but you can’t exactly just change your medical records. It’s a scary thought.

One major issue causing the healthcare industry to lag when it comes to cybersecurity is that professionals in the medical field are focused on technology primarily as it relates to healthcare. Those in charge of records and billing tend to have representation in smaller numbers than doctors, nurses, and others that provide patient care – since the purpose of their profession is patient-centric. The industry has yet to fully carve out a niche for top IT talent, much less define their role. The added complication is that healthcare professionals by their very nature must share information with each other about patients to serve in the patients’ best interest. Comparing this to financial institutions isn’t an apples-to-apples comparison since banks keep information securely buttoned up, leaving healthcare IT professionals to explore completely new territory and make up the rules as they go along.

So, what is your life worth to hackers? Did you know your health information can be used to fraudulently obtain prescriptions that are then sold on the black market at a significant profit? The inherent value of this type of information is much higher than the value of a single credit card number with accompanying information. Some reports say that the value of a patient’s health record is exponentially higher than the value of an active and usable credit card number, and this number can’t be truly measured financially until we know more about how the information is used – and isn’t something we hope to be able to determine.

The cost impact of cybersecurity breaches grows each year, and new players are targets due to their lack of experience. The newness of electronic health records compared to the established processes of other tech players translates into confusion and communication challenges and a resistance to change – a “deadly” combination for the life of a patient. Medical professionals are open to change when it comes to the medical field, but much of the processes for patient data and payments haven’t changed in decades. Dated networks and systems are one hurdle; economic considerations and budget allocations are another. The financial impact of simultaneous updates for staffing and systems, and the confusion by the many changes potentially occurring together only add to the complications. Are you picturing a medical office with all the nurses and staff bumping into each other, running into walls, dropping instruments, and just chaos in general? That is a bit extreme – but you get the idea. Now imagine if a hacker suddenly blocks access to all of these medical records until a fee is paid to release the records – a cyber attack with ransomware. Not a huge deal if someone needs treatment for that sinus infection or a flu shot, but imagine if this impacts a dialysis treatment for failing kidneys, or chemotherapy treatment for cancer, or worse.

All of this reinforces the need for the healthcare industry to get up to speed – now. What can you do to bring your practice up to speed? Take the first step today!

Problems with Two-Factor Authentication in Office 365?

We noticed that some people are having problems using Microsoft Office 365 with two-factor authentication (2FA) (also known as multi-factor authentication).

Office 365 Two Factor Authentication

 

We have a few tips for you here.

First: It’s important to know that when your admin sets up 2FA for your Office 365 users, they must enable Modern Authentication (MA) for Exchange Online if users are accessing Exchange using Outlook 2016. (The versions of Microsoft Outlook before 2013 don’t support Modern Authentication.)  For details on how to enable MA for Exchange Online tenants, see Enable Modern Authentication in Exchange Online.

Second: You shouldn’t have any problem using 2FA with Microsoft’s mobile Office apps, Outlook Groups, Office 2016 desktop apps, and OneDrive for Business in Windows 10. However, other applications may be incompatible, so make sure you test all the apps in your organization before enabling 2FA.

How to Connect to Office 365 Security & Compliance Center PowerShell Using 2FA.

If you set up 2FA for tenant administrator accounts, they can’t sign in to Office 365 using PowerShell. Instead, you must set up a specialized account for administrators. To do this, you must install the Exchange Online Remote PowerShell Module and use the Connect-IPPSSession cmdlet to connect to Security & Compliance Center PowerShell.

Important note from Microsoft: You can’t use the Exchange Online Remote PowerShell Module to connect to Exchange Online PowerShell and Security & Compliance Center PowerShell in the same session (window). You need to use separate sessions of the Exchange Online Remote PowerShell Module.

This is what Microsoft recommends you do:

  1. Open the Exchange admin center (EAC) for your Exchange Online. See Exchange admin center in Exchange Online.
  2. In the EAC, go to HybridSetup and click the appropriate Configure button to download the Exchange Online Remote PowerShell Module for multi-factor authentication.
  3. In the Application Install window that opens, click Install.

Windows Remote Management (WinRM) on your computer should allow authentication by default. If basic authentication is disabled, you’ll get an error message. Now you should be able to sign into the Security & Compliance Center PowerShell by using 2FA.

After you sign in, the Security & Compliance Center cmdlets will be imported into your Exchange Online Remote PowerShell Module session and tracked by a progress bar. If you don’t receive any errors, you’ve done this successfully.

If not, and you receive errors, check the following requirements:

  • Limit your open remote PowerShell connections to three. This prevents denial-of-service (DoS) attacks.
  • Make sure the account you connect to the Security & Compliance Center is enabled for remote PowerShell. For more information, see Enable or disable access to Exchange Online PowerShell.
  • The TCP port 80 traffic must be open between your local computer and Office 365. It may not be if your organization has a restrictive Internet access policy.

How to Enable 2FA in the Office 365 Admin Portal

Two-factor authentication (multi-factor authentication) can be enabled for individual users or in bulk. Before continuing, be sure to install Microsoft Authenticator on your user’s mobile devices, (not Authenticator, a similar app from Microsoft but without support for push notifications).  Here’s what Microsoft says to do to enable 2FA one user at a time:

  • Log in to the Office 365 admin portal using an administrator account.
  • In the menu on the left of the portal, expand Users and Active users.
  • In the list of users, click the user for which you want to enable 2FA. Note that only licensed users can use 2FA.
  • In the user’s pane, click Manage multi-factor authentication under More settings.
  • On the multi-factor authentication screen, select the user account to enable, and then click Enable under quick steps on the right.
  • In the About enabling multi-factor auth dialog box, click enable multi-factor auth.

The MULTI-FACTOR AUTH STATUS should change to Enabled. Close the browser window and sign out of the admin portal.  

How to Enroll an Account for 2FA

Once the feature is enabled, the user must now enroll for 2FA, and sign into Office 365 with their username and password, and then click Set it up now on the sign in screen and follow Microsoft’s instructions below:

  • On the Additional security verification screen, select Mobile app
  • Select Receive notifications for verification
  • Click Set up
  • Open the Microsoft Authenticator app on your phone and click Scan Barcode.
  • Use the camera on your phone to scan the barcode in the Configure mobile app You’ll then need to wait a couple of seconds while the app activates the new account.
  • Click Finished in the browser window.
  • Back on the Additional security verification screen, click Contact me.

The user will receive a notification on their phone. They should open it, and they’ll be taken to the Microsoft Authenticator app.

  • Click Verify to complete the sign-in process.
  • Click Close in the Microsoft Authentication app.
  • In the browser window, they must enter a number to receive verification codes in case they lose access to the Microsoft Authenticator app and click Next.

Web-based and mobile apps can use Microsoft Authenticator app verifications for 2FA logins, but Office desktop apps require an app password.

This final step provides the user with an app password for these apps.

  • They should copy the app password by clicking the copy icon to the right of the password and paste it somewhere safe. Click Finished.
  • They’ll be prompted to sign in again, this time by verifying the login using the Microsoft Authenticator app.

Important note from Microsoft:  If you want to use only Multi-Factor Authentication for Office 365, don’t create a Multi-Factor Authentication provider in the Azure Management Portal and link it to a directory. Doing so will take you from Multi-Factor Authentication for Office 365 to the paid version of Multi-Factor Authentication.

We hope this helps. It can be complicated to implement the proper settings for two-factor authentication in Microsoft Office 365.  If you have any problems doing this, feel free to contact our Microsoft Experts.

Are You Playing The Internet’s Latest Game Of Cops And Robbers?

Make no mistake – if you show the slightest bit of weakness around a bully, they will pounce. The Internet is no different, with hackers just waiting for a cybersecurity vulnerability to seize their opportunity.

Internet Crime

 The latest form of cyberterrorism to take root and have explosive growth is incredibly dangerous. Forget about Trojan horse viruses and identity theft — well, not really, those are still a threat — but the hot topic today is cryptocurrency mining. This phrase is used in reports and articles all over the Internet, but what it means can vary.

  • Cryptocurrency is an alternative currency in a digital format that is uncontrolled by a financial authority where the authority determines the supply and value. The most widely-known type of cryptocurrency is bitcoin. The decentralized nature of cryptocurrencies is what makes them so appealing to cybercriminals, but also what makes the industry minimally regulated.

Have you ever had a virus on your computer or smartphone? We know that pain. They range from annoying to debilitating and are time-consuming to eradicate. What’s worse is when we connect our smartphones via charging cable to a computer, and we allow access to our smartphone, we run the risk of inadvertently allowing the virus to transfer. Can we ever win?

  • In 2017, a version of malware for cryptocurrency mining targeting Android devices was discovered and proved its effectiveness of physically damage a mobile device.

Why are we talking about cryptocurrencies and viruses at the same time? Because you’d be amazed at what lengths cybercriminals — hackers — will go to accomplish their goal. Have you ever heard of ransomware? It’s a type of malicious software, “malware”, and sometimes more advanced malware is involved where the victim’s files are encrypted using code deployed by the hacker, called cryptoviral extortion. These all function the same as a basic virus, where an executable program is planted on a user’s computer with the intention of restricting user access in some way. With ransomware, to remove this restriction and regain access, the user is prompted to pay whatever fee the hacker demands — their “ransom” — otherwise the user’s data is blocked entirely and permanently. This type of extortion is being used more commonly in cryptocurrency mining.

  • Cryptocurrency mining uses specialized software programs to automate the process of solving complex math problems in exchange for a small amount of cryptocurrency.

How is this possible? We mentioned that the beauty of cryptocurrency mining is in automation. A cybercriminal gains access to a computer — without the knowledge or permission of the computer’s owner — and installs the software that runs the mining file(s). Has this ever happened to you? But…would you even realize it?

How do cybercriminals access a computer to fulfill their devious plan? Through dark and devious means in a dimly-lit basement at a desk filled with candy wrappers and empty cans of energy drinks? This isn’t a Hollywood film – it’s much more likely the cybercriminal is at a coffee shop or somewhere benign. They could be next door, across town, or around the globe from the computer that they’re hacking. While proximity isn’t meaningless, it’s far less necessary than it once was. The Internet has made consumers that much more vulnerable, and that much more valuable to a hacker. The sad reality is that the devices most consumers use to access the Internet — either wireless routers or networks lacking sophisticated means of protection — are the most common culprit. Most consumers don’t realize how important it is to established layered levels of cybersecurity protection at their home, nor do they understand how to go about protecting themselves adequately. This is something best left to the experts – especially if you need to establish this protection in your office, and it’s your business!

Still wondering why a hacker targets a personal computer for cryptocurrency mining? The answer is money. We can look at this from a few different perspectives.

  • Using someone else’s computer, a hacker doesn’t need to worry about overhead, like:
    • Reliable power and resulting power bill.
    • The purchase and maintenance of the expensive hardware needed to process the thousands of complex problems that generate the cryptocurrency, though fractional portions with each solution.
  • Hacking into many computers offers the chance to increase the amount of cryptocurrency generated in the same time frame from multiple sources.
    • When one option is eliminated, another option replaces it quickly, so a hacker avoids “downtime”.
  • The goal of any hacker varies, but when it comes to cryptocurrency mining, the goal is to make money. The next step in a natural progressing — one born of greed — is to hold the hacked device hostage for ransom.

The terms “cyberterrorism” and “cyberespionage” are just fancy ways of redefining a hacking situation that is getting uglier each year. The more sophisticated any cybersecurity network is, personal or professional, the more sophisticated hackers need to become in response. Adversely, the more vulnerable a network is, the more attractive the victim is to a hacker, and the more expensive the situation the victim is likely to find themselves in – repeatedly.

The value of cryptocurrencies keeps increasing, as well. Bitcoin is valued around $9,000, meaning that the cost to buy one Bitcoin is $9,000. A newer cryptocurrency, Monero, has increased exponentially in its first year. The value of Monero is lower than that of Bitcoin, closer to $250, but its newness also makes it more discreet. There is also value in mining early. Consider the price of an ounce of gold; the weight does not change, but the value of an ounce does, so buying one ounce for $500 and keeping that ounce until the value of an ounce reaches $1,000 gives a greater return on investment It’s ironic to be reading about legal investments in the same spot as cryptoviral extortion – but it helps law-abiding citizens understand the mindset of the cybercriminal. More importantly, the process to mine these isn’t the point: where there is money to be made by little effort, those with a serious lack of ethics seize the moment. Cybercriminals are evolving with cryptocurrency paradigm shifts, including fileless miners.

  • Fileless cryptocurrency-mining malware is a newer mining method and involves deploying code into the victim’s system memory. This code is what activates the computer’s mining processes.

Yes, cybercriminals can now use wireless networks to access your computer and use your computer to mine cryptocurrencies without files. If a hacker can take over your computer entirely and require you to pay them real money to get your computer — and everything on that computer — back, how can you protect yourself?

Cybersecurity and protecting yourself isn’t just a case of setting a “really strong” password anymore. Some programs and platforms encourage — or even require — two-step verification processes for each login. The greatest advantage you can give yourself is teaming with the best cybersecurity partner and making all staff members aware of the risks. Let your trusted partner do what they do best — cybersecurity — and you can focus on what you do best: running your day-to-day operations.

Hiring an IT Company? Make Sure You Ask These 25 Essential Questions!

Selecting a company to maintain your technology is one of the most important decisions you can make for your business. You must find the most competent and reliable IT support provider in your area.

Hiring an IT Company

How do you know if the IT company you’re considering is right for your business?

Some technology companies call themselves the best, but they haven’t kept up their certifications. This is important because the latest certifications validate the skills that their techs learned in their training. With all the cyber threats and new IT solutions today, it’s critical that your IT provider is up to date on their skills.

Don’t just pick a company off the Internet because they’re the closest one to you. Do your research to find out if they are truly qualified to protect your data and meet your organization’s unique IT needs.

The following are some key questions that you should ask any IT provider you’re considering for your business.

  • What are your staff’s qualifications and certifications?
    The right IT company should be able to provide you with information regarding the certifications held by their staff and relay how these will meet your needs.
  • How long have you been providing technology services? They should have a minimum of three years of experience in the service, support, and solutions you require.
  • What Partner Certifications and Technical Specialties do you hold? Ask, for example, if they are certified on Apple devices and Microsoft solutions. Also, ask if they can provide you the latest hardware and software products at the best price.
  • Do you require continuous training of your IT techs? This is the only way to ensure technicians have the most recent certifications.
  • What industries have you worked in?
    Find out if they’ve worked in industries similar to yours. If not, determine if the work they’ve performed for others aligns with your needs.
  • How well do you understand the business applications we use?
    Your business may have specially-built applications to handle needed workflows. Your IT provider should understand how your business technology works and be able to support it.
  • How large is your IT company?
    If they are a small company, you’re more likely to be high on their priority list. However, larger IT companies typically offer a broad knowledge base and capabilities. Plus, their available resources may be more expansive. You must weigh the benefits of each and decide which is best for your business.
  • What kind of customer service can we expect? Do they offer 24/7 service with a live person on the other end of your call, chat or email? Is their help desk staff qualified to address your issues immediately?  If they can’t resolve your problems over the phone or online, how long will it take for a tech to visit your business?
  • Is your onsite service response time backed by a written Service Level Agreement (SLA)? A certified, professional IT company will put what they offer in writing. They should offer managed services with service-level guarantees. What is their “on-time” guarantee? Their SLA should include this as well as information about how you’ll be compensated if they continually show up late, or if they don’t meet the standards detailed in the SLA.
  • What is and isn’t covered by your service contract?In addition to what they do provide, find out what they don’t.  Do they provide fixed-fee services? Are there extra costs, and if so, what are they? Avoid using IT companies that are only interested in fixing what breaks and selling you equipment.  You deserve an IT partner who will work diligently to give you and your employees an IT infrastructure that is secure, reliable, and enhances productivity.
  • Do you offer outsourced CIO Services? Having an Outsourced CIO means your technology will meet your business needs now and into the future. Their CIO should be able to:
  • Develop an understanding of your business and technology infrastructure.
  • Provide recommendations for IT solutions that will promote your success and grow with your business.
  • Construct a Strategic Plan that aligns with your budget.
  • Conduct ongoing evaluations and provide IT performance metrics on a monthly basis.
  • Will you monitor our IT system around the clock? This prevents downtime because they will detect problems early before anything fails.
  • What security services do you offer? How will you protect my interests?Cybercrime is on the rise, and your data must be safeguarded. They must provide up-to-date cybersecurity solutions to protect your computers and network from unauthorized access, malware, phishing, viruses and other forms of cybercrime.
  • Can you monitor our network for cyber intrusions and threats? With all the security incidents today, 24/7 security monitoring is essential.
  • Do you provide Mobile Device Management? When you or your employees use your laptops, tablets or smartphones for business outside of your workplace, they are vulnerable to theft and malware from public Wi-Fi and more. You need the assurance that your data can be remotely wiped from any device if necessary.
  • Do you perform Risk Analyses and Vulnerability Assessments? Your business may require this to stay compliant with government or industry regulations. Plus, this will detect any “holes” in your computer and network security that hackers can take advantage of.
  • Do you provide Backup and Recovery Solutions? You need both an onsite removable backup solution and an offsite one (in the Cloud) to ensure you will have access to your data if it’s stolen, corrupted, accidentally deleted, or damaged due to a flood, fire or another emergency.
  • What’s included in your Disaster Recovery Plan?
    This is extremely important. Be sure to ask about site visits and audits to estimate the recovery time and the impact of a potential failure. Do they have a reliable process in place? How often do they test the disaster recovery plan? Is their staff knowledgeable and ready to react under the worst possible conditions? Also, make sure they can regularly provide the results of disaster recovery tests.
  • Will you provide ongoing Security Awareness Training for our employees? Cybercriminals are constantly developing new techniques to trick your users into downloading malware or releasing confidential information and credentials. It’s critical to conduct recurring and updated security training to ensure your employees recognize these threats and know what to do to prevent exposing your data.
  • Will your IT professionals communicate with our staff in “plain English?” They should be able to relay information in a way you and your employees can comprehend.
  • How do you stay informed about evolving technologies? Do they attend industry events to update their skillsets?
  • Will you migrate us to the Cloud and help us understand how to use cloud solutions? Make sure your IT provider can help you and your employees understand the Cloud, it’s benefits and risks. They should be able to help you find the right cloud services for your unique business needs.
  • Can you offer us different types of cloud solutions? Do they provide:
    • A Public Cloud, so you can securely share space with other clients?
    • A Private Cloud that is dedicated only to your use?
    • A Hybrid Cloud which is a combination of a private and public cloud?
  • How much will cloud migration cost? Migrating your workflows and data to the cloud can provide many benefits, including cost savings, and increased productivity. However, you should ask how much cloud migration will cost, including associated expenses such as maintenance and support.
  • Do you have any case studies or testimonials from existing clients that I can read? Can I contact them? Would you hire a new employee without checking their references? Of course not. So, you should do so with your IT provider. Contact some of their existing clients to find out what you need to know.

 

Will The (Cloud) Storage Wars Draw Blood?

Modern professional relationships require digital processes, like email, collaborative software, and file sharing. The cloud has opened up incredible possibilities beyond imagination a mere decade ago, but which is the right choice?

Cloud Storage

The competition is seriously fierce in cloud storage. The Internet of Things has fueled a data addiction for which traditional storage can’t physically support. We love our devices – I mean, we are straight-up addicted to our smartphones, our iPads, our Kindle Fire tablets, all of them. And there’s a reason we back up our smartphone content: we’d be absolutely lost if we lost it. Our contacts, our notes, our apps, our calendars, and everything we depend on for day-to-day use is on that tiny computer. Where do you back up your data? It’s probably safe to assume there is a cloud location you connect to that saves your backed-up data. It’s safe to assume because we would overwhelm traditional storage options.

Traditional storage hasn’t been able to meet expectations and needs for performance, availability, management, or the cost impact in comparison to growing demand. Everyone has an opinion on who their favorite cloud storage solution is, and it’s usually one of the Big Three players in the cloud game: Dropbox, OneDrive, or Google Drive – and not in that order.

Technically speaking, the first cloud storage solutions launched well before today’s modern providers. Consumers had access in the early 1980’s through CompuServe, and AT&T launched a platform in the 1990’s to support small business solutions. Amazon Web Services introduced AWS S3, their cloud storage offering, in 2006 and functions as the storage provider for Dropbox, Pinterest, and many other large digital enterprises. The only thing that has changed is file size, file type – but mainly adoption.

Cloud storage is increasing in adoption for every professional environment – and is the only solution for distributed workforces! Managing resources for storage needs to be agile, and limited solutions also limit agility. The cloud is merely an accessible extension of your data storage center. Review your full data storage needs, and consider the advantages the cloud offers your business and daily operations.

When reviewing your cloud storage priorities, there are many issues that deserve a deeper consideration. Here is the “Top Ten” List we suggest using as a checklist, and in no particular order:

  • Cost
    • The financial impact of cloud storage is usually the first factor any business considers, but we disagree with this position. While your bottom line is critical to your overall operational budget, there is a multitude of factors that could have a greater impact on your day-to-day needs.
    • It’s surprising just how many decision-makers are surprised – and unprepared for – the expenses required to utilize cloud providers.
  • Sync Simplicity
    • If storing or backing up your data to a cloud solution is cumbersome, the likelihood of full adoption by your staff – and your clients, if applicable – will be a struggle, and result in decreased productivity and decreased reliability. You don’t have time for that!
  • Sync Speed
    • Just as with simplicity, speed is a factor with the ability to sync data quickly. As with any downtime, no one can afford reduced productivity due to Internet connection issues, and it’s an even larger issue if it’s due to your cloud storage provider.
  • Location
    • As they say in real estate, “Location, location, location”! Anyone who thinks it doesn’t matter where your data is stored physically is wrong. Wrong! Though there are too many reasons this matters to list, here are just a few:
    • Data stored in the U.S. is both protected by and susceptible to U.S. laws, like the Patriot Act and the Cyber Intelligence Sharing and Protection Act. Data stored in – or containing the information of – European Union nations are subject to protection by legislation passed by European Parliament enacting strict consumer data protection rules.
    • Facilities that physically house servers for cloud storage providers are just as open to impacts of weather and natural disasters as any other structure in that locale – and accessing your data will be subject to these conditions.
    • Is the physical security of the location a concern under any other circumstances?
  • Reliability and Access
    • Is the vendor reliable? The key players in the cloud storage game tend to be the best for valid reasons, but appropriate considerations, in this case, would be hardware failures, power disruptions, or even vendor disputes. Crazier things have happened.
  • Storage Capacity
    • How much data do you anticipate storing in the cloud? This is like trying to choose your favorite song. The answer changes on a regular basis, and most of the time there is no one singular answer. Obviously, you’ll want to choose a provider that is capable of offering you more storage than you think you’ll ever need, but you also don’t want to pay for storage you’re not using nor will you ever. It’s a delicate balance, and many providers allow for variable usage.
  • File Sharing
    • How many times have you attached a document to an email message, and tried to send it only to get the dreaded error message “File exceeds the maximum size of 25MB. Try removing an attachment and send again”? You are then faced with trying to reduce the file size (Word document into a PDF, etc.) or uploading the file into a cloud solution like Dropbox, Google Drive, or OneNote, and sharing the access URL instead.
  • Application Integrations
    • The number one request made by anyone accessing cloud storage and utilizing an application is to offer an intuitive user experience. Statistics show half of all users that abandon a cloud app do so due to integration issues, citing missed deadlines.
  • Support
    • If any issues arise, it’s critical that users achieve the needed help immediately from an adequately trained member of support team equipped with the right knowledge to resolve the situation.
  • Data Security
    • The cloud and data stored in cloud environments face risks, just like any other professional endeavor. A cloud storage provider that can guarantee against cybersecurity vulnerability and takes the greatest care in safeguarding your data is an excellent vendor and partner.

We’ve talked about what you need – now let’s talk about who can help you. Here is a fantastic detailed resource when comparing many of the cloud vendors at once, but let’s talk about the Big Three. The key players in the Cloud Storage Wars are Dropbox, Google Drive, and OneNote – and any one of these providers would valiantly battle to the bloody end for your business! There is a reason that these three are the best in the biz: they’ve earned their reputation with quality service, support, and every other item in the checklist.

  • Dropbox
    • Offers a free basic storage plan (2GB)
    • Paid plans and features cater to business customers
  • Google Drive
    • Offers a free basic storage plan: clarification, Google users have 15GB of free cloud storage – shared between Gmail, Google Photos, and Google Drive. If you get a ton of emails and don’t clean out your inbox often, that eats up your 15GB
    • Paid plans and features cater to business customers
  • OneNote
    • Offers a free basic storage plan (5GB)
    • Paid plans and features cater to business customers: Here is where it truly pays to use OneNote and be an Office 365 customer, as the paid plans are included with Office 365 subscriptions, either Personal or Home.

The ability to sync, share files and speed are all a focus of these teams, and the competition is pretty ruthless. In fact, Dropbox and Microsoft have formed a partnership to allow easier integration by making Office Online available to Dropbox users at no cost. Keep your friends close, and your enemies closer!

So, which provider is right for you? Only you can make that decision. Armed with this information and reviewing our checklist will hopefully help you make the right choice!