Category: Uncategorized

If you have a child, and they have a mobile phone, their chances of identity theft are at a remarkably higher risk of being stolen, than most adults. But thanks to the new United States federal law, the Economic Growth, Regulatory Relief, and Consumer Protection Act, and according to a WYTV interview with David Stanley, Cyber Express manager, your loved one’s identity, just got a lot harder to steal.

(WYTV) Keeping Kids Safe: Protecting your kids from identity theft

Children are favorite targets for data thieves, and it’s a crime that can go undetected for years. As parents, we often, unknowingly help hackers snatch our kid’s information all from a simple post.

But, a new law is allowing parents to check and freeze their kids’ credit with the three major agencies for free. And it’s all thanks to a new federal law called The Economic Growth, Regulatory Relief, and Consumer Protection Act, which began September 21, 2018.

If you haven’t thought about checking your children’s credit lately, WYTV reporter Lindsey Watson talked to cyber experts about why you may want to reconsider.

It’s an alarming statistic according to Experian. One in four kid’s identities gets stolen before they become an adult. But what makes children such easy targets for data thieves? Parents are often helping hackers snatch their information all with a simple post on social media.

“They’re trying to gain as much information about the person, you know birth dates, name, date, and then they can kinda go back and figure it all out, and put it all together. It’s kinda what they do right now, they SOCIAL hack you,” said David Stanley, Cyber Express manager.

Stanley refers to it as Social Hacking. “It boils down to if you put out your kid’s name, how old he is, or her,” Stanley said. While Stanley says they haven’t seen a child’s identity stolen yet, it’s something parents need to be aware of before it’s too late.

“We can go forward with you, hand-and-hand and figure it out together. Hopefully, your son or daughter isn’t a victim, and if they are let’s figure it out, make sure that everything is fine, get everybody on an even keel and start over,” he said.

7 Cyber Express Child Identification Protection Checklist

In our very connected world, our children do not comprehend that there are individuals out there ready to take advantage of their innocence. Along with the above interview, we’ve put together a quick and easy checklist, that gives you seven more ways you can protect your children’s identity when they can’t.

1. Always remain cautious about what you disclose – More and more doctor’s offices, store rewards clubs, and schools are having us fill out electronic forms for our children. But it’s becoming too easy to accidentally give out our kid’s information, such as social security numbers, which if stolen, could take years to repair their credit.
2. Monitor what the school gives to third-party vendors – Whether you realize it or not, schools do release children’s information to their vendors. Five pieces of information commonly published are photos, home addresses, phone numbers, email addresses, and dates of birth. Contact your child’s school to learn if they have an opt-out process.
3. Be on the lookout for what your child gives away – With social media, online forums, and gaming groups, our children are too eager to say just about anything, to stay connected or keep up with the latest online trends. Unfortunately, identity thieves know just the right words to say, getting your loved one to share personal information.
4. Monitor your child’s finances monthly – Does your child have a bank account? College savings account? Or a trust fund? Once a month you get these account’s statements. Review them for any unusual activity, plus check with each financial institute, handling their accounts, and sign-up for mobile alerts.
5. Watch for warning signs you would not expect – Should you receive a pre-approved credit card offer, with your underaged child’s name on the envelope, that’s typically not a computer glitch. If you are getting bills or collection notices addressed to your child, that’s not a coincidence. Should you get, in the mail, notice from the IRS your little one owes back taxes, their ID got stolen.
6. Investigate to know if your children have a credit history you’re not aware of – Quite often, after some digging, an unsuspecting parent discovers, their child does indeed have a credit history. What is hard to believe is how that happened; when their minor child has never worked.
7. Credit History examination steps to take are easy:
   1. Call the three major credit reporting agencies and ask for a manual search of files or records associated with 1) your child’s social security number only and 2) your child’s name and social security number tied together.
   2. You’ll be asked to provide copies of their social security number and birth certificate.
   3. Consider having a credit freeze placed on your child’s account.
   4. Numbers or email to get in touch: Equifax: 800-525-6285 / Experian: 888-397-3742 / TransUnion: childidtheft@transunion.com

Recently considered outside the realm of possibility, artificial intelligence (AI) has become more commonplace in modern businesses. As technology evolves, applications and tools with these capabilities will continue to transform various industries, including the legal profession.

Although it may sound like science-fiction, many people are currently using AI and are not even aware of doing so. Artificial intelligence is any technology that enables a device to adapt and learn to perform similarly to how a human would. Examples include Allegra and Siri. To summarize, it collects information and uses algorithms and trends to solve problems quickly and accurately. The field of law is now integrating this technology into their everyday use.

How Is AI Being Used in the Legal Field?

There are several ways that it is already being used in the legal profession to supplement what attorneys and support staff-members do. For example, AI is able to help analyze contracts in bulk and individually, as well. A few of the popular software companies that offer AI for this purpose include the following:

• ABA Journal
• eBrevia
• Kira
• LawGeex
• LegalSifter

This allows partners to use their time and efforts on more advanced activities that require their specialized knowledge. Examples would be negotiating deals, advising clients, and arguing a case in court.

Three aspects that AI is expertly handling in the legal profession are descriptive analytics, predictive analytics, and prescriptive analytics.

What Is Descriptive Analytics?

Descriptive analytics (DSA) uses technology to mine large amounts of legal data, identify legal trends, and analyze behaviors that it then turns into workable insights. Advanced data visualization (an aspect of DSA) helps people identify insights, patterns, and trends that would be difficult to find with human-conducted text review alone. It turns complicated data into easy to understand charts and graphs. Additionally, it highlights factual information to cultivate strategies, assess possible case outcomes, and estimate case values and litigation costs.

What Is Predictive Analytics?

Predictive analytics (PA) uses data to provide insights into potential futures. There are several ways this can be beneficial. It allows law firms to gain a deeper understanding of how judges and juries might behave. By examining the profiles of judges, as well as their previous behavior in court, it is possible to predict how they might rule in specific cases. For example, the legal-tech startup, Judge Analytics, developed a platform that provides information on every judge in the U.S. This allows attorneys to develop the best strategies for their clients.

Additionally, clients often ask their counsel to predict the future. They ask questions like “Should I settle?” or “If we go to trial, will I win?”. With access to years of trial data and this type of AI, lawyers are better able to answer these types of questions.

What Is Prescriptive Analytics?

Prescriptive analytics (PSA) continually tracks outcomes of real-life decisions and incorporates them to sharpen its recommendations and offer actual advice. Intuitive interfaces and pervasive data collection is required to lower barriers to these powerful methods. Since they require ongoing access to evolving data to build and refine the results, they are constantly updating. As machine learning, natural language processing, and analytics technologies evolve, the dependence of law firms will continue to grow.

How Might AI Be Used in Law Offices of the Future?

As the future unfolds, the law school and overall lawyer training approach and curriculum will need to be changed. Legal education will become more all-inclusive. It will begin to emulate a business school education. Case studies, and active networking, and leadership training will likely be included. Although some schools have already included technology in their legal curriculum, a greater number of law students should become tech literate. Eventually—and ultimately—their ability to utilize legal software to analyze information may be just as important as their knowledge and understanding of the law.

In fact, it is anticipated that 100,000 legal roles will be automated by 2036. According to Legal Technology, law firms will reach a “tipping point” by 2020. It is now time for them to commit to becoming AI-ready. They should set aside the fear of the unknown and start developing an understanding of and capability for using technology. It is likely that innovation is the key to maintaining the legal profession’s relevance in this time of transformation.

In Conclusion

With its ability to automate monotonous and time-consuming work like contract or document review and research, AI can easily improve an office’s accuracy and efficiency. It can follow trends and make predictions over immense amounts of information that would be difficult for mortal minds to manage. Although it will not replace attorneys, finding the right combination of analytic tools will vastly alter the way they perform and deliver their services. Taking advantage of the technology available provides a competitive edge over more traditional firms. Choosing to do so may be the most important decision the leaders of legal departments will make in the near future.

In 2016, Uber suffered a data breach that exposed the personal information (names, email addresses, and phone numbers) of 57 million users. In the same breach, some 600,000 driver’s license numbers of Uber drivers were exposed.

So, What Was The Response?

The Federal government and state governments have laws protecting data privacy. Most of them require rapid reporting of data breaches to both the governments and the individuals whose data was exposed. Instead of following the laws, Uber decided to bury the bodies. With a careless indifference toward the rules and regulations that Uber has shown previously, the company got caught in a most unusual manner this time.

In this data breach, hackers first proved to Uber that they had stolen their data, then they demanded $100,000 not to reveal it. That’s a new twist for cyber-thieves.

How Did The Hackers Get The Data?

GitHub is a site where programmers and systems architects publish code and other information, both to store it privately and to show it off to others. The hackers got into the private side of Github and obtained user credentials of the Uber development team. Once they had those, they had free run of Uber’s systems.

What Did Uber Do?

Rather than reporting the breach as required, Uber’s Chief of Security paid the bounty of $100,000, got the hackers to sign a non-disclosure agreement, and disguised the $100,000 payout as a bug bounty on Uber’s internal records. The affected individuals were not contacted. The whole incident was covered up (hopefully).

Uber was already under investigation by the Federal Trade Commission (FTC) for failure to protect consumer information. In the course of that investigation, the 2016 hack was uncovered. The first settlement where Uber confessed to failing to protect customer and driver information was dated August 2017.

Then in November, Uber’s new CEO disclosed the massive breach. At that time, Uber had agreed to pay reparations to exposed individuals and various states to the tune of $148 million. One state attorney general called Uber’s behavior “Just inexcusable.”

Uber agreed to follow relevant laws in the future and hired outside counsel and an outside data firm to assess its security practices and safety measures. The results of those efforts have not been disclosed.

It was also learned that Uber paid the hackers to delete their copy of the data. That potentially violates a law that forbids companies from destroying any evidence in cases of cybercrime. Uber eventually fired their chief of security and several others.

It is the nature of the beast that Uber could not, in fact, confirm that the hackers had deleted every copy of the data. They could have, for example, made another copy and sold it on the Dark Web. Cyber Thieves are not known for their honesty. So, Uber’s efforts to conceal the breach and repair the damages may have been overshadowed from the start.

What Are The Lessons We Can All Learn From This?

Ever since the resignation of Richard Nixon in 1974, the phrase, “It’s not the crime, it’s the cover-up” has been well-known and understood.

The home décor and cooking guru Martha Stewart was convicted and imprisoned, not for a stock transaction that was, in fact, legal, but for lying to the FBI about it. Aside from their general legal and public relations futility, cover-ups usually do not succeed. Somebody leaks, or (as happened in this case), law enforcement stumbles across the cover-up while investigating something else.

When an incident like this happens, companies need to proceed on the assumption that the cover-up will be, at best, a temporary patch on a continuing problem.

What else can be learned from this?

Another lesson is that things that are supposed to remain private may not. The hackers were able to penetrate a supposedly private area of Github. In addition, the database they stole was on a third-party server, not one directly managed by Uber.

Even though the credentials stolen from GitHub were valid for the third-party server, had something like two-factor authentication been in place, the hackers would not have been able to access the server even though they had the proper credentials. There is more than enough blame to go around here. And, of course, the data on the third-party server was not encrypted.

Funding Hackers Is Not A Good Idea

In addition to everything else that was wrong in Uber’s response, the company wound up, in effect, rewarding the hackers with additional funding, enabling them to hack even more victims. Cybersecurity experts agree that funding hackers, no matter how desperate the situation seems, is never a good idea.

Uber’s response here can be compared to the similar reactions of Experian, a credit reporting agency, to a hack of its database that exposed the data of several hundred million users. First, it concealed the breach, then it denied it every happened, then Experian confessed that it did happen. Finally, they tried to monetize the breach by creating and advertising several “security” products to consumers.

Every move was deceptive and demonstrated just how little Experian cared about the privacy of its users. The lesson from Uber and Experian for the general business community is simple: “Don’t handle breaches the way we handled ours.”

Last year, Markets and Markets Research released a report that revealed that 50% of companies were considering the use of BYOD (bring your own device) policies. IT departments were tasked with developing a policy that allowed employees to use their personal devices without endangering the security, but things seem to have changed. More and more companies are moving toward company-owned devices – but why?

Costs

Most people think it would be cheaper for a company to have employees bring their own devices, but there are some hidden costs involved. One, of course, is the loss of productivity which we’ll discuss more in a moment. Given that BYOD devices can raise the probability of an organization suffering a cyber attack, there are also costs that can be traced directly to the fallout of a data breach. The potential cost of a data breach can easily be calculated using a tool like this one from IBM.

Productivity Issues

When employees bring their own smartphones, tablets, and other devices to work, those devices are going to be a distraction. The temptation for employees to check out social media sites such as Facebook and Instagram or to play games on their phone during working hours are even worse if they are already using their personal device for work-related tasks. While being forced to use a company-owned device isn’t going to eliminate this problem, it will at least reduce the temptation to waste company time. It will also discourage the use of electronic devices to access inappropriate material while at work.

Bad Habits

Employees who are accustomed to using their own phone to access company email are, by force of habit, going to be less likely to be cautious about opening phishing emails or files that could contain malware. If an employee isn’t in the habit of carefully checking out emails before they open them for their personal email on their device, they aren’t suddenly going to become careful about company email they open on the same device. Employees are likely to be more careful with a company-owned device, in part because they don’t want to be blamed for putting the company at risk.

Remote Wiping of Personal Devices

If a device is stolen, there is an extremely high probability that sensitive data will be on that device. One solution that many IT departments depend on for dealing with device theft or breach is a remote wipe. While this is an excellent idea for devices that belong to the company, employees will not like the threat of having their personal device remotely wiped without warning. The loss of personal information such as contacts, pictures, and messages could not only anger the employee involved but lead to potential lawsuits.

Too Much Reliance on Non-IT Employees

When employees are allowed to use their own devices, there is a major shift in responsibility. In most cases, it is simply not possible for IT to ensure that every employee device has the right security measures in place and that they are updated on a regular basis. When employees fail to do this and a breach happens, IT will most likely receive the blame. IT should not be held accountable for risks they cannot reasonably control. Company devices in the hands of those who truly understand cyber dangers are safer as long as they have access to the tools needed to minimize cyber risks.

Cybersecurity Threats

In 2016, researchers discovered that 56% of respondents felt that BYOD was one of the biggest threats to endpoint security for their organization. Another study indicated that 20% of organizations had experienced a breach related to BYOD, which doesn’t bode well for its continued use. One of the major reasons behind companies moving away from BYOD policies is undoubtedly the threat of ccyber attacks A company may have the most bullet-proof BYOD policy possible, but if it cannot be enforced or if employees can find ways to work around compliance, then those BYOD devices become a major threat.

Conclusion

There are pros and cons to both the BYOD approach and the company-owned device approach. Quite a few companies are easing off on their BYOD policies, implementing partial BYOD or eliminating it completely. Reasons behind this change include:

• Costs
• Employee productivity issues
• Employee bad habits
• Physical theft of devices
• Reliance on non-IT personnel to avoid security threats
• Increases in cyber threats as more employee-owned devices are put into use

Add all of these issues to the fact that employees may be annoyed at having to supply their own equipment for work and it is easy to see why many organizations have realized that BYOD is not a good fit for them. Whether the widespread implementation of BYOD continues to grow as predicted remains to be seen.

“Digital transformation” is a term likely circulating around IT departments everywhere. The vast majority of businesses today, no matter how big or small, will likely need to further digitalize their operations in order to keep up with competitive markets and an ever-growing list of digital trends.

There are endless components associated with digital transformation. Late last year, tech company MuleSoft conducted their annual Connectivity benchmark for 2018, which surveyed more than 600 ITDM across a variety of industries. The results shed light on the importance of digital transformation, the issues that stand in the way of these transformations, and what ITDMs (Information Technology Decision Makers) believe to be the future of IT.

According to the survey, the stakes are high. The vast majority of ITDMs surveyed admitted their business’s revenue would be negatively impacted if digital transformation didn’t take place, and soon. Companies simply can’t afford to let their IT operations fall to the wayside.

Digitalizing your business operations is no easy task. Creating an online portal or creating new online processes doesn’t mean you’ve digitalized. You’ve got to have clear goals before you begin this undertaking. More often than not, the top goal of businesses is to streamline their operations to run more efficiently.

Analyzing The Data

The vast majority of ITDMs understand the importance of upgrading their digital enterprises, with only 3% of organizations surveyed revealing they had no intentions of a digital revamp. In fact, approximately three quarters (74%) of those surveyed said they were currently undergoing digital transformation initiatives. Another 23% revealed plans to do so over the next three years.

Establishing Clear Goals

Digital transformations are futile without an end goal. Therefore, in order for ITDM to effectively transform their digital operations, they need to know both what is at stake, and in which ways they’d like a revamp to serve the organization.

Of ITDMs surveyed, more than 83% cited increasing IT’s operational efficiency among their top priorities. Other areas of high importance include improving business efficiency, and introducing new products and faster services. Digital transformations can help enhance a number of aspects of your company, rendering them vital in today’s business landscape.

The MuleSoft survey revealed that ITDMs intend to focus on a few specific initiatives to achieve their IT goals. These include modernizing their legacy apps, integrating SaS apps and investing in mobile apps. Other areas of focus include migrating apps to the cloud and establishing an e-commerce platform.

Enhancing The Customer Experience

One other major goal for businesses undergoing digital transformation is to improve the customer experience. This means improving the customer experience by connecting customer-facing systems. The vast majority, 92% of ITDMs, revealed that forging a connected experience for both customers and employees is a priority for their respective organizations. As of December 2017, only 39% of those surveyed revealed their organizations offered a completely connected user experience. These figures are in line with a previous MuleSoft survey, which found that over half of consumers believe they are receiving a disconnected experience when dealing with businesses like retailers, banks, insurers, and other public services.

Common Roadblocks

IT departments face a number of issues that hinder the potential for successful digital transformation. In addition to time constraints, there are other factors at play, such as misalignment between business and IT, problems within legacy infrastructure and systems, and a lack of resources and budget.

For today’s businesses, there is often a disconnect between what IT professionals must do, versus what their departments can realistically handle. While it’s commonly the responsibility of IT to implement development projects and focus on innovation, much of their workload involves helping the business run. In fact, the survey data shows that 63% of IT departments’ time is spent on business operations, rather than exploring new ways to drive profits through technology.

Integration Issues

Of all the roadblocks between IT departments and their goals, integration seems to be the largest barrier. Nearly 90% of ITDMs revealed challenges with integration, with 81% saying point-to-point integration creates the biggest headaches. Not only is this an issue for efficiency, but it presents financial repercussions, with organizations spending almost one-quarter of their yearly IT budgets on integration.

The Benefits Of APIs

It’s common knowledge in the IT circle that APIs make life easier for developers. They’re also critical for success in today’s digital landscape. Not only do APIs expand a business’s capabilities, but they also make it easier for employees to consume data in a simple, standardized way. According to MuleSoft’s Connectivity survey, organizations have both increased IT-self service and decreased their operational costs by leveraging APIs. And the results can be seen in revenue, as well. More than 35% of ITDMs surveyed through the Connectivity survey revealed that more than one-fourth of their revenue was the result of APIs.

Digital transformations are a fact of life for many businesses today, and if they’re not yet, they soon will be. From managing operations to improving customer and employee experiences, digital transformations are just one-way businesses are further embracing the power of the internet age.

Most homeowners and renters understand the importance of home security. In fact, in today’s world, it’s not uncommon for homeowners to spend hundreds or even thousands of dollars on home protection. But while securing your belongings is considered good common sense, homeowners don’t as often consider the concept of data security. This is understandable, but in reality, it’s just as important to ensure that your data is protected as well.

Unbeknownst to many, your home’s security system and its surrounding technology may even leave you susceptible to a data breach. These have the potential to wreak havoc from a personal data standpoint. Paying close attention to the technology you are using to protect your home can help you avoid the ever-growing risk of a cyber breach.

Here are a few things homeowners can do to keep their networks protected.

Strengthen Your Wireless Security

Securing your wireless router is paramount to effective data security. Your wireless networking security will depend heavily on the health of your router.

One useful tip?

Don’t leave your Wi-Fi on unless it’s necessary. This means that if you and your family are planning a long trip, don’t forget to turn your network off.

Other precautions include disabling your Wi-Fi Protected Setup, or WPS. The WPS is intended to make it easier for those within your household to join the central Wi-Fi network. However, it can also be used by hackers to gain unauthorized access.

Configuring your Wi-Fi’s signal strength is also important. Casting too wide of a net can leave you susceptible to outside hackers. As a security measure, configure it so Wi-Fi is only accessible to those within your home’s area. You can also disable your network’s remote management, and be on the lookout for any unknown devices or connections showing up on your network.

Update Your Software

Keeping your security systems up-to-date is important in ensuring nothing falls through the cracks. Applying updates and patches ensure you are running the most recent technology available for your device.

Your work doesn’t stop at updates, though. Installing an anti-virus solution built to detect, prevent and clear your system of viruses ensures a strong line of defense against hacking. While antivirus solutions won’t protect your system from, say, zero-day exploits, they can be helpful in preventing malware from entering your devices.

Install A Network Firewall

Firewalls are extremely useful in maintaining the security of your systems. This type of solution blocks unauthorized users from acquiring access to your private data. Installing a firewall is a solid step toward keeping your data safe. These can be installed via software, hardware or a unique combination of both.

Back Up Your Data

Computer users understand the frustration that comes with a hardware failure. In the event that this happens to you, it’s best to be prepared. Keeping a solid backup solution will give you peace of mind in the event of an accident. Test your backups thoroughly and regularly by creating dummy files and deleting them, or scheduling a day to unplug and determine how long it takes to get your system up and running. All this can help you form a legit plan of action to help you recover from a hardware failure.

Maintain Strong Encryption

Configuring your router improperly can pave the way for a data breach. You should use the strongest possible encryption methods for your device. Some of these protocols may include Wi-Fi Protected Access 2 (WPA2), Temporary Key Integrity Protocol (TKIP), and Personal Advanced Encryption Standard (AES).

Here are some tips to help you create a strong line of defense against a breach.

Update Your Router Password

It can be tempting to begin using a new router fresh out of the box, but be cautious. While your router has a set password, it may be easy to guess, or worse, printed right on the router itself. Changing your router’s password to something safe and known only by you is necessary if you’re hoping for optimal protection. The same goes for your Network name. While these typically come standard, you’ll want to change yours, though be careful not to include personal information such as your last name or address.

There are some things you can do to ensure a strong password. First, avoid using the same one for all of your accounts. If your password is stolen from one site, all other accounts for which you use it may be put at risk. You also shouldn’t share passwords with anyone or divulge them to anyone.

Approach Email With Caution

You may have taken all the necessary precautions to keep your home network secure from hackers, but often it’s not the technology that’s to blame for a breach. While it’s true that cyber criminals take advantage of unencrypted data, an inadequate firewall or out-of-date software, they also frequently target individual users. E-mail, for instance, is one of the most frequently used platforms by hackers. And while these attacks can hit suddenly and without warning, there are still things you can do to protect yourself.

If you receive an e-mail from someone you don’t know, don’t answer right away. Always first verify the person’s identity before responding. If you suspect an email from an organization may contain malware, first contact the company directly before replying. One giveaway is a misspelling in the URL of a malicious website. Also be sure to never share personal or financial information via e-mail or telephone.

Don’t leave your data security up to chance. All of these steps combined can help you form a solid plan for preventing a cyber breach.

 

Today’s small business owners are tasked with managing operations, employees and a wide range of things pertaining to the modern day business. It’s no surprise, then, that amid the hustle and bustle, some areas of importance are thrown to the wayside. Cybersecurity is often one of them.

According to studies, the majority of small business owners don’t believe their businesses are at risk of a cyber attack. This mindset is dangerous for business owners because they will not be prepared for a cyber-attack. In the event of an attack, it can wreak havoc on a small business that hasn’t yet armed itself with proper security protocols.

According to the Ponemon Institute, cyber-attacks cost small and medium-sized businesses an average of $2,235,000 in 2017. In order for small businesses to form a strong line of defense against cyber attacks, they’ll first need to evaluate their risk, and what’s at stake. Here are a few things small businesses should consider when preparing to amp up their data security.

Securing Your Data

Implementing solid data security for your business is a complex task that requires manpower. And although it can present quite the conundrum for small business owners, it’s something that, according to the FCC, must be done.

First, you’ll need to evaluate your current system. Which data do you actually need? While keeping customer data is important, it’s just as important to only ask for customer information that will actually be utilized. For instance, don’t ask for a social security number if you don’t need it.

The same notion applies for how long to keep this data. Don’t store your customers’ data longer than needed. The longer you keep it, the longer you are liable in the case of a data breach. And if you don’t have a retention policy in place, it’s time to implement one. Don’t forget that hand-in-hand with a retention policy is a process for how to delete the data. Do keep this in mind.

Strengthening Your Passwords

Implementing a strong password policy can make all the difference in keeping your data protected. Complex, unique passwords are paramount to data security, but how can you be sure those you’re using are really up to par?

You may want to look to the NIST for a list of digital identity guidelines that can help clarify what you should and shouldn’t be doing when setting new passwords. From two-factor authentication to the inclusion of symbols and capital letters, there are plenty of ways to strengthen your passwords to minimize the risk of an attack.

Establishing Network Segmentation

While, yes, one of the main goals of a small business should be to have a reliable network set up for operations, there’s a lot more to be done to ensure adequate data security. If your office frequently has customers traveling through your space, it’s best to implement a separate network that will prevent access to your data by just anyone. Doing this both minimizes the impact on your employees’ network and keeps internal data safe.

Don’t Ignore Updates

A constant bombardment of update notifications is annoying, and can even hinder productivity. And although it’s tempting to ignore these and push on with your work, updates are important in keeping your systems working properly. This is why it’s so important to stop ignoring them. In fact, small businesses should adopt a policy for updates and scheduled maintenance to ensure things aren’t falling through the cracks. A service provider can help you keep all your devices inline with the most current standards, and ensure updates are carried out accurately and within the proper timeframe.

Training For Success

If your business is one that employs mobile workers, data security becomes a bit more complicated. You’ll need to ensure these mobile workers’ devices are as secure as those within your office. Keep in mind that deleting company information in the event of a lost or stolen device is crucial.

A company may have the very best security in place to protect their data, but all it takes is one employee incident to destroy the reputation you’ve built. If your company’s salespeople do not require access to secured customer ddatabases don’t authorize them to use it. Giving access to crucial data only when it’s needed can help you minimize the chance of a cyber-attack.

You may be doing a fantastic job at training your employees for proper data security, but human error will always be an issue. This is not something you can prevent entirely, but you can teach your employees what to look out for. You can also help them understand the negative consequences associated with data breaches and the true impact of failing to be alert.

Data security for your small business is definitely not something you want to ignore. As an entrepreneur, you are likely both excited and weary of what’s to come. Don’t let a data breach put an end your empire before it starts.

If you are old enough, you may remember when making phone calls from an airplane was an expensive luxury, with sound quality so bad that conversations at times were impossible. Times have changed. Calls from planes are usually clear and carried over satellite connections. The big electronic question mark in the sky is not whether Wi-Fi is available, it is, how good is it?

So How Do We Rate The Quality Factor?

Different flight amenity rating services use various methodologies, so one has to dig to get useful information. Traveloka, a major booking site for Southeast Asia, ranks the top 50 carriers on aspects like speed, quality of signal, availability of USB ports, etc. According to them, the top three airlines for Wi-Fi service are Qatar, Emirates, and Delta, in descending order.

Digging a bit, one finds out that the fastest Wi-Fi available is on British Airways, which has speeds up to 20 Mbps (your mileage may vary.) In contrast, Emirates, Etihad, and Eva offer a top speed of only 2 Mbps. Obviously, this is not going to support streaming from Netflix and video conferencing.

Theoretically, even HD video conferencing should require only 384 Kbps (see here.) But we’ve all had the experience of video conferencing where lagging was an issue, even on connections that are high speed. The devil is in the details; the need for bandwidth goes up with each separate device used for the video conferencing, and for the bridge that ties it all together. The bridge has to have access to adequate bandwidth to provide all the images and sound streams at the same time. Of course, the speed with which it goes to the PC or phone depends on the bandwidth from the Wi-Fi transmitter to the user’s device.

The most important question in choosing an airline for Wi-Fi service is knowing what you need. On airlines though, you may not have much of a choice, especially if looking for low airfares. If you will absolutely need video conferencing during the flight, Qatar is about your only choice. Qatar pledges speeds up to 50 Mbps, but Traveloka rated the average speed as only 8.

(See this article from CNN travel for a summary that is a bit easier to interpret than Traveloka’s. )

What Does It Cost?

Emirates Air offers the first hour free and unlimited usage for the rest of the flight is only $10. Delta offers unlimited access for the entire flight for $16. Surprisingly, JetBlue, known as a discount airline, is now offering Wi-Fi but there are no details yet as to cost.

Singapore Airlines, rated the best in the world, offers only 1.17 Mbps for $8.80, but oddly, does not offer the ability to make phone calls. All-Nippon Airways (ANA) offers only 0.56 Mbps at a cost of $9.43. On Hong Kong Airlines and China Southern the service is free. Emirates does offer 20 Mbps, but it has to be used within two hours.

What’s The Underlying Technology?

In-flight Wi-Fi is provided by satellite. The plane has an antenna that picks up the signal and broadcasts it inside the cabin. Since all airlines get the same quality and speed of the signal from the satellite, the speed, and quality within the cabin depends on the hardware that the airline has installed.

If an airline wants to provide 50 Mbps, which is comparable to home or business internet service from a cable provider (not fiber optics) in the United States, it can do so. It’s just a matter of will. Since the equipment needed to offer 50 Mbps and the equipment needed to offer 0.56 Mbps are similar in price, it is a bit of a mystery why all airlines that provide the service do not offer the higher speeds.

And if some airlines provide it for free, why not all? No immediate answers forthcoming. One item of note is that with satellite Wi-Fi, as with many earthbound internet service providers, uploads are much slower than downloads.

Incidentally, virtually all the reporting on Wi-Fi availability and quality on airlines comes from the 2016 Traveloka report.

What’s The Upshot?

Even if you’re on one of the airlines that Traveloka rated as among the best, your Wi-Fi speed will vary. Some things that are easy to do in the office will be difficult to impossible while in the air. It’s best to plan accordingly. Do not schedule a critical meeting with the chairman of the board while you’re on a flight on Singapore airlines; this is just not going to work. Even email may be dicey in flight.

The moral of the story is that doing serious business that demands strong connectivity is best done on the ground, not while in flight. If it’s absolutely necessary, then plan accordingly before you leave the office and take to the road. People who travel a lot will understand.

October Is Cyber Security Awareness Month
Tune In At Any Time To Watch Our 15 Minute On-Demand Training

Cyber Criminals Have A 6 Month Head Start.

Is Your Business Protected?

Find Out.

Tune Into Our October Free Online Training By Clicking Here.

Every 39 seconds, a hacker is attacking someone. 

Are you next on the list?

You can’t afford to miss October’s free online training.  Why?

{company} takes cybersecurity seriously. This is why we have put together this free online training for everyone.  During this online training, our cybersecurity trainers will share how your business can defend itself from becoming another statistic.

During this 15-minute on-demand training we’ll show you many quick and very important tips you and your team must know in order to protect your business from cyber threats and how employees can keep all your confidential and critical information secure.

Google+ Social Media App Will Soon Move Off Into The Sunset

Google+ has never really been a popular social media network. In fact, most people say they’ve never used it and don’t know how it works. So it’s not too surprising to hear that Google has finally decided to pull the plug.

Google just announced a ten-month sunsetting period, which begins now and will end in August of 2019.

Besides the site simply not being popular, Google has had serious security issues. Project Strobe discovered a bug in Google+ that may have leaked the personal information of thousands of users. Though Google says the vulnerability was not discovered by hackers and that no profiles were compromised, their senior executives felt that rumors of a breach would likely trigger “immediate regulatory interest.” So they simply didn’t tell anyone.

Other Social Media Data Breaches

For several years, Facebook has been under scrutiny for allowing the data firm Cambridge Analytica to access their user information. This data was in turn used to create targeted social media ads that eventually swayed the presidential election of 2016. Since that incident, Americans have become much more aware of the effects and dangers of data breaches and social media manipulation.

Given the fact that almost no one was using the Google+ app and the high risk for potential data leaks, Google execs said they simply felt that it was best to discontinue Google+. Users will have 10 months to migrate their data before the platform is officially dissolved in August of next year. However, the company has decided to continue supporting the Enterprise version of Google+ so businesses using that app will not be affected.

More About the Google+ Security Breach

Last March, Google discovered a privacy breach, which allowed third-party apps using their programming interface to access the personal data of users. This data includes usernames, addresses, email addresses, birth dates and other bits of personal information.

The Wall Street Journal reported some details about the security breach and said that Google executives had been informed about the breach soon after it occurred. These executives made the decision not to disclose the breach to its users for fear of tarnishing their reputation.

Reporting Security Breaches

In a blog post, Google said that it decides when and if the organization should notify users of data breaches. They take into consideration the type of data that was leaked, whether there’s evidence of misuse and whether there’s anything that users can do about it.

According to security breach laws, any organization that experiences a data breach must inform those affected. And they only have a specific amount of time to do so. This varies by state but there are severe penalties for not correctly reporting a security breach.

Executives at Google say that the gap has been fixed and that users do not need to worry about any further data leaks. However, there is ample evidence that Google did not follow the law once they learned of the data breach. This can result not only in penalties from the federal government but also users can file individual lawsuits if they believe their personal info has been compromised.

How Data Breach Laws Are Changing

With the new European Union GDPR (General Data Protection Regulation), more countries and organizations are implementing stronger security measures. The GDPR affects anyone who does business with an entity that resides within the European Union. This has caused many business owners to revamp the way they collect and store personal information from their users.

Once a company has collected an individual’s personal information, they have a legal responsibility to keep that data as secure as possible. In spite of these advances in data security regulations, hackers seem to be one step ahead. Their tactics change, improve and evolve making it necessary for all organizations to be more cautious.

Senate and House Committees Get Involved

This past year, many social media and technology companies have come under scrutiny due to their data and privacy practices. Executives from Twitter, Facebook and Google have testified before various Senate and House committees. Under fire are their security measures, but also their political biases. The government is considering types of regulations that would prevent these companies from meddling in important things like the elections.

Now that everyone is fully aware of how easy it is to sway voters in one direction or the other, there is a very real fear that future elections may be manipulated by these companies. They not only have the knowledge, but they have the resources to influence the way people vote. And this ability holds within it a great deal of potential power to change our society in ways that can only be speculated about at the moment.

What Should Google+ Users Do?

In the meantime, if you are a Google+ user, it’s best to go ahead and make copies of any content you have on the site, then delete your account. Once it has been deleted, you’ll no longer have to worry about losing it to hackers who have found yet another weakness in the site’s security protocols.