Category: Uncategorized

Technology has unlocked a world of potential for businesses everywhere. But with these advances comes a new set of problems, like malware. While it’s common knowledge that computers are susceptible to viruses, today’s breed of hackers are more creative than ever. They’re utilizing new, innovative techniques to infiltrate systems of businesses big and small.

Not all malware is created equal. Just like infectious disease, there are different strains of malware, many with the potential to wreak havoc on your business network. In today’s business landscape, tech departments are faced with the task of not only stopping these attacks before they happen, but with quickly repairing networks in the event that an attack has hit.

The Problem With LoJax

One recent attack has IT departments up in arms. A Russian hacking group created the Rootkit, named “LoJax”. According to ESET, a leader in IT security, the campaign delivering LoJax targeted certain organizations in the Balkans and other countries throughout Central and Eastern Europe.

The problem with LoJax is that it isn’t just any ordinary malware. It’s used to gain persistent access to a computer, and with its reputation for being hard to detect, it’s causing quite the problem for users. Much to the horror of IT professionals, this hacking technique is so complex that it can withstand a variety of common fixes. Some of these include a reformat, a complete OS reinstall and a hard-disk swap.

This unique type of malware lives in a system’s flash RAM, meaning the only way to clear it is to over-write the infected machine’s flash storage. This presents its own set of challenges, and isn’t even a guaranteed fix unless you’re armed with the right code.

What Is Spectre?

Spectre is the name of an underlying vulnerability affecting the vast majority of computer chips manufactured within the last two decades. If this vulnerability is exploited within a system, it could enable attackers to gain access to data that was previously deemed protected. Lojax directly leverages this vulnerability, making it all the more difficult to detect before it hits.

If attackers are successful, they can they utilize LoJax to access systems remotely, and on a constant basis. This allows them to inject it with additional malware. This type of malware can also be utilized to track a particular system’s location, and potentially the owner’s location.

What’s At Risk?

UEFIs are particularly at risk. UEFI, Unified Extensible Firmware Interface, is a specification for the interface between a computer’s operating system and its firmware. It runs pre-boot apps and is responsible for booting the OS. By re-writing the rootkit, the malware is able to stay hidden within the computer’s flash memory, making it difficult to repair.

How To Protect Your Network

Businesses can implement a series of additional security measures to minimize the risk of a cyber attack on their network, especially one as severe and unpredictable as LoJax.

One of the single biggest mistakes businesses are making is running their operations on old, outdated equipment. Not only can this hinder productivity, but it can also leave businesses more susceptible to a cyber attack. Investing in new equipment that runs the latest and most improved hardware means security measures are often built in.

Keeping equipment up-to-date can become costly, but it can also minimize the chances of an even costlier network revamp in the event that a catastrophic cyber attack takes place and compromises everything a company has worked so hard to build.

Exercise Caution With Emails

Malware can gain access to your system through one of several ways. One of the most common methods is e-mail. It’s wise to take a cautionary approach to e-mail when utilizing your work network. Be wary of e-mails from strange e-mail addresses and also be cautious of what websites you are visiting, taking care to only visit safe, reliable sites.

Implement A Secure Boot

While malware like LoJax are especially hard to combat, IT departments can take comfort in the fact that not all hope is lost. One method of prevention is Secure Boot. This mechanism ensures that only securely signed firmware are able to boot up and run on a particular system. With signature verification required, Secure Boot makes it possible to prevent uniquely complex malware like LoJax from successfully infecting a system. Businesses are encouraged to review the Secure Boot configuration throughout the entirety of their hardware.

Malware Cleaning

Once you suspect a computer within your network is infected, it’s important to take action immediately. Be sure to back up your files before you attempt any type of intensive cleaning. Also, don’t attempt to repair complex computer issues alone. Your IT department can help you create a comprehensive game plan to address the problem and prevent similar incidents in the future.

Your system can come under attack when you least expect. Given that phishing is still a go-to strategy for hackers to penetrate systems, security awareness is more important than ever. Create a solid line of defense, and an effective response strategy, to ensure an attack doesn’t compromise your business. Security awareness training can serve an important role in helping your organization stay protected from hackers.

From the invention of the assembly line to cloud computing for the Discrete, Repetitive, and Process Manufacturing industries, updating to the latest technology is never in question. What does get closer scrutiny, is deciding to invest in Microsoft technologies. That’s what Rolls Royce did, and now they use Microsoft technology platforms, to fundamentally transform, how it uses data to serve their customers better.

5 Microsoft Technologies Offered to Discrete, Repetitive, and Process Manufacturers

Every CEO or business owner knows reducing overhead, and expenses on server maintenance, technology management, and upgrading code benefits the company both short-term and long. It’s the same viewpoint manufacturers have always had for their operations.

The five areas of interest to Manufacturers is Microsoft’s Azure technologies in these areas:

1. IoT
2. Machine Learning
3. Large-Scale Computing
4. Hybrid Clouds
5. Blockchain

Internet of Things (IoT)

The Internet of things (IoT) is the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these things to connect, collect and exchange data.

When managing hundreds of thousands of devices, around the globe, while large quantities of data get streamed, and then; processing and storing that same data in real-time, is a job only the cloud was explicitly designed to pull off. That’s why Azure got designed. It will deliver both Platforms-as-a-Service (PaaS) and Software-as-a-Service (SaaS), making it easy for all types of Manufacturers to choose Microsoft Azure.

From the Platform as a Service level, you will find five Azure platform services:

• Azure IoT Hub – you can directly and securely connect and consume data from IoT assets
• Azure IoT Hub Device Provisioning Service – you can provision millions of devices in a secure and scalable manner
• IoT Edge – you can run advanced analytics, machine learning, and artificial intelligence at the device level
• Azure Stream Analytics – integrates with Azure IoT Hub to enable real-time analytics on data from IoT devices and applications.
• Azure IoT Suite – provides a set of preconfigured IoT solutions for workloads such as Remote Monitoring, Predictive Maintenance, and Connected Factory.

From the Software-as-a-Service level, you have Microsoft’s IoT Central. It is a fully managed IoT SaaS solution. IoT Central makes it easy to connect, manage and monitor the Internet of Things assets at scale, allowing it to create deep insights from the IoT data to take necessary and informed action.

Machine Learning and Artificial Intelligence (AI)

Microsoft continually improves old tools. They also build new ones to simplify the process of integrating these technologies with your business. These are significant areas of investment for both Microsoft and Manufacturers, limited only by your imagination.

• Azure Machine Learning Services – are integrated, end-to-end, advanced analytics and data science solution that permits data scientists to develop experiments, prepare data, and deploy models at cloud scale.
• Azure Machine Learning Studio – is a drag-and-drop collaborative tool you use to build, test, and deploy predictive analytics solutions on your data
• Azure Bot Service – is an integrated environment that is purpose-built for bot development, permitting you to build, connect, deploy, manage and test intelligent bots.
• Cognitive Services – are intelligent algorithms to see, hear, speak, understand, and interpret user needs through natural methods of communication.

Large-scale Computing

Large-scale computing is a building block when working with large datasets, especially for computationally-intensive engineering workloads. Manufacturers use rendering, and simulation technologies such as Azure Batch, to run massive parallel and HPC batch jobs.

Also used is Microsoft HPC Pack, Linux RDMA cluster to run Message Passing Interface (MPI) applications, and high-performance VMs lets you dynamically extend to Azure, when you need additional capacity, and deploy an on-premises Windows compute cluster.

Hybrid Clouds

Hybrid Clouds have become popular choices for manufacturers, just not ready to make a full commitment to the cloud. Lack of engagement might be something as simple as, keeping some company data and systems in-house.

That’s when Microsoft got the idea to create, Microsoft Azure Stack, for common scenarios like this. The Azure Stack is a hybrid cloud platform. The platform lets you deliver Azure services from your organization’s data center.

In Manufacturing, there are two daily routines, that have made hybrid cloud deployments particularly attractive to manufacturers:

1. Edge and Disconnected Environments – Often IoT implementations include devices that are intermittently connected, or not connected at all to the Internet.
2. Security and Compliance Requirements – Highly secure devices often are unable to connect directly to the internet and must use a local service. That is more common in the manufacture of goods for the military and defense sectors.

Blockchain Technologies

Bitcoin, a form of Cryptocurrency, relies heavily on the blockchain technology. However, Blockchain-as-a-technology (BaaT) became a much broader application to use. Easy-to-deploy templates from Microsoft that run on Azure for the most popular ledgers, including their Azure Blockchain Service.

Blockchain gained more attention with Manufacturers, as they began using tools like these in the cloud. It has the potential to address several essential manufacturing scenarios including

• Asset Management
• Counterfeit Prevention
• Digital Thread Traceability
• Supply Chain Management
• IoT Tracking and Identification

The deep integration of all these services is Azure’s fundamental value proposition. It might be from Microsoft or Open Source, with on-premises systems, rich operational analytics, strong SLAs, and compliance certifications, you can still trust they have the right answers for your manufacturing company.

If you are still wavering, about investing your manufacturing firm in Microsoft technologies, who better to look to, then a technology giant that’s been transforming businesses and manufacturers, around the globe, for nearly half a century.

Did you find this article informative? If you liked this one, check out our other content we think you’ll find interesting.

Good news for people wanting a new Microsoft Surface Pro 6 2-in-1. It is all grown up. No longer just for schools, video-games, and weekend play, the new Surface Pro is ready for prime-time. It has a sleek new look and a thicker, black non-slip coating on the exterior. This makes it much more professional-looking than previous versions. In fact, that is one of the main selling-points—its classy, elegant appearance.

Tablets are generally seen as more convenient than a laptop or a clunky, antiquated desktop. However, they also have a screen size that’s easier to view. This makes them portable, but more useful than a smartphone screen would be. Plus, with the addition of a keypad along with the touchscreen, this is a multifunctional device.

Additionally, it is as useful as it is attractive. At a whopping 67-percent faster speed, the eighth-generation Intel quad-core i5 processor handles work and play with equal capability. One of the things customers requested was a more professional-looking workstation, with faster processing using multiple cores and Microsoft Pro 6 definitely provides that.

What Are Its Primary Features?

One of the primary selling points is the more professional appearance. The muted colors that the Pro 5 were available in, included blue, red, and silver. The black-colored cover that has only been provided in the Pro 6 is considered much more appropriate for the work environment than the brighter options previously offered.

A second feature that makes the upgrade beneficial is the advanced speed. Although the Surface Pro was already considered fast, the newest iteration is significantly more so. It can be purchased with either 8GB or 16GB of memory and comes with 128GB, 256GB, 512GB, or 1TB SSD.

What Makes It Better Than Previous Versions?

The superior speed of use and professional appearance are its main selling points. Truly, it depends on what one is buying the tablet for. If it is for a child’s homework or video game playing, then the Pro 5 might be a better choice. The Pro 6 has less desirable graphics for gaming, while the Pro 5 has the most superior graphics capabilities of the two, and includes a faster and more capable CPU. If one is buying the tablet for business purposes, the Pro 6 is likely the preferred option, as it has superior speed without all the glitz.

How Are the Surface Pro 5 and Surface Pro 6 Similar?

Both Pro 5 and Pro 6 are available with the following attributes, and some would argue that they are nearly identical. They have a 12.3-inch display, which is more than enough for most users and is the same size as many laptop computers. Both are available with 4GB, 8GB, or 16GB of RAM. They each have a battery-life of around 13 hours.

Some of their notable features include the following:

• Headphone Jack
• MicroSDXC Card Reader
• Mini-DisplayPort
• Surface Connect Port
• USB-A 3.0 Port
• Multi-touch PixelSense

One of the main things that previous versions have that this one does not is the truly impressive graphics. The Surface Pro 5 is sold with an Intel® HD Graphics 620.

What Are Other Options?

One of the primary aspects that other devices have is their port options. For example, many laptop options have Thunderbolt connectors, which allow them to handle larger files much more quickly than older machines. If you’re planning on using a two-in-one for heavy audio or video usage, you may want to consider your options thoroughly. Without Thunderbolt or USB-C, simple tasks like transfers or opening files can take quite a long time. Much of the time spent doing a project can be waiting for files to transfer, render, load, etc.

Neither the Surface Pro 5 or the 6 comes equipped with a USB-C or Thunderbolt 3 connector. This wasn’t considered a major issue with previous devices. However, since recent editions of modern 2-in-ones have them now, it is a bit surprising.

Some of the competitors in the field include the following:

• Dell XPS 13 2-in-1
• Eve V
• HP EliteBook x360 G2
• HP Envy x2 (Qualcomm)
• HP Spectre x360
• Lenovo Miix 720
• Lenovo Yoga 920
• Surface Book 2 (13 inch)

Although there are lots of options, Microsoft has been around since 1975. As a long-time contender, it has more than proven its abilities and staying power.

In Conclusion

When one doesn’t want to sit at a desk all day, perhaps a tablet is the best option. It allows for mobility, versatility, and flexibility. With a Microsoft Surface Pro 6 you can make the best of work and play. Although the graphics are not as great as they were with the Surface Pro 5, they are decent. Both are light enough to take into the office or on vacation. With a one-year warranty and a first-class support system, you cannot go wrong. Microsoft just keeps getting better and better.

Steve Jobs Day Sheds Light On Apple Founder’s Legacy

In today’s modern world, the name “Apple” has become synonymous with technology. It’s no wonder then that Steve Jobs, the company’s late co-founder, has become such an influential figure in American history. His contributions are well documented in motion pictures, books and an authorized biography.

October 16 is known as Steve Jobs Day, which was declared in 2011 by the Governor of California. The day brings forth the opportunity to reflect on the life of the famed innovator and how his contributions have helped advance the human race. From iPhones to iPads and every single app in between, one could argue that humanity would not be as technologically savvy without the work of Steve Jobs.

In August of this year, Apple achieved what no other company in history has done. It became the first publicly traded U.S. company to reach $1 trillion. Not only is this historic in terms of branding, but it brings to light the incredible ingenuity the company has displayed throughout the years. Along with his partner Steve Wozniak, Jobs’ innovations have helped solidify an incredible legacy likely to stand the test of time.

The Early Years

Jobs grew up in the San Francisco bay area in the 1960s. By the age of 10, he had developed a fascination with electronics, likely due largely in part to time spent with his father building crafts. This hobby paved the way for Jobs’ establishment of Apple in 1976, along with his co-founder Steve Wozniak.

Jobs sat at the helm of Apple’s operations until 1985, when he broke ties with the company and established NeXT computers. Apple later purchased NeXT and paved the way for Jobs’ return to the company in 1997.

Apple Computers

While Jobs can’t be credited for inventing the first computer, his founding of Apple paved the way for its widespread use. The computers that came before Apple was expensive and typically used only for business purposes. The introduction of the Apple II, the brainchild of Jobs and Steve Wozniak, changed this concept forever. Marketed as the world’s first mass-market personal computer, the Apple II meant users could now access the technology from the privacy of their own homes.

More than two decades later, in 1998, Apple released the iMac, an all-in-one computer. One of Apple’s lesser-known inventions is the iBook, which was introduced in 1999. The laptop came equipped with Wi-Fi technology and a few upgrades to its design. People today may remember it for its tangerine and blueberry color options and clamshell design.

The Apple iPad, introduced in 2010, has made the Internet even further accessible. This tablet computer was built more for entertainment than previous devices, making it a staple in many households, utilized by children and adults alike. The product was deemed so successful that Apple sold more than 15 million of these devices in its first year.

The iPhone

Of all Apple’s products, none is as influential in the tech world as the iPhone. Apple’s introduction of the iPhone marked a paradigm shift for the traditional mobile phone. Apple’s version, like the majority of its most revolutionary products, boasted a sleek, simple design that helped further uncomplicate technology for the masses.

Introduced in 2007, the phone has undergone a radical series of redesigns over the years, each year presenting more opportunities for productivity than the last. Prior to the invention of the iPhone, mobile phones’ primary purpose was to access chatting and emailing. Today’s version is utilized for web-surfing, Facetiming, social media and the utilization of an endless stream of apps available for download at users’ fingertips. Frequent updates and new designs ensure Apple users are getting the best product possible, which has helped the brand amass its own population of loyal followers.

The iPod

One of Apple’s most significant inventions to date remains the iPod. While mp3 players had been on the market for several years, Apple’s version was seen by many as far superior, and so it began to dominate the market. Able to store thousands of songs, the iPod grew in success with the help of other products, such as Apple iTunes, which was released in 2001. The new technology allowed users to organize their digital library on both their personal computer and through their devices. The iTunes Music Store went live in 2003.

Not all of Jobs’ best inventions were technological. The innovator is also credited with inventing the world’s first glass staircase. The design, which was awarded a patent in 2002, has been used across some of Apple’s flagship stores and has since been adopted, in some sense, by both commercial and residential properties the world over.

Steve Jobs Day is a day designated for honoring the Jobs legacy, but his impact is seen daily, in the hands of millions. While Apple, as a company, has certainly carried on without him, Jobs is one innovator unlikely to ever be forgotten.

If you have a child, and they have a mobile phone, their chances of identity theft are at a remarkably higher risk of being stolen, than most adults. But thanks to the new United States federal law, the Economic Growth, Regulatory Relief, and Consumer Protection Act, and according to a WYTV interview with David Stanley, Cyber Express manager, your loved one’s identity, just got a lot harder to steal.

(WYTV) Keeping Kids Safe: Protecting your kids from identity theft

Children are favorite targets for data thieves, and it’s a crime that can go undetected for years. As parents, we often, unknowingly help hackers snatch our kid’s information all from a simple post.

But, a new law is allowing parents to check and freeze their kids’ credit with the three major agencies for free. And it’s all thanks to a new federal law called The Economic Growth, Regulatory Relief, and Consumer Protection Act, which began September 21, 2018.

If you haven’t thought about checking your children’s credit lately, WYTV reporter Lindsey Watson talked to cyber experts about why you may want to reconsider.

It’s an alarming statistic according to Experian. One in four kid’s identities gets stolen before they become an adult. But what makes children such easy targets for data thieves? Parents are often helping hackers snatch their information all with a simple post on social media.

“They’re trying to gain as much information about the person, you know birth dates, name, date, and then they can kinda go back and figure it all out, and put it all together. It’s kinda what they do right now, they SOCIAL hack you,” said David Stanley, Cyber Express manager.

Stanley refers to it as Social Hacking. “It boils down to if you put out your kid’s name, how old he is, or her,” Stanley said. While Stanley says they haven’t seen a child’s identity stolen yet, it’s something parents need to be aware of before it’s too late.

“We can go forward with you, hand-and-hand and figure it out together. Hopefully, your son or daughter isn’t a victim, and if they are let’s figure it out, make sure that everything is fine, get everybody on an even keel and start over,” he said.

7 Cyber Express Child Identification Protection Checklist

In our very connected world, our children do not comprehend that there are individuals out there ready to take advantage of their innocence. Along with the above interview, we’ve put together a quick and easy checklist, that gives you seven more ways you can protect your children’s identity when they can’t.

1. Always remain cautious about what you disclose – More and more doctor’s offices, store rewards clubs, and schools are having us fill out electronic forms for our children. But it’s becoming too easy to accidentally give out our kid’s information, such as social security numbers, which if stolen, could take years to repair their credit.
2. Monitor what the school gives to third-party vendors – Whether you realize it or not, schools do release children’s information to their vendors. Five pieces of information commonly published are photos, home addresses, phone numbers, email addresses, and dates of birth. Contact your child’s school to learn if they have an opt-out process.
3. Be on the lookout for what your child gives away – With social media, online forums, and gaming groups, our children are too eager to say just about anything, to stay connected or keep up with the latest online trends. Unfortunately, identity thieves know just the right words to say, getting your loved one to share personal information.
4. Monitor your child’s finances monthly – Does your child have a bank account? College savings account? Or a trust fund? Once a month you get these account’s statements. Review them for any unusual activity, plus check with each financial institute, handling their accounts, and sign-up for mobile alerts.
5. Watch for warning signs you would not expect – Should you receive a pre-approved credit card offer, with your underaged child’s name on the envelope, that’s typically not a computer glitch. If you are getting bills or collection notices addressed to your child, that’s not a coincidence. Should you get, in the mail, notice from the IRS your little one owes back taxes, their ID got stolen.
6. Investigate to know if your children have a credit history you’re not aware of – Quite often, after some digging, an unsuspecting parent discovers, their child does indeed have a credit history. What is hard to believe is how that happened; when their minor child has never worked.
7. Credit History examination steps to take are easy:
   1. Call the three major credit reporting agencies and ask for a manual search of files or records associated with 1) your child’s social security number only and 2) your child’s name and social security number tied together.
   2. You’ll be asked to provide copies of their social security number and birth certificate.
   3. Consider having a credit freeze placed on your child’s account.
   4. Numbers or email to get in touch: Equifax: 800-525-6285 / Experian: 888-397-3742 / TransUnion: childidtheft@transunion.com

Recently considered outside the realm of possibility, artificial intelligence (AI) has become more commonplace in modern businesses. As technology evolves, applications and tools with these capabilities will continue to transform various industries, including the legal profession.

Although it may sound like science-fiction, many people are currently using AI and are not even aware of doing so. Artificial intelligence is any technology that enables a device to adapt and learn to perform similarly to how a human would. Examples include Allegra and Siri. To summarize, it collects information and uses algorithms and trends to solve problems quickly and accurately. The field of law is now integrating this technology into their everyday use.

How Is AI Being Used in the Legal Field?

There are several ways that it is already being used in the legal profession to supplement what attorneys and support staff-members do. For example, AI is able to help analyze contracts in bulk and individually, as well. A few of the popular software companies that offer AI for this purpose include the following:

• ABA Journal
• eBrevia
• Kira
• LawGeex
• LegalSifter

This allows partners to use their time and efforts on more advanced activities that require their specialized knowledge. Examples would be negotiating deals, advising clients, and arguing a case in court.

Three aspects that AI is expertly handling in the legal profession are descriptive analytics, predictive analytics, and prescriptive analytics.

What Is Descriptive Analytics?

Descriptive analytics (DSA) uses technology to mine large amounts of legal data, identify legal trends, and analyze behaviors that it then turns into workable insights. Advanced data visualization (an aspect of DSA) helps people identify insights, patterns, and trends that would be difficult to find with human-conducted text review alone. It turns complicated data into easy to understand charts and graphs. Additionally, it highlights factual information to cultivate strategies, assess possible case outcomes, and estimate case values and litigation costs.

What Is Predictive Analytics?

Predictive analytics (PA) uses data to provide insights into potential futures. There are several ways this can be beneficial. It allows law firms to gain a deeper understanding of how judges and juries might behave. By examining the profiles of judges, as well as their previous behavior in court, it is possible to predict how they might rule in specific cases. For example, the legal-tech startup, Judge Analytics, developed a platform that provides information on every judge in the U.S. This allows attorneys to develop the best strategies for their clients.

Additionally, clients often ask their counsel to predict the future. They ask questions like “Should I settle?” or “If we go to trial, will I win?”. With access to years of trial data and this type of AI, lawyers are better able to answer these types of questions.

What Is Prescriptive Analytics?

Prescriptive analytics (PSA) continually tracks outcomes of real-life decisions and incorporates them to sharpen its recommendations and offer actual advice. Intuitive interfaces and pervasive data collection is required to lower barriers to these powerful methods. Since they require ongoing access to evolving data to build and refine the results, they are constantly updating. As machine learning, natural language processing, and analytics technologies evolve, the dependence of law firms will continue to grow.

How Might AI Be Used in Law Offices of the Future?

As the future unfolds, the law school and overall lawyer training approach and curriculum will need to be changed. Legal education will become more all-inclusive. It will begin to emulate a business school education. Case studies, and active networking, and leadership training will likely be included. Although some schools have already included technology in their legal curriculum, a greater number of law students should become tech literate. Eventually—and ultimately—their ability to utilize legal software to analyze information may be just as important as their knowledge and understanding of the law.

In fact, it is anticipated that 100,000 legal roles will be automated by 2036. According to Legal Technology, law firms will reach a “tipping point” by 2020. It is now time for them to commit to becoming AI-ready. They should set aside the fear of the unknown and start developing an understanding of and capability for using technology. It is likely that innovation is the key to maintaining the legal profession’s relevance in this time of transformation.

In Conclusion

With its ability to automate monotonous and time-consuming work like contract or document review and research, AI can easily improve an office’s accuracy and efficiency. It can follow trends and make predictions over immense amounts of information that would be difficult for mortal minds to manage. Although it will not replace attorneys, finding the right combination of analytic tools will vastly alter the way they perform and deliver their services. Taking advantage of the technology available provides a competitive edge over more traditional firms. Choosing to do so may be the most important decision the leaders of legal departments will make in the near future.

In 2016, Uber suffered a data breach that exposed the personal information (names, email addresses, and phone numbers) of 57 million users. In the same breach, some 600,000 driver’s license numbers of Uber drivers were exposed.

So, What Was The Response?

The Federal government and state governments have laws protecting data privacy. Most of them require rapid reporting of data breaches to both the governments and the individuals whose data was exposed. Instead of following the laws, Uber decided to bury the bodies. With a careless indifference toward the rules and regulations that Uber has shown previously, the company got caught in a most unusual manner this time.

In this data breach, hackers first proved to Uber that they had stolen their data, then they demanded $100,000 not to reveal it. That’s a new twist for cyber-thieves.

How Did The Hackers Get The Data?

GitHub is a site where programmers and systems architects publish code and other information, both to store it privately and to show it off to others. The hackers got into the private side of Github and obtained user credentials of the Uber development team. Once they had those, they had free run of Uber’s systems.

What Did Uber Do?

Rather than reporting the breach as required, Uber’s Chief of Security paid the bounty of $100,000, got the hackers to sign a non-disclosure agreement, and disguised the $100,000 payout as a bug bounty on Uber’s internal records. The affected individuals were not contacted. The whole incident was covered up (hopefully).

Uber was already under investigation by the Federal Trade Commission (FTC) for failure to protect consumer information. In the course of that investigation, the 2016 hack was uncovered. The first settlement where Uber confessed to failing to protect customer and driver information was dated August 2017.

Then in November, Uber’s new CEO disclosed the massive breach. At that time, Uber had agreed to pay reparations to exposed individuals and various states to the tune of $148 million. One state attorney general called Uber’s behavior “Just inexcusable.”

Uber agreed to follow relevant laws in the future and hired outside counsel and an outside data firm to assess its security practices and safety measures. The results of those efforts have not been disclosed.

It was also learned that Uber paid the hackers to delete their copy of the data. That potentially violates a law that forbids companies from destroying any evidence in cases of cybercrime. Uber eventually fired their chief of security and several others.

It is the nature of the beast that Uber could not, in fact, confirm that the hackers had deleted every copy of the data. They could have, for example, made another copy and sold it on the Dark Web. Cyber Thieves are not known for their honesty. So, Uber’s efforts to conceal the breach and repair the damages may have been overshadowed from the start.

What Are The Lessons We Can All Learn From This?

Ever since the resignation of Richard Nixon in 1974, the phrase, “It’s not the crime, it’s the cover-up” has been well-known and understood.

The home décor and cooking guru Martha Stewart was convicted and imprisoned, not for a stock transaction that was, in fact, legal, but for lying to the FBI about it. Aside from their general legal and public relations futility, cover-ups usually do not succeed. Somebody leaks, or (as happened in this case), law enforcement stumbles across the cover-up while investigating something else.

When an incident like this happens, companies need to proceed on the assumption that the cover-up will be, at best, a temporary patch on a continuing problem.

What else can be learned from this?

Another lesson is that things that are supposed to remain private may not. The hackers were able to penetrate a supposedly private area of Github. In addition, the database they stole was on a third-party server, not one directly managed by Uber.

Even though the credentials stolen from GitHub were valid for the third-party server, had something like two-factor authentication been in place, the hackers would not have been able to access the server even though they had the proper credentials. There is more than enough blame to go around here. And, of course, the data on the third-party server was not encrypted.

Funding Hackers Is Not A Good Idea

In addition to everything else that was wrong in Uber’s response, the company wound up, in effect, rewarding the hackers with additional funding, enabling them to hack even more victims. Cybersecurity experts agree that funding hackers, no matter how desperate the situation seems, is never a good idea.

Uber’s response here can be compared to the similar reactions of Experian, a credit reporting agency, to a hack of its database that exposed the data of several hundred million users. First, it concealed the breach, then it denied it every happened, then Experian confessed that it did happen. Finally, they tried to monetize the breach by creating and advertising several “security” products to consumers.

Every move was deceptive and demonstrated just how little Experian cared about the privacy of its users. The lesson from Uber and Experian for the general business community is simple: “Don’t handle breaches the way we handled ours.”

Last year, Markets and Markets Research released a report that revealed that 50% of companies were considering the use of BYOD (bring your own device) policies. IT departments were tasked with developing a policy that allowed employees to use their personal devices without endangering the security, but things seem to have changed. More and more companies are moving toward company-owned devices – but why?

Costs

Most people think it would be cheaper for a company to have employees bring their own devices, but there are some hidden costs involved. One, of course, is the loss of productivity which we’ll discuss more in a moment. Given that BYOD devices can raise the probability of an organization suffering a cyber attack, there are also costs that can be traced directly to the fallout of a data breach. The potential cost of a data breach can easily be calculated using a tool like this one from IBM.

Productivity Issues

When employees bring their own smartphones, tablets, and other devices to work, those devices are going to be a distraction. The temptation for employees to check out social media sites such as Facebook and Instagram or to play games on their phone during working hours are even worse if they are already using their personal device for work-related tasks. While being forced to use a company-owned device isn’t going to eliminate this problem, it will at least reduce the temptation to waste company time. It will also discourage the use of electronic devices to access inappropriate material while at work.

Bad Habits

Employees who are accustomed to using their own phone to access company email are, by force of habit, going to be less likely to be cautious about opening phishing emails or files that could contain malware. If an employee isn’t in the habit of carefully checking out emails before they open them for their personal email on their device, they aren’t suddenly going to become careful about company email they open on the same device. Employees are likely to be more careful with a company-owned device, in part because they don’t want to be blamed for putting the company at risk.

Remote Wiping of Personal Devices

If a device is stolen, there is an extremely high probability that sensitive data will be on that device. One solution that many IT departments depend on for dealing with device theft or breach is a remote wipe. While this is an excellent idea for devices that belong to the company, employees will not like the threat of having their personal device remotely wiped without warning. The loss of personal information such as contacts, pictures, and messages could not only anger the employee involved but lead to potential lawsuits.

Too Much Reliance on Non-IT Employees

When employees are allowed to use their own devices, there is a major shift in responsibility. In most cases, it is simply not possible for IT to ensure that every employee device has the right security measures in place and that they are updated on a regular basis. When employees fail to do this and a breach happens, IT will most likely receive the blame. IT should not be held accountable for risks they cannot reasonably control. Company devices in the hands of those who truly understand cyber dangers are safer as long as they have access to the tools needed to minimize cyber risks.

Cybersecurity Threats

In 2016, researchers discovered that 56% of respondents felt that BYOD was one of the biggest threats to endpoint security for their organization. Another study indicated that 20% of organizations had experienced a breach related to BYOD, which doesn’t bode well for its continued use. One of the major reasons behind companies moving away from BYOD policies is undoubtedly the threat of ccyber attacks A company may have the most bullet-proof BYOD policy possible, but if it cannot be enforced or if employees can find ways to work around compliance, then those BYOD devices become a major threat.

Conclusion

There are pros and cons to both the BYOD approach and the company-owned device approach. Quite a few companies are easing off on their BYOD policies, implementing partial BYOD or eliminating it completely. Reasons behind this change include:

• Costs
• Employee productivity issues
• Employee bad habits
• Physical theft of devices
• Reliance on non-IT personnel to avoid security threats
• Increases in cyber threats as more employee-owned devices are put into use

Add all of these issues to the fact that employees may be annoyed at having to supply their own equipment for work and it is easy to see why many organizations have realized that BYOD is not a good fit for them. Whether the widespread implementation of BYOD continues to grow as predicted remains to be seen.

“Digital transformation” is a term likely circulating around IT departments everywhere. The vast majority of businesses today, no matter how big or small, will likely need to further digitalize their operations in order to keep up with competitive markets and an ever-growing list of digital trends.

There are endless components associated with digital transformation. Late last year, tech company MuleSoft conducted their annual Connectivity benchmark for 2018, which surveyed more than 600 ITDM across a variety of industries. The results shed light on the importance of digital transformation, the issues that stand in the way of these transformations, and what ITDMs (Information Technology Decision Makers) believe to be the future of IT.

According to the survey, the stakes are high. The vast majority of ITDMs surveyed admitted their business’s revenue would be negatively impacted if digital transformation didn’t take place, and soon. Companies simply can’t afford to let their IT operations fall to the wayside.

Digitalizing your business operations is no easy task. Creating an online portal or creating new online processes doesn’t mean you’ve digitalized. You’ve got to have clear goals before you begin this undertaking. More often than not, the top goal of businesses is to streamline their operations to run more efficiently.

Analyzing The Data

The vast majority of ITDMs understand the importance of upgrading their digital enterprises, with only 3% of organizations surveyed revealing they had no intentions of a digital revamp. In fact, approximately three quarters (74%) of those surveyed said they were currently undergoing digital transformation initiatives. Another 23% revealed plans to do so over the next three years.

Establishing Clear Goals

Digital transformations are futile without an end goal. Therefore, in order for ITDM to effectively transform their digital operations, they need to know both what is at stake, and in which ways they’d like a revamp to serve the organization.

Of ITDMs surveyed, more than 83% cited increasing IT’s operational efficiency among their top priorities. Other areas of high importance include improving business efficiency, and introducing new products and faster services. Digital transformations can help enhance a number of aspects of your company, rendering them vital in today’s business landscape.

The MuleSoft survey revealed that ITDMs intend to focus on a few specific initiatives to achieve their IT goals. These include modernizing their legacy apps, integrating SaS apps and investing in mobile apps. Other areas of focus include migrating apps to the cloud and establishing an e-commerce platform.

Enhancing The Customer Experience

One other major goal for businesses undergoing digital transformation is to improve the customer experience. This means improving the customer experience by connecting customer-facing systems. The vast majority, 92% of ITDMs, revealed that forging a connected experience for both customers and employees is a priority for their respective organizations. As of December 2017, only 39% of those surveyed revealed their organizations offered a completely connected user experience. These figures are in line with a previous MuleSoft survey, which found that over half of consumers believe they are receiving a disconnected experience when dealing with businesses like retailers, banks, insurers, and other public services.

Common Roadblocks

IT departments face a number of issues that hinder the potential for successful digital transformation. In addition to time constraints, there are other factors at play, such as misalignment between business and IT, problems within legacy infrastructure and systems, and a lack of resources and budget.

For today’s businesses, there is often a disconnect between what IT professionals must do, versus what their departments can realistically handle. While it’s commonly the responsibility of IT to implement development projects and focus on innovation, much of their workload involves helping the business run. In fact, the survey data shows that 63% of IT departments’ time is spent on business operations, rather than exploring new ways to drive profits through technology.

Integration Issues

Of all the roadblocks between IT departments and their goals, integration seems to be the largest barrier. Nearly 90% of ITDMs revealed challenges with integration, with 81% saying point-to-point integration creates the biggest headaches. Not only is this an issue for efficiency, but it presents financial repercussions, with organizations spending almost one-quarter of their yearly IT budgets on integration.

The Benefits Of APIs

It’s common knowledge in the IT circle that APIs make life easier for developers. They’re also critical for success in today’s digital landscape. Not only do APIs expand a business’s capabilities, but they also make it easier for employees to consume data in a simple, standardized way. According to MuleSoft’s Connectivity survey, organizations have both increased IT-self service and decreased their operational costs by leveraging APIs. And the results can be seen in revenue, as well. More than 35% of ITDMs surveyed through the Connectivity survey revealed that more than one-fourth of their revenue was the result of APIs.

Digital transformations are a fact of life for many businesses today, and if they’re not yet, they soon will be. From managing operations to improving customer and employee experiences, digital transformations are just one-way businesses are further embracing the power of the internet age.

Most homeowners and renters understand the importance of home security. In fact, in today’s world, it’s not uncommon for homeowners to spend hundreds or even thousands of dollars on home protection. But while securing your belongings is considered good common sense, homeowners don’t as often consider the concept of data security. This is understandable, but in reality, it’s just as important to ensure that your data is protected as well.

Unbeknownst to many, your home’s security system and its surrounding technology may even leave you susceptible to a data breach. These have the potential to wreak havoc from a personal data standpoint. Paying close attention to the technology you are using to protect your home can help you avoid the ever-growing risk of a cyber breach.

Here are a few things homeowners can do to keep their networks protected.

Strengthen Your Wireless Security

Securing your wireless router is paramount to effective data security. Your wireless networking security will depend heavily on the health of your router.

One useful tip?

Don’t leave your Wi-Fi on unless it’s necessary. This means that if you and your family are planning a long trip, don’t forget to turn your network off.

Other precautions include disabling your Wi-Fi Protected Setup, or WPS. The WPS is intended to make it easier for those within your household to join the central Wi-Fi network. However, it can also be used by hackers to gain unauthorized access.

Configuring your Wi-Fi’s signal strength is also important. Casting too wide of a net can leave you susceptible to outside hackers. As a security measure, configure it so Wi-Fi is only accessible to those within your home’s area. You can also disable your network’s remote management, and be on the lookout for any unknown devices or connections showing up on your network.

Update Your Software

Keeping your security systems up-to-date is important in ensuring nothing falls through the cracks. Applying updates and patches ensure you are running the most recent technology available for your device.

Your work doesn’t stop at updates, though. Installing an anti-virus solution built to detect, prevent and clear your system of viruses ensures a strong line of defense against hacking. While antivirus solutions won’t protect your system from, say, zero-day exploits, they can be helpful in preventing malware from entering your devices.

Install A Network Firewall

Firewalls are extremely useful in maintaining the security of your systems. This type of solution blocks unauthorized users from acquiring access to your private data. Installing a firewall is a solid step toward keeping your data safe. These can be installed via software, hardware or a unique combination of both.

Back Up Your Data

Computer users understand the frustration that comes with a hardware failure. In the event that this happens to you, it’s best to be prepared. Keeping a solid backup solution will give you peace of mind in the event of an accident. Test your backups thoroughly and regularly by creating dummy files and deleting them, or scheduling a day to unplug and determine how long it takes to get your system up and running. All this can help you form a legit plan of action to help you recover from a hardware failure.

Maintain Strong Encryption

Configuring your router improperly can pave the way for a data breach. You should use the strongest possible encryption methods for your device. Some of these protocols may include Wi-Fi Protected Access 2 (WPA2), Temporary Key Integrity Protocol (TKIP), and Personal Advanced Encryption Standard (AES).

Here are some tips to help you create a strong line of defense against a breach.

Update Your Router Password

It can be tempting to begin using a new router fresh out of the box, but be cautious. While your router has a set password, it may be easy to guess, or worse, printed right on the router itself. Changing your router’s password to something safe and known only by you is necessary if you’re hoping for optimal protection. The same goes for your Network name. While these typically come standard, you’ll want to change yours, though be careful not to include personal information such as your last name or address.

There are some things you can do to ensure a strong password. First, avoid using the same one for all of your accounts. If your password is stolen from one site, all other accounts for which you use it may be put at risk. You also shouldn’t share passwords with anyone or divulge them to anyone.

Approach Email With Caution

You may have taken all the necessary precautions to keep your home network secure from hackers, but often it’s not the technology that’s to blame for a breach. While it’s true that cyber criminals take advantage of unencrypted data, an inadequate firewall or out-of-date software, they also frequently target individual users. E-mail, for instance, is one of the most frequently used platforms by hackers. And while these attacks can hit suddenly and without warning, there are still things you can do to protect yourself.

If you receive an e-mail from someone you don’t know, don’t answer right away. Always first verify the person’s identity before responding. If you suspect an email from an organization may contain malware, first contact the company directly before replying. One giveaway is a misspelling in the URL of a malicious website. Also be sure to never share personal or financial information via e-mail or telephone.

Don’t leave your data security up to chance. All of these steps combined can help you form a solid plan for preventing a cyber breach.