Category: Uncategorized

FaceApp, the AI-powered photo editing app, went viral for quite a while until various experts expressed concerns about cybersecurity. In light of these concerns, we’ve put together a quick factsheet on mobile applications and cybersecurity.

Here are a few tried and true ways to protect yourself:

• Download applications from trusted sources only and do your research before hitting install.
• Keep your mobile phone’s operating system up-to-date at all times with the latest upgrades and patches.
• Take a look at the application’s permissions and privacy policy before you decide to download.
• Check out reviews online for each application you download to make sure there are no noted issues.
• Update applications you’re using on a regular basis and delete those you’re not using anymore.
• Look for warning signs, such as excessive permissions, pop-up ads, and in-app purchases.

As a last note for parents, make sure you’re checking what your children are downloading, or better yet, make sure they can’t download anything without your permission!

Automate Email Replies in Four Ways to Share Information Better

Learn how to use four powerful tools to automate Microsoft Outlook email responses, including Automatic Replies, Quick Parts, Signatures and Templates  

Managing email responses, especially if you are a busy executive looking to keep in touch with clients, colleagues, investors and partners.

Watch the video below or click here to view on YouTube.

 

With Microsoft Outlook, you have multiple opportunities to automate your email responses. Here’s a look at four of the most effective ways to automate your email responses.

How Can I Use Templates to Automate Email Responses?

Templates are a simple way to create automated messages.

You can start with templates by creating a new message or replying to one.

On the ribbon, click on the View Templates button. This will bring up a new window with a section called My Templates, with a few common responses listed.

You can edit or remove these templates or create your own. For each template, you can give it a title and in the text box enter in any standardized response you choose, including copying and pasting from other documents.

Once you have your templates selected, you can add them to a new email or response quickly and edit them within the body of the message. For frequent phrasing and responses, the templates option helps to accelerate your communication.

The advantage of templates is that they are very easy to use, edit, update and delete. The downside is that they are very basic and include no formatting options within the template itself.

How Can Signatures Be Automated?

Preset signatures can help create various messages for different situations. In most cases, a default signature will be applied to all your outgoing messages. These signatures typically contain the following:

• Full name
• Title
• Phone numbers
• Website
• Social media links

Often these signatures are standardized throughout an organization or division, and often contain specific marketing or legal language.

Signatures are highly formattable and can contain graphics or photos to convey further messages.

You can use signatures to be more productive and create messaging that varies based on the email recipient or whether the email is for business or personal reasons.

To create, modify or delete signatures, there are several ways to proceed. If you’re in a new message, go to the Message tab and click on the Signature button. This will bring up any existing signatures already in your account. To create a new one, click on the Signatures … selection at the bottom of the menu.

Another way to access the Signatures functionality is to use the File menu, clicking on Options, then Mail then Signatures.

No matter which option you choose, you’ll reach a new screen where you can select an existing signature to edit, rename or delete, or create a new signature. In the bottom box, you can:

• Add text and images
• Adjust the font and size
• Insert hyperlinks
• Set the signature’s alignment

Signatures are listed alphabetically, so naming conventions are important, especially for employees managing emails for other people or corporate accounts.

The top right section of the Signatures screen allows you to choose the email account to use and the default signature to use for new messages and replies or forwards.

Signatures have additional functionality. For messages that are sent repeatedly, the Signatures tool helps automate communication. The signature box can be used to include copy that is used for regular messages — a much faster option than saving text to a draft message or copying and pasting from a Word document. You can create multiple response signatures for typical inquiries.

What Are Quick Parts?

Quick Parts, formerly known as Building Blocks and Auto Text, helps you copy and save repeated boilerplate text blocks that can be inserted into an email. This is helpful for messages that include requests for information or other repetitive content.

To create a new Quick Part, reply to a message or create a new one. Type new text or highlight and copy existing text that you want to retain. Formatting will remain. In the ribbon, under the Text group, click on the Quick Parts button. This action brings up a list of existing Quick Parts, sorted by category, and allows you to create a new entry. A new window appears, where you can create a name, gallery category and description for the entry. (You can create new categories from this screen, too.)

Finally, you can determine in what email template you want the Quick Part available and some options for insertion.

Once saved, the Quick Part is now available for use. Create a new message, click on the Insert button and then the Quick Parts option to see a list of options for you to insert.

Quick Parts has several advantages. It allows for the inclusion of long entries with retained formatting for text and graphics. It also allows you to add multiple Quick Parts to the same message.

Right-clicking on any of the Quick Parts pops open options for where to insert the quick part, edit its properties or organize your available items. Quick Parts can also be inserted into Calendar entries or Tasks.

How Do Automatic Replies Work?

Automatic Replies are a standard staple in most offices. It’s an excellent time-management tool that quickly lets those within and outside your organization know your status.

To use Automatic Replies, you’ll need to be using an Outlook version that includes Microsoft Exchange server account or Exchange Online through Office 365. Standalone versions of Outlook do not support this feature.

Access Automatic Replies by going to the File tab and choosing Automatic Replies (Out of Office) from the Info tab. Select the Send automatic replies button and if you prefer, enter the dates and times you want the feature to be used in response to incoming messages.

The window defaults to the message you want sent inside your organization. You can add the text you need and apply basic formatting (font, size, effect, bullets or numeration, and indentation.

Remember to review the content so you don’t use an old message.

You can also opt to have a different message for those outside the organization. You can cut and paste between the two audience windows to create customized communications options.

The basic information to include in an Automatic Reply message is:

• The length of your absence
• When you will return
• Who to contact for urgent matters

The Automatic Reply message is also a great way to share other information, such as social media links, news or other high-value content.

You can also set rules regarding your messages, such as whether to alert or copy a coworker regarding messages from specific senders or to reply with a specific template.

Once turned on, you’ll see a message bar in yellow at the top of your Inbox reminding you that Automatic Replies are turned on, along with an option for turning them off.

Automation is a powerful way to save time, deliver important messages and improve communication in your email responses. Using the four featured solutions here, either independently or together, can keep projects moving and share information.

Watch Your Google Docs: Program Being Used to Disseminate TrickBot Malware

Beware of any Google Doc emails you receive. Cyber attackers are using the word processing program for a phishing scam that disseminates TrickBot malware.  

Take extra caution if you receive a Google Docs document sharing email in the near future — it may be a phishing email.

Cofense, a computer and network security company that specializes in phishing scams and data protection, has recently revealed a new cyberattack, which uses Google Docs as its “Trojan horse.”

The scam plays out like this:

1. A user receives a Google Docs document sharing email. The document looks legitimate, and indeed, it is legitimate. Google Docs generates such emails when one user wants to share a Google Docs file with another user.

The text in the email states:

“Have you already received documentation I’ve directed you recently? I am sending them over again.”

2. The email also receives a new button (added by the attackers), which says “Open in Docs.” This button, when clicked on, redirects the user to a new Google Docs landing page.

3. Once the user has arrived on the landing page, they’ll see an error message. This message is fake and says “404 error.”

The idea is to get the user to believe that there was an initial error with the document download and to have them click on a malicious download link — one created by the attackers.

4. The user will click on this link, which is actually the payload of the malware. It’s the malicious software, which will corrupt the computer once downloaded.

The download link appears to be legitimate. In fact, it looks like a PDF document and even has an extension of “.pdf” like a legitimate file. The attackers engineered this extension by taking advantage of the fact that known file type extensions are hidden in Windows (as a default measure). Furthermore, they use a PDF icon as the malware program’s icon, even though the program is not a PDF at all.

5. Once the file has been clicked on and downloaded, the malicious software will begin doing its dirty work on the target’s computer. In this case, the malware is called TrickBot, and it’s an extremely popular and dangerous banking Trojan.

As soon as its executed, TrickBot gets to work and continues being highly active at corrupting its host device. It will begin to copy itself repeatedly onto the device — once every 11 minutes for 414 days. If allowed to run, it will also begin launching an increasing number of Svchost processes.

What Is TrickBot?

TrickBot is a type of malicious software and also goes by the name of TheTrick, TrickLoader, and Trickster.

Discovered in October of 2016, TrickBot is ever-evolving. It has been updated and upgraded continually over the past several years and continues to be a menace used in phishing scams.

TrickBot was originally a type of banking Trojan, and it still is, but it now also has the ability to drop additional malware wherever it lands. As a type of banking Trojan, the main goal of TrickBot has been to obtain sensitive financial information from host devices.

Basically, anything sensitive would be sucked up by TrickBot and delivered back to the source who disseminated it. When TrickBot is on your devices, it can obtain things such as login information for the financial institutions you visit online and drop additional malware such as the equally popular Emotet.

TrickBot can even drop ransomware onto a device. If this occurs, sensitive data and system access may be locked up and/or blocked off. A message will be sent to the device user that their data and/or system access is being held for ransom. Unless the user pays a large sum of money, their data will be lost forever.

How Can You Avoid Falling Victim to This Google Docs Phishing Scam and Others?

Phishing scams remain the chief way that cyber attackers corrupt files, filch information, and steal finances. A phishing scam almost always comes in the form of an email (although such scams can also be operated over the phone).

The goal of a phishing email is to first get the recipient to believe it is legitimate. Therefore, it will be appear to be from a source such as Google Docs, a bank, the IRS, or even a co-worker. The next step is to get the recipient to click on a link, download an attachment, or take another such action, which will inevitably lead to the launch of malicious software.

The best way to protect yourself and your company from phishing scams is to have the appropriate security software and hardware measures in place. Additionally, all employees must be continually educated on how to avoid falling victim to a phishing scam and on trending phishing attacks.

What to Do Now That Support for Windows 7 Is Ending

In just a few short months, support for Windows 7 will come to an end. Is your business ready?

If your business is currently operating Windows 7, it’s time to switch to Windows 10. Microsoft will be ending technical support for Windows 7 in January 2020.

 

An enormous number of businesses throughout the United States use Windows operating systems to run their companies. In fact, Windows famously runs the majority of the world’s entire population of computers — including those used in business and personal computers (PCs).

Each of these Windows computers has its own version of Windows’ operating system (OS). Right now, the most popular operating systems are Windows 7 and Windows 10. Windows 7 was originally released ten years ago in 2009, and Windows 10 was released in 2015.

Now, Microsoft is phasing out its support for Windows 7. According to the company, this was always the plan:

“Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences.”

So, when will this change take place?

According to the company, “The specific end of support day for Windows 7 will be January 14, 2020.”

They go on to say: “Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.”

What Does the End of Windows 7 Support Mean for Your Business?

First off, it’s important to note that this change is definitely a big deal.

While the initial reaction of some companies and individuals may be that “end of support” doesn’t really matter, this assumption would be rather reckless. If you fail to update to Windows 10, Microsoft’s imminent cessation of support for Windows 7 has the possibility of causing your business huge problems. Specifically, the end of Windows 7 support means that Microsoft will no longer be providing any type of technical support and absolutely no software or security updates or fixes to this operating system.

As a result, if you run into a major technical problem with a computer running Windows 7 after the end-of-service date (January 14, 2020) or if your security is breached, you’ll get no assistance from Microsoft.

While this realization is shocking (and possibly rather annoying) for many, Microsoft has been warning users about the impending change for a long time. If you have Windows 7, you should have been receiving consistent advisories to this effect. Additionally, if you work with an IT service provider, they have likely been alerting you of the future change as well.

Security Issues With Microsoft 7 Moving Forward

One of the biggest reasons to update to Windows 10 is to ensure your company’s security in the face of possible cyberattacks.

When Microsoft says they’ll no longer be providing Windows 7 support, one of the things they’ll no longer be doing is providing security updates. Normally, Microsoft tracks security issues closely. When a specific cyberattack trend or weakness in their system becomes obvious, they release an update to fix the problem or better fend off would-be attackers.

On January 14, 2020, this will stop.

Unfortunately, cyber criminals are gleefully anticipating this date. They will take full advantage of the security gaps left in Windows 7 operating systems if they can. Those who fail to leave Windows 7 and move to Windows 10 will, of course, be the targets.

Have Questions About the Switch to Windows 10?

To be sure, Windows 10 promises to provide many useful updates and upgrades for Microsoft users. At the same time, the transition from Windows 7 to Windows 10 will certainly bring inevitable challenges. You and your employees will be forced to change some of your habits, and certain features you’re used to may become obsolete or have new properties.

If you haven’t already, now is the time to update your business’s software to Windows 10. Doing so sooner rather than later will allow for the fewest number of complications.

If you have questions or concerns about making a smoother transition from Windows 7 to Windows 10, speak to your IT service provider as soon as possible. There are steps you can take to make this transition less of a trial for yourself and your employees.

Cybercriminals no longer act alone. Find out the strategies and means cybercriminal networks are using to launch dangerous attacks against your organization. 

According to technology industry blogs, cybercrime incidents are growing by 15 percent each year and cybercrime has become the most profitable type of criminal activity around the globe. Cybercriminals are no longer acting alone and carrying out destructive activities that are relatively simplistic. Instead, cybercriminals have become more sophisticated in their approach. Activities are more damaging and organized. IBM’s CEO and president has stated that the new cybercriminal dangers are “the greatest threat to every profession, every industry, every company in the world.” Being aware of the fact that cybercriminal activity is now executed using the same types of structures and approaches seen in businesses can help IT leaders guard against the dangers cybercrime presents.

Common Types of Cybercriminal Activities

The scale and scope of cybercriminal activities have evolved swiftly since the 1990s. Back then, cybersecurity-related attacks entailed destroying websites and executing simplistic codes that reflected a strong dislike of the corporate culture. Now, modern cybersecurity-related attacks have not only embraced the notion of the corporate model, but have exploited the corporate world’s reliance on digital connectivity. Common cybercriminal activity now involves extortion, the theft of data and information, and sabotage. The design and spread of ransomware through electronic means reaps over $11 billion annually.

Hierarchical Structures

Besides using more sophisticated and profitable methods of wreaking havoc, cybercriminals have formed networks that resemble hierarchical structures within traditional organizations. Many groups of cybercriminals are led by someone who operates as a pseudo executive of a firm who designs an overarching strategy and tasks that are delegated to other leaders who resemble middle managers. In turn, those who work on developing malware and ransomware code are concentrated in a single “department,” while another group is focused on developing and executing distribution methods. Each group represents and operates like a functional department within an organization. Training and recruitment programs are also developed and executed for hackers that wish to join these extensive cybercriminal networks. Knowing that these networks are employing the same strategies and tactics as an experienced corporate marketing department means that any cybersecurity defense plan has to respond in an identical fashion.

The corporate structure and mentality have resulted in the equivalent of million-dollar salaries for some. Cybercriminals are also starting to incorporate other types of illegal activities into their “business models.” Some of those activities include illegal drug production and distribution, human trafficking, and counterfeit goods. Stopping and removing the threats that cybercriminals pose mean considering the possibility that these cybersecurity threats are occurring in conjunction with seemingly unrelated activities. Any defense plan must consider all possibilities and guard all potential and vulnerable points of access.

The Dangers of Purchasing Third-Party Computer Accessories

Think all computer accessories and cables are safe? Think again! Learn how your next accessory purchase could expose your organization to hackers and threats.  

Buying third-party accessories for computing devices can save money, but what if those purchases ended up being the cause of a cybersecurity attack and the exposure of your company’s sensitive data? New third-party charging cables that have come on the market could be your next data breach culprit if you’re not careful. According to a blog post written by NewQuest IT Solutions, modified versions of Apple’s Lightning cables could be used to gain unauthorized access to your organization’s devices. A hacker can use the wireless implant embedded in the cable to commit an intrusion simply by typing in the cable’s IP address.

How It Works

Since the third-party cable cannot be identified as counterfeit with the naked eye, it is easy for many to be fooled into believing it is legitimate. When you plug in the cable to charge or sync a device, a hacker can now access all the information on that device. The wireless implant inside the cable sends out signals equivalent to a Wi-Fi hotspot. By typing in the cable’s IP address, the hacker is able to pull up data from the device, install malware, send scripts and other commands. The hacker can accomplish all of this as long as he or she is within 300 ft of the cable’s wireless signal.

Devices at Risk

Any device that uses a third-party charging cable or accessory is at risk. That risk increases if multiple third-party accessories are plugged in or the supplier of the accessories could be considered suspect. Although the example highlighted by NewQuest IT Solutions is applicable to Apple devices, there are enough third-party cables and accessories for Windows-based devices that can make them far from risk-adverse. Smartphones, computers, tablets and older devices like the iPod that sync are all vulnerable.

What to Look For

To avoid buying counterfeit accessories and cables, double-check the packaging, the accessory and the supplier. Only purchase third-party accessories that are labeled as certified. Another way to avoid a potential cybersecurity threat is to only purchase from trusted and verified suppliers. Finally, consider switching to OEM versions whenever possible. Although the initial or per unit cost might be higher, it could save you and your organization a more expensive headache in the long run.

Outsourcing Managed IT Services Improves Business Goal Achievement

Industry leaders require a laser-focus on profit-driving initiatives. Outsourcing an organization’s IT oversight saves time, money, and keeps everyone on task.  

Whether you are a decision-maker for an upstart, mid-sized, or large corporation, outsourcing IT support, maintenance, and cybersecurity oversight can improve your operation. Managed services conducted by a third-party outfit with experience and expertise, brings high-level knowledge to the table that most business team members lack.

That’s generally because industry leaders staff their organizations with people who deliver profit-driving benefits. Managing an in-house IT team tends to distract from the goal-achievement tasks that keep an operation competitive and successful. Owners, CEOs, and other captains of industry with heightened IT needs would be wise to consider these five benefits of outsourcing.

1: Risk Reduction

Every business operates with a certain degree of risk. Those risks include fines for not meeting changing government regulations or falling behind competitors in cost-effective technology applications, among others. But perhaps the greatest threat that businesses of all sizes and every sector face are data theft and hacks. Without a doubt, less-than-adequate cybersecurity applications, protocols, and employee preventative training present the greatest threat to your organization.

2: Cost Consistent Budgeting

Entrepreneurs working hard to grow fledgling operations often have thin budgets. Every dollar counts and financial constraints generally do not allow for overspending. People in the private sector are fully aware they cannot manage a thriving enterprise using the faulty methods of the federal government. Either you have the revenue, or you don’t.

Managed IT service contracts allow decision-makers to allot a specific sum toward computer network oversight. There are no excessive payroll taxes, or unexpected overtime hours to strain the company’s resources. You write one monthly check and renegotiate when your managed services agreement expires.

3: Heightened Expertise

Perhaps the greatest difference between hiring an in-house IT team and outsourcing is the improved access to specialized knowledge. Some small and mid-sized operations think it’s savvy to hire a recent technical school graduate who has been immersed in the latest trends and technologies. That thinking seems reasonable on its face.

But the inherent flaw is that your outfit often requires that person, or team, to focus exclusively on your system and operations. What you lose over time is their immersion in trends, new applications, heightened cybersecurity threats, and other pertinent issues. A third-party managed service provider invests its time, resources, and people into cutting-edge training. When a managed services expert reviews your system, they bring the latest knowledge to every task. It’s simply not cost-effective to pay an IT team and then have them attend far-away seminars for weeks at a time.

4: Avoid Potential Downtime

After cyber-theft and hacks, downtime ranks among the most costly setback a company can experience. Imagine for a moment, you are looking out over your offices and employees are unable to work because the system is down. Now imagine you are paying them to not perform the necessary tasks to meet the business’ financial necessities.

When you outsource your IT needs to a third-party provider, it’s not uncommon for them to conduct due diligence, and preventive maintenance while your profit-driving staff is not on the clock. Smooth functioning networks are a type of hidden benefit that companies gain by having 24-7 IT services.

5: Improved Business Focus

Goal-oriented thought leaders enjoy improved success when they are able to focus on the things that make a company successful. Unless you are running a managed services outfit, computer issues, cybersecurity, and managing an IT team is not the best use of your time and brainpower.

Business visionaries achieve goals and enjoy the fruits of their innovation and labor by maintaining a laser-focus on industry trends, cost reduction, improved production, services, and staying ahead of their sector’s learning curve. It’s essential not to get bogged down in seemingly peripheral issues such as IT. Maximizing your skillset and outsourcing IT maintenance and oversight to a professional is the smart play.

Maximizing budgetary resources in a way that delivers the cutting-edge IT needs of today’s business community may be best left to professionals. When industry leaders take the time to do the math on best practices and profitable outcomes, third-party managed IT services remain a tried-and-true practice.

Are You Ready for the Cloud?

With a clear, comprehensive implementation plan, you can minimize downtime and disruptions while you move your data and applications to the cloud.  

Let’s walk through the 5 W’s + How.

• Who?
• What?
• When?
• Where?
• Why?
• How?

No, this isn’t an intro to journalism course. Instead, we’ll use this formula to break down your options for finding the best IT outsourcing firm to help you move your health care practice to the cloud.

What Should You Be Looking For?

Clouds are private, public or a hybrid of the two. These labels can be confusing. Public clouds aren’t open to the public and private ones serve as remote data centers for a single health care provider.

To decide the best cloud for your organization, determine what you’re actually looking for. Choose from a service that supplies platform, infrastructure or software as a service — PaaS, IaaS or SaaS. Relevant considerations include company size, HIPAA impact and what you wish to accomplish.

Who Is the Best Cloud Provider?

Healthcare IT News identifies seven top providers:

• Amazon Web Services, who developed these services first, has aggressive pricing and releases new features regularly. Their main service is IaaS.
• CDW Cloud Solutions, familiar to many healthcare organization, offers a variety of services, such as migration planning and project support.
• IBM Cloud, ClearDATA, Google Cloud Platform, Microsoft Azure and VMWare receive honorable mention.

It’s best to look into several services to determine the best one for your IT needs.

When Is it Time to Switch to the Cloud?

Most companies have some kind of cloud-based functionality already. For those still deciding whether to switch, the following questions can help clarify your thoughts.

• Who can help us with the migration plan?
• Is the management team stable?
• What’s the strategy driving the move?
• Are local providers reliable?
• Is it in the budget?
• Will we net a positive return on our investment?

These questions get right to the heart of the matter and help you find out if your team is ready, able and willing to make the switch.

Where Should the Data Centers Be Located?

The physical location doesn’t matter that much. It’s more important to replicate data and applications in distinct regions for redundancy and to ensure access to your data. Where you locate or have your IT consultants locate your backups is determined by the technology and configurations that work best with your systems. In fact, if you’re paying for around-the-clock monitoring, location becomes irrelevant.

Why Are You Thinking About Moving to the Cloud?

This question is a bit outmoded. A better question would be, “Why wouldn’t you move to the cloud?” That’s a question most companies have or are asking themselves right now. Cloud systems scale easily and they’re cheaper than the cost of maintaining your own local data centers. In the cloud, critical processes, such as data replication or disaster recovery are more straightforward.

Cloud services also offer a pay-as-you-go model that fits the budget of more practices and startups. While data security used to be considered a risk on the cloud, new technology has helped ensure the security of your systems and client data.

How Can You Get There?

Vet out an experienced healthcare IT provider that’s handled multiple cloud implementations and integrations. Reputable providers should be able to share their own cloud models, provide references, and ensure that you start and end with a reasonable budget.

Scalability is key in the cloud. It’s one of the major benefits, so make sure your organization is in a position to leverage it. With the right cloud set up, scaling up your user base should be easy and hassle-free. The documentation your IT consulting provides should include detailed plans regarding the tools and features needed for HITECH and HIPAA requirements. With a clear, comprehensive implementation plan, you can minimize downtime and disruptions while you move your data and applications to the cloud.